Hi Edison,

So say the below config is you current router-on-a-stick configuration for a remote site (before ME implementation). And the provider gives you a vlan of say 200 to use. How could you arrange this config for the remote?

interface FastEthernet0/0

no ip address

speed 100

full-duplex

!

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.10.1.208 255.255.255.0

!

interface FastEthernet0/0.2

description DHCP AP's

encapsulation dot1Q 2

ip address 10.10.2.1 255.255.255.0

ip helper-address 10.40.2.3

ip helper-address 10.40.2.4

!

interface FastEthernet0/0.3

description fhmi$access

encapsulation dot1Q 3

ip address 10.10.3.1 255.255.255.0

ip helper-address 10.40.2.3

ip helper-address 10.40.2.4

!

interface FastEthernet0/0.6

description Static IPs

encapsulation dot1Q 6

ip address 10.10.6.1 255.255.255.0

!

interface FastEthernet0/0.7

description PBX

encapsulation dot1Q 7

ip address 10.10.7.1 255.255.255.0

Thanks,

Brandon

That's your internal facing interface. This router will need a ISP facing interface.

On the ISP facing interface, say F0/1

interface FastEthernet0/1

no ip address

speed 100

full-duplex

!

interface FastEthernet0/1.200

description ISP Native Vlan

encapsulation dot1Q 200 native

interface FastEthernet0/1.xxx

description point-to-point subnet for Hub

encapsulation dot1Q xxx

ip address x.x.x.x y.y.y.y

Hi Edison,

You're correct...still waking up I guess...;-).

Thanks,

Brandon

Edison,

In my scenario (from the top of post), I have two sites, with two different VTP domains.

Would you suggest that I add the reote site to the VTP domain in the main site, or leave it seperate?

I will be routing all but two or three VLANs (with the possibility of more later).

Up to you. If you want to add/modify/delete Vlans for remote site from a HQ VTP server, then configure the same VTP domain across.

I personally wouldn't do that. Have the remotes have a different VTP domain (Server/Client) from the HQ.

Thanks Edison.

What is the reason that you would leave it seperate?

It provides some kind of Vlan management security.

You don't want a mistake on Vlan creation/modification/deletion to get propagated to other switches.

We usually recommend running VTP transparent in a switched network. Note: This has nothing to do with MetroE but just a general concept.

HTH,

__

Edison.

I am not sure what you are saying about the VTP,

So, with two 6509 switches at the core network with several 3550 access switches,

All would be transparent?

Currently we have the two 6509s running VTP, one is server the other is client and the rest are transparent.

Hi Edison,

Just curious, but could you give a brief config or explanation of the configuration if you had a switch (6500) at the hub end instead of routers?

Thanks,

Brandon

Much easier;

interface gx/x

description MetroE connection

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk native vlan [Metro_Vlan]

switchport trunk allow vlan [Metro_Vlan],[Common Vlans to be used for Remotes....]

interface vlan [remote 1]

description Site 1

ip address x.x.x.x y.y.y.y

interface vlan [remote 2]

description Site 2

ip address x.x.x.x y.y.y.y

Hi Edison,

So the HUB is a switch and the remotes are routers.

Would the interface on the remote routers sub interface pointing to the ISP (hand-off) reference dot1q of the vlan at the HUB?

Such as:

HUB switch:

interface gx/x

description MetroE connection

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk native vlan 500

switchport trunk allow vlan 500,150,160

interface vlan 150

description Site 1

ip address 10.150.255.1 255.255.255.252

interface vlan 160

description Site 2

ip address 10.160.255.1 255.255.255.252

Remote site routers:

[remote 1]

interface FastEthernet0/1

no ip address

speed 100

full-duplex

!

interface FastEthernet0/1.1

description point-to-point subnet for Hub

encapsulation dot1Q 150

ip address 10.150.255.2 255.255.255.252

!

interface FastEthernet0/1.200

description ISP Native Vlan

encapsulation dot1Q 500 native

!

interface FastEthernet0/0

no ip address

speed 100

full-duplex

!

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.20.1.211 255.255.255.0

[remote 2]

interface FastEthernet0/1

no ip address

speed 100

full-duplex

!

interface FastEthernet0/1.1

description point-to-point subnet for Hub

encapsulation dot1Q 160

ip address 10.160.255.2 255.255.255.252

!

interface FastEthernet0/1.200

description ISP Native Vlan

encapsulation dot1Q 500 native

!

interface FastEthernet0/0

no ip address

speed 100

full-duplex

!

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.30.1.207 255.255.255.0

Thanks,

Brandon

You got it :)

Awesome,

And if I did go with the switch method at the HUB and say my remotes were 8MB ME connections to do QoS would at the hub end would I configure this under the VLAN sub-interfaces? I know a switch typically isn't as smart as a router (with QOS, shaping, etc...) so what would you advise for someone with these concerns.

Any recommendations?

Kind Regards,

Brandon

No shaping available on regular line cards on a 6500. You need a SIP with Ethernet SPAs. On the SPA, you would do shaping like a regular IOS router and apply the service-policy on the main interface.

HTH,

__

Edison.