[183054] in North American Network Operators' Group
Re: Branch Location Over The Internet
daemon@ATHENA.MIT.EDU (Colin Johnston)
Tue Aug 11 15:03:28 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <CAMDdSzN2HORMjUJbxGXZ1pp2JWb+uj_QrCVwyrf8vRhnj+Kj9Q@mail.gmail.com>
From: Colin Johnston <colinj@gt86car.org.uk>
Date: Tue, 11 Aug 2015 20:01:17 +0100
To: Colton Conor <colton.conor@gmail.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
sophus utm is the ideal technology for this requirement and vmware image wor=
ks well for virtual device
colin
Sent from my iPhone
> On 11 Aug 2015, at 19:21, Colton Conor <colton.conor@gmail.com> wrote:
>=20
> We have an enterprise that has a headquarter office with redundant fiber
> connections, its own ASN, its own /22 IP block from ARIN, and a couple of
> gigabit internet connections from multiple providers. The office is taking=
> full BGP routes from tier 1 providers using a Juniper MX80.
>=20
> They are establishing their first branch location, and need the branch
> location to be able to securely communicate back to headquarters, AND be
> able to use a /24 of headquarters public IP addresses. Ideally the device=
> at the HQ location would hand out public IP address using DHCP to the othe=
r
> side of the tunnel at the branch location.
>=20
> We know that in an ideal world it would be wise to get layer 2 transport
> connections from HQ to the branch location, but lets assume that is not an=
> option. Please don't flood this thread about how it could be an option
> because it's not at this time. This setup will be temporary and in service=
> for the next year until we get fiber to the branch site.
>=20
> Let's assume at the branch location we can get a DOCSIS cable internet
> connection from a incumbent cable provider such as Comcast, and that
> provider will give us a couple static IP address. Assume as a backup, we
> have a PPPoE DSL connection from the ILEC such as Verizon who gives us a
> dynamic IP address.
>=20
> What solution could we put at the HQ site and the branch site to achieve
> this? Ideally we would want the solution to load balance between the
> connections based on the connections speeds, and failover if one is down.
> The cable connection will be much faster speed (probably 150Mbps down and
> 10 Upload) compared to the DSL connection (10 download and 1 upload). If w=
e
> need more speed we can upgrade the cable modem to a higher package, but fo=
r
> DSL that is the max speed so we might have to get multiple DSL lines. The
> cable solution could always be used as the primary, and the DSL connection=
> could only be used as backup if that makes things easier.
>=20
> If you were to do this with Juniper or Cisco gear what would you have at
> each location? What technology would you use?
>=20
> I know there is Pepewave and a couple of other software solutions that see=
m
> to have a proprietary load balancing solutions developed, but I would
> prefer to use a common Cisco or Juniper solution if one exists.
>=20
> There will be 50 users at the branch office. There is only one branch
> location at this time, but they might expand to a couple more but under 10=
.
