Issues with routing
Solved
Networks
-
@mathourthy Yes, I’ll be here if you need me. Once you’ve moved the first site, you should still be able to ping the other locations as normal
@phenomlab Thanks. Just finished in Manchester, and everything seems to work as it did before - I also have had a connection open to a PC (RDP) in Bristol which has been connected without breaks for about 20 minutes. I had to revamp the config you provided because those switch ports were already in use, but everything else is good to go.
I created the firewall rules on each firewall (in each location) and we are passing traffic with no restrictions. Just waiting for the guys in London and Bristol to finish up and then we’ll perform more tests.
-
@phenomlab Thanks. Just finished in Manchester, and everything seems to work as it did before - I also have had a connection open to a PC (RDP) in Bristol which has been connected without breaks for about 20 minutes. I had to revamp the config you provided because those switch ports were already in use, but everything else is good to go.
I created the firewall rules on each firewall (in each location) and we are passing traffic with no restrictions. Just waiting for the guys in London and Bristol to finish up and then we’ll perform more tests.
@mathourthy sounds positive so far
What sizes are your MPLS circuits and internet circuits?
-
@mathourthy sounds positive so far
What sizes are your MPLS circuits and internet circuits?
@phenomlab see below (these are for both internet and MPLS)
London = 100Mbps
Manchester = 100Mbps
Bristol = 100MbpsAll are provided from the same vendor. Why ?
-
@phenomlab see below (these are for both internet and MPLS)
London = 100Mbps
Manchester = 100Mbps
Bristol = 100MbpsAll are provided from the same vendor. Why ?
@mathourthy Because you could easily dump the MPLS and use IPSec tunnels between the sites. This not only constitutes a saving in terms of no longer needing the MPLS, but traffic passing across these links would be encrypted by default, which isn’t the case with MPLS networks.
The upside of MPLS is that they are 100% private networks, and are not exposed to the internet. This makes them pretty secure by default. In contrast, the downside of IPSec VPN tunnels is that they are public, and exposed to the internet, so could easily be the target of a DDoS attack.
You could also consider SD-WAN as an alternative technology.
-
@mathourthy Because you could easily dump the MPLS and use IPSec tunnels between the sites. This not only constitutes a saving in terms of no longer needing the MPLS, but traffic passing across these links would be encrypted by default, which isn’t the case with MPLS networks.
The upside of MPLS is that they are 100% private networks, and are not exposed to the internet. This makes them pretty secure by default. In contrast, the downside of IPSec VPN tunnels is that they are public, and exposed to the internet, so could easily be the target of a DDoS attack.
You could also consider SD-WAN as an alternative technology.
@phenomlab Yeah, that’s a good point. To be honest, I’ve just taken over the IT stuff here, and still working my way through. I’ll need to have a look at the MPLS contract to see when it comes up for renewal, but thanks for the tip.
-
My guy in Bristol is having issues so need to get on a call with him. I’ll be back as soon as I can.
EDIT - seems the port was dodgy on his switch. We’ve changed it for another one and assigned it the same VLAN. he has an RDP session open to a spare machine here in Manchester.
-
@phenomlab some good news. Since making the changes in Manchester and Bristol, it seems that both sides are now working without any breaks (and have been for the past 20+ minutes). I’m just waiting for the changes to be made in London, so so far so good.
-
@phenomlab some good news. Since making the changes in Manchester and Bristol, it seems that both sides are now working without any breaks (and have been for the past 20+ minutes). I’m just waiting for the changes to be made in London, so so far so good.
@mathourthy great! Thanks for the update.
-
@mathourthy great! Thanks for the update.
@phenomlab Ok, just heard back from my guy in London. He’s finished his end, and…
IT WORKS !!! Thank you so much for everything. You are an absolute LEGEND, and a genius to boot.
-
undefined mathourthy has marked this topic as solved on 7 Sept 2023, 17:48
-
@phenomlab Ok, just heard back from my guy in London. He’s finished his end, and…
IT WORKS !!! Thank you so much for everything. You are an absolute LEGEND, and a genius to boot.
@mathourthy Glad to hear it’s sorted. Let me know if you get any more issues.
