Multipoint L2TPv3 (LAN-to-LAN extension)

Scenario:  extend multiple layer 2 vlans to multiple locations (at least 3) over IPSEC.
I used L2TPv3 to accomplish this goal for a single vlan.  The solution works great, but I’ve been given a new requirement to extend multiple vlans over the same physical links (point-to-point fiber).
Question:  Is it possible to trunk vlans over L2TPv3?  If so, is it possible to do so with sub interfaces (on the LAN side of the router), or will I need physical ports for the pseudowires/xconnects?  If I can’t trunk the vlans or use sub interfaces, then I’ll end up having to use physical ports to create the pseudowire mesh (which is how I originally implemented this scenario for the single vlan).  That brings me to my next, and probably most important, question:
Question: Is there a better way to approach this scenario?
Thanks for any help you can offer.
Jason

You can replicate 802.1q tagged frames from one physical interface to another site or choose to use xconnect on a subinterface. It's up to you, both works.

Similar Messages

  • LAN extension Design

    A Customer has a layer2 switch as the edge device, connected directly to the Metro Ethernet Provider (LAN extesnion). The Metro Network is connected to an ATM Cloud which in turn connected to another Metro area.
    as follows:-
    customer CPE switch A<-->SP Ethernet Swtich<--> SP ATM Switch<-->ATM Cloud<--->SP ATM Switch<-->SP Ethernet Switch<-->customer CPE switch B
    My question is how the customer will configure his VLAN on the edge switch .. Can he configure any vlan ID or he has to comply/align with the VLAN mapped on the ATM VC by the provider. Please advise as it is really confusing me. Thanks

    [CU CPE SW-A ->Vlan 202 - (ip range /24/22 anything] <-Trunk/Access-> SP SW<- Vlan-VC MAP/Bridge-> SP ATM SW<-->ATM Cloud<--->SP ATM SW<-Vlan-VC MAP/Bridge-> SP SW <-Trunk/Access-> [ (ip range same as in SW-A CPE) CU CPE SW B ]
    The hosts can be on CPE SW-A and gateway can be on CPE SW-B.
    For eg: hosts in vlan 202 in SW-A have ip in say range 10.0.0.2 - 254 - DF-GW --> 10.0.0.1
    DF-GW can be in CPE SW-B in same Vlan but, and use the IP in the same range i:e 10.0.0.1 and everyone can communicate.
    To keep it simple just treat your connection between CPE SW-A and CPE SW-B as normal cable connecting the switches and you have same vlan assigned to this cable at both the switches.
    HTH-Cheers,
    Swaroop

  • Wired LAN extension

    Hello
    Can anybody help me choose CISCO devices for following?
    In the image Front office is alredy wired and networked.  following are the distances
    Front Office  - Resturant    15m
    Front office - SPA   10M
    SPA - BAR        25M
    FRONTOFFICE -EVENTBOARD   20M
    Front office- Warehouse   35m
    Office to house keeping 25m
    Eventhough the distances are small these locations are seperated and have pools/roads in between and fiber or UTP connectivity is not possible
    Can any one tell me how to connect these locations through wireless so that exsting LAN is extended ?  What are the best CISCO devices need for this?
    Thanx

    Hi there,
    the easiest way to manage all these different environment is to install a WLC (wireless controller) with some AP-1142N .. Pay attention to choose the ones that work with the WLC and not in standalone!! After this you can built some tunnel over the radio interfaces connecting the access points and deploying in this way another kind of media that is nearly equivalent to the cable.
    I would check two things:
    - interferences in the area (essentially you need a survey)
    - refractions/diffraction/absorption of the walls/materials  around
    - possibility to encrypt the tunnel over radio that you would build.
    Another way could be installing a router like a 1941W and to install few  APs in standalone mode on a layer 3 fashion (routing  the network back to the main router) or just bridged. I would use authentication and encryption in both the cases. Ad a good amount of vlan including a "guest" vlan = private vlan for who does not need to have info about the infrastructure.
    Hope this helped
    Alessio

  • Datacentre L2 cluster extension

    I have two datacentres, where each has the following setup. The servers connects to two 450x switches which connects to two 650x switches. This is a two-tier design since the 6506 forms the core layer of the network. I have clustered servers in the two DCs that needs a L2 LAN extension over CWDMs. Many design guides shows that i have to extend the L2 over the core since i don't have a dedicated access layer and distribution Layer. However i don't want to do this since it will lead to STP issues at the core. What would happen if instead of implementing a collapsed core, i implement a collapsed distribution layer such that the 450x switches forms the access & distribution which would connect to the 650x over L3 links. With this i would have the L2 VLAN extension over the four 450x switches in the two datacentres. I know the ultimate solution is to invest in a 3 tier design but i need this to work and to work perfectly.Kindly shed some light into this design.
    In addition i have redundant L3 connections between the two datacentres connected over the 650x core switches, With this, how do you deal with the datacentre subnet that will be learnt and advertised from two different sources?

    Look into using EoMPLS or L2TPv3 ... allowing you to establish L2 connectivity over a routed network.
    -Brad

  • Multicast, L2TPv3,EoMPLS support

    My requirements are to support Multicast for future deployment and vlan extension over a MPLS ISP( ISP is provding ospf handoff)
    I will have to use a software based solution since the tunnel needs to start and terminate on 3845s so L2tpv3 which is router-based solution is a good candidate.
    Also EoMPLS does not support multicast I would have to use a GRE tunnel to provide support for multicast.
    With MPLS over GRE with EoMPLS feature I am looking at a maximum mtu size of 1570 and if voice is deployed over this then each tiny voice packet will have a pretty big header compared to the header. here i would need to use an additional GRE tunnel for multicast support.
    With L2TPv3 it would add 20 bytes of header.
    So would l2TPv3 and a gre tunnel for multicast be a good design??
    I am thinking using L2TPv3 for layer 2 extension and a GRE tunnel for multicast support.

    Hi,
    it depends on your multicast application, and topology. Normally I've seen implemented the multicast transport over MPLS cloud in two ways:
    1. Multicast over MPLS, using MDT like a GRE tunnel:
    http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a0080242aa8.shtml
    2. Multicast over VPLS istance (treated like a broadcast):
    http://www.cisco.com/en/US/tech/tk436/tk891/technologies_q_and_a_item09186a00801ed3bf.shtml
    Today multicast is not label switched (last Farinacci draft is dated 2003).
    HTH
    Andrea

  • Long distance application failover between data centers.

    Hello:
    I am working a project where there is a requirement to have a primary server and a secondary for application failover. The requirements dictate that the servers must be geographically separate at separate data centers but yet on the same IP subnet so that heartbeat messages are not natively routed. What protocol can I use to bridge the subnet over an IP routed network? GRE? L2TP?

    GRE will not work as according to the last information I have you cannot bridge over a GRE tunnel. We had one such application with similar requirements and we ended up using L2TPv3 that allows transparent LAN extension. We have not had any issues with it and if you are only going to use it for heartbeats you should not run into any performance issues. L2TPv3 does tend to drive the CPU utilization high in case you have a lot of data traversing the tunnel.

  • How to add new fields in CRMD_CUSTOMER_H in CRM 3.0 ?

    Hi,
    I I have a requirement in CRM 3.0  to add a new field to crm structure CUSTOMER_H but not sure how to do this. I know in 7.0 we have transaction EEWB to do this but in 3.0 i have no clue. Please help how to do this. Thanks in advance!
    Regards,
    Bhanu

    Moved this over to CRM General & Framework.
    Firstoff technically SAP CRM 3.0 is not even supported in general maintenance by SAP.  However for memory lane, extensions in CRM 3.0 must be coded manually. EEWB did not exist until CRM 4.0.    In general there should be a CI include in CRMD_CUSTOMER_H where you would put your fields.  The drawback is that you need to extend the BDOC structures and write the exits to populate/receive the fields on the inbound outbound bdocs manually along with the transfer to BW. 
    BTW since it is CRM 3.0 you probably have bigger problems than this, but that's just my opinion.
    Wow this makes things feel like 2002/2003 all over again for me.
    Take care,
    Stephen

  • Root Bridge can see NonRoot Bridges but does not Associate

    This is a point-to-multipoint bridging LAN for networking eight serial devices (air quality monitors) to a central Windows box for real-time wireless data acquisition.  Thus far, I have configured a single Aironet 1310 as the root bridge (RB:  150.100.0.2, 255.255.0.0) at the Windows box (PC: 150.100.0.1, 255.255.0.0) and three Aironet 1310s as non-root bridges (NRB1:  150.100.0.3; NRB2:  150.100.0.4; NRB3:  150.100.0.5).  When the system's working, each of the NRBs will connect to an ethernet-to-serial device server with its own IP, and the serial devices will connect to the device servers as COM2-COM9, respectively.  Each node in this network has an external antenna, an omni at the RB and directional/Yagi antennae at the NRBs.  Distances are short, hundreds of meters, so power will not be the limiting factor.  (We could have done this with Zigbee but decided to overdesign for reliability.)
    After assigning IP addresses to all four bridges using the command-line interface, and with the RB connected to an ethernet hub/switch, we configured each of the NRBs by connecting them to the same hub/switch and using the browser interface.  We used the document at
    http://www.cisco.com/application/pdf/paws/68087/bridges_pt_to_pt.pdf
    and followed it to the letter to configure first the RB, then the NRBs.
    After configuring all four bridges, and while all four were still hard-wired together through the hub/switch, all four bridges showed the proper associations in the "State" column of the web interface under "Association."  To test the wireless links we disconnected the three NRBs from the hub/switch by removing the ethernet cables, leaving the RB connected to the hub/switch (naturally) to maintain connection to the host PC.  We then refreshed all associations.
    On the RB web interface, all three NRBs showed up with the proper IP addresses, but the "State" fields showed "Attempting Association" or something like that rather than "EAP-Associated."
    All three NRB web interfaces disappeared because the links were lost.  I tried to PING each of the IP addresses using a DOS command, but all three timed out.
    So, in short, the RB can "see" all three NRBs and "knows" they're there; but the association does not complete.  What are my options for diagnosing the problem?
    Thanks in advance...
    Brent Auvermann
    Amarillo, TX

    Chieu Dinh,
    For the non-root bridge, is there a way to set the scan? I can see in the log file shows that the scan is starting when I changed from Install to non-root bridge. Once I am on the non-root bridge role, I don't see any more the log for scanning.
    I don't know about any command that controls the scanning interval when the bridge is in non-root mode. I also don't think it logs every time it goes into a scan cycle because I think they're pretty close together, maybe at most a few seconds.
    My question is "is there some ways that I can initiate the scan on the non-root bridge?
    You can shut/no-shut the non-root bridge radio interface. Every time you do this it intiates a new scan immediately.
    can I use the "parent" command on the point-to-multipoint environment?
    As far as I know, yes. I think the only mode parent doesn't work in is repeater mode. For repeaters, you don't configure a list of parents, you only configure one single MAC peer.
    An added thought: if you are having trouble with the bridge link coming up, then there is likely either a signal or a configuration issue (and chasing the scan interval probably won't net you any solutions). I've found that a great way to narrow the troubleshooting is to configure the bridges on the ground at close range (maybe 50-100 feet apart, not right up against each other) to control for signal. Once you have a working configuration and you know for sure that the bridges will come up, then install them in your outdoor locations. Keep in mind that when outdoors, a lot of factors can play into signal claritiy and usability (trees/foliage, distance, LOS/fresnel, earth curvature, weather, noise and interference, etc.). Also, unfortunately for the 1310s, the 2.4GHz space is really congested in most populated areas so they are not a reliable solution unless you're out in the country. Always survey first.
    Justin

  • Multicast Addressing Scheme

    Hi,
    I've been asked to implement a Multicast addressing scheme for the University i am currently working at and would be grateful if someone could confirm my thinking as i haven't done a lot with Multicast before.
    We have 6 main sites at the University that are currenrtly being moved over to a 10.* based addressing scheme with /12 masks:
    site 1 - 10.16.0.0 /12
    site 2 - 10.32.0.0 /12 etc...
    Looking at the Multicast addressing RFC 2365, it would appear that local Multicast addressing needs to be allocated from 239.192.0.0 255.252.0.0 so i am thinking of taking the second octet of the 10.* scheme and using it in the 3rd of the Multicast scheme so we have some kind of addressing structure and allocating the Multicast addressing with /12 masks as follows:
    site 1 = 239.192.16.0 /20
    site 2 = 239.192.32.0 /20 etc..
    Am i on the right track here?
    TIA
    Paddy

    Salman,
    Firstly many thanks for the information.
    As usual, this leads me on to further questions about implementing multicast in our routed environment :)
    As mentioned previously we have 6 main sites on the network, which are connected together using 100 Mbps LAN Extension circuits, they are not in a full mesh but each site is connected to two others so there is some kind of resilience. There are also smaller satellite sites connecting into each of the main sites using WAN links from 2 Mbps serial connections up to 10 Mbps LAN extensions.
    As the multicast addressing scheme is going to be based loosely on the 10.* scheme and we will be using sparse mode I am thinking of manually configuring rendezvous points at each major site so all local site multicast traffic (from the satellite sites to the main site) at each location is controlled at the major site router as this is more than likely where the servers supplying multicast services will be located, is this the correct way to go?
    If we are using PIM on all the WAN links between all sites, my understanding is that clients at any site will be able to use multicast services from servers at any site as PIM will populate the multicast routing tables on all routers with PIM enabled interfaces, and IGMP will control the queries and reports from around the network populating the multicast groups wherever they reside in the network - does this sound correct?
    Also is it best to use CGMP between the LAN and WAN, I’ve read that its much less resource intensive than IGMP snooping, does the fact that we are using IGMP on the WAN which I believe is enabled by default when using PIM have any issues with using CGMP between the LAN and WAN?
    We have some pretty old switches at some of the network campuses (1900's), these are all being replaced in the next 8 months or so with 3750's. It looks like the 1900's support CGMP, however when looking at the support matrix for multicast the 6000 series switches don't support CGMP and we will be looking to put these into our main sites at the network core. Does this mean that there is a move towards IGMP snooping over CGMP, can both be implemented at the same time. I think there is a push to get multicasting working here quickly so we might have to go with CGMP to start and then move over to IGMP snooping, any thoughts on this would be appreciated
    TIA
    Paddy

  • 15305 and 15454 Ethernet interworking

    Hi Folk,
    Wonder if anyone can help out there.
    Would like to provide a LAN Extension service over an SDH network. Does anyone know whether the GigE and FE cards on the 15305 interwork with the 15454 CE or ML ethernet cards?
    Have looked on the Cisco site and am somewhat confused. The 15305 uses GFP-F to map Ethernet into SDH. The 15454 cards appear to encapsulate the ethernet frame before it uses GFP-F.
    Could someone enlighten me!!
    Regards,
    Phil

    Hi Phil
    yes, of course they do. You have two possibilites. You can use the 15305 modules in L1 mode and connect them to the CE cards on 15454. Or you can use the 15454 ML cards, maybe with a L2 RPR ring. Then you can switch the 15305 modules to L2 mode with a integrated L2 switch.
    CE cards anf the 15305 modules in L1 mode is always P2P and pure ethernet transport without any L2 or VLAN stuff.
    ML card and 15305 modules in L2 mode use a L2 switch with a lot of L2 features, like VLAN, STP, QoS and so on.
    By the way, both CE and 15305 modules in L1 use GFP-F and are fully compatible.
    I hope this helps. Please rate all posts.
    Cheers
    Rene

  • Migration to a new Core

    Hi
    I am about to undertake a project to migrate our core switches to new hardware and am keen to find out the best way of doing this.
    Currently we have 3 sites. A, B and C
    Site A, contains two Cisco 4506 switches that are end of life and are the ones scheduled for replacement. However, these pair of switches have a large number of SVIs, have many other access switches trunked to them, and they are running EIGRP and so have a large number of routes to other parts of the same overall network
    Site B have switches connected over layer 3 vlan to Site A via a LAN extension service. Switches in Site B have local vlans and SVIs
    Site C have switches connected over layer 3 vlan to Site A via fibre. Switches in Site C have local vlans and SVIs
    Obviously i'd need to try and keep downtime to a minimum  so is it possible to set up the new Core switches in parallel in Site A, trunk them to the old Core, set the gateway of last resort to the old Core and then move each SVI one by one? Or maybe run EIGRP on the new Core also and let it work out the routing?
    Thanks in advance
    Leon

    Hi
    we re about to migrate a couple of 6509-E to a couple of new 6513-E
    We have a collapsed redundant core w/ some physical servers, couple of Nexus switches, about 40 access stacks. All is connected redundant to the two 6509-E's
    Our plan would be like this:  
    - First completely pre-configure the new 6513-E's, except for OSPF and BGP. And we shutdown all the SVI's 
    - Label all cables going to the old 6509-E's (we print the new port numbers of the 6513-E to these labels)
    - Plug all these cables out of the first 6509-E
    - Get the first 6509-E out of the rack
    Everything will be still running since everything is still plugged in to the second 6509-E. (But we re running on only 1 coreswitch now, so fingers crossed)  
    - Build the new 6513-E into the rack & power on
    - Build a trunk between the 6509-E and the 6513-E
    - Plug the cables into the new 6513 according to the label info.
    - Shut down the SVI's  (with a script) on the old 6509-E and bring them up at the 6513-E (also with a script) . We will then have a short downtime for connected networks and no Internet or remote OSPF networks for some moments)
    - De-activate BGP and OSPF (old 6509-E) and activate BGP and OSPF on the new 6513-E .
    Now all layer 3 functionality is running on the new 6513-E. We should be up and running again.
    - Now plug out the cables from the second 6509-E and get it out of the rack
    - Build the 6513 into the rack
    - Connect it to the other 6513 with a trunk.
    - Connect cables
    -Etcetera

  • HSRP Problems

    I have a problem with one customer, here is the issue.
    Setup:
    I have customer#1 with 2 LAN extensions (separate PVC’s) coming from a carrier xylan switch terminating on a 4006 switch on the same VLAN. The customer has 2 routers at their end and they are running HSRP on the LAN extension; everything works perfectly I can ping each router and the HSRP address as well.
    Customer number#2 has one LAN extension coming from the same carrier Xylan switch terminating on the same 4006 with the same VLAN as customer #1.
    Issue:
    When I cross over the Xylan switch from the new customer#2 to the 4006, customer#1 HSRP address goes down, I can still ping each router for customer#1 but not the HSRP address.
    As soon as I disconnect the LAN extension for customer#2 the HSRP starts working again for customer#1.
    1. I tested customer#2 router on our network before delivery they where no problems what so ever with customer#1 HSRP.
    2. I disable the router for customer#2 and as soon as I connect the carrier Xylan switch to our 4006 the same issue the HSRP goes down.
    Note: I contact the carrier and they told me that their switches are configured properly in bridge mode. I tested this configuration using the same VLAN and the same settings etc etc, the only thing added now to the picture is the Xylan switch from the carrier.
    Any suggestions will be appreciated.
    Thank you.

    Could this be your problem and solution?
    Q. Can I configure more than one standby group with the same group number?
    A. Yes. However, Cisco does not recommend it on lower-end platforms such as the 4x00 series and earlier. If the same group number is assigned to multiple standby groups, it creates a non-unique MAC address. This is seen as the router's own MAC address and it is filtered out if more than one router in a LAN becomes active. This behavior may change in future releases of Cisco IOS®.
    Note: 4x00 series and earlier do not have the hardware required to support more than one MAC address at a time on Ethernet interfaces. However, the Cisco 2600 and Cisco 3600 do support multiple MAC addresses on all Ethernet and Fast Ethernet interfaces.
    Thanks.

  • Apple TV as Airport access point if connected via LAN

    Hi!
    I thought about the possibility to use the new Apple TV as Airport/WLAN access point in the case that it is connected via LAN. You don't need an Airport Express and you got Airport/WLAN/HDMI/Audio in all rooms (and around that room) you connect an Apple TV to. Nice and best for hotels!
    Vice versa: If you connect it via Airport to use the ethernet port as a hub/switch to connect devices. I think this should be possible and hope that it's only a firmware update...
    Next step is not only to playback videos/photos from other devices. Just use it as a main or second screen for all kind of devices (Computer Extensions forMac OS X/Windows other will follow...).
    You don't have to connect a notebook to a beamer anymore. There's only the AppleTV connected to a beamer. The video comes via Airport/WLAN /LAN.
    Make the USB Plug useful to connect printers or storage devices!!!
    That should be great and makes Apple TV the most useful device ton install it in every room in the house!!!
    I think, if the Apple TV can be connected to any kind of device, it shouldn't be Apple's hobby anymore.
    Regards,
    Michael

    send your suggestions to Apple via _*Apple TV Feedback*_.
    JGG

  • URGENT: BPMN in BPA - Symbols, Lanes and Publishing processes

    We are developing IT processes which might later be SOA enabled through BPEL and we are using BPMN model in Oracle BPA to design our processes.
    These are our doubts.
    1. Can symbols for Risk, controls be part of the standard pallette of symbols in BPMN model. It is currently not available, how can we add these symbols to the BPMN model.
    2. Can we generate a report containing the activities of all Lanes that have common name from multiple models. For e.g. the output lane will be present in all the process models, and we need to generate a report with the content of output lane of all process models.
    3. Can we attach templates to the activities in the process model, so that a person viewing THE PUBLISHED PROCESS MODEL can view/use the template.
    Any help for these questions is greatly appreciated.
    Thanks.
    Regards,
    Binoy.

    Hi Binoy,
    Q1 : Can symbols for Risk, controls be part of the standard pallette of symbols in BPMN model. It is currently not available, how can we add these symbols to the BPMN model.
    A1 : You should not make Risk etc part of BPMN, The symbol set for BPMN better remain limited to the standard. That said, you have the option of attaching the Risk etc to the activity in the Function Allocation Diagram (FAD), that it he right place.
    Rule to follow : Is this piece of info can go / going to BPEL: If yes it belong in BPMN model. If not keep it in FAD.
    Q2 : Can we generate a report containing the activities of all Lanes that have common name from multiple models. For e.g. the output lane will be present in all the process models, and we need to generate a report with the content of output lane of all process models
    A2 : Yes you can all you need in Java Script knowledge. BTW if you do create custom reports, please post your experience, I am greatly interested in custom reports and have not found any good pointers on custom reports.
    Q3 : Can we attach templates to the activities in the process model, so that a person viewing THE PUBLISHED PROCESS MODEL can view/use the template.
    A3 : Yes you can. BPA has extensive support for this. You can refer to the 2 book by Rob Davis to help you understand this.
    HTH.
    regards
    Sanjiv

  • Photoshop CS5 - win 7 - 8.1 64 bit - Lag to open files from lan

    Hello,
    we have got a problem with photoshop. If we open a file from lan, photoshop wait some seconds before open it, even with very little pics. It has a lag of some seconds before start to open it. With local files is the same.
    If I erase the recent files list and then I try to open a local file, it opens immediately. If I open a lan file and then I open a local file, the problem returns.
    It looks like a recent file list problem. I tried to set it to 0 but nothing changes, because it save the recent list anyway but simply it doesn't show it.
    I tried to disable the suitcase extensis plug-in (the only plug-in we have added), I tried to disable kaspersky antivirus, but nothing.
    We have this problem with all 3 workstations, 2 with win 7 64bit and one with win 8.1 64 bit. With the older station the lag is bigger (5-10 seconds for every image). With the newest station 1 sec.
    Is there any solution?
    Is there anything to do for stop the recent file list to work?
    Thanks a lot
    Nicola

    Are they on the same router are there different OS,  adapter speeds file system involved.  On my home network where my windows machine are connected to the same router with 1GHz ethernet a 20MB CR2 file takes only a second or two open in ACR.

Maybe you are looking for