05-02-2012 01:48 AM - edited 03-07-2019 06:26 AM
Morning,
Am a little confused here. Can the same bandwidth utilized for WAN be also utilized for internet access. A vendor submitted a proposal and is quoting differently for both. I know they are two different services but the client wants both WAN and Internet services. I figured at locations where internet access wants to be denied its a matter of an acl or a policy stmt on the rtr.
Kindly clarify.
Regards,
DJ.
05-02-2012 11:39 PM
Depends on what you're buying.
Some providers can sell you "MPLS" with local internet hopoff, which means that the "WAN" can be used for both internet and site to site connectivity. (You send all of your traffic to the ISP router, they determine if it is internet or site to site and they send it to the internet for you if neccesary; it's all handled by them in their "cloud")
You can also get MPLS only, which is strictly site to site access. You can then get a separate internet connection, either at the HQ only, and route all sites out using it, or get an internet feed at each site and use PBR or something to send internet traffic out locally and site to site across your MPLS.
There's a million ways to do it. It depends on what you're being quoted. To answer the question you'd need to show us the quote and/or call the vendor to get them to explain exactly what you're buying from them...
Hope this helps!
Andy
05-04-2012 09:23 AM
Let's say you have 100 sites and a HQ where datacenter is:
You get two lines 1 for internet and 1 for MPLS which will interconnect all sites together through ISPs MPLS cloud.
If sites wanted to go to the internet they would come through WAN (mpls or whatever), ideally hit your proxy/firewall and hit the internet through your internet line, meaning you would need to connect WAN router and INTERNET router together.
Also you can have internet at each site and have some kind of PBR as Andrew mentioned which would say .. if the destination is for www.google.com go thru interface fa0/1 if the destination is for your datacenter server somewhere go through serial 0/0 or whatever you have, but supporting that as sites addup would be a problem.
Get some DSL/CABLE at each site and run some backup connection to HQ like Eigrp through DMPVN and so on.
hope to help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide