Right now we have a large number of locations running off DSL and VPN connections back to HQ. We have issues with the VPN connections losing connection pretty frequently. To the point the department has alert fatigue. To fix this I want to set up OSPF and get T1's. But I have not setup OSPF outside of lab environments and my limited experience to firewalls has left a bit of a gap in how to work this out.
Question is, would I set up OSPF on the L3 switches directly, and on the area boarder connections, would I then place the MX for all the traffic leaving and entering my OSPF network? Would I then pull the MX's from all the sites that ONLY have a T1 connection. So then only the 3-5 Larger of our office locations would have direct access to the internet and would have the only firewalls. and the other 20+ would only get data from one of the larger 5 locations and not need a firewall?
Also how does VPN connection compare to T1. I know a VPN takes a good bit of overhead so the DSL connection would be weighted down by that but I don't know by how much. If the alternative was 25mb cable, would that be a better alternative? (Most locations only have DSL access but a few offices are in town and can get real internet.)
I am sorry if this comes across as a bit elementary, most of my experience has been with local single location networks. So I am sure I am missing something. Any online documentation you can point me towards would be helpful as well.