Monday, April 13, 2020

Layer 3 switch with Virtualized firewalling

Colocation-rack with a single HP Procurve 2920 48G (2nd on its way..), and a bunch of servers with various specs. The ISP Demarcation points are 2x gigabit RJ45, connected to two of the ISP's Cisco 3048 switches that's a part of my /29 public IPv4 subnet and handles the routing.

Goal is to have three VLANs;

  1. Management VLAN
  2. Private internal VLAN
  3. Public VLAN with public IPs

And have a PfSense virtualized firewall on two of the physical servers for redundancy.

How would you guys go about setting this up (high level) ? My ideal thought is to set up separate VLANs for all of my external IPs and route between VLANs on the Procurve switch, but I guess most of this could be done on PfSense as well?

Current setup;
ISP Switch A and B ---> 2x gigabit RJ45 ---> HP Procurve 2920-48G ---> Bunch of servers (I actually only need half of them, hence the suggestion of software firewalling)



No comments:

Post a Comment