Since my last post on my home network, some things have changed slightly. It is a given that I can get quite obsessed with documentation – which I think it’s a good thing – and that applies to my home/lab network too. It is a lot of work in the beginning but experience has taught me that it *always* pays off in the long run.

Another reason of writing this blog is so that, if you ever need to do something similar, at least you have another setup you could use to inspire you!

So here is version 2 of my network physical topology at home.

Home-Network-01

In the above diagram I’m only showing Layer3 (IP Addresses) information as it pertains to the management network which coincides with my actual LAN. So for example, when I’m doing VMware labs, I’d connect to my ESXi host via 192.168.1.233; if I’m doing INE workbook labs, I will then connect via 192.168.1.249; etc.

Next, I will show you few more details regarding physical connectivity of the actual Lab.

home-lab-network-05

To clarify, all my kit connects to two networks – one is the management network (i.e. my LAN); the 2nd network is simply a L2 broadcast domain only which could be sitting on any other vlan, *apart* from VLAN 1. The lab VLANs would then terminate on the Juniper switches. This how I am isolating my LAN from my LAB.

But let me give you a scenario, as an example.

SCENARIO / EXAMPLE

Let’s say that I’m doing a lab whereby I would like to test connectivity between a Juniper SRX firewall and a Cisco router running on my Dynamips server. Furthermore, I would like to cluster my two SRXs.

example-06

Keep in mind that I will not be doing here a full write-up on a full end-to-end connectivity. I will be only showing you the mainstream ideas.

So let me explain …

Connecting the Juniper SRXs: To cluster the SRXs I will need at some stage connectivity between the two eth-0/7 interfaces – this would work as the control link. I would therefore do this through the Junipers switches so that eth-0/7  interfaces are connected on the same VLAN – let’s say VLAN10 – “SRX-CTL”. Furthermore, assuming my Untrust interface is eth0/0, I would then set this interface to connect on another, different VLAN – say, VLAN20 – “SRX-UTRUST”.

Connecting the virtual Cisco Router: When creating my .NET file (dynamips topology file) I will connect R1’s Fa0/0 interface to the nio_gen_eth eth1. Notice that this interface, connects to the Juniper’s ge-0/0/10 interface. So this interface would have to be on the same vlan VLAN20 – “SRX-UTRUST”.

Here is the actual L1/L2 topology:

example-4


Thank you,
Signature
View Rafael A Couto Cabral's profile on LinkedIn



Comments are closed.