I'm interested about hearing opinions and suggestions about setting up a small WAN network, either routed or switched, pro's and con's.
We are setting up a small network, like a miniature ISP operation. We might need to expand it in future, more nodes and end users.
We have 4 Class-C IP networks assigned to us (example 220.127.116.11/22), one 3560G-24 ("A") and four 3560-24 L2/L3 switches ("B"-"E").
The A will be our core router at our main office, and it is connected to an upstream provider. All our IP networks are statically routed to this router A.
Routers B-E are fiber/ethernet connected to the A, and are located in different POP's, where they are connected to the end users by SHDSL modems. Router A will also have end user connections. End users will get their IP's from these 4 C-class IP networks.
Now I have set this up as a routing network, router A's port are "no switchport", and between A-B/C/D/E I have set up a 10.x.x.x/30 networks. In the customer ports (A-E) I have interface gi0/10, ip address 193.x.x.x 255.255.255.248 etc.
Picture of the setup attached (not on production yet).
What do you think of this setup, suggestions to improve it? Or lately I've been thinking if there are advantages using VLAN:s and changing the whole infrastructure to switched?
I agree with Reza, you have a single point of failure with your Router A. I would consider hardware redundancy, but that is a very expensive solution. It that isn't an option, consider redundancy via interfaces to your inside router and a failover interface to your ISP. Another option could be partial Mesh with your remote site routers/switches.
I would determine the level of of importance of the remote site. If they have thier own exit point to the internet each site can be a failover of its own. Of course, that usually means a loss of resources that may only be at the Hub site, if you have it setup that way.
Your layout is a pretty flat network, but I wonder why you stated that you have static routes but then you mentioned you have a routing network. Of course, with the network flow I'm referring to dynamic routing would be more flexible. Any change to your interfaces would require a few configuration and route changes that leaves your sites down for a period. An hour is minor to you and I, but to your business clients an hour is a lifetime.
And your IP space looks contigious, so a summarized route table can save on administration time. So, from your description and as I look through this, you have more a routed network than switched. Nice and simple though. Have you considered your out-of-band management plan? Do you have access to your remote routers when... not if... an interface fails?
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...