Vpls full mesh

What is the recommeded number of
ce's in a full mesh.
and can you have more than one ce on
the same PE with physical different interfaces
in the same VPLS domain

I should clarify the previous statement.
What I was looking for was the max number of PE in a full mesh, most examples i have read have 4 PE. I have a max of 14 PE that may require a full mesh.

Similar Messages

  • Full Mesh to Hub Spoke Connectivity

    I have implemented MPLS VPN. Currently running as a full mesh connectivity. I
    need to implement and configure a hub and spoke connectivity due to the
    business requirement.
    I have 4 spokes and 1 hub. For each spokes, they shouldn't communicate
    with spoke, only to hub and vice-versa.
    What is the appropriate and best practise for me to implement and configuring for such scenario?
    Appreciate your feedbacks and opinion.
    regards,
    maher

    ok keep all your config in as it is just now. The only issue (personal one I believe) is that you shall be using the same RD everywhere but that shouldnt matter. On your hub site add under the vrf something like Route-target export 99:1. On a your spoke sites add route-target export 99:2 then on the other spoke site route-target export 99:3 until you do them all to 99:x. Then go back to the hub site and do route-target import 99:2 all the way through to x. You can now remove your original route-targets and all shall be fine. A cleaner method would be to completely remove the vrf but thats prolly too much hassle and downtime for your liking :-)
    HTH

  • KCC Generated Replication Topology for 3 sites - not a full mesh

    A fairly old topic but a question still - in a 3 site AD domain/forest, 2003 forest and domain level, 2x 2012R2 DC, 1x 2008R2 DC, and a single site link that all 3 are members of (cost 100, replication 15 min) - KCC doesn't end up creating a full mesh but
    a hub and spoke topology.
    So it ends up being Site A connects to both B and C, but B and C just go back to A and don't set up links to each other - which I'd prefer a bit more redundant, but without manually creating any links.
    Is there any reason/logic for hub and spoke even though 3 sites really should be a ring/mesh?

    > Is there any reason/logic for hub and spoke even though 3 sites really
    > should be a ring/mesh?
    Is direct communication between B and C possible? Then create site links
    according to your topology :)
    Greetings/Grüße,
    Martin
    Mal ein
    gutes Buch über GPOs lesen?
    Good or bad GPOs? - my blog…
    And if IT bothers me -
    coke bottle design refreshment (-:

  • VPN full mesh on ISRs, no DMVPN

    Hi Everyone,
    I need to build a full mesh VPN network on the ISRs and the thing is that there will be no hub all routers should be able to talk to each other independently. So looks like I will have 5 end points so planning to have 4 GRE tunnels with IPSEc protection on each router pointing to all neighbours and run EIGRP on top. What do you guys think?
    Sent from Cisco Technical Support iPhone App

    Actually wondering what is the preferrable and less resource consuming method - using VTI or GRE (both with IPSEC protection)?
    Like I said I will have 7 sites each has double routers, so i am going to have like 14 routers and 12 VTI or GRE tunnels on each of them. Total encryption traffic will not exceed 200 Mbps(with future scalability). Wondering which routers would I use for these. Thinking on ISR G2 (29xx) series.
    Thanks.

  • Full mesh VPN solution for on MPLS network with PE and CPEs

    Hi,
    We are trying to evaluate some best solution for Hub-Spoke mesh vpn solution in a MPLS network. The VPN hub router will be in PE router and all the VPN spoke will be in CPE.
    Can someone please let us know what will be the best vpn solution, we understands that there will be some technical limitations going with GETVPN but still we did counld find any documenation for possiblity of using DMVPN.
    How about the recent flexvpn, can fex-vpn work on this requirement, where can i get a design/configuration document.?
    thanks in advance.

    Hello,
    GetVPN is intended for (ANY-to-ANY) type of VPN communication, over an MPLS network with Hub and Spoke Topology, your best Option is to look for Cisco (DMVPN) implementation where this type of VPN is primarily designed for Hub & Spoke.
    Regards,
    Mohamed

  • Connecting 2 3750 Switches in Stack with 2 2960 switches in full Mesh

    Hi Friends,
               I have attached a pics  which DC design of one of our customer , as network engineer i have design this , so i am responsible for implementing it, now request you all to kindly guide me what would be technical problem i have to face in achieving this and how can i over come .Please be in detail. Waiting for your response .
    Regards
    Amit Kulshrestha

    I have attached modified diagram , please suggest.
    The major issue I see is that you have not mentioned whether the 2960's are stacked? For the design to work, they need to be stacked because you cannot create port-channels between them and the Core switches unless then 2960's are stacked.
     ==> You are right , surely 2960 Switch need to be in stack form.
    Personally I would look at more powerful switches than the 2960's, something along the lines of the 3750x range or probably now the 3850's.
    ==> This is constrain of customer, not our responsibility.
    The second issue I see is that your servers are connected to the WAN switches. Is there a reason for this? Usually they would be connected to the core switches.
    ==> For this If 1 separate 2960 series switch can be used ?.
    The final point is that you only have single connections from each of your WAN connections which begs the question as to the purpose of having two WAN switches?
    ==> Customer is having 1900 series of router , only two ports one used for WAN and other used for LAN.
    The objective of having two switches is to provide redundancy/resiliency. If you have only one connection from each WAN then why do you need two switches as there is no redundancy?
    ==> Customer has agreed to have manual change at the time of failure.

  • MSTP_Over_VPLS !

    Dear All
    Need some pointer regarding implementing MSTP over VPLS Cloud
    Setup is as below
                                                            -------L2_Trunk------  CE2    
         --------L2_Trunk-----------     ----------PE3                            !
    CE1          MSTP          PE1  
                                                 VPLS           MSTP          L2_Trunk                                             
       --------L2_Trunk-----------PE2 -----------PE4                            ! 
                                                           -------L2_Trunk----------CE3  
    In the above setup am running VPLS Full mesh between PE1,PE2,PE3 and PE4 and MSTP at CE1 to break STP Loop between CE1 and PE1 & PE2.
    Similary MSTP at CE2 and CE3 to break STP Loop between CE1,CE2,PE3 and PE4.
    The MSTP is placing the uplink between CE2 to PE3 and CE3 to PE4 in root_inconsistent state and as marking those uplink ports as p2p PVST Boundary port.
    No Spanning Tree is enabled at any of the PE. Still the CE2 and CE3 uplinks are showing as p2p PVST boundary port ?
    Also unde this MSTP setup the CE2-to-CE3 Interswitch Trunk link is under forwarding state and CE2/CE3 uplniks to P33/PE4 are both in Blocking State.I have set the CE2-to-CE3 Links Cost to a higher value but still somehow the MSTP is not behaving properly.
    On PE am using separate VFI to tunnel MSTP BPDU over a separate native vlan.
    Can anyone look and help me with the correct design and configs to make this setup running ?
    Regards
    Varma

    What kind of PE routers do you have? Are they ASR9k  running EVC/EFP on switch facing interfaces?
    http://www.cisco.com/c/en/us/support/docs/routers/asr-9000-series-aggregation-services-routers/116514-problem-stp-00.html
    Best Regards,
    Bheem

  • How to verify VPLS mac-address forwarding

    I think VPLS know how to forward by mac-address. but how to verify it ?
    for example I show mac-address vlan 100. But I can not find a command to verify How mac-address is forwarding ?
    at 6509:
    PA_C76_1>sh mpls l2transport vc
    Local intf Local circuit Dest address VC ID Status
    VFI PA-LA-test VFI 203.160.227.88 100 UP
    VFI PA-LA-test VFI 203.160.227.95 100 UP
    PA_C76_1>show mac-address-table vlan 100
    Legend: * - primary entry
    age - seconds since last seen
    n/a - not available
    vlan mac address type learn age ports
    ------+----------------+--------+-----+----------+--------------------------
    * 100 000b.45b6.bc40 dynamic Yes 95 Router
    * 100 0012.d946.59c1 dynamic Yes 10 Gi4/1

    Hi,
    VPLS provides the medium to for a E-LAN, and in Cisco implementations, the MAC learning is not actually done by a VPLS instance.
    This can be best explained by an example.
    PE(SW)-A ---- PE(SW)-B
    PE(SW)-C
    Now these three PE nodes under VPLS, are only provided the medium to connect to each other using P2P PW forming a full mesh.
    For simplicity you can assume they are three switches connected in the above manner using copper. So this copper connecitivity is provided by VPLS.
    And at the end of the day the end nodes learn mac addresses using the conventional method of flooding and learning. So you wont find any VPLS specific commands to see what mac address is the VPLS instance flooding. As its only providing a medium for connectivty. And the flooding is done by the end nodes. as they treat the VPLS VC as one of the outgoing port.
    HTH-Cheers,
    Swaroop

  • Help on VPLS integration @ CE end

    Hi,
    I have attched diagram for easy understand.
    Service provider VPLS means think that point to point link full mesh between my locations.
    option 1:
    My communication should happen through HEADOFFICE only.
    In future i may required comunication directly between Branchoffice also.
    planning to run the EIGRP. pls provide the config for the same at all locations
    Regards
    sateesh

    Sateesh,
    You still haven't answer the question about why you need all the traffic from BO to go through HQ.
    The simple approach would be to have all sites on the same subnet and to run eigrp between all of them as follow:
    HQ:
    int xxxx
    ip address 192.168.1.1 255.255.255.0
    router eigrp 1
    netw 192.168.1.0
    BO #1:
    int xxxx
    ip address 192.168.1.2 255.255.255.0
    router eigrp 1
    netw 192.168.1.0
    BO #2:
    int xxxx
    ip address 192.168.1.3 255.255.255.0
    router eigrp 1
    netw 192.168.1.0
    BO #3:
    int xxxx
    ip address 192.168.1.4 255.255.255.0
    router eigrp 1
    netw 192.168.1.0
    BO #4:
    int xxxx
    ip address 192.168.1.5 255.255.255.0
    router eigrp 1
    netw 192.168.1.0
    Regards

  • ASR1001 VPLS Issue

    Hello,
    I am testing VPLS service on the ASR1001. I have three of them directly connected in a full mesh with autodiscovery mode. On the first two ASR1K I have a switch connected in order to test the end-to-end reachability.
    The VCs are in UP state, ICMP, SSH (unicast) is OK between the switch but multicast traffic is blocked.
    Here are the relevant configuration sections:
    l2 vfi VPLS-123 autodiscovery
    vpn id 123
    bridge-domain 123
    router bgp 123
    bgp log-neighbor-changes
    bgp update-delay 1
    no bgp default ipv4-unicast
    neighbor 2.2.2.2 remote-as 123
    neighbor 2.2.2.2 update-source Loopback0
    neighbor 3.3.3.3 remote-as 123
    neighbor 3.3.3.3 update-source Loopback0
    address-family ipv4
    exit-address-family
    address-family l2vpn vpls
      neighbor 2.2.2.2 activate
      neighbor 2.2.2.2 send-community extended
      neighbor 3.3.3.3 activate
      neighbor 3.3.3.3 send-community extended
    exit-address-family
    Interface facing to the switch (CE)
    interface GigabitEthernet0/0/3
    no ip address
    negotiation auto
    service instance 123 ethernet
      encapsulation default
      bridge-domain 123
    Thank you for your help!
    Youssef

    Hi Youssef,
    What's IOS code which you are running? Seems like you are hitting DDTS CSCtz10928
    fix of CSCtz10928 may be required to pass multicast traffic through vpls
    You will need to upgrade your IOS to IOS-XE 3.7, which is 152-4S.
    Sudeep

  • VPLS and IP

    I am reading about MetroE solutions and would ask if VPLS could run over a IP backbone

    Hello,
    I almost agree with Guiseppe. I am under the impression that Virtual Private LAN Service (VPLS) is a service (as its name also states) more general than the specific technology actually used to implement it. Of course, what you can actually do in a network depends on the actual implementation.
    RFC 4762 (VPLS Using LDP Signaling) shows the topological model for VPLS: http://tools.ietf.org/html/rfc4762#section-4
    While commenting on the cloud shown in the topology, the authors say: "We note here again that while this document shows specific examples using MPLS transport tunnels, other tunnels that can be used by PWs (as mentioned in [RFC4447]) -- e.g., GRE, L2TP, IPsec -- can also be used, as long as the originating PE can be identified, since this is used in the MAC learning process."
    Another service popping up is IP-Only LAN Service (IPLS), described in a draft (short description of IPLS is found in the introductory Abstract section). IPLS topology diagram can be seen at:
    http://tools.ietf.org/html/draft-ietf-l2vpn-ipls-08#section-3.0
    The comment of the authors in this case is: "PE1, PE2 and PE3 are shown as connected via an MPLS network; however, other tunneling technologies, such as GRE, L2TPv3, etc., could also be used to carry the pseudowires."
    As for the point-to-point versus point-to-multipoint comparison, I am not so sure. I mean, the VPLS configuration that I am aware of seems to me very similar to a full-mesh of point-to-point AToM VCs (you say "neighbor" instead of "xconnect" to LDP peer). It could easily be that the MPLS logic underneath builds the related LSPs in a point-to-point fashion. I think those are all emulations and as such their purpose is to give us an illusion (which can easily turn out to be not a very good one). People keep trying to emulate Ethernet LAN behavior over other types of media (has been tried in ATM too). They are destined to replicate broadcast and multicast packets across VCs or pseudowires or anything.
    It seems to me that there is a tendency towards pure IP networks. I've been reading that MPLS can be used as a migration path into next-generation metro provider services (IP/VPNs). And I suspect they are going to tell us at some point that MPLS is a "legacy" technology!
    Kind Regards,
    M.

  • STP over VPLS

    Hi Everyone!
    I have a scenario of 3 PE routers with full mesh VPLS Pseudo-wires configured over it. If you look into the design, I have connected two switches Sw1 and Sw2 with the PEs R2 and R3 respectively. Considering that the VPLS cloud is operating correctly, I have connected a CE switch [Sw3] with Sw1 and Sw2. Now, the issue is STP over VPLS. Without having STP running inside the VPLS cloud, it's causing loop all over the ring. 
    In order to avoid loop, I have run PVST+ on all the three switches but the PEs are not running STP as I believe that the BPDUs are to be transparently forwarded through the VPLS pseudo wires. But, i'm not really sure why i'm getting PVST_Inc error on both Sw1 and Sw2 for the links that are connected with their respective PEs. Any response regarding this will be highly appreciated. 
    For your reference, network diagram is attached below:
    Thanks!

    What kind of PE routers do you have? Are they ASR9k  running EVC/EFP on switch facing interfaces?
    http://www.cisco.com/c/en/us/support/docs/routers/asr-9000-series-aggregation-services-routers/116514-problem-stp-00.html
    Best Regards,
    Bheem

  • Does Y.1731 support for VPLS service under ASR 9000 platform?

    Hi All,
    we are planning to setup OAM for monitoring performance of our VPLS service interface? By checked Cisco document, I couldn't find related document  that can confirm Y.1731 support multi-point to mulit-point interface by full mesh topology in our environment.
    Does someone have this kind of experience that could share with me?  The document or configuration example are welcomed as well.
    Thanks in advance,
    Eric.

    thanks Xander for your input!
    on top of this question. Actually, I am looking for better solution to monitoring mutli interfaces at same time. In our environment, we have many of this kind L2vpn setup for customer. instead of monitor end by end,  we want to monitor them from central point of view. do you have a better idea for this?
    I attached one customer setup example below, and diagram as well.
    At the meantime, we also looking for a good idea for how to setup hierarchical monitoring system that it could cross other SP domain.
    thanks,
    Eric.
    PE-siteA:
    ============
    L2vpn
     pw-class encap-mpls
      encapsulation mpls
    bridge group customer
      bridge-domain customer
       interface GigabitEthernet0/1/0/1.100
       vfi 100
        neighbor PE-siteB loopback-IP pw-id 100
         pw-class encap-mpls
        neighbor PE-ASBR loopback-IP pw-id 100
         pw-class encap-mpls
    =============
    PE-siteB:
    ============
    bridge group customer
      bridge-domain customer
       interface GigabitEthernet0/2/0/1.100
       vfi 100
        neighbor PE-siteA loopback-IP pw-id 100
         pw-class encap-mpls
        neighbor PE-ASBR loopback-IP pw-id 100
         pw-class encap-mpls
    =============
    PE-siteC:
    =============
    bridge group customer
      bridge-domain customer
       interface GigabitEthernet0/1/0/2.100
       interface GigabitEthernet0/5/0/2.100
       vfi 100
        neighbor PE-siteA loopback-IP pw-id 100
         pw-class encap-mpls
        neighbor PE-siteB loopback-IP pw-id 100
         pw-class encap-mpls
    ==============
    PE interface setup:
    ==============
    interface GigabitEthernet0/1/0/2.100 l2transport
     encapsulation dot1q 100
     rewrite ingress tag pop 1 symmetric
    =================================

  • VFI in vpls

    Hi,
    For  ASR9k, Is there any difference between two configuration?
    Config1:
    l2vpn
    bridge group bd_gp1
    bridge-domain bd_dom1
       interface GigabitEthernet0/7/0/1
       vfi enw_p
        neighbor 1.1.1.1 pw-id 2000
    Config2:
    l2vpn
    bridge group bd_gp1
    bridge-domain bd_dom1
       interface GigabitEthernet0/7/0/1
      neighbor 1.1.1.1 pw-id 2000
    Please note that  "vfi" is created in config1 and pw are defined inside that vfi whereas in config2, vfi are not created. How will this impact traffic? I found this config working, Where local PE is configured as "Config1"  and remote PE is configured as Config2.

    Hi
    As long as you have only one neighbor and pseudowires to only one neighbor both configs will work.
    The difference is the SPLIT-HORZON rules, which prevents a packet that enters on one VFI Pseudowire to be forwarded on another Pseudowire under the same VFI.
    Packets from bridge group are always forwarded via Pseudowire on vfi  and to other pseudowires or attachment circuits under the same bridge-group.
    The vfi is needed for VPLS with more than to PEs in a VPLS domain, where you need a full mesh of PWs between PEs, as there is no Spanning Tree preventing looping of multicast, broadcast or unknown destination unicast packets.
    regards
    alexander

  • VPLS - Which protocol, BGP, OSPF, EIGRP

    Hi Community,
    I am trying to figure out which protocol to use on a flat layer 2 VPLS.
    We have a flat layer 2 to connect 10 offices and some other point to point links to connect to other offices. We currently use EIGRP but going forward we want to control the routnig and the path the traffic takes. I was planning on using BGP to peer between the offices using a hub and spoke topology, instead of a full mesh. I know OSFP is better for a layer 2 VPLS as it alows the full lan to be used effectively.
    Can anyone suggest why we shouldn't use BGP on a VPLS from a provider?
    Regards
    D.

    Hi Dinesh
    In my personal opinion using BGP in a LAN environment will not provide any benefit as it will add to the BGP Session overhead per LAN Node owing to the Full Mesh requirement which is definitely not scalable.OSPF as an IGP is good choice to be run on the LAN in broadcast Mode which will help keep optmial design using DR/BDR.As far as the Routing Control is concerned BGP should be used for external traffic outside OSPF domain and mutually controlled redistribution between the external Routing Protocol and OSPF should be used.
    But if we intend to use Hub and Spoke Topology using P2MP Broadcast Ethernet ie VPLS I think this will not be possible to achieve in OSPF Broadcast Mode neither in BGP using IBGP in Hub and Spoke Fashion among the sites because of BGP Split-Horizon Rule nor using dedicated EBGP Sessions between Hub and Spokes because of 3rd Party Next-Hop feature . So in this scenario of using VPLS for any to any communication in L2 Mode between the sites and then considering Hub and Spoke topology will not be possible to achieve either in OSPF or using BGP and also it defies the basic VPLS connectivity taken to connect the diffent sites in P2MP mode.
    This is my personal take on this scenario and hope this helps you something in your design considerations.
    Regards
    Varma

Maybe you are looking for

  • How to search file from presentation server

    Hi All, In a ABAP program i want to display a dialog box which will help me to find out any file from presentation server.That dialog box should be display after clicking on parameter on selection screen.Parameter is a simple variable,not a field fro

  • How can I save a CYMK PSD file as a PDF in CS5?

    I am able to make the file in CS4 on another computer I use (PC).  However when I try to save a CYMK PSD file as a PDF in Photoshop CS5 I don't see the option in the drop down menu?  Any ideas?  Here are some of the file details CMYK PSD 8 bits/chann

  • Field used in a query

    Hello, I am interested in determining the queries( P/S Query) that use a specific field in the select clause, where clause or group by clause. The field may have been used as a expression or directly. I have been playing around with the PSQRY% tables

  • How do you change the name of the shuffle

    I was given a shuffle by a friend and thier name is still on it. How do I rename the shuffle for myself? I belive this is one of the first shuffles out.

  • Filter in JBossPortal

    Hello ! I hope I matched the right section of forum to post my message ; if not, just move it to the appropriate place ;) I deployed a portal on Jboss Portal Server, and all works fine. Now I have to integrate a filter, to change login mechanism, usi