01-23-2006 09:16 AM
Folks,
I have 6500's at the core and want to use the 3750 at the PE. My question is the following:
1) 3750 would do Q-IN-Q.
2) Once the packet reaches the 6500(sup 720) running MPLS. What happens to the frame. Do i use xconnect to transfer the frame to the appropriate PE?
Just confussed about how does the PE use the Q-IN-Q information to direct it to the appropriate PE?
Sample config would be highly appreciated.
Thanks
01-23-2006 03:45 PM
Hi,
On your core box, you can use 802.1Q-in-Q VLAN Tag Termination to specify which interface to associated each inner tag with. For example,
interface GigabitEthernet1/0/0.1
encapsulation dot1q 100 second-dot1q 100
!
interface GigabitEthernet1/0/0.2
encapsulation dot1q 100 second-dot1q 200
!
interface GigabitEthernet1/0/0.1
encapsulation dot1q 100 second-dot1q 300
The effect of this will be:
- Frames received with an outer tag of 100 and an inner tag of 100 will be associated with GigabitEthernet1/0/0.1
- Frames received with an outer tag of 100 and an inner tag of 200 will be associated with GigabitEthernet1/0/0.1
- Frames received with an outer tag of 100 and an inner tag of 300 will be associated with GigabitEthernet1/0/0.1
In the egress direction, the frame will be appropriately double-tagged depending on which interface it is being routed over...
Hope that helps.
Pls remember to rate posts.
Regards,
Paresh.
01-25-2006 04:29 AM
Paresh,
Is it possible that we can talk about the configuration offline, i had a couple of questions, i would appreciate if you could help me please.
My e-mail address is karanprakash2004@yahoo.com
Thanks,
Parwal
01-26-2006 01:57 AM
Hi Parwal,
We can certainly talk offline but I would prefer to use this forum. This way, other people can also help you and the conversation will be there for the use of other people as well...
In any case, you can get my email from my profile...
Regards,
Paresh
01-26-2006 10:28 AM
thanks for the reponse, i would use the forum then.
First of all than you very much for the wonderful response, i would keep rating your posts as you respond wonderfully.
So my case is as follows, i have 2 6500 series switches connected via sonet. They are running Sup 720 3XLBs and run MPLS. 6500s is the core of my network. We are doing enterprise MPLS.
I wated to use metro ethernet switches at remote locations where Layer 2 VPN services is desired and we have multiple customers at. So lets say in Baltimore i have 2 customers in the same building who want to use our services and want to reach their other offices located at other POPS.
for some reason the configs make more sense of me, rather then only explaination, so i would appreciate if you could use sample commands to explain your recommendations.
If i use the config you sent me on the 3750 metro ethernet switches. lets say customer A is vlan 10 and customer B is vlan 20, and i use Q-IN-Q tag of 100. Then i can create subinterfaces at my gigabit ports on catalyst 6500 which would be terminating the 3750 metro connection.
What do i have to do next to make the inter office connectivity to work? should i use Xconnect under ever subinterface and connect it to the PE on the other side where the POP is for the customer?
What would be my configuration at the PEs? as far as metro ethernet goes? i do not need MPLS configs as i have that working already.
Any help would be highly appreciated.
Thanks
01-27-2006 07:09 AM
Your requirment can be served using EoMPLS feature of 65xx series switches as you want to use ur underlying mpls network between two POP. if it was plain L2 network u cud have used l2 tunneling on the switches to serve ur requirment.
EoMPLS
Pre-requsites :
1) core facing cards should support EoMPLS
2) 3750 Metro Switch needs a EMI image
3) SP vlan has to be unique accross customers terminating on the same POP
You gotta do ERS or EWS for P2P L2 vpn .
If you want to be transperent to customer BPDU u can use EWS.
For any to any l2 vpn you can use VPLS
But looking at ur query seems that ERS should be sufficient for u
In your network considering 65xx as NPE and 3750 as U-PE your typical config would be as below. You would be using targeted ldp here with xconnect command
for ERS
END-A
NPE
===
interface GigabitEthernet1/22
description ## customer facing port ##
mtu 9216
no ip address
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 3040,3601-3604,3701
switchport mode trunk
!
interface Vlan3601
description ## Customer A SP vlan ##
mtu 9216
no ip address
xconnect
U-PE
====
** Here in the below config it is assumed that customer has multiple p2p ERS ckts and hence the port is trunk port **
interface GigabitEthernet1/0/11
description ## Customer facing port ##
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 3601-3604
switchport mode trunk
switchport nonegotiate
switchport port-security
switchport port-security maximum 5
switchport port-security violation restrict
load-interval 30
storm-control broadcast level 1.00
mac access-group Invalid-Frames in
no cdp enable
spanning-tree portfast trunk
spanning-tree bpdufilter enable
!
mac access-list extended Invalid-Frames
deny any 0180.c200.0000 0000.0000.000f <- BPDU MAC address
deny any host 0180.c200.0010 <- BPDU MAC address
deny any host 0100.0c00.0000 <- ISL traffic
deny any host 0100.0ccc.cccc <- Physical link protocol
deny any host 0100.0ccc.cccd <- Logical link protocols
deny any host 0100.0ccd.cdce <- End-to-End protocols
deny any host 0100.0ccd.cdd0 <- L2 PDU tunnelling
On the Remote PE ( END-B ) , same config applies except the PE IP in xconnect which gets changed to A-end PE IP. VC ID has to match on both end for each ERS p2p ckt.
You can use Switch or Router as CPE
Hope this helps
Raj
01-27-2006 01:08 PM
Folks,
Can someone please give me a real benefit of the metro ethernet switches from cisco (3750M). From what i seeing that EWS, ERS and other flovors of metro ethernet switching can be done using a regular 3550 switch. Why would anyone need a 3750 series switch for Q-IN-Q, can someone give me a real example so that i could justfy to buy a 3750 switch and not a 3550 switch.
Thanks
01-27-2006 02:20 PM
Hi Parwal,
I'll get back to you shortly on your other question... Need to do a bit of thinking about it :-)
As for this current query, if all you want out of the switch is Q-in-Q functionality then yes, the 3550 will do the job. However, note that the 3750 has some great Qos features such as the Hierarchical QoS Framework which I suspect you will need at some point, since you are likely to be supporting multiple customers on the same interface..
Hope that helps,
Paresh
01-28-2006 08:57 AM
Well.. its about product features .. you gotta compare products with your requirments at various layer of your network and to come out with justification of your requirments . Any ways below is snippet for you to have some justification between two products
===============================================
What is the difference between the Cisco Catalyst 3750 Metro Series and the Cisco Catalyst 3750 Series?
The Cisco Catalyst 3750 Metro Series is built for Metro Ethernet access in a customer location, enabling the delivery of more differentiated Metro Ethernet services. These switches feature bidirectional hierarchical QoS and Traffic Shaping; intelligent 802.1Q tunneling with class-of-service (CoS) mutation; VLAN translation; MPLS, EoMPLS, and Hierarchical Virtual Private LAN Service (H-VPLS) support; and redundant AC or DC power. They are ideal for service providers seeking to deliver profitable business services, such as Layer 2, Layer 3, and MPLS VPNs, in a variety of bandwidths and with different SLAs. With flexible software options, the Cisco Catalyst 3750 Metro Series offers a cost-effective path for meeting current and future service requirements from service providers.
The standard Cisco Catalyst 3750 Series is an innovative product line for midsize organizations and enterprise branch offices. Featuring Cisco Systems® StackWise technology, Cisco Catalyst 3750 Series products improve LAN operating efficiency by combining industry-leading ease of use and high resiliency for stackable switches.
What is the Metro Ethernet positioning of the Cisco Catalyst 3750 Metro Series, the Cisco Catalyst 3550 Series, and the Cisco Catalyst 2950 Series?
Cisco Catalyst 3750 Metro Series Switches
=========================================
Cisco Catalyst 3750 Metro Series switches are a new line of premier, customer-located switches that bring greater intelligence for Metro Ethernet access, enabling the delivery of more differentiated Metro Ethernet services. These fixed configuration switches feature bidirectional hierarchical QoS and Traffic Shaping; intelligent 802.1Q tunneling; VLAN translation; MPLS, EoMPLS, and H-VPLS support; and redundant AC or DC power. They are ideal for service providers seeking to deliver profitable business services, such as Layer 2, Layer 3, and MPLS VPNs, in a variety of bandwidths and with different SLAs. With flexible software options, the Cisco Catalyst 3750 Metro Series offers a cost-effective path for meeting current and future service requirements from service providers.
Cisco Catalyst 3550 Series Switches
==================================
With a range of Fast Ethernet, Gigabit Ethernet, DC power, and fiber configurations, the Cisco Catalyst 3550 Series is an intelligent metro access switch for service providers serving the enterprise and small and medium-sized business markets. Featuring 802.1Q tunneling, high-performance IP routing, and subsecond Spanning Tree Protocol convergence, this line of powerful, cost-effective, fixed-configuration switches enables Metro Ethernet services such as Transparent LAN services and business-class Internet access.
Cisco Catalyst 2950 Series Switches
===================================
Ideal for Metro Ethernet access in residential markets, the Cisco Catalyst 2950 Series is an affordable line of fixed-configuration Fast Ethernet and Gigabit Ethernet switches. Featuring advanced rate limiting, voice VLAN support, and multicast management, these switches enable residential Metro Ethernet services such as Internet access, voice over IP (VoIP), and broadcast video.
Hope it helps
Ps rate this post if it helps u ..
Thanks and Regards
Raj
01-29-2006 04:26 PM
Hi Parwal,
Not sure I can add much to the great post from Raj.
Feel free to post any other queries you have, though...
Paresh
02-06-2006 09:52 AM
Folks,
Can i span the same subnet at the 2 core switches in my senario?
If i have 2 core 6500 PEs. and i want to use metro ethernet to pass traffic between them. I have 2 3740 switches connected to these 6500 in trunk mode. can i use the same subent for the vlan in both switches?
lets say that i have vlan 300 defined on both switches that belongs to customerA connected to 2 3750 switches. cani give 10.10.10.1 and 10.10.10.2 to vlan 300 on core switchA and core switchB?
I tried it and it does not work, but when i choose a different subnet for vlan 300 at each switch it works??
Thanks
02-06-2006 04:00 PM
Hi Parwal,
You cannot have two routed interfaces with addresses from the same subnet. That is what you are trying to do when you configure your VLAN interfaces and that is why it does not work.
Hope that helps - pls rate the post if it does.
Paresh
02-06-2006 08:23 PM
Paresh,
I am confussed again, so what is the advantage of enterprise MPLS if you can have a vlan with the same subnet accross the core.
So if i have 2 core PE switches (6500 3xlbS), and i have vlan 300 defined on both under customerA, i can not have them in the same subnet????
CoreA
Interface Vlan 300
ip vrf forwarding customerA
ip address 10.10.10.1 255.255.255.0
CoreB
Interface vlan 300
ip vrf forwarding customerB
ip address 10.10.10.2 255.255.255.0
this will not work?
Thanks
02-06-2006 10:38 PM
Hi,
config shown above seems to be okay, as far as your l3 vpn is concerned.
What i understand is you are going to connect your customer on 3750 where you will be configuring the port facing customer as access vlan port for vlan 300, the trunk port connecting your 6500 should be trunking vlan 300 and vlan 300 should be active in STP if any.
On both 6500 you have created vlan 300 , but i can see from your vrf defination that you are going to treat each vlan 300 on each switch as a different vpn ( i assume that rt and rd configs for each vrf is unique ) . the vlan 300 would be acting as your layer 3 gateway for customer connected on 3750 l2 ports.
Customers in vlan 300 can use IPs in the same subnets and communicate in the same vpn ( i.e vrf ) . They would not be able communicate accross the vrf though the vlan id is same on both the switches because they are now Layer 3 SVI within a VPN using vrf.
Hope this helps
Please rate the post if it helps u out.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide