Where should DHCP and DNS be hosted in a Site to Site VPN environment?
Posted on 2014-10-07
I'm currently trying to plan my IP environment for a soon to be added site to site VPN connection that will have between 2 out of state locations. I need some expert guidance and opinions on this as this side of technology is still new to me so here goes:
Currently, I have a site called "East" that is comprised of 95% MAC and 5% PC. Recently, we ended up upgrading our connectivity with a 100 MB point to point fiber connection between "East" and a "Downtown" Hosted Server Hoteling company.
We are using a layer 3 switch to do all of the connectivity and routing between "East" and "Downtown" so that our end-users at the "East" location can have the fastest path available to them when accessing a Windows Server and NetApp storage allocated for them.
Locally as well at the "East" location, we have a Juniper firewall/router that is providing DHCP Services to all computers locally connected at the "East" location. As well, it provides a conduit for our VPN users in the "East
region to access for remote access.
My question is... We just bought another company located now in another state called "West". With our servers and infrastructure moving more towards a centric "Downtown" location, I'm wondering if DNS and DHCP should be hosted at one location like "Downtown" or do we just leave things as-is?
The "West" location is similarly setup like the "East" location where there is about 95% MAC and 5% PC with a Fortigate router handling all of their DHCP and DNS instead of a SonicWall.
My goal is to connect the "West" to the "Downtown" location with a 100 MB site to site VPN connection end to end just like we did with the "East" to easily snap the "West" users into our Corporate environment.
Since the SonicWall at the "East" location is handling DHCP and DNS and we're just using a Layer 3 switch to push traffic directly to our "Downtown" location to access our Windows Server and NetApp storage which by the way is only setup as a workgroup right now and no Active Directory install.ed
I need an expert opinion on how I should architect this network so that I can scale and make the right decisions that doesn't hamper performance when we finally add "West" to the mix. Can anyone please help or advise? Thanks in advance!