02-09-2008 01:54 AM - edited 03-03-2019 08:38 PM
Dear networkers;
I want to design a networkm it has about 4 cores, 30 Distributes and each distribute handle 12 access routers..
so services like Video,Voice,Data.. is provided on this network.
what is your idea and design solution..
DMVPN? VPLS? ..
please provide me your idea
thank you
02-09-2008 02:15 AM
Hi,
It is default to provide any idea with the short of information. As you informed that you have already selected the CORE-DISTRIBUTE-ACCESS Layer routers as well as the Voice, Video, Data structures but it is not clear about the carrier, whether MPLS, Leased Line, etc etc. Its also depends on the carrier.
As per Cisco:
DMVPN
--------------------------------------------
Dynamic Multipoint VPN (DMVPN) is a Cisco IOS Software solution for building scalable IPsec Virtual Private Networks (VPNs). Cisco DMVPN uses a centralized architecture to provide easier implementation and management for deployments that require granular access controls for diverse user communities, including mobile workers, telecommuters, and extranet users.
Cisco DMVPN allows branch locations to communicate directly with each other over the public WAN or Internet, such as when using voice over IP (VOIP) between two branch offices, but doesn't require a permanent VPN connection between sites. It enables zero-touch deployment of IPsec VPNs and improves network performance by reducing latency and jitter, while optimizing head office bandwidth utilization.
Benefits
Lowers capital and operational expenses - Reduces costs in integrating voice, video with VPN security
Simplifies branch communications - Enables direct branch-to-branch connectivity for business applications like voice
Reduces deployment complexity - Offers a zero-touch configuration, dramatically reducing the deployment complexity in VPNs
Improves business resiliency - Prevents disruption of business-critical applications and services by incorporating routing with standards-based IPsec technology
VPLS Provisioning
----------------------------------------------
The Cisco IP Solution Center (ISC) supports layer 2 provisioning with layer 2 Virtual Private Network (L2VPN) services and Virtual Private LAN services (VPLS). VPLS services are multipoint (L2VPN are point-to-point) and include Ethernet services over a Multiprotocol Label Switching (MPLS) core or over an Ethernet core.
With an MPLS-based provider core, the PE devices forward customer Ethernet traffic through the core using a VPLS VPN. Multiple attachment circuits are joined together by the provider core and simulate a virtual bridge that connects all the attachment circuits together.
With an Ethernet-based provider core, the PE devices connect two or more customer devices using 802.1Q-in-Q tag-stacking technology, which encapsulates traffic from multiple VLANs from one customer with a single service provider tag. All connections within the VPLS VPN are peers and have direct communications, like a distributed switch.
For each of the core types, ISC supports Ethernet relay service (ERS) and multipoint Ethernet wire service (EWS).
â¢ERS-The PE device forwards all Ethernet packets with a particular VLAN tag received from an attachment circuit (excluding bridge protocol data units (BPDUs)), to another attachment circuit.
â¢EWS-The PE device forwards all Ethernet packets received from an attachment circuit (including tagged (DOT1Q), untagged (DEFAULT), and BPDUs), to either another attachment circuit or to all attachment circuits.
To provision VPLS using the ISC API, you need a VPLS service definition and a VPLS service request. The service definition specifies the core type, policy subtype, and common device properties. The service request defines the service definition to use, VPNs, attributes for each interface in the VPLS link, and template information.
This chapter describes VPLS service concepts and the steps required to provision VPLS services using the ISC API. The provisioning example includes all steps from creating the inventory to auditing the service deployment.
Thanks & Regards
Goutam
Pls rate if its works
02-09-2008 03:04 AM
Dear Goutam
thank you for your infomation
the connectivity between core to distribute are STM1 and between Distributes and access are E1 links.
02-09-2008 03:27 AM
If these are your lines, why do you need dmvpn or anything else? Just run regular routing.
Or are you a service provider ?
02-09-2008 04:01 AM
acctually I want to give my customers at branches varius servics with normal routing its possible of ip confilict or the size of routing table and convergense time will increase..ist it?
02-09-2008 04:15 AM
Hi, the easier thing is you give them public addresses ad do regular routing in your network.
If they are able to do dmvpn b themselves, ok, it they are not able, you do it for them on their router.
Routing table size and convergence is not a concern. Look at the internet that is so big, but it works anyway.
02-10-2008 09:28 PM
Dear Emadehsan,
I'd like to suggest u to run BGP/OSPF in-between CORE to Distribute and run OSPF in-between Distribute and Access.
Guess that you are using E1 as Channelized. But suggesting you please make a good IP allocation table before you jump to this work.
Best of Luck.
Thanks
Goutam
Pls rate if it works
02-09-2008 02:16 AM
DMVPN is for when you main link is the Internet.
If you can spend a bit more, get MPLS.
If no budget concerns, get leased lines.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: