Hi,
i need to split my LAN to two parts.
On left we have one office with Servers and Linux Gateway (Debian)
On right we have only Linux Gateway (Debian).
I need to connect both locations with Mikrotik Routers - they should work as “Bridge” between both locations,
LAN will be just splitted for two locations. Is that possible to have this same subnet on both sides (reservation of IPs on LAN so not will be doubled).
And how so split traffic between Normal Gateways and Mikrotik Routers ?
In simply words both locations should go by Linux Gateways to reach websites but LAN traffic should go by Mikrotik’s Routers.
First of all it’s kind of hard for me to understand the objectives in this case partly since you don’t explain the reason why you need to split the LAN into two parts and partly because the picture is somewhat difficult to interpret, eg is it the current or target solution you are showing? What are the two red boxes (“ISP routers”)? Are both sides geographically separated or in the same building? If possible, please elaborate your ideas with some more details and it will be much easier to help you.
Furthermore, if both ends use the same subnet they are only switchable. If you want them routable you need to split up the existing subnet in two parts or add a new one.
It depends on how exactly you need to connect them. You could e.g. bridge LAN with EoIP tunnel to remote site and it should work. But you’d have to filter at least DHCP.
If one side is to be relocated then Sob’s suggestion is the fastest and simplest way since you don’t have to do any changes at all regarding the computers. However in the long run if you need more control of the traffic I would concider subnetting.
Hi,
thanks for reply. Reason to split is the firm is relocating.
Part of firm with servers (left side) will be moved “as is”. Nothing changes. (this same ISP, global IP’s etc)
But in my example: One of deparments (right side) will be in separated location (geologically a few km away)
So as i paint on that “simply” diagram i need to connect them side2side by Mikrotik routers (to transfer LAN traffic from one side to other and vice versa).
Additionally i have Gateways setuped up on Linux wich should provide access to websites as they work now.
Please help with choose of proper devices (routers) and make me sure its possible.
It depends what you have in mind regarding speed. If it’s a regular office network (ie gbe) and you only will be routing eoip with perhaps some simple fw rules for internet access most everything will do. You probably want obtain full throttle and retain same speed as the office net so I guess you’ve already prepared for 1Gbit at you ISP. Anyhow let me check and get back to you after lunch.
ps.. since you are going to use the same ISP on both sides it might be worth checking if they are able offer L2 VPN as a service.
I think any of the models down below would suit you needs.. They are all good enough to be able to achieve IPsec at full wire speed (GBE). Which model depends on whether you need to prepare for further expansion, future capacity needs etc.
Personally I’d pick the CCR2004 to be on the safe side and the price/performance is so attractive it’s really nothing to argue about. If you pick this model remember to order the corresponding SFP/eth modules.