Isolation at layer two of customers on the same VLAN
My ISP customer would like to deploy FTTH solution using rings as showed in the attachement made of ME-3400 or 4500-E depending on how many customer have to be connected to each area (less than 80 --> we go for ME 3400, more than 80 --> we go for 4500-E).
1) each customer will be connecting to the switches through CPE using trunking where will be transported each service (VoIP, Internet access, MPLS layer 3 vpn, CPE mgmt)
2) each one of the previous services has its own FIXED vlan (i mean, the same VLANs are used for all the customers and the ISP customer doesn't like the idea to use different VLANs at least per device...doesn't scale); that means that on each port of the access switches we'll have replicated the same VLAN in trunking depending on services that have been sold to each customer
3) for security reasons, the ISP customer doens't want that each customer can get connected to each other using L2 ring infrastructure as shortcut, so even though in the same VLAN, they have to be ISOLATED among them
Now, the problem is the following one:
Especially regarding the point #3, the logical solution is to use PVLAN with "isolated PVLAN trunk ports" among the switches in order to avoid that customers, not only the ones attached at the same switch, but also on different switches, to communicate each other (configuring the access trunk port as secondary isolated port) ...and that's fine for 4500-E.
...the problem comes up with ME3400 that doesn't support "isolated PVLAN trunk ports"; so locally i can manage the issue thanks to UNI ports definition (that is like to say ISOLATE them) but "no way" if we extend the concept among different switches.
Any idea about that?..how to solve on 3400 the problem of isolation among customers spread over the different switches of the ring?
The Cisco EPN system incorporates a network architecture designed to consolidate multiples services on a single Multiprotocol Label Switching (MPLS) transport network. This network is designed primarily based on Application Engineered...
Internet security is important with the increasing attacks that are happening every day. Many internet and browsing security solutions exist, but some are not very easy to use or maybe the question is how can I enable them?
Cisco Software Manager Server
This document describes the programmatic interfaces, RESTful APIs, which are supported by Cisco Software Manager Server (CSM Server).
CSM Server supports a set of finite RESTful APIs. The fir...