Hello. We are currently using one company as our ISP provider via OC3/ATM, and another company for our MOE provider. We are not happy with our ISP provider, so our MOE provider has offered us an ethernet internet connection that is very attractive as far as pricing and capacity is concerned.
Our current network is typical:
ISP <==> FW <==> CoreSwitch <==> MOE
We are given two options for connectivity under the new proposal from our MOE provider.
The first is to add a separate ethernet connection for the internet, basically just replacing the OC3/ATM internet connection we have. This connection would terminate on the outside of our network to our firewall, just like the ATM does now. However, this adds a lot of cost to our NRC and MRC structure.
The second is to utilize our existing MOE ethernet connection and have the existing MOE connection and the
proposed internet connection ride over the same ethernet connection, separated by VLANs.
I am at a loss how to design this second scenario. Should I add a switch between our core switch and the demarc to separate the two VLANs, directing internet traffic to the firewall and MOE traffic to the core switch? Another suggestion I have received but I am very reluctant to embrace is to maintain the ethernet connection into our core switch, peal off the internet traffic out another port to the firewall, then
bring the internet traffic back in another core switch port - this seems crazy to me though.
Can someone please advise me how to engineer the second scenario, with maximum security and minimal complexity? We will also be adding a second ISP for multi-homing in the near future.
The Internet is physically composed of routers interconnected by links. Originally, the Internet was comparatively simple, with networks built from a few general-purpose routers interconnected by links owned or leased by ISPs. As networks became more complex and added more routers, more structure was required. Routers have become specialized in their applications-management and securities have become more important, physical location is now a consideration, and the capability to handle higher densities of customers is critical.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...