A managed office provider has a high bandwidth leased line providing internet access to the building. The building hosts a number of different tenants who have different demands for internet connectivity. Within the building Internet access is sold to each tenant on a bandwidth basis with some tenants paying more for higher bandwidth access. The office provider needed a router to manage firewall, NAT, port-mapping and importantly, traffic management for each tenant.
A FireBrick 2700 was chosen as the router, and with the traffic shaping features individual tenants were given the appropriate bandwidth. The FireBrick has each tenant on a separate VLAN, most tenants have their own Ethernet router with the WAN side set to obtain IP addresses from the FireBrick. The office provider is able to assign public IPs to tenants if required by way of port-maps.
The company started using a FB2700 with a 300Mbit/s leased line, they later upgraded to a FB6000 and a 1Gbit/s. The upgrade process was seamless, as the configuration file was able to be copied from the FB2700 to the FB6000 with very minimal changes.
Shaping rules manage the bandwidth allocated to each tenant.
IPv4 and IPv6 firewall rules are in place
Each tenant is in their own VLAN
(All the network diagrams on these case study pages are very rough representations and are not an accurate representation of live networks)
