09-03-2010 12:16 PM - edited 03-04-2019 09:39 AM
I have 2 sites connected by BGP. I need to create a VLAN in site 2 and add one user to VLAN IN SITE 1.
what s best way to create this change? I am thinking about using BVI connection on both sites. Please let me know about any ideas that can be used to make this request work.
BGP
SITE 1 ---------------------------- SITE 2
|
|
User VLAN XYZ |
VLAN XYZ
on site 2 I am using switch 6500 and on other site I am using router.
I need to limit users in this vlan to access only one application in the network and nothing else. Is IP network will work , if we need to advertise it to other site ?
What is best solution? Is there any documentation related to this change?
Solved! Go to Solution.
09-04-2010 04:08 AM
Hello Smailbouabdallah,
given the device type mismatch you may find difficult to carry L2 frames over an IP network:
the router may support L2TPv3 but it is likely unable to support EoMPLS (unless it is a C7200 or better)
C6500 may be able to perform EoMPLS but it may not able to support L2TPv3.
If a direct link is between the two you can extend the Vlan by simply allowing it over the link moving it from a routed link to a L2 802.1Q trunk that carries the extended Vlan X a Vlan used for Layer3 services but on remote site you should terminate the link on a L2 switch and not on the router.
I would suggest you to consider a routed approach: if you need separation from other IP subnets you can use VRF lite to create a parallel distinct topology.
In this case Vlan X will be associated to VRF and Vlan Y will be used for the normal global routing table.
The advantage of the routed approach with VRF lite is that the link in VRF could be managed with a GRE tunnel if necessary over the routed point to point link or over an IP cloud.
Note: GRE tunnel can be used with C6500 and routers not recommended for C4500 or lower multilayer switches (there it is process switched and it can even not work well)
for VRF lite see
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/20ew/configuration/guide/vrf.html
for L2TPv3 see
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html
for EoMPLS see
Hope to help
Giuseppe
09-04-2010 04:08 AM
Hello Smailbouabdallah,
given the device type mismatch you may find difficult to carry L2 frames over an IP network:
the router may support L2TPv3 but it is likely unable to support EoMPLS (unless it is a C7200 or better)
C6500 may be able to perform EoMPLS but it may not able to support L2TPv3.
If a direct link is between the two you can extend the Vlan by simply allowing it over the link moving it from a routed link to a L2 802.1Q trunk that carries the extended Vlan X a Vlan used for Layer3 services but on remote site you should terminate the link on a L2 switch and not on the router.
I would suggest you to consider a routed approach: if you need separation from other IP subnets you can use VRF lite to create a parallel distinct topology.
In this case Vlan X will be associated to VRF and Vlan Y will be used for the normal global routing table.
The advantage of the routed approach with VRF lite is that the link in VRF could be managed with a GRE tunnel if necessary over the routed point to point link or over an IP cloud.
Note: GRE tunnel can be used with C6500 and routers not recommended for C4500 or lower multilayer switches (there it is process switched and it can even not work well)
for VRF lite see
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/20ew/configuration/guide/vrf.html
for L2TPv3 see
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html
for EoMPLS see
Hope to help
Giuseppe
09-04-2010 05:04 AM
I donot about your core clous, the best way is to use L2TPv3. Please see the given
http://www.mplsvpn.info/2009/02/l2vpn-over-ipmpls.html
regards
Shivlu Jain
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide