Temporary bridge over point to point WAN

Unanswered Question

In the aftermath of Hurricane Ike, I had to move a bunch of servers and users from our Galveston office to a remote site in another city. Normally Galveston and the remote site is connected with a point-to-point T-3. To simplify and hasten getting everything up and running, I setup 3 new Vlans at the new site and duplicated the subnets from the Galveston site, so I wouldn't have to readdress the moved equipment.

Now, the T-3 is backup and they want to start moving everything back to Galveston. Is there an easy way to temporarily bridge the Vlan's at the remote site with the actual Vlans in Galveston? If so, I can move things back to Galveston gradually, otherwise, I'll have to shut everything down, pack everything up and take it back and set it all up.

Even if it's a unsupported hack I don't mind, it'll only be for a few day.

Help

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Giuseppe Larosa Sun, 10/05/2008 - 23:04
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Timm,

bridging over a WAN supports a single broadcast domain i.e. a single Vlan.

You could try to bridge the output of a bridge trunk using 802.1Q encapsulation because 802.1Q frames are still ethernet frames.


bridge 1 protocol ieee


int fas0/0

no ip address

bridge-group 1

desc switch trunk 802.1Q attached here


int ser0/0


bridge-group 1

! depending on encapsulation used

! additional commands can be needed



Do the same in Galveston:


bridge 1 protocol ieee


int fas0/0

no ip address

bridge-group 1

desc switch trunk 802.1Q attached here


int ser0/0


bridge-group 1

! depending on encapsulation used

! additional commands can be needed

! Frame-relay may need

! frame-relay map bridge ...


Notes:

to work :

a)mtu in T3 has to be set to 4470 so that it can handle a full size 1522 byte 802.1q frame.

b) router interface must accept frames with tagging : you may need to put it in promiscous mode


If this doesn't work another possibility is:


If your routers connected via the T3 link support L2tpv3 you can be able to setup a L2 transport service for all the vlans one xconnect for each vlan


see

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html#wp1043064


Hope to help

Giuseppe


Richard Burts Mon, 10/06/2008 - 02:32
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Guiseppe


There is one other aspect that must be considered in implementing your suggestion: does the router have IP routing enabled (you have specified no ip address on the fastethernet and serial interfaces so no routing there, but are there any other interfaces on the router that are routing)?


Your suggestion will work as is if the router is configured with no ip routing. But if ip routing is enabled then your suggestion will not work. To get those 2 interfaces to bridge you would need to configure Integrated Routing and Bridging. With IRB you configure bridging on the interfaces as you have suggested but you also configure a Bridged Virtual Interface which allows traffic to move between the routed domain and the bridged domain.


HTH


Rick

Giuseppe Larosa Mon, 10/06/2008 - 03:28
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Rick,

I didn't write but I was thinking of using a dedicated FE for the job hoping it is available.


I have actually focused on the aspect of carrying with bridging frames with an 802.1Q tag: they are still ethernet frames but the protocol type is not IPv4 over ethernet but that of 802.1Q.

the router in this case without configuring 802.1Q subifs shouldn't treat them as IPv4 packets so it shouldn't try to route them.

If it tries it will not bridge and so IRB is required as you observe.


I never tried to bridge 802.1Q frames in this way but if you have tested this scenario and you have seen that IRB is needed your note is really wellcome as usual.

I did some tests with untagged frames and in that case you need IRB to successfully bridge IPv4 frames this is sure.




Thanks for your attention and help

Giuseppe


Richard Burts Mon, 10/06/2008 - 03:42
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Guiseppe


I have not tested this particular aspect and can not say from experience what the router would do with tagged frames. But unless there is some way to assure that there would never be any traffic on the native VLAN then I think that IRB would be required. IRB would allow the router to handle traffic on the native VLAN which is sent untagged.


HTH


Rick

Giuseppe Larosa Mon, 10/06/2008 - 03:45
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Rick,

>> on the native VLAN then I think that IRB would be required

this is sure and got my scores


Best Regards

Giuseppe


Actions

This Discussion