[c-nsp] Multihoming

[Nathan Ward]

> I was thinking about vlan'ing each switch into half public half private side also.  Any pointers or tips or recommendations would be greatly appreciated.  It's been a while since doing this type of stuff.

Configure ports as you need them, don’t mess about pre-defining blocks of ports for certain uses, or trying to group ports together based on some requirement. Within a line card or where all ports are functionally equal, the only guide about which port to use for which thing should be when that thing showed up, and if multiple show up at the same time, whichever port makes the cabling easier.

Trying to come up with some sort of policy about which ports to use for things is going to need to be broken and have exceptions at some point - it always does, and if you’ve trained people that the first half of the switch is one thing and the second another, they’re going to get confused and break something when that isn’t true anymore.

Don’t put routers or firewalls or whatever in the last port like some people do, they are just hosts like everything else and at some point you’re going to need to move from one to another to upgrade and now you’re using the second to last port. Same goes for other switches you might connect, same reasoning.

--
Nathan Ward