A cleaner look at my Network Layout

This is my latest network layout. I now have port channels using the Etherchannel protocol between my physical 3560 "core" switch and a Nexus 1000V switch in each of my 2 ESXi hosts. One of my ESX hosts, ESX2, I use for testing purposes and the other ESX host, ESX1, is more or less used for my production network. I have my BES (BlackBerry Enterprise Servers), Active Directory, Exchange, DNS and web servers (ie: this site!) on ESX1. I have other devices not pictured taken from the virtual product portfolio of Cisco's....devices like ASA1000V, VSG, virtual email security appliance (ESAv) and virtual web security appliance (WSAv). My main firewalls are currently Cisco ASAv (virtual ASAs) configured Active/Standby between the two ESXi hosts.

Lots of fun!


Added a Cable Internet connection

Today I had Rogers install a 2nd (cable) Internet connection at my home office to complement the existing DSL Internet connection. I now have the DSL service with its 5 static IP addresses NAT'd to my various servers (VPN, www, mail, etc....) and the cable Internet connection for when I have a need for speed. The DSL service is 6 Mbps downstream, 800 Kbps upstream. The cable Internet service is 40 Mbps downstream, 3 Mbps upstream. This is perfect for when I need to access my lab for demos, etc. The Cisco ASAv and the Cisco 2911 ISR are both set up as VPN servers -- IPsec and SSL.

I have the Cisco 2911 set up for policy-based routing. Inside clients (ie: me, the kids and the wife!) with dynamic IP addresses on the inside network will be routed out the cable modem, whereas my servers' connections are NAT'd and routed out the DSL connection. My IPv6 6to4 tunnel broker uses the DSL service, too, since it needs a static IP address for the tunnel endpoints.

Pretty Quick for North American broadband....


Do you have a Visio diagram that I can download? Thanks! (Earl)