Tuesday, December 19, 2017

Help with small data center design

Hi,
We are mostly a Juniper shop. I am putting together a design for our new datacenter. The situation is it is going to be a multitenant datacenter.

I have high-end SRX in a active/passive cluster. EX4300 and QFX switches. The topology looks like this:

(Internet)----[FW]---[SW]---[SRX]--(datacenter cloud)

I currently have the SRX cluster reth1 trunked to the QFX in virtual-chassis which is the hub to the rest of the L2 domain. The current data center is multi-tenant but separated by VLANs.

The new network for the new data center will be bigger than my current one and needs to be separated from the current one. My plan is this :

  • A new route table for each organization
  • leak the default route and some services from the main route table to the new route tables
  • To reduce the downtime, instead of using virtual chassis, I would create a trunk link between the two ex4300 via the 40Gbps DAC cable. This is because for upgrading and rebooting the switch. The problem that I have is I don't know if I can create an ae interface on a active passive SRX.
  • Then the VMware hosts will have a redundant links to the ex4300

I would rather cluster the two ex4300, but not sure if I can reboot each member individually without getting a downtime for my tenants. I think I can, but could not test this because I don't have a test environment.

(Internet)----[FW]---[SW]---[SRX]--(datacenter cloud) {new rt}---[tenant 1] {new rt}---[tenant 2] 


No comments:

Post a Comment