I posted this in the ME section, but thought I would get some views here.
Can someone please help and give suggestions and possible configuration options for setting up metro ethernet in the following senario:
Will be setting up ME between headquarters and three remote branch offices. Each remote branch will be provisioned to 10MB, and the headquarters will have one link for the aggregate provisioned to 30MB.
My questions, we will have routers at the remotes, but how will this terminate at the headquarters? Do we connect the one ME aggregate connection to a router, or to a L3 switch? And how do you configure the headquarters devices to separate the traffic? Do you use sub interfaces like in frame relay? Please provide a sample config if possible.
only if you need esparation of routing at remote sites, else HQ is enough.
Another solution would be to use PVLANs at HQ. So for ADMIN Vlans for exmaple, you would trunk same VLAN from HQ, and configure SVI. With PVLANs, no remote site can communicate with another at L2, all communication has to be at layer via SVI at HQ which gives you more control by using ACL. the config u need for this set up is one primary Vlan at HQ and secondary VLAN at remote sites.
I actually think, the latter is a simpler solution if separation is only required between sites and not at same site.
private-vlan association 100
description MGMT ### VoIP ###
ip address 10.157.2.1 255.255.254.0
private-vlan mapping 100
In this examaple, users on one site can talk to HQ, but not each other. PVLAN block communication at Layer 2 only, so u still need L3 ACLs at ur SVI on HQ to control.
Suggestions would depend on how your devices will "see" the Ethernet toplogy that connects all your sites. Assuming all four sites will see a "typical" Ethernet multipoint shared segment (E-LAN/VPLS), you may want to know what, if any, QoS support the MetroE vendor provides and/or have something "smarter" than a basic/LAN L2 or L3 switch connecting to MetroE connection. At 10 to 30 Mbps, ISR routers might be a suitable MetroE connected device, for higher speeds, you might want to consider a MetroE switch.
Since the hand-off is Ethernet, and if routing is only via the hub, I'm guessing there might be a VLAN trunk on the hub link with a VLAN per remote site. Whoever the MetroE vendor is, should be able to inform you further.
So if I have a "hub-and-spoke" ME setup and routers (not switches) at the hub and spoke locations will I have subinterfaces on the hub router with dot1q for each coresponding vlan and at the remotes the same type of setup?
Normally, yes using dot1q subinterfaces on a router's routed interface is how they support VLAN trunks. (BTW, recall some of the older routers didn't support dot1q, and even for newer routers, you might need a non-base feature IOS image.)
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...