No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
CloudCampus Solution V100R019C10 Deployment Guide for Large- and Medium-Sized Campus Networks (Non-virtualization Scenario)
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Egress Design

Egress Design

Routers and firewalls need to be deployed in the campus egress zone. The routers enable interconnection between internal and external networks, and the firewalls provide border security protection. To ensure reliability, routers and firewalls are deployed in redundancy mode. Device redundancy at the egress is recommended for large and medium-sized campus networks.

Figure 3-7 shows two networking models depending on whether routers need to be deployed. In networking 1, routers function as egress devices. In networking 2, firewalls function as egress devices.

Figure 3-7 Egress network topologies

On a large- or medium-sized campus network, the number of routes on the egress is small (usually less than 1,000 routes). Therefore, the routing table size of the router does not need to be considered. To reduce network construction costs, networking 2 is recommended. That is, firewalls function as egress devices.

If one of the following conditions is met, networking 1 can be used:

  • Egress link type

    If the carrier deploys non-Ethernet links (such as EI, CE1, and CPOS) in the egress zone, it is recommended that networking 1 be used and routers be deployed as egress devices because they support more port types than firewalls.

  • Port quantity and density

    Egress devices are connected to not only the Internet but also enterprise branches or partners through leased lines. In this scenario, considering that routers can provide more interfaces with higher density, it is recommended that networking 1 be used and routers be deployed as egress devices.

  • Protocol type

    If egress devices and external networks run a dynamic routing protocol (for example, BGP), it is recommended that networking 1 be used and routers function as egress devices. This is because routers provide a large routing table size and high performance and multiple routing policies need to be deployed on egress devices.

  • QoS

    If QoS policies need to be deployed on egress devices, it is recommended that networking 1 be used and routers be deployed as egress devices. This is due to the powerful QoS functionality on routers.

Translation
简体中文
Download
Updated: 2021-04-29

Document ID: EDOC1100141247

Views: 120478

Downloads: 622

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :