Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
12200
Views
6
Helpful
4
Replies

WAN switch (in a rack) - what is it used and why do we need it ?

Go to solution
SJ K
Level 5
Level 5

‎08-26-2015 04:50 AM - edited ‎03-08-2019 01:31 AM

Hi all,

 

I am not sure if the WAN switch here refers to the actual WAN switch use for WAN switching in carrier network.

I came across a network diagram, in which the WAN connection to the internet, is directly connected to switch, instead of a router or firewall

 

                                                              In the rack

(internet line from isp) ---> [switch @ top of the diagram] --> [router/fw]

                                                                                     \--->[router/fw2]

In the diagram, the switch above is refer to as the WAN switch.

 

q1) why is the switch above call a WAN switch, i am quite sure it is not the kind of WAN switch we are talking about in a carrier network.  (is it then a l2/l3 switch)

q2) why is the isp connection directly connected to the switch; instead of a router/fw ?   what could be the possible reason to have a setup this way ?

 

My guess is that there might be another router/fw (highlighted in red) acting as a standby/secondary connected to the switch, that will take over the primary and its wan interface ip as soon as the primary is down.  Without the switch on top, i will need 2 lines from the ISP. -  could this be 1 of the reason ?

 

P.S. sorry for the vague illustration.

 

Regards,
Noob

 

 

1 person had this problem
Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
James Qin
Level 1
Level 1

‎08-27-2015 05:40 AM

Hello,

q1) why is the switch above call a WAN switch, i am quite sure it is not the kind of WAN switch we are talking about in a carrier network.  (is it then a l2/l3 switch)

A simple answer to this is because the switch is carrying WAN traffic. It can be L2 or L3 switch.

q2) why is the isp connection directly connected to the switch; instead of a router/fw ?   what could be the possible reason to have a setup this way ?

Setting up this way allow the traffic to be handled by redundant firewall (2 or more firewalls) in a High Availability configuration. e.g. one firewall dies the other takes over

Another reason to setup this way is for big company or ISP to handle multiple WAN traffic using the same resource.

Example:

WAN link 1 and WAN link 2 come in and connected to the "WAN switch" tag with 10 and 20 respectively, 2 trunks carrying VLAN 10 and 20 are then connected to the firewall 1 and firewall 2 respectively which is in HA. Which is then terminated on sub-interfaces dot1q 10 and 20 on the firewall.

Both link can now be used as redundant links, load balanced links, links for different departments or different customers. Depending on how the firewall is configured and the requirement of the network.

 


Please mark this post as useful if it answers your question.

 

View solution in original post

4 Replies 4

Go to solution
James Qin
Level 1
Level 1

‎08-27-2015 05:40 AM

Hello,

q1) why is the switch above call a WAN switch, i am quite sure it is not the kind of WAN switch we are talking about in a carrier network.  (is it then a l2/l3 switch)

A simple answer to this is because the switch is carrying WAN traffic. It can be L2 or L3 switch.

q2) why is the isp connection directly connected to the switch; instead of a router/fw ?   what could be the possible reason to have a setup this way ?

Setting up this way allow the traffic to be handled by redundant firewall (2 or more firewalls) in a High Availability configuration. e.g. one firewall dies the other takes over

Another reason to setup this way is for big company or ISP to handle multiple WAN traffic using the same resource.

Example:

WAN link 1 and WAN link 2 come in and connected to the "WAN switch" tag with 10 and 20 respectively, 2 trunks carrying VLAN 10 and 20 are then connected to the firewall 1 and firewall 2 respectively which is in HA. Which is then terminated on sub-interfaces dot1q 10 and 20 on the firewall.

Both link can now be used as redundant links, load balanced links, links for different departments or different customers. Depending on how the firewall is configured and the requirement of the network.

 


Please mark this post as useful if it answers your question.

 

Go to solution
SJ K
Level 5
Level 5
In response to James Qin

‎08-28-2015 01:59 AM

Hi James,

Thanks for the reply and sorry for the late response.

 

Example:

WAN link 1 and WAN link 2 come in and connected to the "WAN switch" tag with 10 and 20 respectively, 2 trunks carrying VLAN 10 and 20 are then connected to the firewall 1 and firewall 2 respectively which is in HA. Which is then terminated on sub-interfaces dot1q 10 and 20 on the firewall.

Both link can now be used as redundant links, load balanced links, links for different departments or different customers. Depending on how the firewall is configured and the requirement of the network.

 

q1) Can a single switch have 2 trunks that are carrying same vlan traffic ?

 

 

Regards,

Noob

0 Helpful

Go to solution
James Qin
Level 1
Level 1
In response to SJ K

‎08-28-2015 03:31 AM

Yes.

I recommend get some switches and play with it.

0 Helpful

Go to solution
SJ K
Level 5
Level 5
In response to James Qin

‎08-28-2015 11:53 AM

Hi James,

In such a design below, are we able to configure HSRP for the R0, R1 so that if R0 fail, the route to/from the ISP can still go to R1.

I have understood that HRSP need to have a virtual IP, but i have only been assigned 1 IP (202.100.100.102) by the ISP for the point 2 point connection.

 

In that case, what should I set for the actual IPs on R0 and R1 interface fa0/0 ?
Can I use dummy IPs/subnet for R0 and R1 fa0/0 interfaces ?

 

Regards,
Noob

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card