Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
509
Views
0
Helpful
1
Replies

Multi-Tenancy Network Design

Luke Robertson
Level 1
Level 1

‎11-25-2011 03:55 AM - edited ‎03-04-2019 02:24 PM

Hi. Just after some theoretical ideas about supporting multiple customers to the data centre.

The organisation I work for has a DC where it hosts custom apps for multiple customers.

Most customers connect over private links to the DC, and only use the internet as a backup path. The provider uses an MPLS network for the private links. We have control over the network in the DC, but not at the customer end, or the providers MPLS.

As some customers have the same IP address ranges in their networks (eg, 192.168.0.0/24) as we have in our DC, we translate all their addresses to another address range that doesn't conflict. This means that every subnet on a customers network gets translated with a 1:1 NAT. This means that every time a customer changes something with their subnets (adds new ones, extends, VLSM, and so on) we have to change the translations on the router at their premesis. This is not impossible, but annoying.

Is there a better way to do this? Would VRFs work, or do they need to be inside the MPLS?

Thanks

Labels:
0 Helpful
1 Reply 1

smitesh kharecha
Level 5
Level 5

‎11-25-2011 04:14 AM

Hi Luke,

VRF won't work as IPs should be unique inside vrf. In your case it is not the case.

What is striking me as of now is make VPNs for all of your customer and those vpn can be assigned to different VRFs.

VPN should be built on loopback IP address.

Just a theory. Even I need a POCL for this idea.

Regards,

Smitesh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card