Metro Ethernet implementation questions

I am planning a Metro Ethernet upgrade for a network I manage. This is the first time I’ve implemented Metro on any network. I’m looking for some suggestions and answers to a couple questions regarding this upgrade.
The current network is Hub and spoke connected by copper lines to 17 different locations from a DS3 @ our HQ. HQ also has a DS3 to the internet which the branch locations go out for internet. At our branches we have a private and public network on different subnets. Each branch location has either a T1 or bonded T1 connected to a Cisco 2801 router then to Netgear PoE managed switch(s).
The upgrade of the DS3 for internet is going to 100 meg. The data side will also be 100meg at HQ, 10meg to our small locations and 100meg to the large.
My question is what do I need to be aware of on our existing network that must change to get this working?
1)      Will I simply go from the layer2 Metro Switch to our router?
2)      Should I remove the router and go directly to the Netgear switch?
3)      Do I need to VLAN the private and public networks?
4)      Do I need to change routing tables?
Thoughts and/or suggestions welcome.
Let me know if more information is required to assist in answers.

I think it would be better to include Cisco Account Manager/SE for this upgrade, they can guide you better and can come up with LLD for this upgrade, otherwise upgrading your 17 sites without proper planning can cause you serious issues.

Similar Messages

  • Metro Ethernet Design question

    I was wondering how service providers guarantee their security protection in the Metro Ethernet model, especially when Internet is one of the applications used over the Metro network.
    For example: The customer edge switch (3550) is connected directly to the service provider aggregation layer(either Cisco Catalyst 4500 and 6500 Series switches ) .
    In the network core, Cisco 12000 or Cisco 7600 Series routers.
    So where is the security devices in this architecture, where is the firewalls, the IDS/IPS, that protects the service provider core from any threats.
    Providing the customer with Internet in Ethernet switching technology the service will put the provider in a vulnerable position.
    Am I thinking wrong here?

    The CE will be hardened using storm control both multicast as well as broadcast on the ports where the end users are connected.
    About the accesiability between the other users who are connected on the ports of same switches you have switchport security coded which will take care of the access violation part.
    Also the maximum no of MAC address which can be permitted/allowed over the ports.
    This inturn will send u a trap and can shut the port if theres any violation detected on those ports..
    In the next layer where u say 6500 or 7600 u will have FWSM modules which will be taking care of filtering and other funtionalities which is very much similar to a standalone PIX firewall.
    you can have redundandcy or even load balancing with
    the FWSM modules over there in the 6500 switches.
    And ofcourse the IP addressing schemes deployed would be in private scopes and will have either NAT pools or PAT enabled in the FWSM.
    you got to have more n more ACLS on all the devices to mitigate the general known worms/virus or their variants in the network applied in applicable points.

  • Metro Ethernet 3550 IOS

    Just a basic question:
    Is there an recommended IOS version for a Cat 3550 acting as a U-PE in a Metro Ethernet implementation?

    The Catalyst 3550 will now provide limited support for Policy Based Routing (PBR), while Catalyst 3550 Metro Ethernet users can benefit from Layer 2 Tunneling Protocol enhancements, which allow configuration of drop and shut-down thresholds based on ingress packet rates.

  • Basic:Metro Ethernet and DWDM vs SONET question

    Hey, my understanding is that in order to deliver Metro Ethernet solutions, one system must be based on DWDM.
    SONET, for example, cannot deliver Metro Ethernetsince that is based on TDM (not Ethernet, duhhh).
    If the above is right, so I want to confirm that there is no other technology out there besides DWDM which can deliver Metro Ethernet services for enterprise customers?

    Any number of underlying technologies can be used to deliver Metro Ethernet services - DWDM, SONET, pure play Ethernet over metro area fiber, etc.
    It's more of an economic (what installed base does the carrier have or able to obtain the use of and at what cost) and efficiency (how much of the overall capacity can be feasibly broken into resellable Ethernet services without too much stranded or wasted capacity) question than a technological one. Some technologies lend themselves better to one or the other of those factors thus their dominance in certain markets.
    The industry is very adept at achieving previously unthought-of solutions through the introduction of additional layers of abstraction (e., Ethernet over SONET, inverse multiplexing, etc.)

  • Metro Ethernet Switches Network Implementations

    I wish that Cisco would collect as many as network scenarios and pratical configurations for 3750ME, Metro Ethernet, and MPLS, starting with few basic one.
    Cut down the marketing materials. It will benefits all customers and cut down supports.

    There are lot of such materials.
    Hope this helps

  • SONET Metro Ethernet questions

    I was wondering if anyone has had a good/bad experience deploying and working with Metro Ethernet technologies since it is fairly new. I'm planning onto linking a large office 40 miles away to my central office and considered this and PPP OC3 as 2 top choices, I was told I will be able to extend my LAN without any additional hardware, anyone can share their thoughts? reliability?

    I think it would be better to include Cisco Account Manager/SE for this upgrade, they can guide you better and can come up with LLD for this upgrade, otherwise upgrading your 17 sites without proper planning can cause you serious issues.

  • Customer Equipment for Metro Ethernet Link

    Hi All
    It has been some time since I utilised Cisco network kit to provide private circuit point to point connectivity and I wonder if someone could give me a little guidence.
    The customer is shortly to implement a new 100Mb Metro Ethernet link to connect two of their branches. They initially intend to use the link for data only traffic but eventually will want to route VOIP traffic across the link so bandwidth management and QoS will be essential components. It is unlikely that further links will be added to this link so built in expansion of the chosen routers may not be required.
    Budget will be an issue on this so I would appreciate any advice or recomendations.

    Hello James,
    I think it would be better to get in touch with your Cisco Account Team as this question cannot be answered on a forum post.

  • Comcast Metro Ethernet Setup

    We have one customer with one ASA and one 3750 switch in headquater. 6 1801 Routers in 6 branches.
    All connected via MPLS/BGP provided by ATT. And it was terminated at one port on 3750.
    We plan to replace that with Metro Ethernet Hub/Spoke topology since the customer mentioned each office never talks to each other. Later on we found they have IP phones do need to talk with each other at branches.
    Question - can we still use the MetroE service but configure routing to make each office talk with each other and how that would work?? I would assume some routings on 3750.
    Any info is appreciated. thanks!

    Hi Ben,
    It will work for sure since this is what ( in a much more complex scenario) we are implementing in our company since ab few months. Just take care of defining data and voice subnets as technically unrelated so to be free implementing very flexible and easy to manage routing policies. Is ATT providing L3VPN or what?
    Hope to help
    Sent from Cisco Technical Support iPad App

  • Bellsouth Metro Ethernet -- is it QinQ?

    I have a customer who has bought some connections from Bellsouth's Metro Ethernet product. I am having a tough time getting someone at Bellsouth to give me any information about the product.
    Are they just using QinQ (802.1q tunneling) to make it all happen? If that's the case then I should just trunk to them with 802.1q and not have to do anything else, I believe keeping the native vlan 1 should even be fine. If anyone knows anything about this or has connected sites using the Bellsouth metro-e product please let me know.

    looks like it is Ethernet over SONET, with a possibility to migrate it to EoMPLS:
    "Currently BellSouth uses a specialty Ethernet switch to support its shared multipoint offering, but that may change. "We're converting to more of a general purpose device that will be part of our MPLS network and will deliver Ethernet and other services," hints Kaish.
    Some carriers have implemented shared multipoint services directly over fiber, which means that those services do not include Sonet restoration capability, effectively limiting them to non-critical traffic. But BellSouth's metro Ethernet network is Sonet-based and customers can leverage Sonet's restoration capabilities, Kaish says."
    Another source of information supporting the statements above:
    In any case this does not mean straight forward, that you can use the service to setup trunks between your switches. This depends on the interface configuration of (presumably) the 7600. They might restrict you to dot1Q with one VLAN or even to plain ethernet.
    Hope this helps! Please rate all posts.
    Regards, Martin
    P.S.: have a look at which should answer many questions! Especially they state "Dedicated Ethernet supports VLAN tagging" - sounds like setting up a dot1Q trunk with them will be supported.

  • Suggest No. of routers in a single metro-ethernet Vlan

    Just would like to know if there is a recommended no. of routers to put into a single metro-ethernet vlan. The local Metro-ethernet provider suggest 10 routers per vlan but I think 30-50 would be OK ?

    This question is like how many nodes can you put into a VLAN. For an answer to be given your traffic types would need to be known. How chatty are your routers? Are you bridging? What type routing / bridging traffic (non-unicase) might you have on the wire? Baseline data from your environment is important to answer this question. There is no hard fast recommendation for this just as there is none for numbers of nodes in a VLAN or router is an OSPF area. This is completely dependant on your environment.
    Hope this helps,

  • Best way to detect failure in Metro ethernet networks

    Hello ,
    I am working for a well known provider and I am currently migrating one of my client from Frame-relay to Metro-ethernet link .
    I am actually looking for advices on what sort of mechanism to implement to detect a failure in the ME parth .
    As you probably know , failure on one of the links might cause the CE-SWITCH-PE interfaces to stay up/up and the network will not neceseraliy start converging .
    So far I have implemented BFD along with IP SLA route tracking , I am happy with BFD but the IP SLA is acting "weird" .
    - IP SLA ICMP tracking rely on ICMP packets and was too sensitive to packets lost
    - We switched to ip route sla tracking but I am still unsure about the best way to use or implement this .
    Is there some sort of best practices available somewhere for this ?
    thanks ¨

    Hello Thomas,
    From what i have seen BFD is best bet as it allows to relax the L3 protocols timers ( BGP / any other protocol used between CE- PE ). Another option is to have gre tunnel between the PE - CE link and track this tunnel interface.

  • Metro Ethernet in RAIL Transportation (MRTS) applications

    Dear Sir,
    I have a query related to Metro Ethernet technology.
    We are into TRANSPORTATION SYSTEMS. We are coming up with a MRTS Project in Mumbai , India. We are at a planning stage at the moment. As per our experience, companies in RAIL MRTS Applications are using SDH technology (MUX and access multiplexers).
    Could you please suggest , should we go for METRO ETHERNET of SDH Technology.
    Are there any players/ any Metro Projects who have implemented Metro Ethernet ( instead of SDH).

    Hi Pankaj
    What kinda applications you are going to use and what kinda bandwidth requirement you have in place ?
    Also do revert back the number of locations and a bit more onto your topology which mite help to get back with our suggestions..

  • Metro ethernet, Ethernet protection ring.

    Hi everybody.
    I hope everybody is doing great.    A quick question for you guys.
    Let say we have Ethernet switches connected in a ring .We want to use Ethernet protection ring for loop avoidance and faster convergence.
    One of the switch will be RPL owner, and of the link in our ring will be chosen as RPL link.
    1)My question is what is the criteria for RPL owner selection and RPL link?  (  For e.g  in STP, we use lowest bridge priority for root bridge)
    2)  Is Ethernet protection ring provide an alternative to stp when we switches connected in ring toplogy  and fast convergence is required as is the case with metro ethernet commonly ?
    Have a great evening.

    Dear Friend
    If you want to deploy and use L2 VPN service you should
    define whst is he type of core
    do you want to use L2 VPN service based on IP or MPLS?

  • Metro Ethernet over Docsis

    Hello Gurus,
    I would like to know a bit more about this tecnologie (Metro Ethernet over Docsis).
    I work for a cable companie and we would like to know the implicationd of implementing such a technologie.
    If we go for a CPE based aproach we only have to configure a CPE like the Cisco 1805 in each costumer end-point?
    Which configurations does the CMTS and backbone require?
    What are the maximum speed we can offer with this technologie running on HFC?
    Any help would be much appreciated.
    Thanks in advance.

    You might want to read this:

  • Is Metro-ethernet Secured ? Compare with FR/ATM

    Just would like to understand if Metro-ethernet has the same security level as FR and ATM ? Metro-ethernet has broadcast nature and it seems mirroring ethernet frame is much more easier than FR and ATM . Is there any study onto the security issues presented in the Metro-ethernet technology ?
    I see a lot of customers doing IPSec on the Metro-ethernet and they don't do this on the FR or ATM links ?

    I have not seen any document, but my understanding is that FR and ATM networks do not have broadcast capability which is an inherent security feature. Sites can communicte only if a VC is configured between them. In metro ethernet, broadcasting is possible and the providers have to implement security to islolate customers by configuring some feature. Since the customers may not trust the level of security provided by the providers, they may choose to run IPSec over this type of access.

Maybe you are looking for

  • One instance of two-instance RAChang

    Hi all, I am having a big problem with instance hanging. I happened 5 times in this month. Server: HP-UX B.11.23 U ia64, 32 GB RAM/each , 4 CPU/each Cluster: Verita VCS 5 Oracle database: Symptom: 1. One of the instance hang while the other

  • TDMS4HCM: How to delete the not needed OM

    Hello, I have done in our test system the folllowing actions: 1st I do the client copy with the profile SAP_UCSV to setup my receiver client for TDMS4HCM 2nd I tansfer only one person from source to target for my test by using the ERP Initial Package

  • When is a .psd file NOT a .psd file?

    As a result of leaning how to make a mask, I discovered that I could also paste directly from the net into an AI page.  It's the "saving" that costs the question. My reviewer, who checks out my design ads and brochures does not like .psd's to be "Pla

  • The host couldn't be resolved. Please check your URL.

    Hi I am new to PeopleSoft Integration Broker. I am getting the above error while trying to post XML to a third party URL using IB (Integration Broker) * We have to post a non SOAP message to the specified URL * The sample XML structure has the follow

  • SQL service pack installation

    Installing SQL 2005 through SQL4SAP.VBS will install its available service pack 2 automatically (or) Do we need to install manually.   Can we install the service pack 2 manually even after SAP Installtion .If so,please give the procedure. Thanks