With layer 3 switches now running in the Tbps speed, 10Gb ports, and supporting BGP. Is it okay to collpase all layers including WAN into a pair of these switches for a small data center-wan/core/aggregation/access.
The WAN would sit on its own VLAN and the outside interfaces of the firewalls would be on access ports on that VLAN. The inside ports of the firewalls would connect to an internal VLAN. Physically the internet fibers would connect directly into the switches.
Everything is still redundant and split across the switches with no signle point of failure. There would be no access into the switches from the outside world aside from maybe ping.
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
If there are no "network issues", you often only need additional devices when you run of ports.
If you want to allow for some "network issues" limiting their impact, you can use additional devices for that purpose.
The two layer or three layer designs are good practices when you need to scale your network when you must use additional devices.
I've actually seen this design in the past running just fine also with 4900 series switches doing WAN routing running BGP with a default route and also taking care of internal VLANS for servers. It made me do a double take when seeing the internet connections going directly into the same switches and thats most people's response. I was acutally responsible for doing some outside pen testing on the switches and they came up clean.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...