I was just working on a NETWORK DESIGN
HEAD OFFICE has cisco 7507 router which is supposed to support 25 ATM
E1 wan circuits
Branch to Head Office req is multi-service (video, voice, data)
Isn't it more suitable to put the IGX, MGX or BPX for ATM WAN circuit
termination and let the router do all LAYER 3 SWITCHING ?
If expensive device like IGX or MGX is put there...would there still
be a need for such high end router like 7507 ?
HOW ABOUT PUTTING HIGHT END CAT 8500 MULTISERVICE SWITCH ROUTER
instead of cisco 7507 and MGX combined ?
kindly let me have your valuable response
Systems Network Engineer
Dubai Internet City
I like the 8500 series. Out of curiosity, are you intending to provide the ATM cloud, or are you connecting to a public ATM cloud? The reason I'm asking is at the central site, instead of connecting to 25 E1s, I would rather deal with a single DS3 / E3 circuit.
The IGX/MGX/BPX would give more functionality as far as voice and video is concerned, but for most applications the 8500 will do the trick. What are your video/voice demands?
Thank you very much for your kind reply
Your Q)Are you intending to profice ATM cloud or are you connecing to a public ATM cloud ?
My A) To provide ATM clould, 25 other branches may communicate through this cloud as well
My Q) How do you think that 25 physical circuits would terminate in this ATM cloud ? are you saying that in WAN module, install one MGX with eight 8xE AUSM cards and then make one ATM PVC from PXM STM-1 interface of MGX to ATM port adapter of cisco 7507 ? or is it possible to provide the combined functionality of both in one Cat 8500 multi-service Router switch ?
Your Q) What are your video/voice demands
My Ans) Cisco call manager, the most probable goal is to implement an enterpirse level IP Telephony solution
Actually I am designing the whole network taking guidelines from cisco safe blueprint
kindly let me have your valuable feedback
thanks and regards
1) What kind of router would you have at each of these branches and what kind of cirucit will you have connecting to the cloud ?
With the MGX8250, you can bring in ATM circuits from the branches using the AUSM cards and frame circuits using the FRSM card.
2) From the central 7500 , will you have a single physical circuit over which you have 25 PVC's ?
You can very well do this as well on the MGX8250. Connecting the 7507 to the broadband port on the PXM and building the PVC's over this physical circuit.
You can then terminate these pvc's on the switch interface on your RPM for any added routing that needs to be done.
3) The RPM card on the MGX8250 can take care of most of your layer 3 switching needs as well. You can bring in the circuits as frame or atm into the MGX and then do layer 3 routing using your RPM
Your Qs) What kind of routers at branch offices and what circuits ?
Ans) All branch office routers would most probably be 2691 / 3640A / 2600XM / 3725 or 3745 with MFT interfaces or ATM interfaces.
Has to be decided in Phase IV.
Those 25-30 circuits would be ATM PVCs over local IXC's public ATM cloud terminating to HO central 7507. But I have checked on this link that there are only 10 max ATM ports available with 7507
My Qs) Can only 10 ATM physical ccts be terminated on 7507 ?
They already have one Cisco 7507 there on which the WAN circuits are being shifted from some old 36xx router
Qs) Can I DROP OUT RPM, cuz already L3 device, the 7507 is there
Qs) What If I propose to connect 7507 ATM STM1 MMF interface to MGX 8250's PXM STM-1 interface with 25 ATM PVCs? MGX for physical ATM circuit termination ?
I have worked on MGX 8850 before and BPX 8620 in internet exchange setup
Qs) what if I propose MGX 8850 for more broad multiservice options over WAN circuits ? for IMA , for ccts >2Mbps ?
Kindly if possible, also give your valuable comments on these ISSUES, regarding IOS Selection
VOICE/VIDEO/DATA Options over WAN
Qs) Voice of WAN here would be VOIP over ATM or VoATM ?
Qs) AVVID has to be enabled in this HO/branch model. Is IP Plus IOS must for 7507 ?, what about the IOS of RPM of MGX, does it also have to be IP Plus ?
If we are talking about VOICE over ATM, then we can have simple IP IOS and still run voice , right ?
VPN from any branch to HO 7507 or MGX8250
Qs) If some branch wants to have VPN to HO or like 20 branches want VPN, so for that purpose IPSec 56, DES or 3DES enabled IOS has to be loaded in both 7507 and/or MGX 8250 ?
so the final IOS has to be IP Plus and IPSec VPN enabled and also with ATM PVC support, possibly MPLS enabled also for MPLS VPN implementation later, right ?
don't you think that make it all a kind of very complicated ?
can there be any simple alternative for such fancy complication
I am following design guidelines from cisco SAFE BLUEPRINT
and have divided the whole SOLUTION into PHASES
enable all connectivity and enable DATA services with basic security features
keeping over-all cost to minimum
strengthen security by adding more IDS, dual Firewalls and putting two switches for each server farm
fine tune the network and enable in-house IP Telephony features and with the branch offices
start working on the 25-30 branches and enabling ATM services over the GIA's ATM cloud
waiting for your valuable comments
Systems Network Engineer
Dubai Internet City
3 outstanding problems you have now.
1. How to bring 25 - 30 physical atm circuits from branch offices to your HQ.
You can bring them in onto one of the service modules on the MGX8250.
FRSM card if circuit is frame relay
AUSM card if circuit is ATM
You can do IMA cirucuits using the AUSM for circuits greater than 2Mb
2. Send this aggregated traffic to 7500 for Layer 3 processing
You can do this very easily by connecting the PXM OC3 port to the 7500 OC3 interface and configure the interface as a UNI /NNI interface.
Cross connect the PVC's from the service modules on the MGX out the PXM into the 7500 and you can perform your layer 3 routing services there if you do not want to use the RPM.
3. IOS selection and MPLS/VPN information.
You need to choose the IOS based on the features you need and are going to use. You can use the IOS feature navigator to make sure that you get the IOS which includes all the features that you need.
MPLS/VPN information : The following url on www.cisco.com provides you with information on using MGX and RPM for MPLS/VPN capability.
Hope this helps
I was on weekend in UAE.
Meantime thinking about solution.
I think few more emails and my issue should be resolved and I would be very thanful to all of you for your valuable suggestions
I used IOS feature Navigator, there is no such IOS for Routers (7507) which has all the features of MPLS/VPN, VOIP, ATM PVC
I HAVE COME UP WITH THE FOLLOWING
Physical ccts (ATM or FR PVCs) from 25 branches terminate on AUSM/FRSM cards of MGX 8250. All PVCs will be switched to PXM. PXM1-2T3E3 on MGX and PA-A3-E3 on 7507 connect as UNI/NNI ATM trunk.
ATM PVCs from branches to HO are to be used for data, voice and video. So a sub interface like atm2/0/0.1. atm2/0/0.2 would be created on router ATM-E3 interface for each corresponding physical circuit. So there would be an IP based PVC from sub-interface of 7507 to ATM interface of branch router like Cisco 3725.
Having MGX installed at Enterprise site has the following ADVANTAGES
1)Cisco MGX 8200 offer the world's most cost effective service provider platforms for edge concentration of ATM, Frame Relay, IP, circuit emulation and voice services.
RPM has all the features of MPLS/VPN, VOIP,VoATM, VoFR which 7507 cannot provide
2)The Enterprise would have her own ATM/FR cloud in one BOX and doesn't have to rely on ETISALAT for configuration or adding new services for branches like MPLS/VPN cloud
Q) Can a single MGX act as MPLS/VPN cloud for all branch VPNs ? I mean the MPLS VPN cloud (single MGX ) woking inside the box and enabling Site to Site VPN ?
If YES, then , later
3) for SITE-TO-HO VPN, IP VPNs can be deployed using RPM of MGX
(Can 7507 be incorporated in site-to-HO scenario ? )
4) for SITE-TO-SITE VPNs, branch PVCs would be switched from AUSM/FRSM to PXM and to RPM (taking off L3 of 7507 relieving E3 or STM-1 ports on both devices, is it viable ?).
5) RPM will enable VPN over MPLS cloud in a box This solution reduces N square complexity unlike IP VPNs for branches.
6) Site to Site VPN over MPLS with all the physical ports for ATM/FR PVCs is the edge with MGX provides over 7507. In MPLS/VPN scenarios, all data ATM PVCs have to terminate on RPM because 7507 doesn't provide all the functionality conveniently and I don't want to upgrade the IOS which has ATM PA and MPLS and VPN support, in-fact it is not avaialbe !!!. MGX is the specialized box for that.
Then traffic will go from RPM GigE port to 7507 GigE port
So buy GigE PA for 7507 instead of ATM PAs and let the RPM do all L3 ?
Q) What I understand from MPLS/VPN cloud is that whenever there would be addition of a new branch with a new VPN to HO, there would be no need to create VPNs to all other branches, MGX MPLS/VPN cloud sitting there would enable seamless communication to all the VPNs of all the branches and HO
kindly correct me if I am not right ?
(If all the branches want to communicate only with HO, then this is much simpler scenario and then there would be no need of MPLS and RPM can remain out of scene)
Q) I have seen MPLS defects in RPM based 7200 router on this link when acting as LSC
The link also shows the Affected IOSes. This shows that there are issues with MPLS implemenation. Does that mean that MPLS/VPN option is less viable ?
I think Cisco has other IOSes with the solution.
Q) In Phase III, voice over these MPLS/VPN circuits has to be enabled and CCM might be installed in Server Module, all remote routers have SRST enabled, so there would be one centralized Call Manager.
Can the client be convinced that if they install MGX that would help
for phycial ATM/FR ccts termination in Phase 1
for MPLS/VPN in Phase 2
for IP Telephony in Phase 3 ?would MGX be of any benefit in Phase 3 ?
kindly let me have your valuable opinion
Systems Network Engineer
Dubai Internet City