Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Ideal router configuration for hosted datacenter

Posted on 2010-08-13
6
Medium Priority
?
636 Views
Last Modified: 2012-08-13
I'm seeking some architecture advise from a networking standpoint.

moving into a hosted datacenter with several managed services.

The flow as I understand it:

Blended carrier network
             |
Managed VPN (comes into play somewhere and sends clients to my router?)
            |
Managed Firewall where i would setup which public ips would have which ports/services forwarded
                  |
Managed Load Balancer for 1 Public IP to 4 VIPs (I have a 2 server cluster from a web standpoint that will leverage this service)
            |
My Rack in Datacenter via 2 ethernet connections in a active/passive mode for failover
                  |
      
      What do I need in my rack? Would I put in some type of Cisco Router which has the ability to take in 2 ethernet connections in a active/passive mode then have one connection into my switch to handle my internal IP network?
      
      If I am using this router would I setup NAT to each internal IP at this point to go to each of my Load Balanced servers?
      NATs for email and such for any other public facing servers?
      
            
            
I'm really looking for guidance on what type of device I need at the top of my rack to interface with my switches for the internal network. I'm not used to this managed service design. Let me know what other information you need about my config to help recommended router/design options.

My switches are Dell Powerconnect 6248s.

0
Comment
Question by:deeburp
  • 3
  • 2
6 Comments
 
LVL 22

Expert Comment

by:Matt V
ID: 33433298
I would put a router, since you already have a managed firewall and load balancer.  The switches can be direct to the router (more ports required) or trunked together and on or two of them into the router.
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33433304
Is the managed VPN/Firewall/Load balancer in a separate hosted environment, or are the services going to be terminating in your rack?

Do you have a network diagram of the solution?

Billy
0
 
LVL 1

Author Comment

by:deeburp
ID: 33434184
I can draw the design. But essentially the VPN firewall and load are in a hosted environment. They hand off 2 connections to my rack that carry my public ips.

What brand/model router would I want for this?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 24

Expert Comment

by:rfc1180
ID: 33434274
will your colocation be cross connected to your hosted environment; Or does your colocation have separate bandwidth aside from the hosted environment?

Billy
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 2000 total points
ID: 33434403
To start of, here are 2 network diagrams that are very basic and not complete; this is based on what you have stated so far, I highly recommend that you design your edge network with firewalls. This is typically the design in a colocated environment. You can use routers, but ensure that they have a firewall feature set (One that does stateful packet inspection). I would recommend getting a pair of ASA firewalls (model will be based on your requirement of users, bandwidth, sessions, etc). You can also get a pair of Juniper SRX/SSG series firewalls, again, the model will be based on your requirements. Again, as stated by mattvmotas, you can go with a set of routers, and again, the model is based on your requirements, also ensuring that the router has firewall features such as stateful packet inspection.

I can dive deeper in the designs, but based on what you have provided so far limits the design.

Billy
ASA-diagram.jpg
Router-Diagram.jpg
0
 
LVL 1

Author Closing Comment

by:deeburp
ID: 33487091
The Asa config diagram was exactly what I needed. I went with cisco. 5510s in an active/standby config. Thanks much
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question