Multitenant Internet Connection

de1denta · ‎07-14-2017

Hi All,

I'm looking for a bit of product/configuration advice if possible. We have a single 1Gbps internet connection that is coming into a building that we want to terminate and provide to a maxium of 10 tenants. The tenants will be providing their own firewalls etc so we only need to provide them with raw internet access, no NAT, stateful firewall functionality etc.

My plan is to terminate the internet connection on to a Layer 3 switch routed port using a /30 point-to-point IP address with a /27 block routed over this connection which I will then divide up for each tenant depending on their requirement. A routed port with the allocated IP address block will then be allocated for each tenant. I think this will work ok, however, what I also need to acheive is the ability to control the allocated bandwidth for each tenant. If each tenant was to purchase 100Mbps then this would be straight forward I think as I could configure each routed port as 100/full but this wont be the case as some clients may only require 30Mbps etc. Can this be acheived on a Catalyst L3 switch such as a 3750/3850 using QoS? Would a Metro Ethernet switch be better suited for this?

Thanks

Vasilii Mikhailovskii · ‎07-14-2017

Hello.

If you are looking for flexible QoS with PE functionality, I would say the best option would be a router with sub-interface (or service instance) per customer. At the same time it depends on a service quality you are going to offer, as for a cheap option you may do policing instead of shaping.

Btw, /30 might be a waste of IP-addresses and you may use /31 or even private subnet as transit (and customer would be routing traffic from public IP).