Hi,
I have a configuration where a customer LAN has two separate fibre links via two separate switches.
I have to add a ROS router as each end, both connected to both switches.
Data needs to route from behind the ROS routers to the other end transparently over both fibre links (or failover transparently)
I need to ensure data separation between our data and their data
I can’t easily change their switch configuration and don’t know what it’s capabilities are.
Ideally I need to ensure the data is secure, so authentication and perhaps encryption is required.
So, what is the best way of doing this. Ideally with examples of known working configurations?
What I do know:
Sadly, I can’t use MLPPP as the MLPPP server is nonexistent in ROS
I could use VRRP, but this puts a configuration restriction on the customer LANs
I could use VLANs + RSTP, but this would mean re-configuration of the customer switches.
Would this make sense?
Setup two secure point to point links, e.g. PPPoE or L2TP, thus presenting two local IP interfaces at each end
Run VPLS or EoIP to join the two pairs of L2 networks over the two IP interfaces
Then bridge the two L2 networks at both ends with RSTP
Or, would PPTP with BCP be the correct solution?
TIA