Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Key Points of Campus Egress Deployment
Campus egress deployment aims to enable end users on a campus network to access the WAN or Internet and connect branches to the headquarters. Routers and firewalls are typically deployed at the campus egress. Routers provide communication between the internal and external networks, and firewalls provide border security protection.
The campus egress deployment varies according to the services and scale of the campus network.
- For networks with simple link types and egress routes, you can deploy only firewalls as egress devices.
- For large-scale campus networks, directly connect firewalls to routers.
- It is recommended that IPSec be deployed for interconnection between the headquarters and branches.
- Static, OSPF, or BGP routes can be used by egress devices to connect to the Internet. The routing solution for the campus internal network must enable communication between devices and terminals on the campus network, as well as communication between the internal network and external networks. Static routes or OSPF routes are typically used.
- Static route: applies to scenarios with a small number of routes. Static routes can address service requirements in most campus networks.
- OSPF route: applies to scenarios with a large number of routes.
- BGP route: applies to scenarios with a large number of routes. BGP is recommended when multiple links are available between an enterprise and an Internet service provider (ISP) to provide differentiated routing services.