Enterprise network as an ISP with a single huge customer

• Previous message (by thread): Enterprise network as an ISP with a single huge customer
• Next message (by thread): Enterprise network as an ISP with a single huge customer
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

13.06.2015 05:35, Randy Bush wrote:
>>> i have seen a lot of this done with firewall devices and vlans.  with
>>> vlans or mpls, you can make spaghetti without wires, one wheat and one
>>> semolina.
>>
>> oh absolutely. you can use many tools to lop off your fingers, my
>> point was that things like mpls (or vlans) provide a nice other tool
>> to use along with your firewalls and such.
>>
>> of course you ought not willy-nilly go crazy with this, but... imagine
>> if the 'hr department' were in one contiguous 'VRF' which had a
>> defined set of 2-3 exit points to control access through... while
>> those willy 'engineers' could be stuck in their own ghetto/VRF and
>> have a different set of 2-3 exit points to control.
>>
>> Expand your network over many locations and in large buildings and ...
>> it can be attractive to run a 2547 network that the company is a
>> 'customer' of, or so I was thinking :)
>
> i have seen people successful with this with mpls and with vlans with
> non-mpls tunnel tech (e.g. ipsec for the paranoid).  i have seen them
> screw the pooch with both.
>
> randy
>

You can compartmentalize your network in lots of ways. What I'd like to 
know is what ways failed harder in other peoples experience (or at least 
faster).

I'm not sure doing it ISP style is better, but I think it has some 
benefits. Then again, the opposite is true as well, less complexity 
means more stability. Usually.

• Previous message (by thread): Enterprise network as an ISP with a single huge customer
• Next message (by thread): Enterprise network as an ISP with a single huge customer
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]