I am budgeting infrastructure for a project and would appreciate some feedback.
We are colocating a rack and I am planning to have 2 CCR1016-12G using VRRP.
The routers are supposed to provide the following services:
- Routing
- Firewall
- VPN with some cloud servers.
behind them we’ll have a few servers and beefy NAS.
I am wondering about a few things:
- Given that we dont have a lot of connections, do I need to plan for 2 switches (redundancy) or efficiently using the 12 ports that I already have will work well?
- Each servers has at least 2 network ports each. I plan to connect to both routers for redundancy.
- Out of band access / VPN: to have remote access, we plan to have a VPN server but I am worried about DDOS. Is there some best practice here?
- Does Mikrotik support any kind of 2FA, U2F or similar?
Looking forward to using Mikrotik devices so I would appreciate any feedback or suggestions?