03-08-2007 02:46 PM - edited 03-05-2019 02:47 PM
Ugh! I need to carry my VLANS from one site to another over a WAN I have no control or help from. They do not support QinQ, MPLS, etc. I think I know I can do this with GRE but that is all I can find in searches. I really need a HOWTO or a sample. I get GRE, I get trunking I can not figure how to combine them.
Thanks,
Chuck
03-09-2007 05:13 AM
Hi,
did you have a look at L2TPv3?
"L2TPv3: Layer 2 Tunneling Protocol Version 3"
http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00804420e7.html
There is a section and configuration examples about Ethernet transport and a section about VLAN transport.
MTU might become an issue because of the additional overhead, but except this, it works. Another issue to watch out for is throughput or CPU load on your router.
So I would assume L2TPv3 pretty much solves your issues.
Hope this helps! Please use the rating system.
Regards, Martin
03-12-2007 08:46 AM
Thanks. I am looking in to it now. My only concern is the prior versions of L2TP were for Service Providers. In this case I would be the customer, and the SP does NOT support any type of VLAN, VTP, etc traffic. They refuse to allow broadcast. I have apps that require it, so I want to extend my VLANS via a tunnel so they can not see the broadcast. I can not work with them on it because they refuse to see this as anything but putting broadcast on "their" network.
Thanks,
Chuck
03-12-2007 09:07 AM
Hi Chuck,
L2TPv3 "looks" like IP unicast to the service provider. In fact it is like a point-to-point tunnel transporting L2 frames. So you will NOT send any broadcast into the SP network. If you do not like the SP to investigate the content, you could even use IPSec to encrypt it. Before doing so, I would recommend to do some performance tests, though.
So your SP should not complain about unicast traffic between two IP addresses. Finally this is what you are paying for!
Hope this helps!
Regards, Martin
03-13-2007 01:19 PM
Martin,
We got L2TP3 going with one vlan encapsulated on a subinterface like the example on the link you gave. What we want is to send the entire vlan trunk across. Can you help lead us in the right direction to do this? Doing a seperate subinterface for each vlan does not seem very efficient.
Thanks alot for everything so far.
Chuck
04-25-2007 05:35 AM
Do you use the same WAN router to do the L2TPv3+IPSec or a seperate one for IPSec?
06-04-2007 06:06 AM
We are not doing IPSec with the tunnels. We would likely do it ourselves. But it is very possible that the provider would be doing it as well, or using some dedicated encryption.
Chuck
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: