What switches should be used?

Answered Question
Aug 3rd, 2010
User Badges:

Hello


I need to connect two points of my network over L2 provider network.

Provider provides two links with VLAN 312 assigned on it (can be changed if needed).

I want to define my own VLANs in my network.

(See attached image)


What switches should be used to build this network?

Attachment: 
Correct Answer by vmiller about 6 years 10 months ago

If you put in layer 3 (routing capable) switches, you could route

the one vlan that is being provided.

If all you get is layer 2 capable, then q in  q will have to do.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
alexandrfedchenko Tue, 08/03/2010 - 22:04
User Badges:

Here are Ciscos products for Metro ethernet CPE

But there are ROUTERS not switches.

Do I really need routers for my tasks? And why?

vmiller Wed, 08/04/2010 - 08:28
User Badges:
  • Gold, 750 points or more

Either one could be made to work.

I have done both.

alexandrfedchenko Tue, 08/03/2010 - 22:32
User Badges:

Here's a good example

Thanks.

But I have some specific: I have NO customer switch.

My switches would be "service provider edge switches" on those schemas.

Traffic outgoing from MY switch should be double tagged to pass provider network.


So should I purchase TWO switches for every edge of my network (one for internal VLANs and one for Q-in-Q incapsulation, like shown on those schemas) or enough only one catalyst 3560 configured like this:

interface fa0/1

switchport mode access

switchport access vlan1


interface fa0/2

switchport mode access

switchport access vlan2


interface fa0/24

switchport mode dot1q-tunnel


?

vinod.agrahari Wed, 08/04/2010 - 08:41
User Badges:

Hi Alexadr,


If I understand you clearly,If you are connecting  L3 Switch from Internet cloud or service provider ISP,would be easy to manage the whole Network.


you can configure VLAN as you mentioned in the configuration by making that switch a VTP Server Switch and also NAT to provide more secure infrastructure at security point of view.


Please feel free to share your input/clarification if you need.


Regards


Vinod Agrahari

alexandrfedchenko Thu, 08/05/2010 - 03:34
User Badges:

If you are connecting  L3 Switch from Internet cloud or service provider ISP,would be easy to manage the whole Network

No, I can't. Provider offers only one VLAN. I can ask him to change VLAN identifier, but not amount of VLANs.

You can see default scheme of connection (that they offer) in attached file

There are only L2 switches and all stations in one VLAN, but I want to split my networks with my own VLANs.

Attachment: 
vmiller Thu, 08/05/2010 - 08:04
User Badges:
  • Gold, 750 points or more

Can the SP provide a trunk instead of one specific VLAN ?

Heres a thought. you get your one vlan between sites, terminate it on your switches

then give that vlan an IP address at either end (your Address space)


Then IP the rest of your vlans and route between the sites.


I have a bias towards L3 solutions as opposed to L2.


there are a lot of choices in the medium size switch world to take care of this.

alexandrfedchenko Fri, 08/06/2010 - 00:00
User Badges:

Can the SP provide a trunk instead of one specific VLAN ?

No. We had talked about many times, but they always said "No".

We offer them enable Q-in-Q on their next-level switches, but they said "No" again. They can pass Q-in-Q, but Q-in-Q encapsulation should be done on our switches.

I have a bias towards L3 solutions as opposed to L2.

Hmmm, interest...

But I don't understand some things:


1) How to configure port connected to SP on my switch. If I configure as usual (access mode, assigned to VLAN) then traffic, outgoing from this port, will be untagged. But I need tagged to pass SP network.


2) When one VLAN are distributed between two sites I need addition work to retranslate broadcast (for Windows Neighbourhood for example) ?

vmiller Fri, 08/06/2010 - 07:51
User Badges:
  • Gold, 750 points or more

My personal choice would be to use switches with layer 3 functionality.

You could accept their VLAN, assign your own IP addressess and off you go.

then route between the sites.

alexandrfedchenko Sun, 08/08/2010 - 22:02
User Badges:

My personal choice would be to use switches with layer 3 functionality

Yes, I understand.

But I don't understand how to configure ports on my switch.

If I configure like on attached image then traffic on port 24 will be untagged, but I need tagged.

vmiller Mon, 08/09/2010 - 07:57
User Badges:
  • Gold, 750 points or more

I would go with q in q then...a 3560 should be able to handle that.

alexandrfedchenko Tue, 08/10/2010 - 21:24
User Badges:

I would go with q in q then..

I don't understand you

First, you said about layer3 solution prior to layer2. Now you say "q-in-q", but it is layer2.


Can you explain in details what do you mean?

May be draw some schema or most important parts of config for switches?

Correct Answer
vmiller Wed, 08/11/2010 - 07:41
User Badges:
  • Gold, 750 points or more

If you put in layer 3 (routing capable) switches, you could route

the one vlan that is being provided.

If all you get is layer 2 capable, then q in  q will have to do.

alexandrfedchenko Wed, 08/11/2010 - 04:10
User Badges:

I would go with q in q then...

Maybe you said about config like this:


interface fa0/22

switchport mode trunk

switchport trunk encapsulation dot1q

switchport trunk allowed vlan add 1-10


interface fa0/23

switchport access vlan 312

switchport mode dot1q-tunnel


interface fa0/24

switchport mode trunk

switchport trunk encapsulation dot1q

switchport trunk allowed vlan add 312


and then connect port 22 and 23 with patch-cord and connect provider cable into port 24 ?

Actions

This Discussion