Solved: Re: VLAN's over WAN? - Page 2

joealbergo · ‎06-03-2010

I hope I titled this correctly, however. I wanted to know if it is possible to communicate

across VLAN's over WAN or over the internet.

If I am right, we can not. It is not possible - only through Layer 3 will an IP address be used as the destination and Layer 2 VLAN's are not.

Please advise.

Thanks in advance.

belovell · ‎06-05-2010

joealbergo wrote:

Thanks Giuseppe, that is my name as well. However I go by Joe or Joseph

Ben,

What does this mean "Each router has an xconnect statement on the interface facing it's nearside switch(no ip address -- routing IP packets on this interface is no longer possible, all frames must go over the VC)."

consider the following configs of two routers that use L2TPv3. They are one hop away from each other but this is irrelevant. They just need to be able to deliver IP packets between 1.1.1.1 and 2.2.2.2

switch1(e1/1)--(e0/2)router1(e0/1)--(e0/1)router2(e0/2)--(e1/1)switch2

router1

pseudowire-class VC1

encapsulation l2tpv3

ip local interface Loopback0 <--- source tunnel packets from 1.1.1.1

int loopback0 <-----local vc tunnel endpoint

ip address 1.1.1.1 255.255.255.255

interface e0/1

ip add 192.168.1.1 255.255.255.0

interface e0/2

xconnect 2.2.2.2 pw-class VC1 <-- create tunnel to 2.2.2.2 using parameters in pseudowire-class VC1

ip route 2.2.2.2 255.255.255.255 192.168.1.2

router2

pseudowire-class VC1

encapsulation l2tpv3

ip local interface Loopback0

int loopback0

ip address 2.2.2.2 255.255.255.255

interface e0/1

ip add 192.168.1.2 255.255.255.0

interface e0/2

xconnect 1.1.1.1 pw-class VC1

ip route 1.1.1.1 255.255.255.255 192.168.1.1

When a frame comes in router1(e0/2) it is encap'd in L2TPv3 header and ip header 1.1.1.1->2.2.2.2. When the tunnel packet gets to 2.2.2.2 router2 decaps the ip and L2TPv2 headers and sends the frame out it's e0/2 interface just as it was when it came into router1. All frames that come in e0/2 MUST go to the other end of the tunnel. This is what I mean by "routing IP packets on this interface is no longer possible, all frames must go over the VC"

-Ben

joealbergo · ‎06-05-2010

Why are we using Loopback0 interface?

If I am getting far ahead of myself - I am sorry. I hope that my questions are not frustrating..

belovell · ‎06-05-2010

For use in this example it is a matter of convention and it not strictly needed. 192.168.1.1 could have been the tunnel end point.

In other cases such as EoMPLS it is required to have /32 route to tunnel end point hence the loopback.

-Ben

joealbergo · ‎06-05-2010

Ben

I'm going to slow down and start doing some researching on "Multi-Protocol Switched Labeling"

I also am going to have to invest some time in VC "Virtual Circuits"

This is 6 months into Cisco as of today so I am far behind.

Your help and again everyone else who contributed to my thread is greatly appreciated.

Anyone has any links to documentation - I always review and favorite them for use in reading and the future.

Thanks everyone!

lamav · ‎06-06-2010

Joseph:

There is one new option to creating a L2 adjacency over a L3 domain that hasn't been mentioned yet. It's called Overlay Transport Virtualization (OTV) and it is intended for use in data center environments. The L3 domain can be IP, MPLS, SONET, etc. This technology provides a solution to the challenge of providing L3 isolation with routed inter-data center connectivity, while still preserving the ability to selectively extend L2 domain functionality.

In a nutshell, OTV allows edge switches, like the Nx7000, in one data center to exchange MAC address table information with other Nx7000 switches across a L3 domain.

This can be useful when you need to migrate a VM with VMotion from one ESX server located in one data center to a destination ESX server that sits in a separate data center. VMotion requires a L2 adjaceny to exist between ESX hosts. To achieve this, the edge Nx7000 switch running OTV will encapsulate the data in an IP datagram, route it across the L3 domain, which will then get de-encapsulated at the destination.To the end devices, the destination host seems to be in the same L2 domain, when in reality it exists in another data center.

Even better is that OTV allows selective spanning of control plane and data plane functionality, maximizing the benefits of extending a L2 domain, while mitigating the potential pitfalls, such as bridging loops and broadcast storms. These functions remain local to the L2 domain.

HTH

Victor

joealbergo · ‎06-06-2010

Lamav

Your post was extremely helpful however I am going to have to slow down and go over a few of the things everyone has been telling me.

I am about a quarter of the way into my CCENT with the Cisco Networking Academy and I only read a few pages on MPLS and not sure what SONET is. I do not know what VM or VMotion is yet either.

I understand about 20% of what you posted

However OTV sounds a lot like the QinQ except this OTV is done in house instead of by the SP - correct?

Thanks

Joe

lamav · ‎06-06-2010

Joseph:

Im sorry you didnt get too much out of my post, but its OK -- just save it and one day you can re-read it and it will make sense to you.

To answer your question, the answer is no, Q-in-Q is something totally different in terms of its application and its technique. But yes, Q-in-Q does allow you to span a VLAN across a domain, but the domain is a L2 domain, not L3.

Victor

joealbergo · ‎06-06-2010

Victor

I did get some information from your post - perhaps we can continue the education.

Let's start off with L2 Domain & L3 Domain.

What are we talking about when we speak of these "Domains" at level 2 and level 3 I assume?

Would that be a switch to switch (L2 Domain) and a router to router (L3 Domain)

Hope to hear back from you

Joe

Reza Sharifi · ‎06-06-2010

Hi Joe,

L-2 Domain is basically a cloud of layer-2 devices only (switches). It is not very common to see L-2 Domain only these days. L-3 Domain is a cloud of routes and multilayer switches (layer-3 devices) running routing protocols ie OSPF, RIP, ISIS and BGP.

HTH

Reza

joealbergo · ‎06-06-2010

Reza

Yes it does help a lot.

What is SONET?

lamav · ‎06-06-2010

Joseph:

I would recommend reading this excellent book cover to cover.

http://www.amazon.com/Certified-Network-Associate-640-802-Certification/dp/0071497285/ref=sr_1_2?ie=UTF8&s=books&qid=1275881360&sr=1-2

SONET: http://en.wikipedia.org/wiki/Synchronous_optical_networking

HTH

Victor

joealbergo · ‎06-06-2010

But I take it back -

Why do you recommend that book?

It's not that expensive actually...