We have a Central site with a 30mbps Internet link to the ISP. This central site is to be connected to 2 other WAN sites via a VPLS layer 2 cloud, each site having a 4 mbps link to the cloud, while the central site has a 100mbps link to the vpls cloud. The topolgy at the Central Site looks like the following,
Internet ----> 2821 Internet Router -----> ASA 5520 ------> MS ISA -----> 4507 SUP 6E Core (This has Central site user vlans)
Now the VPLS SP provides ethernet connections at all sites participating in the WAN cloud. For the Central site I am considering connecting the VPLS connection directly to the core and creating a vlan (or a layer 3 port) to provide conectivity to the cloud. The remote sites will connect to the cloud by dedicated routers.
- In order to guarantee that the Central site users would not consume more internet bandwidth than what is expected (here 22mbps) during link congestion, what QoS mechanism and in what direction and on what interface (SVI on 4507, per VLAN Qos?) should I apply? I was thinking of traffic shaping, but have a doubt whether applying it on the 4507 core does the job or it should be done further on the Edge, since downloads consume more BW than uploads. I want the central site users to abide by the logical BW limit, but should be able to use full BW if there is no traffic at the remote sites.
- Is connecting the WAN cloud directly to the 4507 advisable, or shall we have a separate WAN router as such?
I was checking some Bandwidth Control products that work with MS ISA to allocate BW per user o IP address, one example is Bandwidth Splitter, and I am thinking that such application offers more flexibility vs configuring BW shaping on the 4507, since the MS ISA (proxy server) has complete knowledge of traffic source and destination, whereas other devices in my layout can see only MS ISA as the destination (here the 4507) or as the source (here ASA).
So if I deploy traffic shaping on the ISA port connected to the 4507 I would be shaping traffic in that area only, whereas data that have traveresed from the internet all the way to ISA external port goes unchecked.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...