Hey guys.
Excuse my ignorance but I am having a hard time wrapping my head around a conversation we are having with our ISP.
Here's the situation:
We recently implemented HA into our SD-WAN environment. Previously we had two separate carriers plug directly into the SD-WAN appliance interfaces. With the additional appliance, we implemented a l2 unmanaged switch to utilize multiple IPs from the /29 ISP blocks. The switch is set to autonegotiate. The switch is autonegotiating at 1000Mbps on both connections. Both connections were originally set to 100 Full duplex which caused a duplex mismatch along with huge performance issues. ISP A set their NID to autonegotiate with no issue. ISP B is refusing to change the negotiation speed on the NID. They have proposed implementing a second circuit but we'd prefer not to do that as it will take 3 months at best. The second solution they have proposed is to implement a managed l2 switch.
I did not want a managed switch originally as it sits outside of the firewall and I don't want a publicly accessible switch in the DMZ. They are stating that I could create a private VLAN on said manage switch then leave the ports for the ISP connection untagged. I'm having trouble seeing how this would work as this switch will have no connection to my campus switches and should just have the circuit plugged into it with two ethernet cables running to each SD-WAN appliance.
Any guidance?
No comments:
Post a Comment