Currently I have space in a datacenter (DC) where the DC supplies a copper cross-connect. The cross-connect is attached to a Procurve 3400CL Layer 3 switch. The switch is feeding 5 firewalls. I manage the switch via a private management vlan, the cross connect is on a separate vlan with the firewalls. There is no IP address assigned to the public vlan. Simple.
We are moving locations in the DC, and our network configuration in changing. In the new config the DC will allocate us a /30 network, via a fiber cross-connect. Our existing IP range will sit behind the /30. So we will need some very simple routing to make this work.
Is it safe to harden the config on the switch and use its layer 3 capabilities to handle this setup. My main concern is assigning a public IP address to the switch. Putting a public ip on a switch feels wrong, but maybe it is okay? Using this equipment would be preferable to adding a new router or firewall to handle this traffic.
Any thoughts or experience with this?
Any better hardware suggestions?
We are not a huge organization, budget is a factor.
No comments:
Post a Comment