[j-nsp] Design question

Johan Borch johan.borch at gmail.com
Tue Dec 29 06:57:34 EST 2009


Hi!

I'm about to setup a new data center solution for a customer and would like
to know what people think.

The equipment that is going to be used it EX-series for core/access and SRX
as firewall. The data center is going to house a lot of different customers
and they need to be completely separated from each other. I was thinking
something like this:

One routing-instance per customer on the ex-switch and one matching
routing-instance/security-zone on the SRX. Those customers that want total
separation will have it via the routing-instance and the client networks can
be connected via the SRX and the customers own IP-series can be used. Lets
say I have a bunch of these customer areas and for example 5 of these need
to talk between the routing-instances or go to Internet via the SRX, how
would I solve that, can I import/export routes via routing-instances? I also
would like to use OSPF for routing, how would I design the areas?

server-access---EX ------ SRX -- Internet/tunnels/access to client
networks...

Do this sound like a strange/stupid/wrong design? I have not been working
with routing-instances before but it sounds like a neat solutions to
complete visualization.

Regards
Johan


More information about the juniper-nsp mailing list