How can I join the native internal vlan1 of 2 sites over a WAN routed link?

Unanswered Question
Jan 29th, 2010
User Badges:

Hi there,

I have two sites with a Cisco 3825 each. Site B is connected to the service provider with a 100 mbps link. Site A is connected with a 400 mbps link as a trunk port because it is use to receive data from other sites. Each site with its own vlan ID. For Site B the vlan ID is 10 but it was defined only in router at site A, by defining a subinterface and using encapsulation dot1q. Site B have no reference to that vlan ID but I'm assuming that the vlan 10 should be defined at the service provider's network equipment. I think that they are using MPLS but that's completly transparent for me in terms that I have no control over their MPLS configuration. For my perspective it is like having all my sites connected to a switch.

I need to configure both routers in order to extend the internal native vlan1 from site A to site B  to have both sites using the same IP address scheme. In other words a server at site A is and another server at site B is with the same netmask. I completely clear that it is not recommendable or advisable to this over the WAN but I have to do it anyways.

I tried using GRE/Tunnels but I couldn't pull it out. I also read about L2TP and VPLS but I don't understand the concept entirely. Encryption is not a concern for me, actually I don't want to use IPSec unless there is no other option.

Can you please help me?

Thanks for your attention!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Reza Sharifi Fri, 01/29/2010 - 19:24
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Hellp Edil,

If your service provider is running MPLS, then you can work with them to provision a layer-2 VPN for you and run EoMPLS.  This way you can keep the same IP and VLAN for both sides of your connections.  I would suggest using another VLAN in place of VLAN 1 and not use VLAN 1 at all, because that is the default/native  VLAN and it is used for control traffic and not secure.

Please refere to this document in section EoMPLS and 802.1Q Tunneling for more info:



Edil Cajigas Sat, 01/30/2010 - 04:44
User Badges:


Thank you very much for your help.

To be completely clear with this. It is possible to do what I want using only GRE/Tunnels? Even if it is not the best methode. If so how? I just want to know for sure if GRE/Tunnels is something that I have to disccard not because it is a poor choice but because it can not provide me what I want.

I will have to check with the SP about EoMPLS. What they told me is that they can allow me to pass whatever vlan I want instead of only vlan 10 between SITE A and SITE B but that that's not something that they have done for their other customers and they will charge me a very hefty monthly fee, because in their service plan they charge a fee per vlan.

Best regards


Giuseppe Larosa Sat, 01/30/2010 - 08:04
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Edil,

the right  tool may be L2TPv3 that allows to build a L2 point-to-point transport service over IP.

It is supported on C3825 with appropriate feature set.

more specifically service can be defined on a per vlan based subinterface basis:

the limitations are those of performance of routers in use (so no chance to get 400 Mbps of traffic over the pipe)

Hope to help


Edil Cajigas Mon, 02/01/2010 - 05:29
User Badges:


Thanks for your help. I did tried to use L2TPv3 following an example from another web site but the instrucction said to use a diggest command and that is not listed as a valid command in the IOS I'm using.

Any ideas? The other option I'm checking now is QinQ but again how can I use QinQ with vlan1, do you know of a good tutorial?

paolo bevilacqua Sat, 01/30/2010 - 08:47
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Why you want to bridge? What it means "I have to" ??

Everything works good and better with regular routing.

2 sites = 2 subnets.

Edil Cajigas Mon, 02/01/2010 - 05:42
User Badges:


I  have 2 sites and I want their internal native vlan1 to be the same. I was instructed to do it basically because we have two Exchange and Blackberry servers already published with a particular IP and we want to create a replica of those servers at SITE B for the continuity of service in case of a failure in SITE A.

The system administrator is using Exchange 2003. I check products like Neverfail and Doubletake but those are very expensive.

2 sites = 2 subnets = better = U R right...  but I have to do it

paolo bevilacqua Mon, 02/01/2010 - 08:42
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

From my understanding, replication does not require servers to be on same subnet..


This Discussion

Related Content