Router question
Hi
A scenario question...
An HQ exists with 10 branch offices. HQ contains around 100 people, branch offices about 30-50 people.
The branch offices are connected to HQ via a leased line connection using a Cisco 2600 series router. The entire network layout is a hub and spoke, with HQ having a leased line connection to all branch offices, but the branch offices having one connection to the HQ.
WHat sort of router is recommended for the HQ? A 2800 series, or something bigger/ more powerful?
Thanks.
A scenario question...
An HQ exists with 10 branch offices. HQ contains around 100 people, branch offices about 30-50 people.
The branch offices are connected to HQ via a leased line connection using a Cisco 2600 series router. The entire network layout is a hub and spoke, with HQ having a leased line connection to all branch offices, but the branch offices having one connection to the HQ.
WHat sort of router is recommended for the HQ? A 2800 series, or something bigger/ more powerful?
Thanks.
Comments
-
keenon Member Posts: 1,922 ■■■■□□□□□□your looking at something starting out in the 3640 on up.. something that can support a sub-rate DS3 to full DS3 without choking.
will this HQ router be the internet router as well? i hope notBecome the stainless steel sharp knife in a drawer full of rusty spoons -
Dilan77 Member Posts: 37 ■■□□□□□□□□Thanks
As for the internet router - wouldn't it be more effecient to have the branch offices' 2600 routers to have an interface that connects them directly to the local ISP (and therefore internet) rather than relying on HQ?
All routers will also be configured with an ISDN backup line.
What do you think? -
keenon Member Posts: 1,922 ■■■■□□□□□□i would rather not have each branch with its own internet connection.. as each branch would require managing individual security.
now using another router at HQ to connect to the internet, there you would have a central security to manage for your entire network. you could have a router, firewall and/or some sort of packet shaper. along with centralized servers as well
leased line option is good as well but if all your branches are in the same city you may want to look at frame relay as cost may be cheaperBecome the stainless steel sharp knife in a drawer full of rusty spoons -
Dilan77 Member Posts: 37 ■■□□□□□□□□keenon wrote:i would rather not have each branch with its own internet connection.. as each branch would require managing individual security.
now using another router at HQ to connect to the internet, there you would have a central security to manage for your entire network. you could have a router, firewall and/or some sort of packet shaper. along with centralized servers as well
Could the same 3640 be used for the internet access, or would a different router altogether be safer? -
keenon Member Posts: 1,922 ■■■■□□□□□□Dilan77 wrote:keenon wrote:i would rather not have each branch with its own internet connection.. as each branch would require managing individual security.
now using another router at HQ to connect to the internet, there you would have a central security to manage for your entire network. you could have a router, firewall and/or some sort of packet shaper. along with centralized servers as well
Could the same 3640 be used for the internet access, or would a different router altogether be safer?
i would hope not, but i know money can be a factor.. so i would think on looking at the 3800 series but that is also going to create some major config work not including a total single point of failure
what is the total background on this?Become the stainless steel sharp knife in a drawer full of rusty spoons -
Dilan77 Member Posts: 37 ■■□□□□□□□□keenon wrote:what is the total background on this?
I've got a friend working in a place where they use VPN's at the moment to connect each office to HQ, but they want leased lines, and I was curious as to what his options were.
I think they're going to go with individual internet for each branch though... -
Paul Boz Member Posts: 2,620 ■■■■■■■■□□Having a leased line AND local internet charges is going to be really expensive... to the tune of out-costing (is that even a word?) the cost of a bigger pipe at the main office that runs through an edge router for the entire network. If they routed all of their internet traffic through the main office they could impliment stronger security maintain more uptime due to a higher quality of service on the main data connection (assuming that they go with el cheapo business class cable/dsl at the field offices as the alternate option), and monitor their bandwidth usage more.CCNP | CCIP | CCDP | CCNA, CCDA
CCNA Security | GSEC |GCFW | GCIH | GCIA
pbosworth@gmail.com
http://twitter.com/paul_bosworth
Blog: http://www.infosiege.net/ -
keenon Member Posts: 1,922 ■■■■□□□□□□depends on what the cost they can spend and the requirements that need to be met.
in a decent plan .. being that i'm in the US ( lmao)
depending on if all the branches are geographically in the same region( city, state)
1. i would weigh broadband (cost saving but not guarantee on service) but that would requires some sort of firewall/vpn device to connect to HQ and internet ( being that your using the internet) it should be able to support the total users of each branch.
2. i would look at leased or frame (a bit more costly but service guaranteed) as an option security devices wouldn't be required at each location (cost saving) cheaper routers could be used at each site, HQ would require at best 2 routers( 1 for internet and 1 for site termination)
optional firewall between internet router and HQ network, central network services/resources ( file servers, DHCP, ect)Become the stainless steel sharp knife in a drawer full of rusty spoons -
Dilan77 Member Posts: 37 ■■□□□□□□□□keenon wrote:depends on what the cost they can spend and the requirements that need to be met.
in a decent plan .. being that i'm in the US ( lmao)
bloody yankskeenon wrote:depending on if all the branches are geographically in the same region( city, state)
1. i would weigh broadband (cost saving but not guarantee on service) but that would requires some sort of firewall/vpn device to connect to HQ and internet ( being that your using the internet) it should be able to support the total users of each branch.
What they're using already, but very unreliable, hence why they want to move to....keenon wrote:2. i would look at leased or frame (a bit more costly but service guaranteed) as an option security devices wouldn't be required at each location (cost saving) cheaper routers could be used at each site, HQ would require at best 2 routers( 1 for internet and 1 for site termination)
optional firewall between internet router and HQ network, central network services/resources ( file servers, DHCP, ect)
Do you think using 1 router (interfaces for ISP connection and leased lines to branches) but with HSRP (so 2 in reality) would be better? The router would advertise a default route to the internet? Or, as you say above, 2 routers carrying out different roles?
Thanks for your input, much appreciated.. -
keenon Member Posts: 1,922 ■■■■□□□□□□Do you think using 1 router (interfaces for ISP connection and leased lines to branches) but with HSRP (so 2 in reality) would be better? The router would advertise a default route to the internet? Or, as you say above, 2 routers carrying out different roles?
Thanks for your input, much appreciated..
1 router is still a single point of failure if all the branches terminate on it and the internet is out of it as well.
better choice 1 router to the internet> firewall/security device> switch> main router for branch sites> branch site
only 1 security device needed
now if redundancy becomes a hot spot you can add 1 more device to each of the main sites gear and seconday link at branches that terminate on another router at the branch
i'm starting to think i'm going to need a consulting fee or send me a 3560..lolBecome the stainless steel sharp knife in a drawer full of rusty spoons -
Dilan77 Member Posts: 37 ■■□□□□□□□□keenon wrote:Do you think using 1 router (interfaces for ISP connection and leased lines to branches) but with HSRP (so 2 in reality) would be better? The router would advertise a default route to the internet? Or, as you say above, 2 routers carrying out different roles?
Thanks for your input, much appreciated..
1 router is still a single point of failure if all the branches terminate on it and the internet is out of it as well.
better choice 1 router to the internet> firewall/security device> switch> main router for branch sites> branch site
only 1 security device needed
now if redundancy becomes a hot spot you can add 1 more device to each of the main sites gear and seconday link at branches that terminate on another router at the branch
cool, makes sense, many thanks!keenon wrote:i'm starting to think i'm going to need a consulting fee or send me a 3560..lol
hehe..