cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
935
Views
13
Helpful
14
Replies

Need MPLS Guru for advice?

NAVIN PARWAL
Level 2
Level 2

Folks,

Here is my senario. We have 12 6500 series swicthes right now located at different locations in the city, they are connected to each other through SONET ring (ONS 15454). We find the design inefficient as the STS are consumed and used bandwith can not be used for other purposes.

So we want to go the MPLS route. We have SUP 720 in all the 6500 series switches.

6500 is the core at each location with a bunch of 3550 hanging of it to form the edge layer.

If I make the 6500 as the CE and run MPLS at the core ( all 6500's). How will i integrage the 3550's as CEs. I mean 3550's are doing trunking right now to the core (6500). I can move the intervlan routing to the 3550 (EMI), but i still have multiple Vlans travesing the 3550's as in some cases i have other switches hanging off the 3550 series switches as well.

SO

6500(core)-----3500(distributing)---2900(edge).

What changes do i need to make to move towards an MPLS design?

I will make sure that i rate this post.

Thanks

14 Replies 14

yuhchen
Cisco Employee
Cisco Employee

We don't fully understand what are you trying to achieve. Can you please elaborate?

1. What kind of MPLS services are you looking for? basic MPLS, L2VPN, L3VPN, or other services?

2. What goal do you want to achieve by using MPLS design?

Thanks,

Cary

Cary,

Thanks for the response. Here is the issue. It is design related. We are doing basic MPLS (Layer 3) right now, may be down the line when we have adequate hardware we will go for L2VPN.

Twelve 6500's connected with each other in a ring topology through ONS 15454 (SONET RING). We feel that the design is very inefficent as we have to reserve STS for each Vlan and also we are running out of STS's now, the connection is OC-48.

We want to move towards MPLS as some of our affilicates also want to use the our WAN bandwith 0C-48.

So we plan to make all the 6500's (1 at each location) as PE's. They all will be connected Via SONET ring through ONS 15545.

My question is that is it a good design? connecting 6500's (PE) through an ONS and not using a SONET card in them?

Also, each location has 3550's (EMI) switches and 2900 switches. 3550's hangoff the 6500 and the 2900's switches hang off 3500 switches. so the toplogy looks like this at every location.

6500(Core)------(3550)------(2900)-----PC

My question is that if i make 3550 a CE when i move towards MPLS, will trunking be permissable? as these switches have 2900's hangling of them??

any recommendations would be highly appreciated!

You said you have to reserve STS for each VLAN, looks like your current network is a layer 2 switched network, VLAN crosses 2900, then 3500, then 6500, and over the SONET ring to reach remote site, is this correct?

From your discription, looks like you try to change the 6500 ring network (I assume it is a GE ring) from layer 2 to layer 3, so all VLANs can share one big SONET channel, and avoid to reserve STS for each VLAN, is that right?

Based on my understanding above, if you are preparing for MPLS L2VPN deployment, it makes sense. Otherwise, I don't see much gain of using basic MPLS forwarding. pure IPv4 routing should achieve your goal of changing the L2 network to L3 network.

Regarding the trunking question, you are going to use basic MPLS forwarding only, no matter you configure 3550 and 2900 as layer 2 or layer 3 device, there is no problem to use VLAN trunk between 6500 and 3550.

If my understanding is not correct, please correct me. If you have further questions, please feel free to ask.

Thanks,

Cary

You are right that have Vlans spanning 2900s, 2500s, 6500's and then accross to the other side. It is indeed a layer 2 network and we are waiting STS bandwidth as we have reserved each STS per Vlan.

We want to save bandwidth and use it optimally. Also, some of out affiliates want to use the optical ring as well, that is why from security point of view we are thinking of going towards MPLS. We would only provide L3VPN services as we do not have hardware module for CAT 6500 that supports L2VPN yet.

So all the 6500s in our network will now become the core of a Service provicer runing MPBGP over IS-IS.

We will combine on STSs together into 1 big Pipe so that this MPLS traffic can use all the Pipe (OC-48).

Layer 3 switches at every site (3550 EMI) will be CE, peering to the 6500's. Do 3550 support VRF Lite?

So the plan is that these 3550's will be trunked to 2900's at the edge and will be Layer 3 enables and will pear witn PE which is 6500 Sup 720's.

Also, our afficliates would also be using our network using a VRF only per affilicate.

Am i making sense? is this the right way to do it?

so the object is optimal use of bandwidth and also security as others will be using out Optical sonet ring.

Thanks

Here is the topology.

The boxes that you see are ONS's connected Via an OC-48 sonet ring.

Now I understand what you are really looking for, and it makes much more sense.

Based on your information, changing the core (Cat6500 GE ring via SONET) from layer 2 to layer 3 will definitely optimize the bandwidth utilization in the SONET ring. Separate the afficliates and other users by using MPLS L3VPN is also a very popular design.

Yes, Catalyst 3550 supports VRF lite. you can configure VLAN trunking between 6500 PE and 3550 CE, and also configure VLAN trunking between 3550 CE and 2900 customer router. VRF lite configuration in 3550 would allow you to separate the VLANs behind 3550 and 2900 into different VPN.

I hope this help.

Thanks,

Cary

HI Carry...

Just scrolling down u guys' conversation. Would be highly obliged if ur refer me to some hyperlink on the same....

THNX

RAJ

RAJ,

Sorry, what hyperlink are you looking for? If you are looking for 3550 VRF lite configuration information, here you are:

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12120ea2/3550scg/3550scg.pdf

Thanks,

Cary

Cary,

Why would be trunking between the PE and the CE? I though the link between the CE and a PE is a routed port??

Also, can we run EIGRP between the CE and PE, as we have EIGRP in our oganization, ofcourse the core (6500s) will be running link state (ospf or isis).

any recommendations?

Thanks

Thanks

Yes, you are right, the PE-CE link should be configured as layer 3. Typical VRF-lite design uses VLAN sub-interfaces in the CE-PE link, so each VRF can use one sub-interface (in 3550 case, each vrf uses one vlan interface). So the CE-PE link is really a layer 3 routed trunk port, the VLAN trunk between 3550-2900 is terminated in 3550, 3550 does the VRF routing.

EIGRP is not supported in 3550 VRF-lite feature, so if you configure VRF-lite in 3550, EIGRP between CE and PE is not supported.

A good reference book of VRF-lite feature is Cisco press "MPLS and VPN Architectures volume II", the authors are Jim Guichard and Ivan Pepelnjak.

Thanks,

Cary

Cary,

I am going to buy that book, If EIGRP is not supported in VRF lite, can i still use it by my internal network routing, may be i can redistribute EIGRP to BGP and them peer with PE.

We do have a lot of Video and Voice in our network and are thinking of enabling multicasting in our core MPLS network?

Would you recommend any literature on how to do that?

any good books?

Thanks

Because when vrf-lite is configured in 3550, the 3550 interfaces connecting to 2900 will be configured as VRF interfaces, so EIGRP cannot be used in these vrf interfaces. you can only run EIGRP in the customer networks on and behind 2900, you need to run RIPv2, bgp, or ospf between 2900 and 3550.

Regarding multicast books, this one is pretty good:

Developing IP Multicast Networks: The Definitive Guide to Designing and Deploying CISCO IP Multi- cast Networks

by Beau Williamson

There is another one:

Interdomain Multicast Solutions Guide

By Brian Adams, Ed Cheng, Tina Fox, Andy Kessler, Mark Manzanares, Bryan Mclaughlin, Jim Rushton, Beverly Tai, Kevin Tran

Thanks,

Cary

Cary,

Can you tell me very briefly what has to be end at the service provider level to enable multicasting. I mean i have configured Mulitcasting in PIM spare and sense mode, but, in an MPLS network (Service provider) what else has to be done in addition to the usualy stuff ( enabling interfaces using PIM spare mode or dense mode commands and depending upto mode chossing RP, etc).

Thanks

As far as I know, forwarding multicast packet with basic MPLS label is not supported yet. So in a MPLS enabled SP core, multicast is still being forwarded exact the same way as in pure IPv4 network. So you don't need to do extra in MPLS core.

There is a pretty new feature, mVPN, which is multicast VPN. It forwards customer multicast traffic between different VRF customer sites. But in the core, multicast is still pure IP forwarding.

Thanks,

Cary

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: