Saturday, September 22, 2018

Seeking design help

I used to do work on cisco devices about 5 years ago (mostly setup of site to site VPNs)... but I would not consider myself a networking guy. That being said I have no problem learning/teaching myself how to do things, I have plenty of systems/infrastructure experience, and my current role is as a developer but I also manage all our infrastructure/systems in AWS.

In a couple weeks I'll have a rack with a pair of upstream drops and I am currently trying to design the network. I already have a pair of ASA 5510's and a pair of Catalyst 3650 POE-24 switches (free from a good friend). Initially I was planning to put the firewalls on the edge, but they cap out at 300Mbit and the switches look like they have 2 SFP ports, so I am now thinking I should request fiber drops from the datacenter and put the switches on the edge, and then use traffic shaping on the upstream ports to avoid massive overages (I think that's the way to do it).

Is there a strong/obvious reason to put the firewall on the edge vs the switches?

I don't want to pay someone to set this up for me, since I need to manage it going forward I really want to understand the setup, and I have these devices sitting on my desk at home so I've got 2 weeks worth of my evenings to tinker and setup in preparation for racking them in the datacenter. Is there a good place to get this kind of design feedback, is this a good place?

I have some instincts on how to do things, I understand the concepts and how to do the configuration, but I fear I might just be doing it completely backwards since this isn't something I have real life experience with.



No comments:

Post a Comment