cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1210
Views
5
Helpful
8
Replies
Highlighted
Beginner

Improving configuration of EVC (service instances, dot1q, & bridge domains)

Hi everybody,

Let me first tell more about our network:

I've got hundreds of subscribers connected to my catalyst me3800 (their last resort / gateway) through a layer 2 cloud (no idea what technology they use, l2vpn, mpls, metro, etc..)

I usually get an "access id" from the layer 2 party which needs to be configured in my catalyst. Here is a part of the config:

!!! vlans 300X are what the layer 2 party calls "access id"

!!! vlans 40X are the subscribers data vlans

!!! vlan 44 is the CPE's management vlan

 

interface GigabitEthernet0/0/9

description 3rd_PARTY_LAYER2

no ip address

service instance 401 ethernet

  description Subs1

  encapsulation dot1q 3001 second-dot1q 401

  rewrite ingress tag pop 2 symmetric

  bridge-domain 401

!

service instance 402 ethernet

  description Subs2

  encapsulation dot1q 3002 second-dot1q 402

  rewrite ingress tag pop 2 symmetric

  bridge-domain 402

!

service instance 403 ethernet

  description Subs3

  encapsulation dot1q 3003 second-dot1q 403

  rewrite ingress tag pop 2 symmetric

  bridge-domain 403

!

service instance 3001 ethernet

  description MGMT_Subs1

  encapsulation dot1q 3001 second-dot1q 44

  rewrite ingress tag pop 2 symmetric

  bridge-domain 44

!

service instance 3002 ethernet

  description MGMT_Subs2

  encapsulation dot1q 3002 second-dot1q 44

  rewrite ingress tag pop 2 symmetric

  bridge-domain 44

!

service instance 3003 ethernet

  description MGMT_Subs3

  encapsulation dot1q 3003 second-dot1q 44

  rewrite ingress tag pop 2 symmetric

  bridge-domain 44

!

ME3800X# show mac address-table | include Gi0/0/9

 

   44    0076.86b7.c63d  DYNAMIC  Gi0/0/9.Efp3001

   44    08cc.6848.519a  DYNAMIC  Gi0/0/9.Efp3002

   44    189c.5df4.73ae  DYNAMIC  Gi0/0/9.Efp3003

 

   401   404a.036d.568c  DYNAMIC  Gi0/0/9.Efp401

   402   0007.3bbe.1e60  DYNAMIC  Gi0/0/9.Efp402

   403   64c3.549c.b083  DYNAMIC  Gi0/0/9.Efp403

 

I'm looking for a smarter config idea that would eliminate these issues:

1- configuring service instances twice. 1 for mgmt and another for data.

2- configuring additional data vlan for the same subscriber (what should i call the service instance ?!)
c1.JPG
 

thanks !

Odys

8 REPLIES 8
Highlighted
Beginner


Hi Odus 

 

for the management you can use one service instance 

service instance 44 ethernet
encapsulation dot1q any second-dot1q 44

rewrite ingress tag pop 2 symmetric

bridge-domain 44

 

 

Regards

 

Ilir

 

Highlighted

Hi ilir,

I tried that before. It caused performance issues and a lot of "hiccups" at management level.

We have every month a couple of new subscribers. Once the new switch is installed, I'd -for example- ssh it and the snmp manager would try to poll it.

These are all "egress" traffic from the 3800 perspective (requests --> through the access switch 3800 --> the subscriber's switch)

If the mac table hasn't learned any address yet, the 3800 will flood the request to hundred of subscribers !

 

I hope you've got my point.

 

Highlighted

HI Odys 

why you use different vlan300X for every customer ? --You may have one or two S-Vlan where to group all the customers 

At the customer side you can use Vlan1 for Data-Internet and the vlan 44 for management .

 

this topology is more scalable .

 

You will have only two service instances in ME3800 :

for management -- encapsulation dot1q 3001 second dot1q 44

For Data --encap dot1q 3001 

 

Ilir

 

 

Highlighted

Hi Ilir,

I appreciate your attention for my question :)

 

Why do i use different data vlans for every customer ? because each customer has its own public subnet (a specific subnet-8 or 16 per customer)

 

interface vlan 401

  description customer1_outerTAG3001

  ip address hh.mm.rr.8 255.255.255.248

interface vlan 402

  description customer2_outerTAG3002

  ip address hh.mm.rr.16 255.255.255.248

and so on...

 

So, the customers don't share the same net-id.

 

If yet it can better in your opinion, then please let me know.

 

Highlighted

You can use CPE routers ,Mikrotik or Cisco at every customer .The CPE router can  be managed from you for QOS .

For routing you can use static routes or OSPF .This is stable topology . the Vlan 44 is not necessary mbecause you can use ACL for management filters at your ME3800 

Or use the customer switches as router .The uplink interface can be L3 ,not trunk ,

 

 

Regards 

Ilir

Highlighted

Hi Ilir,

Changing from bridging to routing at customer side, is a huge step we aren't ready for.

I thought there were more efficient EVC configuration than what i mentioned above.

 

 

Have a good day..

Henry

Highlighted

Hi Henry 

there is one another option:

Use only one S-Vlan   ,for example   vlan 3002 .

Use different vlans for every customer ,for example vlan 401 ,402 ,403 etc 

vlan 44 for management .

 

Speak with Provider to remove the S-vlan tag at your connection 

In your Me 3800 you will have different service instances for DATA  (401 ,402 ,403 )

and only one service instance 44 for ,managememt .

 

This can be good solution for you 

 

Ilir

 

Highlighted

Good day Ilir,

As far as i know, the isp has to tag/label every certain evc. Otherwise how would the isp identify the different re-sellers ?