Over the next few weeks, I’m going to do a series on network design in the enterprise. It’s funny how a network becomes discombobulated over the years. My experience says that networks are built by guys who are learning, make some simple mistakes that become difficult to fix, and are addressed with bailing wire and duct tape. When I describe this particular network, you’ll see what I mean. In fact, I really don’t mean to disparage the guys who worked before me. I don’t know what constraints they had which caused them to implement technology the way they did. I just know it needs to be fixed.
I’m going to start this post by giving a few constraints and requirements. I’ll give a network diagram as well, and basically approach this as an opportunity for the reader to think through options. If you’re considering the CCDE this type of question will come up on the exam. If you’re not, eventually you’ll see this issue in your career and have to solve it. Frankly, I’ve seen bad designs, but this one ranks right up there as the worst.
Production Network
Most network designers recognize that routing protocols work best when networks are connected in a “triangle”. Not always true, but mostly. So, what happens when you have a box, inside a box as you start the new job? Your goal, and your requirement, is to maintain five-nine availability. Do what you can to make it happen. Let me describe the scenario you’ve walked into.
- You, the network engineer, are supporting four global data centers. Two in the United States and two in the United Kingdom.
- The UK data centers were acquired during a corporate acquisition and are now connected by north-south 10Gbps circuits for primary links, with 1Gbps links for backup/failover.
- The data centers are only connected with a single east-west, 1Gbps DCI circuit.
- Only one trans-Atlantic DCI circuit is used at a time; Austin to Edinburgh is connected with one east-west DCI and San Antonio to London is connected with another east-west DCI.
- The DCI links are routed via static routes and only one circuit is active at a time.
- Each campus network in the US and UK attach to the data centers with point-to-point, 10Gbps links and are running OSPF. There are no other areas outside of area zero, including, MPLS connected remote sites. All site route updates are interrupted with either BGP or static routes.
- Each data center carries an MPLS circuit for remote offices. Only the active, primary data centers on the northern link accept MPLS traffic.
Your job, should you choose to accept it, is to create a dynamically routed network, that will limit asymmetric routes, have reply traffic return to the same path as the request, and use the closest-to-destination ingress points for MPLS. Your options will be relatively limited because this isn’t an entirely Cisco shop. You are free to use OSPF, BGP, and EIGRP because the support staff arr most familiar with those protocols. If there is another option, you may be free to implement, but you have to have business buy-in.
There’s a lot of information to be gleaned from the network diagram. The point is, these are the types of questions you’ll be asked on the CCDE. In fact, you may be asked to do this for your own organization and it’ll be important that you see solutions and potential hazards. Don’t forget to think through technological ability of the staff.
I do have a solution that will work well in this organization. It does involve a protocol change. TheĀ solution will come later on, but this is a good exercise for the technologists out there. Feel free to ask questions in the comments…I’ll answer as quick as I can. Ultimately, I’ll provide the solution I settled on and the testing data I presented to the business units.