We are utilizing the Megaport Service Exchange Product for connectivity into Azure and AWS and are planning to connect our two physical datacenters together with it also and drop the current site-to-site VPN connectivity.
They offer a VXC (virtual cross-connect) for this purpose, but it must be a unique tagged VLAN, cannot be an untagged VLAN, and cannot be a VLAN trunk.
I'm noodling through how to set this up and hoping someone can let me know if I'm on the right track.
Here is how we're currently configured:
Both datacenters have unique L3 subnets for each VLAN and their own gateway to the internet. The VXC is delivered straight to each switch via fiber. VLAN routing is done in our gateway/firewalls, not on the switch. (Hold over from initial set up 12+ years ago - if it ain't broke ...)
I'm thinking to make this work - just create a unique VLAN on the VXC, assign it a small subnet, give each gateway an IP on that subnet, add the VXC VLAN to the gateway trunk port, then add static routes at each end pointing to the gateway IP so the subnets at the other end will be accessible.
Does this make sense?
No comments:
Post a Comment