Solved

Ideal router configuration for hosted datacenter

Posted on 2010-08-13
6
634 Views
Last Modified: 2012-08-13
I'm seeking some architecture advise from a networking standpoint.

moving into a hosted datacenter with several managed services.

The flow as I understand it:

Blended carrier network
             |
Managed VPN (comes into play somewhere and sends clients to my router?)
            |
Managed Firewall where i would setup which public ips would have which ports/services forwarded
                  |
Managed Load Balancer for 1 Public IP to 4 VIPs (I have a 2 server cluster from a web standpoint that will leverage this service)
            |
My Rack in Datacenter via 2 ethernet connections in a active/passive mode for failover
                  |
      
      What do I need in my rack? Would I put in some type of Cisco Router which has the ability to take in 2 ethernet connections in a active/passive mode then have one connection into my switch to handle my internal IP network?
      
      If I am using this router would I setup NAT to each internal IP at this point to go to each of my Load Balanced servers?
      NATs for email and such for any other public facing servers?
      
            
            
I'm really looking for guidance on what type of device I need at the top of my rack to interface with my switches for the internal network. I'm not used to this managed service design. Let me know what other information you need about my config to help recommended router/design options.

My switches are Dell Powerconnect 6248s.

0
Comment
Question by:deeburp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 22

Expert Comment

by:Matt V
ID: 33433298
I would put a router, since you already have a managed firewall and load balancer.  The switches can be direct to the router (more ports required) or trunked together and on or two of them into the router.
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33433304
Is the managed VPN/Firewall/Load balancer in a separate hosted environment, or are the services going to be terminating in your rack?

Do you have a network diagram of the solution?

Billy
0
 
LVL 1

Author Comment

by:deeburp
ID: 33434184
I can draw the design. But essentially the VPN firewall and load are in a hosted environment. They hand off 2 connections to my rack that carry my public ips.

What brand/model router would I want for this?
0
Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

 
LVL 24

Expert Comment

by:rfc1180
ID: 33434274
will your colocation be cross connected to your hosted environment; Or does your colocation have separate bandwidth aside from the hosted environment?

Billy
0
 
LVL 24

Accepted Solution

by:
rfc1180 earned 500 total points
ID: 33434403
To start of, here are 2 network diagrams that are very basic and not complete; this is based on what you have stated so far, I highly recommend that you design your edge network with firewalls. This is typically the design in a colocated environment. You can use routers, but ensure that they have a firewall feature set (One that does stateful packet inspection). I would recommend getting a pair of ASA firewalls (model will be based on your requirement of users, bandwidth, sessions, etc). You can also get a pair of Juniper SRX/SSG series firewalls, again, the model will be based on your requirements. Again, as stated by mattvmotas, you can go with a set of routers, and again, the model is based on your requirements, also ensuring that the router has firewall features such as stateful packet inspection.

I can dive deeper in the designs, but based on what you have provided so far limits the design.

Billy
ASA-diagram.jpg
Router-Diagram.jpg
0
 
LVL 1

Author Closing Comment

by:deeburp
ID: 33487091
The Asa config diagram was exactly what I needed. I went with cisco. 5510s in an active/standby config. Thanks much
0

Featured Post

Do you have a plan for Continuity?

It's inevitable. People leave organizations creating a gap in your service. That's where Percona comes in.

See how Pepper.com relies on Percona to:
-Manage their database
-Guarantee data safety and protection
-Provide database expertise that is available for any situation

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question