I have a customer that is running a web hosting company and their network consist of a 6509 switch running BGP and no vlans as well as 24 2960 switches with only internal ip address configured for telnet connections. They are hosting over 50 servers each configured with external IP's. They would like to for us to create VLAN's for them for each customer server network for security purposes as well as prevention of Arp poisining. The problem I am having is putting my head around creating Vlans for each customer network and giving them the external static IP needed for them to work properly? I can upload a copy of the 6509 config so you can see their current setup
I was able to go onsite and view the actual network layout.
6509 Core Device running BGP
12 racks and 12 Cisco 2960 switches configured only for telnet access
3-4 customers servers per rack configured with static external IPs
Here is what the client would like after meeting with them again
I know that" admin "conveyed the desire for a vlan per box.
In addition to this, I am also hoping for some private back end networks. The vision is simple - Some of our customers would like access to the DRAC/iLO (out-of-band management) ports on their systems, and I would like to grant them this access using a VPN system. This would mean private 10.0.0.0 or 172.16.0.0 space on the internal network that I can vlan off much the same as our public network. I'd also like to set up a private network that can communicate out to the internet for a "kickstart" vlan as well, that I will be setting up as a DHCP network to allow for automated provisioning of boxes. In addition to this, I'd also like a private vlan that can communicate out to the internet that is for our office systems (desktops), as well as a private network that I will be employing for our primary systems - email, databases, and so on. Essentially, I want to have networks for company utility application, as in addition to our customers I'd really like to set up secure out of band management that can then be used to limit the need for the on- call technician to have to come into the datacenter.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...