I am developing a system for a residential user-base where I am required to centralize routing for an MDU. I am planning on providing customers with their own VLAN. I need to choose a centralized router/firewall that will route their VLAN to the Internet.
I need to be able to handle at least 300 VLANs. Of course, each VLAN will need a DHCP pool. Each VLAN will source NAT to their own public IP.
I looked at PFsense a while ago, but had scaling issues with adding such a large number of VLANs. It was also difficult to manage at this scale. What are some recommended ways of handling this? I have never run into a situation with these specific requirements. I am also considering using a standard Juniper SRX firewall and using Netconf to provision the VLANs/NAT/DHCP on-demand. I am using 802.1x to dynamically assign customers into their proper VLAN (they can be connecting from multiple locations)
Any Ideas?
Edit: I understand these requirements may sound weird - but I don’t have too much room to change them, it’s what we’re stuck with.
Edit 2: I am only looking for help with the routing portion of this project.
No comments:
Post a Comment