I'm working on a redesign of the following network (link to diagram below). Currently this diagram has a lot of L2 going on in it, this is just an idea and is not currently in production. In a previous job on a campus, we used L2 basically everywhere outside the core and used large trunks to get everything back to there. Obviously we had a robust spanning-tree setup using rapid-pvst etc. However, as many of you know, even the proper spanning-tree setups are prone to issues at some point. At my new work place we are looking at two options: L2 everywhere outside the core like the diagram OR L3 all the way to the edge (or as close as possible).
Now take the diagram and pretend the L2 switches in the "Access Layer" are all L3 (little routers) now. My question is this: how would I be able to accomplish segmentation of departments/firewalling them off from the server networks etc if we've got those L3 routers all connected together like that? Sorry if I didn't give enough info, please feel free to ask questions :)
Diagram! https://imgur.com/SAf7H7t
No comments:
Post a Comment