I have 8 sites and each site has a connection to a trunk layer 2 virtual circuits. So I have 28 tagged virtual circuits to maintain.
Is it ideal to have this mesh backbone? As far as I can tell, the mesh doesn't help at all since each link is just a vlan we terminate on both ends. The argument before was it provides redundancy.
In my opinion, that was false claim. The underlying network (providers) has redundant links. Our backbone network is just an overlay, so the mesh just added complexity. We have a single physical connection to the provider (trunk link), when there was a fiber cut on the provider side, the mesh didn't help at all.
Should I just make this backbone a /28 and maintain one subnet instead of 28?
Also, it seems like our enterprise is morphing into multi-tenant environment. Each tenant must be segregated from each other. However, the tenants must have access to our compute nodes. One of the tenant must have access to Internet2 only and another tenant must have access to our compute nodes and the Internet. Currently, the network is on the master/global table.
The tenants will come-in in a few weeks. My plan is to use end-to-end vrf-lite for each tenant and create a tenant vlan in the backbone. I will provide a /31 public address between me and a tenant. My backbone master/global table is using is-is for internal routes and ibgp for public routes.
Do I need to spin up another is-is for each tenant backbone vlan?
Is there a way easier way of doing this that is easy to learn in a pinch situation?
No comments:
Post a Comment