Please find the attached,
1) New Branch is suppose to arrive for the existing HQ,there are no servers on branch locations all is suppose to access from HQ servers (DHCP,DNS,Domain Controller), these are 2 buildings side by side . Internet link is seperate for Branch users,what type of connectivity should i prefer between Branch and HQ layer2 or layer3??????????
2) If suppose i use layer 3 conectivity between buildings i will be able to get IP address from the DHCP which is located at HQ????????
Ur help will be appreciated.
I have 2 New 6500 with 4500 on access layer,All users sitting in Branch building will have their Default Gateway on new 6500 of Branch,so any how i have to create 1 SVI to speak to OLD 6500 on HQ because to reach HQ Networks i should point to HQ interface. The link between the Branch and HQ (Core switches) can be a layer 2 Trunk or layer 3 with no switchport commands,it does'nt make differences becz the traffic between the 2 building will be a layer 3 only. Correct me if i m wrong???????????
Question:In this way you can use only L2 and in case that the broadcast domain become to big (you'll have a lot of users in both buildings using the same subnet / vlan)
Answers:The vlan will not be shared between the buildings,so the broadcast domain will be within the building.
Question:My concern is i don't have any proxy server or DNS in my new building,how Branch users will go on internet by the Branch internet router.Not by the HQ internet link.
DNS will not be an issue ie. your branch clients can still use DNS in HQ although if you are using a proxy i would have thought this was doing DNS for you ??
If you want to use a proxy and your clients web browsers are configured to use the proxy personally i would setup a proxy in the branch office. However for security reasons it would be a lot better to have centralised access to the internet via HQ assuming your WAN connectivity between sites has enough bandwidth.
Alternatively you could not use a proxy in the branch site and have a default route on your branch core switches pointing to the branch firewall although know you would need some way to sort out DNS. If you have a separate DNS server from proxy in your HQ then you could use that.
There may be a way to get the proxy to redirect branch requests to the branch firewall but i don't know whether this could be done.