cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1755
Views
0
Helpful
1
Replies

ISP Provides Services through VLANs

Benjamin Waldon
Level 1
Level 1

Hello,

I was hoping to get some feedback on a concern that I have.

We are shopping for Internent & Site to Site services.

I am finding that alot of ISPs want to sell us the two services through a single device. IT's basicly two different ports on their switch. IE, they have the internet connection and the point to point connection VLANed through their switch.

I am a little concerned about that. No matter what they do on our site, they could be mixing our VLAN with someone elses. Plus, I believe there are layer 2 attack that could circumvent the VLAN security.

For example, if they gave to customers the same VLAN ID, it would be transparent to us, but we would actually be able to pick up on eachother packets if we used the wrong IP Addresses.

I am particularly concerned about it because they are mixing (what is supposed to be) a private service and a public service.

So, I have the following questions...

Is this becoming common?

Should I be concerned about it?

What is the rational for it?

Maybe it's no different that other multiplexing technologies?

Any thoughts would be great.

Thanks,

Ben

1 Reply 1

Hi Waldon

In Now days every SP use the ethernet media to deliver the P2P link or internet Link.

Here is the senario that you will get from most of the ISP at your end you will get two ethernet cable that provide P2P & internet service.

CE Router Fa0 --------------------- Fa10 -SP Switch1--VLAN 10  --- S2S Link -------------------PE1-- Layer Three Interface

CE Router Fa1 --------------------- Fa11- SP Switch1- VLAN 20 --- Inernet Link -----------------PE1-- Layer Three Interface

1] Is this becoming common?

-----> Yes , Because it is very easy to deliver the link, Today every SP is using Metro Ethernet setup.

2] What is the rational for it?

----- > Easy to implement & Low cost.

3] Maybe it's no different that other multiplexing technologies?

----> The single switch is connected to PE router ,From were the Internet & P2P link are put into different VRF.So internet traffic & P2P traffic won't mix with each other.

Regards

Chetan kumar

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco