S******n 发帖数: 617 | 1 公司A买了公司B,现在要并网。假如我在A,头头要个并网计划1,2,3,4,5。
我是两眼一抹黑呀,从哪里开始下手都没谱,敢问各位老大分享一下经验吧,
介绍点思路,注意事项啥的? 或者告诉我哪里找案例借鉴借鉴?
//拜谢! | s*****g 发帖数: 1055 | 2 You first need to achieve internal IP layer network connectivity.
A few things I would ask first:
1) Do A and/or B have existing VPN (typically IPsec) infrastructure in place
?
2) Do A and B use the same or different internal IP address space?
I can only speak of Cisco equipment, I assume eventually you will need to
run routing protocol/multicast between A and B, so you need to purchase ISRs
or 7200 to serve as VPN headend routers that can do GRE/IPsec if you don't
have them already.
If A and B
【在 S******n 的大作中提到】 : 公司A买了公司B,现在要并网。假如我在A,头头要个并网计划1,2,3,4,5。 : 我是两眼一抹黑呀,从哪里开始下手都没谱,敢问各位老大分享一下经验吧, : 介绍点思路,注意事项啥的? 或者告诉我哪里找案例借鉴借鉴? : //拜谢!
| S******n 发帖数: 617 | 3 太好了,非常感谢!!
place
ISRs
t
【在 s*****g 的大作中提到】 : You first need to achieve internal IP layer network connectivity. : A few things I would ask first: : 1) Do A and/or B have existing VPN (typically IPsec) infrastructure in place : ? : 2) Do A and B use the same or different internal IP address space? : I can only speak of Cisco equipment, I assume eventually you will need to : run routing protocol/multicast between A and B, so you need to purchase ISRs : or 7200 to serve as VPN headend routers that can do GRE/IPsec if you don't : have them already. : If A and B
| z**r 发帖数: 17771 | 4 赞这么详细
place
ISRs
t
【在 s*****g 的大作中提到】 : You first need to achieve internal IP layer network connectivity. : A few things I would ask first: : 1) Do A and/or B have existing VPN (typically IPsec) infrastructure in place : ? : 2) Do A and B use the same or different internal IP address space? : I can only speak of Cisco equipment, I assume eventually you will need to : run routing protocol/multicast between A and B, so you need to purchase ISRs : or 7200 to serve as VPN headend routers that can do GRE/IPsec if you don't : have them already. : If A and B
| z**r 发帖数: 17771 | 5 先不要急着1、2、3、4、5,先花些时间把A和B的网络搞清楚,这个算0吧。很多公司的
IP space是基于RFC1918,所以很可能相互重叠,先设计一个过渡期的方案,比如弄一
些tunnel,在某些地方做NAT什么的,如果网络比较大,还可以使用MPLS VPN来简化重
新设计,比如直接把B的网络放在一个VRF里,然后有选择性的leak routes就可以了。
【在 S******n 的大作中提到】 : 公司A买了公司B,现在要并网。假如我在A,头头要个并网计划1,2,3,4,5。 : 我是两眼一抹黑呀,从哪里开始下手都没谱,敢问各位老大分享一下经验吧, : 介绍点思路,注意事项啥的? 或者告诉我哪里找案例借鉴借鉴? : //拜谢!
| l***y 发帖数: 791 | 6 IP: VPN can be a solution for the interrim;
Auth: Radius with directed realms can be solution for the interrim.
Voip: gk-gk or federation for SIP can be the solution for the interrim
mgmt system: some level of integration should be easy.
i'd plan for consolidation in gradual steps what's easy on the budget and
strengthening the current designs, as well. Usually it's not that hard with
twice amount of equipment. maybe i'll be able to free up some equipments for
expansion and that's nice, too.
my
【在 S******n 的大作中提到】 : 公司A买了公司B,现在要并网。假如我在A,头头要个并网计划1,2,3,4,5。 : 我是两眼一抹黑呀,从哪里开始下手都没谱,敢问各位老大分享一下经验吧, : 介绍点思路,注意事项啥的? 或者告诉我哪里找案例借鉴借鉴? : //拜谢!
| z**r 发帖数: 17771 | 7 and job security? :)
with
for
【在 l***y 的大作中提到】 : IP: VPN can be a solution for the interrim; : Auth: Radius with directed realms can be solution for the interrim. : Voip: gk-gk or federation for SIP can be the solution for the interrim : mgmt system: some level of integration should be easy. : i'd plan for consolidation in gradual steps what's easy on the budget and : strengthening the current designs, as well. Usually it's not that hard with : twice amount of equipment. maybe i'll be able to free up some equipments for : expansion and that's nice, too. : my
| l***y 发帖数: 791 | 8 that goes without saying! :)
【在 z**r 的大作中提到】 : and job security? :) : : with : for
| w*******e 发帖数: 1622 | 9 偶怎么觉得两个domain之间建个trust就能搞定了呢?
【在 z**r 的大作中提到】 : 先不要急着1、2、3、4、5,先花些时间把A和B的网络搞清楚,这个算0吧。很多公司的 : IP space是基于RFC1918,所以很可能相互重叠,先设计一个过渡期的方案,比如弄一 : 些tunnel,在某些地方做NAT什么的,如果网络比较大,还可以使用MPLS VPN来简化重 : 新设计,比如直接把B的网络放在一个VRF里,然后有选择性的leak routes就可以了。
| l***y 发帖数: 791 | 10 en, get requirements first. many things might be consolidated, web services,
mail hubs, dns, dmzs, payrolls like sap, etc., then there will be routing
needs, your plans are good for the routing needs. the sizes, complexities,
and applications needs (i.e. multicast or no multicast, will there be many
networks stretched, etc) will dictate the solution.
【在 z**r 的大作中提到】 : 先不要急着1、2、3、4、5,先花些时间把A和B的网络搞清楚,这个算0吧。很多公司的 : IP space是基于RFC1918,所以很可能相互重叠,先设计一个过渡期的方案,比如弄一 : 些tunnel,在某些地方做NAT什么的,如果网络比较大,还可以使用MPLS VPN来简化重 : 新设计,比如直接把B的网络放在一个VRF里,然后有选择性的leak routes就可以了。
|
|