Sorry about the lapse in posts. I recently agreed to help out with a tight-budget, grant-funded project for the organization that gave me my first gig as a networker. So, along-side my normal 9 to 5, I'm consulting one to two days a week. Yup. I smile fondly at the reminiscence of what a full weekend once felt like.
Now, while it feels great to be helping out a non-profit in its time of need, it can be tough working within the (sometimes nonexistent) budget and only utilizing the existing hardware. Unfortunately, that's the way it goes sometimes, and I'm sure many of us have had a client where we just had to bite the bullet and work with what we've got.
Okay...Maybe we should narrow the acceptable spectrum of "what we've got."
Luckily for me, this has been a fantastic learning experience for making the best of a tough topology, putting your nose (or, you know, fingers...) to the CLI and making it happen. I'll post the full, sanitized, rundown of this interesting implementation either tomorrow or Saturday, but I'll give you a teaser:
You have a 3550 on your edge which hands off to two ISPs, one of which you just installed for IP SLA failover. Off of the 3550 you have an 1841 ISR which, lucky for you, does your PAT, terminates one end of a GRE tunnel that runs over MPLS via your primary ISP to a 3rd party server farm, and now also has to terminate a backup L2L IPsec VPN across your second ISP to said server farm's second ISP hand-off.
Here's the kicker: Your 1841 only has two interfaces, Fa0/0 (outside) and Fa0/1 (inside), and the downtime of rebuilding the edge from scratch is unacceptable.
No comments:
Post a Comment