Metro Ethernet Switches Network Implementations

Similar Messages

• What kind of Metro Ethernet Switchs?

  Dear Sir,
  We adopted an IP/MPLS network so we need to make expansion. The expansion will be Cisco Metro Ethernet Switches.
  What kind of Cisco Switch will be suitable for this purpose ?
  Find the attached image for the Network topology so the Core routers is Huawei NE80E and the Edge Router is Huawei NE40E.
  Waiting for your suggestion.
  Regards.

  Hu Hussein!
  I worked a lot on ME3750..I can´t recommend this platform! The hardware and sw features are obsolete.
  If you do not need MPLS, the ME3400E (E Series!!) supports features like "selective QinQ", wich could be very nice n an metro ethernet network.
  http://www.cisco.com/en/US/docs/switches/metro/me3400e/software/release/12.2_58_se/configuration/guide/swtunnel.html
  You have only 1GE ports.
  I think the ME3600X/3800X should be the choice. You have the features like 3400E and EVC support
  http://www.cisco.com/en/US/docs/switches/metro/me3600x_3800x/software/release/12.2_52_ey/configuration/guide/swevc.html
  The 3600X by default has enabled the  two 10GE ports. The 3800X NO. Check the licensing model (also for scalabiliz, mpls) before you buy...
  The features of the platforms are nearly the same.
  The 3800X supports larger TCAM, more VRFs,ecc
  I never used the 3600/3800 series.The platform is very new. But future proof 
  ..or maybe a  6500 or 7600 platform (if you need port density)...?
  Regards,
  Thomas

• Metro ethernet switches

  i am new at metro ethernet. What is needed in a standard switch (Cat4500, Cat6500, etc) in order to support metroethernet services. thanks ahead
  asanes

  Hi,
  It basically depends where you want to put the devices you stated in the network, looking at the devices I think you should have MPLS, LDP/RSVP and other standard routing protocol.
  For access, you also should have STP (RSTP/MSTP) configured.
  Please go through this link for further information
  http://cisco.com/en/US/customer/netsol/ns341/ns396/ns223/ns227/networking_solutions_package.html
  Cheers,
  Sultan

• 3750 Metro ethernet switch

  Folks,
  I have 6500's at the core and want to use the 3750 at the PE. My question is the following:
  1) 3750 would do Q-IN-Q.
  2) Once the packet reaches the 6500(sup 720) running MPLS. What happens to the frame. Do i use xconnect to transfer the frame to the appropriate PE?
  Just confussed about how does the PE use the Q-IN-Q information to direct it to the appropriate PE?
  Sample config would be highly appreciated.
  Thanks

  Well.. its about product features .. you gotta compare products with your requirments at various layer of your network and to come out with justification of your requirments . Any ways below is snippet for you to have some justification between two products
  ===============================================
  What is the difference between the Cisco Catalyst 3750 Metro Series and the Cisco Catalyst 3750 Series?
  The Cisco Catalyst 3750 Metro Series is built for Metro Ethernet access in a customer location, enabling the delivery of more differentiated Metro Ethernet services. These switches feature bidirectional hierarchical QoS and Traffic Shaping; intelligent 802.1Q tunneling with class-of-service (CoS) mutation; VLAN translation; MPLS, EoMPLS, and Hierarchical Virtual Private LAN Service (H-VPLS) support; and redundant AC or DC power. They are ideal for service providers seeking to deliver profitable business services, such as Layer 2, Layer 3, and MPLS VPNs, in a variety of bandwidths and with different SLAs. With flexible software options, the Cisco Catalyst 3750 Metro Series offers a cost-effective path for meeting current and future service requirements from service providers.
  The standard Cisco Catalyst 3750 Series is an innovative product line for midsize organizations and enterprise branch offices. Featuring Cisco Systems® StackWise™ technology, Cisco Catalyst 3750 Series products improve LAN operating efficiency by combining industry-leading ease of use and high resiliency for stackable switches.
  What is the Metro Ethernet positioning of the Cisco Catalyst 3750 Metro Series, the Cisco Catalyst 3550 Series, and the Cisco Catalyst 2950 Series?
  Cisco Catalyst 3750 Metro Series Switches
  =========================================
  Cisco Catalyst 3750 Metro Series switches are a new line of premier, customer-located switches that bring greater intelligence for Metro Ethernet access, enabling the delivery of more differentiated Metro Ethernet services. These fixed configuration switches feature bidirectional hierarchical QoS and Traffic Shaping; intelligent 802.1Q tunneling; VLAN translation; MPLS, EoMPLS, and H-VPLS support; and redundant AC or DC power. They are ideal for service providers seeking to deliver profitable business services, such as Layer 2, Layer 3, and MPLS VPNs, in a variety of bandwidths and with different SLAs. With flexible software options, the Cisco Catalyst 3750 Metro Series offers a cost-effective path for meeting current and future service requirements from service providers.
  Cisco Catalyst 3550 Series Switches
  ==================================
  With a range of Fast Ethernet, Gigabit Ethernet, DC power, and fiber configurations, the Cisco Catalyst 3550 Series is an intelligent metro access switch for service providers serving the enterprise and small and medium-sized business markets. Featuring 802.1Q tunneling, high-performance IP routing, and subsecond Spanning Tree Protocol convergence, this line of powerful, cost-effective, fixed-configuration switches enables Metro Ethernet services such as Transparent LAN services and business-class Internet access.
  Cisco Catalyst 2950 Series Switches
  ===================================
  Ideal for Metro Ethernet access in residential markets, the Cisco Catalyst 2950 Series is an affordable line of fixed-configuration Fast Ethernet and Gigabit Ethernet switches. Featuring advanced rate limiting, voice VLAN support, and multicast management, these switches enable residential Metro Ethernet services such as Internet access, voice over IP (VoIP), and broadcast video.
  Hope it helps
  Ps rate this post if it helps u ..
  Thanks and Regards
  Raj

• Use of Metro ethernet switches

  Folks,
  I have looking at a sample config for EWS. The senario has 3550's at the enge and 6500 at the core. 6500's were doing the Q-IN-Q functionaility to carry customer vlan over provider vlan.
  My question is where would a 3750 series metro switch be useful. Lets say i had a 7600 P.E which also have Q-IN-Q functionility, why would i buy a 3750 if i was a provider?
  Thanks

  Hello,
  simplified one driving factor for Q-in-Q is port cost. The cost of an ethernet port on a 7600 is higher than the same port on a 3750. So for a SP serving many customers and potentially in need of hundreds of ethernet customer ports, it means that the hardware invest will be lower and therefore competitiveness in the market will be better.
  Hope this helps! Please rate all posts.
  regards, Martin

• Metro ethernet and ethernet

  Hi all,
  I am new to metro ethernet concept. Can someone give me a head start and also, what are the differences in ME switches and normal switches ?

  Disclaimer
  The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.
  Liability Disclaimer
  In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.
  Posting
  As Peter wrote, Metro Ethernet is a vast topic.  However, from a non-provider perspective, the idea is to allow interconnecting widely physically separated (your) site networks just about as simply and similar to connecting your LAN together at one of your sites.  I.e. you just connect different (your) site devices with an Ethernet connection, and you use that connection pretty much like you would any other Ethernet link between your devices.
  From a carrier or MAN provider perspective, running a widely distributed, multiple customer Metro Ethernet (or a carrier Ethernet) network, you'll want some features not found in (as you say) "normal" Ethernet equipment.
  What's different about Metro Ethernet switches is they generally offer features not found in "normal" Ethernet switches.  Again, from a non-provider perspective, you often only need/desire a few additional features (and for that reason, it's not uncommon for non-providers to use "normal" Ethernet switches with Metro E - I've also seen Metro E switches used with "ordinary" LAN Ethernet networks).  From a provider's (carrier's) perceptive, you'll really want more features.  Because of these two perspectives, you'll often find Metro Ethernet switches marketed to non-providers, and Carrier Grade Ethernet switches marketed to the MAN Ethernet providers.

• Metro Ethernet implementation questions

  I am planning a Metro Ethernet upgrade for a network I manage. This is the first time I’ve implemented Metro on any network. I’m looking for some suggestions and answers to a couple questions regarding this upgrade.
  The current network is Hub and spoke connected by copper lines to 17 different locations from a DS3 @ our HQ. HQ also has a DS3 to the internet which the branch locations go out for internet. At our branches we have a private and public network on different subnets. Each branch location has either a T1 or bonded T1 connected to a Cisco 2801 router then to Netgear PoE managed switch(s).
  The upgrade of the DS3 for internet is going to 100 meg. The data side will also be 100meg at HQ, 10meg to our small locations and 100meg to the large.
  My question is what do I need to be aware of on our existing network that must change to get this working?
  1)      Will I simply go from the layer2 Metro Switch to our router?
  2)      Should I remove the router and go directly to the Netgear switch?
  3)      Do I need to VLAN the private and public networks?
  4)      Do I need to change routing tables?
  Thoughts and/or suggestions welcome.
  Let me know if more information is required to assist in answers.
  Thanks

  Hi,
  I think it would be better to include Cisco Account Manager/SE for this upgrade, they can guide you better and can come up with LLD for this upgrade, otherwise upgrading your 17 sites without proper planning can cause you serious issues.
  Yasir

• Best way to detect failure in Metro ethernet networks

  Hello ,
  I am working for a well known provider and I am currently migrating one of my client from Frame-relay to Metro-ethernet link .
  I am actually looking for advices on what sort of mechanism to implement to detect a failure in the ME parth .
  As you probably know , failure on one of the links might cause the CE-SWITCH-PE interfaces to stay up/up and the network will not neceseraliy start converging .
  So far I have implemented BFD along with IP SLA route tracking , I am happy with BFD but the IP SLA is acting "weird" .
  - IP SLA ICMP tracking rely on ICMP packets and was too sensitive to packets lost
  - We switched to ip route sla tracking but I am still unsure about the best way to use or implement this .
  Is there some sort of best practices available somewhere for this ?
  thanks ¨
  T

  Hello Thomas,
  From what i have seen BFD is best bet as it allows to relax the L3 protocols timers ( BGP / any other protocol used between CE- PE ). Another option is to have gre tunnel between the PE - CE link and track this tunnel interface.
  Regards,
  Shreeram

• Airport + Wired Network - Can't see Wired Network with new Ethernet Switch.

  I have an Airport Exteme Wireless network work in my home with a base station and one base station as a WDS. I had an old Linksys wired router that I used as an etherent hub for my wired computers. It died the other day.
  Since I figured I already have a router with Airport, I went out and bought a NetGear 5 port gigabit switch to hook the wired part of my network back up. Since I have done this, I can see all the computers on the wireless Macs, but cannot see the network at all on the wired Macs.
  My configuration is:
  Cable modem -- > Airport (WAN) --> Netgear wired etheret switch (LAN).
  I'm checking the "distribute IP addresses" from the airport. All the compters can access the internet, but my wired Macs can't communicate on the network. I'm darned but I can't seem to figure this out.
  For all you networking gurus out there, what am I doing wrong? I could have bought another wired router, but it seems I shouldn't have to since my Airport should be able to perform the router function to all computers but hooking it to the ethernet switch.
  Any suggestions or help would be most appreciated.
  Thanks in advance,
  Scotty D
  Sorry, I posted this on the AirPort Express discussions by mistake. Apologies, but it belongs here.
  iMac G5, Powerbook 17"   Mac OS X (10.4.3)  

  You are able to ping the printer from the wireless computer but not from wired computer.
  Open router setup page. Go to wireless tab and click on Advanced wireless settings sub tab.
  Make sure that AP Isolation is disabled on your router.
  Also check the firewall settings on your wired computer. If there is any firewall or Anti virus installed on your wired computer then disable it and try to ping the printer IP address.

• Bellsouth Metro Ethernet -- is it QinQ?

  I have a customer who has bought some connections from Bellsouth's Metro Ethernet product. I am having a tough time getting someone at Bellsouth to give me any information about the product.
  Are they just using QinQ (802.1q tunneling) to make it all happen? If that's the case then I should just trunk to them with 802.1q and not have to do anything else, I believe keeping the native vlan 1 should even be fine. If anyone knows anything about this or has connected sites using the Bellsouth metro-e product please let me know.
  Brian

  Hello,
  looks like it is Ethernet over SONET, with a possibility to migrate it to EoMPLS:
  "Currently BellSouth uses a specialty Ethernet switch to support its shared multipoint offering, but that may change. "We're converting to more of a general purpose device that will be part of our MPLS network and will deliver Ethernet and other services," hints Kaish.
  Some carriers have implemented shared multipoint services directly over fiber, which means that those services do not include Sonet restoration capability, effectively limiting them to non-critical traffic. But BellSouth's metro Ethernet network is Sonet-based and customers can leverage Sonet's restoration capabilities, Kaish says."
  http://www.findarticles.com/p/articles/mi_m0DUJ/is_13_107/ai_108408900
  Another source of information supporting the statements above:
  http://newsroom.cisco.com/dlls/2004/prod_070604.html
  In any case this does not mean straight forward, that you can use the service to setup trunks between your switches. This depends on the interface configuration of (presumably) the 7600. They might restrict you to dot1Q with one VLAN or even to plain ethernet.
  Hope this helps! Please rate all posts.
  Regards, Martin
  P.S.: have a look at http://www.metroethernetforum.org/presentations/SC2003_BobSmithEntNet.PDF which should answer many questions! Especially they state "Dedicated Ethernet supports VLAN tagging" - sounds like setting up a dot1Q trunk with them will be supported.

• Failed while creating virtual Ethernet switch. Failed to connect Ethernet switch port

  Hello Folks
  I am completely stuck with the configuration of my virtual networks. I have one logical switch left to add to one of my Hyper-V 2012 R2 hosts when I started getting the error below when I try to add logical switches to either Hyper-V Host. I have been using
  the document. 'Hybrid Cloud with NVGRE (Cloud OS)' to implement the virtual networking. Basically using the exact configuration that is in the document. I have added the PA Logical Network and the Network adapters and added the logical switch for it to my
  hyper-v 2012 R2 host and everything was fine. I am now trying to add my ISCSI Logical Switch to the host and this is the error I get. My other Hyper-V host I get this error for any logical switch I am trying to add. Can someone help me with this error. I haven't
  been able to find any information about it.
  Also a some quick info on tracing an error like this so I can figure out what is causing it.
  Thsi is my configuration so far
  So as far as I know everything is peachy untill the error below. Dead stop now
  Error (12700)
  VMM cannot complete the host operation on the 08-NY-VHOST01.accounts.ccac-ont.ca server because of the error: Failed while creating virtual Ethernet switch.
  Failed to connect Ethernet switch port (switch name = '******', port name = '88C16766-ED02-4AC0-8CD7-660AC9D424DD', adapter GUID = '{FAF431D8-0124-4E40-BB3B-9234BAA02973}'): The system cannot find the file specified. (0x80070002).
  Unknown error (0x800b)
  Thank you for your time
  Christopher
  Christopher Scannell

  notice your GUID?  you may want to consider ensuring that is the same GUID associated in your database.  Sometimes during data corruption theres a smidge of a chance your sql database kind of either pulls old guids esp if this was reverted to snapshot
  without it being powered off etc.  
  I would try that first.  then i would consider if you get to configure that with your current liscense associated with the host.  I would need way more info to help any further

• Customer Equipment for Metro Ethernet Link

  Hi All
  It has been some time since I utilised Cisco network kit to provide private circuit point to point connectivity and I wonder if someone could give me a little guidence.
  The customer is shortly to implement a new 100Mb Metro Ethernet link to connect two of their branches. They initially intend to use the link for data only traffic but eventually will want to route VOIP traffic across the link so bandwidth management and QoS will be essential components. It is unlikely that further links will be added to this link so built in expansion of the chosen routers may not be required.
  Budget will be an issue on this so I would appreciate any advice or recomendations.
  Thanks
  J.

  Hello James,
  I think it would be better to get in touch with your Cisco Account Team as this question cannot be answered on a forum post.
  Thanks,
  Karim

• Query: Best practice SAN switch (network) access control rules?

  Dear SAN experts,
  Are there generic SAN (MDS) switch access control rules that should always be applied within the SAN environment?
  I have a specific interest in network-based access control rules/CLI-commands with respect to traffic flowing through the switch rather than switch management traffic (controls for traffic flowing to the switch).
  Presumably one would want to provide SAN switch demarcation between initiators and targets using VSAN, Zoning (and LUN Zoning for fine grained access control and defense in depth with storage device LUN masking), IP ACL, Read-Only Zone (or LUN).
  In a LAN environment controlled by a (gateway) firewall, there are (best practice) generic firewall access control rules that should be instantiated regardless of enterprise network IP range, TCP services, topology etc.
  For example, the blocking of malformed TCP flags or the blocking of inbound and outbound IP ranges outlined in RFC 3330 (and RFC 1918).
  These firewall access control rules can be deployed regardless of the IP range or TCP service traffic used within the enterprise. Of course there are firewall access control rules that should also be implemented as best practice that require specific IP addresses and ports that suit the network in which they are deployed. For example, rate limiting as a DoS preventative, may require knowledge of server IP and port number of the hosted service that is being DoS protected.
  So my question is, are there generic best practice SAN switch (network) access control rules that should also be instantiated?
  regards,
  Will.

  Hi William,
  That's a pretty wide net you're casting there, but i'll do my best to give you some insight in the matter.
  Speaking pure fibre channel, your only real way of controlling which nodes can access which other nodes is Zones.
  for zones there are a few best practices:
  * Default Zone: Don't use it. unless you're running Ficon.
  * Single Initiator zones: One host, many storage targets. Don't put 2 initiators in one zone or they'll try logging into each other which at best will give you a performance hit, at worst will bring down your systems.
  * Don't mix zoning types:  You can zone on wwn, on port, and Cisco NX-OS will give you a plethora of other options, like on device alias or LUN Zoning. Don't use different types of these in one zone.
  * Device alias zoning is definately recommended with Enhanced Zoning and Enhanced DA enabled, since it will make replacing hba's a heck of a lot less painful in your fabric.
  * LUN zoning is being deprecated, so avoid. You can achieve the same effect on any modern array by doing lun masking.
  * Read-Only exists, but again any modern array should be able to make a lun read-only.
  * QoS on Zoning: Isn't really an ACL method, more of a congestion control.
  VSANs are a way to separate your physical fabric into several logical fabrics.  There's one huge distinction here with VLANs, that is that as a rule of thumb, you should put things that you want to talk to each other in the same VSANs. There's no such concept as a broadcast domain the way it exists in Ethernet in FC, so VSANs don't serve as isolation for that. Routing on Fibre Channel (IVR or Inter-VSAN Routing) is possible, but quickly becomes a pain if you use it a lot/structurally. Keep IVR for exceptions, use VSANs for logical units of hosts and storage that belong to each other.  A good example would be to put each of 2 remote datacenters in their own VSAN, create a third VSAN for the ports on the array that provide replication between DC and use IVR to make management hosts have inband access to all arrays.
  When using IVR, maintain a manual and minimal topology. IVR tends to become very complex very fast and auto topology isn't helping this.
  Traditional IP acls (permit this proto to that dest on such a port and deny other combinations) are very rare on management interfaces, since they're usually connected to already separated segments. Same goes for Fibre Channel over IP links (that connect to ethernet interfaces in your storage switch).
  They are quite logical to use  and work just the same on an MDS as on a traditional Ethernetswitch when you want to use IP over FC (not to be confused with FC over IP). But then you'll logically use your switch as an L2/L3 device.
  I'm personally not an IP guy, but here's a quite good guide to setting up IP services in a FC fabric:
  http://www.cisco.com/en/US/partner/docs/switches/datacenter/mds9000/sw/4_1/configuration/guides/cli_4_1/ipsvc.html
  To protect your san from devices that are 'slow-draining' and can cause congestion, I highly recommend enabling slow-drain policy monitors, as described in this document:
  http://www.cisco.com/en/US/partner/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/int/nxos/intf.html#wp1743661
  That's a very brief summary of the most important access-control-related Best Practices that come to mind.  If any of this isn't clear to you or you require more detail, let me know. HTH!

• Metro Ethernet Design question

  Hello,
  I was wondering how service providers guarantee their security protection in the Metro Ethernet model, especially when Internet is one of the applications used over the Metro network.
  For example: The customer edge switch (3550) is connected directly to the service provider aggregation layer(either Cisco Catalyst 4500 and 6500 Series switches ) .
  In the network core, Cisco 12000 or Cisco 7600 Series routers.
  So where is the security devices in this architecture, where is the firewalls, the IDS/IPS, that protects the service provider core from any threats.
  Providing the customer with Internet in Ethernet switching technology the service will put the provider in a vulnerable position.
  Am I thinking wrong here?

  Hi
  The CE will be hardened using storm control both multicast as well as broadcast on the ports where the end users are connected.
  About the accesiability between the other users who are connected on the ports of same switches you have switchport security coded which will take care of the access violation part.
  Also the maximum no of MAC address which can be permitted/allowed over the ports.
  This inturn will send u a trap and can shut the port if theres any violation detected on those ports..
  In the next layer where u say 6500 or 7600 u will have FWSM modules which will be taking care of filtering and other funtionalities which is very much similar to a standalone PIX firewall.
  you can have redundandcy or even load balancing with
  the FWSM modules over there in the 6500 switches.
  And ofcourse the IP addressing schemes deployed would be in private scopes and will have either NAT pools or PAT enabled in the FWSM.
  you got to have more n more ACLS on all the devices to mitigate the general known worms/virus or their variants in the network applied in applicable points.
  regds

• Metro Ethernet Design With Redundant Head Ends

  We're getting ready to turn up some metro ethernet circuits that were just installed by AT&T. AT&T has provided a VLAN for each remote site (so each site has its own VLAN), and those VLANs are trunked to our head end switches (Cisco 3750 Metro Switches).
  I'm struggling with the best design for IP routing. We currently use OSPF on our internal network, and I was going to extend OSPF to our metro solution as well, but I'm not so sure now.
  I don't want routing to occur directly between head end #1 and head end #2, we already have redundant paths within our corporate network, and allowing our two head ends to route between each other via our metro ethernet solution is not what we want. However, running OSPF on each of the VLANs which have been provisioned for us would permit routing between the head ends.
  We simply need to allow redundanny for our remote locations in the event that one head end were to fail, all of the traffic to/from the remote site would be routed through the head end which is still online.
  Anyone suggestions on the best routing design for this situation would be greatly appreciated. I've attached a network diagram to make things clear. I believe I can also go back to AT&T and request one VLAN that includes all sites if that would simply things. I just need to make sure I can still do our traffic shaping because the remote sites are only 10mbps and the head ends are 1gbps.
  Thanks,
  -Steve

  just at a glance it looks as if you should be able to have stp on and setup 1 site as primary and other as secondary