cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2184
Views
10
Helpful
13
Replies

3750 Metro ethernet switch

NAVIN PARWAL
Level 2
Level 2

Folks,

I have 6500's at the core and want to use the 3750 at the PE. My question is the following:

1) 3750 would do Q-IN-Q.

2) Once the packet reaches the 6500(sup 720) running MPLS. What happens to the frame. Do i use xconnect to transfer the frame to the appropriate PE?

Just confussed about how does the PE use the Q-IN-Q information to direct it to the appropriate PE?

Sample config would be highly appreciated.

Thanks

13 Replies 13

pkhatri
Level 11
Level 11

Hi,

On your core box, you can use 802.1Q-in-Q VLAN Tag Termination to specify which interface to associated each inner tag with. For example,

interface GigabitEthernet1/0/0.1

encapsulation dot1q 100 second-dot1q 100

!

interface GigabitEthernet1/0/0.2

encapsulation dot1q 100 second-dot1q 200

!

interface GigabitEthernet1/0/0.1

encapsulation dot1q 100 second-dot1q 300

The effect of this will be:

- Frames received with an outer tag of 100 and an inner tag of 100 will be associated with GigabitEthernet1/0/0.1

- Frames received with an outer tag of 100 and an inner tag of 200 will be associated with GigabitEthernet1/0/0.1

- Frames received with an outer tag of 100 and an inner tag of 300 will be associated with GigabitEthernet1/0/0.1

In the egress direction, the frame will be appropriately double-tagged depending on which interface it is being routed over...

Hope that helps.

Pls remember to rate posts.

Regards,

Paresh.

Paresh,

Is it possible that we can talk about the configuration offline, i had a couple of questions, i would appreciate if you could help me please.

My e-mail address is karanprakash2004@yahoo.com

Thanks,

Parwal

Hi Parwal,

We can certainly talk offline but I would prefer to use this forum. This way, other people can also help you and the conversation will be there for the use of other people as well...

In any case, you can get my email from my profile...

Regards,

Paresh

thanks for the reponse, i would use the forum then.

First of all than you very much for the wonderful response, i would keep rating your posts as you respond wonderfully.

So my case is as follows, i have 2 6500 series switches connected via sonet. They are running Sup 720 3XLBs and run MPLS. 6500s is the core of my network. We are doing enterprise MPLS.

I wated to use metro ethernet switches at remote locations where Layer 2 VPN services is desired and we have multiple customers at. So lets say in Baltimore i have 2 customers in the same building who want to use our services and want to reach their other offices located at other POPS.

for some reason the configs make more sense of me, rather then only explaination, so i would appreciate if you could use sample commands to explain your recommendations.

If i use the config you sent me on the 3750 metro ethernet switches. lets say customer A is vlan 10 and customer B is vlan 20, and i use Q-IN-Q tag of 100. Then i can create subinterfaces at my gigabit ports on catalyst 6500 which would be terminating the 3750 metro connection.

What do i have to do next to make the inter office connectivity to work? should i use Xconnect under ever subinterface and connect it to the PE on the other side where the POP is for the customer?

What would be my configuration at the PEs? as far as metro ethernet goes? i do not need MPLS configs as i have that working already.

Any help would be highly appreciated.

Thanks

raj.panchal
Level 1
Level 1

Your requirment can be served using EoMPLS feature of 65xx series switches as you want to use ur underlying mpls network between two POP. if it was plain L2 network u cud have used l2 tunneling on the switches to serve ur requirment.

EoMPLS

Pre-requsites :

1) core facing cards should support EoMPLS

2) 3750 Metro Switch needs a EMI image

3) SP vlan has to be unique accross customers terminating on the same POP

You gotta do ERS or EWS for P2P L2 vpn .

If you want to be transperent to customer BPDU u can use EWS.

For any to any l2 vpn you can use VPLS

But looking at ur query seems that ERS should be sufficient for u

In your network considering 65xx as NPE and 3750 as U-PE your typical config would be as below. You would be using targeted ldp here with xconnect command

for ERS

END-A

NPE

===

interface GigabitEthernet1/22

description ## customer facing port ##

mtu 9216

no ip address

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 3040,3601-3604,3701

switchport mode trunk

!

interface Vlan3601

description ## Customer A SP vlan ##

mtu 9216

no ip address

xconnect 3601 encapsulation mpls // targeted ldp setup for reaching the remote PE //

U-PE

====

** Here in the below config it is assumed that customer has multiple p2p ERS ckts and hence the port is trunk port **

interface GigabitEthernet1/0/11

description ## Customer facing port ##

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 3601-3604

switchport mode trunk

switchport nonegotiate

switchport port-security

switchport port-security maximum 5

switchport port-security violation restrict

load-interval 30

storm-control broadcast level 1.00

mac access-group Invalid-Frames in

no cdp enable

spanning-tree portfast trunk

spanning-tree bpdufilter enable

!

mac access-list extended Invalid-Frames

deny any 0180.c200.0000 0000.0000.000f <- BPDU MAC address

deny any host 0180.c200.0010 <- BPDU MAC address

deny any host 0100.0c00.0000 <- ISL traffic

deny any host 0100.0ccc.cccc <- Physical link protocol

deny any host 0100.0ccc.cccd <- Logical link protocols

deny any host 0100.0ccd.cdce <- End-to-End protocols

deny any host 0100.0ccd.cdd0 <- L2 PDU tunnelling

On the Remote PE ( END-B ) , same config applies except the PE IP in xconnect which gets changed to A-end PE IP. VC ID has to match on both end for each ERS p2p ckt.

You can use Switch or Router as CPE

Hope this helps

Raj

Folks,

Can someone please give me a real benefit of the metro ethernet switches from cisco (3750M). From what i seeing that EWS, ERS and other flovors of metro ethernet switching can be done using a regular 3550 switch. Why would anyone need a 3750 series switch for Q-IN-Q, can someone give me a real example so that i could justfy to buy a 3750 switch and not a 3550 switch.

Thanks

Hi Parwal,

I'll get back to you shortly on your other question... Need to do a bit of thinking about it :-)

As for this current query, if all you want out of the switch is Q-in-Q functionality then yes, the 3550 will do the job. However, note that the 3750 has some great Qos features such as the Hierarchical QoS Framework which I suspect you will need at some point, since you are likely to be supporting multiple customers on the same interface..

Hope that helps,

Paresh

Well.. its about product features .. you gotta compare products with your requirments at various layer of your network and to come out with justification of your requirments . Any ways below is snippet for you to have some justification between two products

===============================================

What is the difference between the Cisco Catalyst 3750 Metro Series and the Cisco Catalyst 3750 Series?

The Cisco Catalyst 3750 Metro Series is built for Metro Ethernet access in a customer location, enabling the delivery of more differentiated Metro Ethernet services. These switches feature bidirectional hierarchical QoS and Traffic Shaping; intelligent 802.1Q tunneling with class-of-service (CoS) mutation; VLAN translation; MPLS, EoMPLS, and Hierarchical Virtual Private LAN Service (H-VPLS) support; and redundant AC or DC power. They are ideal for service providers seeking to deliver profitable business services, such as Layer 2, Layer 3, and MPLS VPNs, in a variety of bandwidths and with different SLAs. With flexible software options, the Cisco Catalyst 3750 Metro Series offers a cost-effective path for meeting current and future service requirements from service providers.

The standard Cisco Catalyst 3750 Series is an innovative product line for midsize organizations and enterprise branch offices. Featuring Cisco Systems® StackWise™ technology, Cisco Catalyst 3750 Series products improve LAN operating efficiency by combining industry-leading ease of use and high resiliency for stackable switches.

What is the Metro Ethernet positioning of the Cisco Catalyst 3750 Metro Series, the Cisco Catalyst 3550 Series, and the Cisco Catalyst 2950 Series?

Cisco Catalyst 3750 Metro Series Switches

=========================================

Cisco Catalyst 3750 Metro Series switches are a new line of premier, customer-located switches that bring greater intelligence for Metro Ethernet access, enabling the delivery of more differentiated Metro Ethernet services. These fixed configuration switches feature bidirectional hierarchical QoS and Traffic Shaping; intelligent 802.1Q tunneling; VLAN translation; MPLS, EoMPLS, and H-VPLS support; and redundant AC or DC power. They are ideal for service providers seeking to deliver profitable business services, such as Layer 2, Layer 3, and MPLS VPNs, in a variety of bandwidths and with different SLAs. With flexible software options, the Cisco Catalyst 3750 Metro Series offers a cost-effective path for meeting current and future service requirements from service providers.

Cisco Catalyst 3550 Series Switches

==================================

With a range of Fast Ethernet, Gigabit Ethernet, DC power, and fiber configurations, the Cisco Catalyst 3550 Series is an intelligent metro access switch for service providers serving the enterprise and small and medium-sized business markets. Featuring 802.1Q tunneling, high-performance IP routing, and subsecond Spanning Tree Protocol convergence, this line of powerful, cost-effective, fixed-configuration switches enables Metro Ethernet services such as Transparent LAN services and business-class Internet access.

Cisco Catalyst 2950 Series Switches

===================================

Ideal for Metro Ethernet access in residential markets, the Cisco Catalyst 2950 Series is an affordable line of fixed-configuration Fast Ethernet and Gigabit Ethernet switches. Featuring advanced rate limiting, voice VLAN support, and multicast management, these switches enable residential Metro Ethernet services such as Internet access, voice over IP (VoIP), and broadcast video.

Hope it helps

Ps rate this post if it helps u ..

Thanks and Regards

Raj

Hi Parwal,

Not sure I can add much to the great post from Raj.

Feel free to post any other queries you have, though...

Paresh

Folks,

Can i span the same subnet at the 2 core switches in my senario?

If i have 2 core 6500 PEs. and i want to use metro ethernet to pass traffic between them. I have 2 3740 switches connected to these 6500 in trunk mode. can i use the same subent for the vlan in both switches?

lets say that i have vlan 300 defined on both switches that belongs to customerA connected to 2 3750 switches. cani give 10.10.10.1 and 10.10.10.2 to vlan 300 on core switchA and core switchB?

I tried it and it does not work, but when i choose a different subnet for vlan 300 at each switch it works??

Thanks

Hi Parwal,

You cannot have two routed interfaces with addresses from the same subnet. That is what you are trying to do when you configure your VLAN interfaces and that is why it does not work.

Hope that helps - pls rate the post if it does.

Paresh

Paresh,

I am confussed again, so what is the advantage of enterprise MPLS if you can have a vlan with the same subnet accross the core.

So if i have 2 core PE switches (6500 3xlbS), and i have vlan 300 defined on both under customerA, i can not have them in the same subnet????

CoreA

Interface Vlan 300

ip vrf forwarding customerA

ip address 10.10.10.1 255.255.255.0

CoreB

Interface vlan 300

ip vrf forwarding customerB

ip address 10.10.10.2 255.255.255.0

this will not work?

Thanks

Hi,

config shown above seems to be okay, as far as your l3 vpn is concerned.

What i understand is you are going to connect your customer on 3750 where you will be configuring the port facing customer as access vlan port for vlan 300, the trunk port connecting your 6500 should be trunking vlan 300 and vlan 300 should be active in STP if any.

On both 6500 you have created vlan 300 , but i can see from your vrf defination that you are going to treat each vlan 300 on each switch as a different vpn ( i assume that rt and rd configs for each vrf is unique ) . the vlan 300 would be acting as your layer 3 gateway for customer connected on 3750 l2 ports.

Customers in vlan 300 can use IPs in the same subnets and communicate in the same vpn ( i.e vrf ) . They would not be able communicate accross the vrf though the vlan id is same on both the switches because they are now Layer 3 SVI within a VPN using vrf.

Hope this helps

Please rate the post if it helps u out.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: