GBorsuk
asked on
Initial WISP design.
Wow, I've been given a great big task... design a network from the ground up for a Wireless ISP.
The wireless side has been handled (ie all the connectivity between nodes etc..) but what to put on the connection side to the hard wired upstream ISP.
I have been told to use a Catalyst switch, some said use a PIX and others said to use a linux box as a router!! Yikes... Where to start?
This is a clean sheet and I'll be gald to have some help!
Only information at the moment is an OC3 dedicated fiber connection terminated with a Quantum box that hands off ethernet. At the moment there is just a handfull of ips assinged to deal with.
What are you suggestions?
Thanks.
The wireless side has been handled (ie all the connectivity between nodes etc..) but what to put on the connection side to the hard wired upstream ISP.
I have been told to use a Catalyst switch, some said use a PIX and others said to use a linux box as a router!! Yikes... Where to start?
This is a clean sheet and I'll be gald to have some help!
Only information at the moment is an OC3 dedicated fiber connection terminated with a Quantum box that hands off ethernet. At the moment there is just a handfull of ips assinged to deal with.
What are you suggestions?
Thanks.
PIX 525 and PIX 535 both support Gigabit Interfaces.
You don't necessarily have to do NAT, and you may not even want to bother with it. Let users have public IP's or we'll get them here asking how they can get past your security so they can connect to their home PC from work..
If you don't use a firewall, then a good choice would be a Cisco 3750G switch with multiple 10/100/1000 ports. You might want to go for the Enhanced Multilayer model to add advanced routing capabilities to it.
You don't necessarily have to do NAT, and you may not even want to bother with it. Let users have public IP's or we'll get them here asking how they can get past your security so they can connect to their home PC from work..
If you don't use a firewall, then a good choice would be a Cisco 3750G switch with multiple 10/100/1000 ports. You might want to go for the Enhanced Multilayer model to add advanced routing capabilities to it.
ASKER
Problem with the quantum is it hands off 10/100 ethernet only (its the older model.. go figure upstream isp's!)
I agree on not having nat, and getting the ip range needed. The nice thing about the wifi side is its all done via wirless gateways so i dont need the HUGE number of 10/100/1000 ports. only about 24 or so to handle the internal noc and internal company equipment.
Is the catalyst the beter solution than the pix? All of the "wifi clients" will be behind a dhcp server that authorizes them to use the internet or passes traffice based on mac address (that side is out of my control and cant be changed) I need to come up with the design to have growth capabilties/ maintaine network integreity and be able to keep the nasty things out of the network. (ie some idiot has an open relay and i have spam traffic coming in and then back out saturating the net...)
Where can in find more info about creating an "isp" type network?
Thanks..
George
I agree on not having nat, and getting the ip range needed. The nice thing about the wifi side is its all done via wirless gateways so i dont need the HUGE number of 10/100/1000 ports. only about 24 or so to handle the internal noc and internal company equipment.
Is the catalyst the beter solution than the pix? All of the "wifi clients" will be behind a dhcp server that authorizes them to use the internet or passes traffice based on mac address (that side is out of my control and cant be changed) I need to come up with the design to have growth capabilties/ maintaine network integreity and be able to keep the nasty things out of the network. (ie some idiot has an open relay and i have spam traffic coming in and then back out saturating the net...)
Where can in find more info about creating an "isp" type network?
Thanks..
George
ASKER
Few more things i have come accross... "core router" This is out of my scope of information what exactly is a "core" router with out it being the obvious main router....
Is BGP something we should consider? is there a threshold that we look at on a client basis to then do that? Then the whole redundacy thing comes in later!
Thank again.
George
Is BGP something we should consider? is there a threshold that we look at on a client basis to then do that? Then the whole redundacy thing comes in later!
Thank again.
George
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This project is still in planning phases...but something that has come to light is tha ability to provide public ip's out to clients and to provide security to the network.
I know Natting will be out when we give out public ips. (small deployment happening now, but its under private ip space natted to public on router)
I'm not sure how to handle this topolgy. We have committed to a cisco 1841 router to begin with and a descent HP 2626 switch at the noc.
I need some information on how to handle subnetting/issuing ip's under dhcp (should we just let the router do it?) and how do we handle the static ip requests of business clients?
I knwo some of this is more than 500 points, and am willing to open another question/questions, but i need a start so that we dont have to revamp the whole network 3 weeks into full deployment.
George
I know Natting will be out when we give out public ips. (small deployment happening now, but its under private ip space natted to public on router)
I'm not sure how to handle this topolgy. We have committed to a cisco 1841 router to begin with and a descent HP 2626 switch at the noc.
I need some information on how to handle subnetting/issuing ip's under dhcp (should we just let the router do it?) and how do we handle the static ip requests of business clients?
I knwo some of this is more than 500 points, and am willing to open another question/questions, but i need a start so that we dont have to revamp the whole network 3 weeks into full deployment.
George
There might (by now) be a PIX model with gig ports; if there isn't, I think Netscreen (Juniper) makes one that will do.