Comcast ENS design advice


Our company used to be hub and spoke with cable modems and firewall site to site tunnels. We have now invested in Comcast ens service.
ENS, is diff than EDI. ENS is a wan, mpls type of circuit where as edi is pure fiber out to the internet, just for you guys who didnt know.

So there are 20 sites. They all point back to one site, lets call it our data center, where are actual ISP is. Just to clarify, Comcast is the wan provider but the service stops once it gets to the data center site. Then there is a separate isp connection that takes that traffic to the internet.

my question,
there are two types of the ens service. one involves trunking, where the tags are carried from the individual sites and the other (ours) is essentially one large layer 2 network and we have to manage the layer 3 portion of it. I would like some advice, best practice, traffic optimal advice on how to design the subnet structure.

2 quick notes
*i know a backup connection is optimal, but that is not a problem right now
*we would like for the firewalls to stay at the local school site since we bought then, and also there is a supermassive giant firewall at the data center. Thank you
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Based on this picture:

I would make each site its own subnet, or subnets depending on their setup.

Then on every sites CPE's I would create a routing only subnet that uses the Comcast network as the L2 network.

Each site would use point to the CPE at their site as the default route, except for your central site.  That would use it's Internet connection as its default route.  

This way no each site is basically its own network and traffic stays local unless it has to go to another site or the Internet.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mrbayItAuthor Commented:
thats what i was thinking. And then not put any servers or machines on the routable subnet right?
That is correct.  The only thing on the routing network are your L3 devices.  I don't know how your IP addressing currently is setup or how big the sites are, but I would setup subnets large enough that you can use static IP routing.

Maybe something like each site gets their own /16, which should be big enough for all but the largest sites.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.