My company have subscribe a VPN MPLS to interconnect two sites. The ISP I have choose install one router on each side and set QoS on this link (70% VoIP, 20% Data and 10% access). On each side I have a DSL link for classic Internet access. I'm a newbie in VPN so I have some questions to integrate this link in my network.
1. I suppose this link is like an L2 and transport VLAN on each side ?
2. Is this possible/a good practice to centralize service like DHCP/DNS/AD on the central site ? I use Microsoft DHCP.
3. What is the settings I need to use for the VoIP part ?
VPN MPLS can be implement on either Layer 2 and Layer 3. If Serial link or phone link is used then Layer 3 VPN MPLS is implemented or if Ethernet cable used then Layer 2.
In case of VPN MPLS your end routers at both sites which connect to ISP routers are knows as Customer Edge (CE) routers and ISP routers are known as Provider Edge (PE) routers.
For your network, PE routers will be invisible and direct relationship will be formed between your both CE routers. PE's will simply encapsulate your packet in MPLS packet and forward to other end's PE which will de-encapsulate MPLS packet and send to your CE router at that site.
In case of AD / DNS and DHCP its better you have servers at each site and syncronize those servers with each other over your VPN link, because it will not only require more bandwidth requirement also delay will be increased as compared to local network.
In case of VoIP firstly you need to enable CDP (if disabled) to discover phone on switch to which IP phone will be attached, also you need to configure Voice VLAN and QoS with trust boundries as per your requirement.
Campus Design Wise, All applications are now centralized and ofcource AD, DHCP and DNS could fall in this category.
Voip you need to get the marking information from the service provider and inform then the QoS marking which you have ddone for VoiP. Normally ISP classify using their rules, hence they will prefer you to mark traffic in accordance with their policy.
Enabling CDP and trust boundary should be there and on top of that at WAN edge, ensure to have proper classification and marking in line with ISP..
In my head (like your post sakun) and if I'm right :
The first CE is my first office router
The first PE is the ISP router on my first office using an SDSL line
The second PE is the ISP router on my second office using an SDSL line
The second CE is my second office router
I have trying to implement with GNS the configuration explained in the document below. But this configuration use BGP to distribute network topology on all routers. In my case it seem my network configuration is transparent for my ISP so I think this configuration is not suitable for me.
Do you kwow where I can find a configuration that matches my case without an EGP/IGP or just with an IGP like RIPv2 or OSPF ? Or just the name I must use to search...
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...