cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
743
Views
0
Helpful
5
Replies

Recommend a router: up to 2Gbit/s with L2 over IP Tunnel (with or without IPsec)

Anton Pestov
Level 1
Level 1

Task: to organize the encoded transmission channel of L2 over IP for the speed 2Gbit/s via two parallel channels on 1Gbit/s each (with BGP support). Without use equipment of level of ISP, only Branch Routers with or without ASA.

5 Replies 5

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Anton,

this looks like to be an impossible task:

first of all, the L2TPv3 tunnel is a single IP flow and would not use both 1Gbps parallel links, but only one per direction (load balancing per packet is out of discussion it is not feasible).

You might use multiple L2TPv3 tunnels using multiple loopback interfaces and then you need to associate different Vlan based subinterfaces to different L2TPv3 tunnels so you would need 4 ports in the device ( two WAN facing GE ports and two ports facing the internal Vlan based network). But 4 GE ports on branch routers are not available.

In second place no branch router is capable of 2 Gbps of throughput per direction with or without IPSec.

You would need ASR 1000 routers to achieve this kind of speed.

Hope to help

Giuseppe

Looks like an ASR 1K with RP2 and ESP20 is your nearest bet.

Take note of the different licenses features you'll need to run what you require.  The hardware alone is cheap.  It's the license feature that's going to kill you.

From White Paper: In the Firewall (wihout) mode of speed more than 2 Gbit/s are supported by 3900 series.

I after all can use for encoding of Cisco ASA 5585-X with SSP-20 and for the L2 over IP organization - 3945E (with the additional set HWIC cards), both with Etherchannel use?

Hello Anton,

even with an etherchannel bundle a single IP flow (the L2TPv3 tunnel) would use a single member link per direction

Hope to help

Giuseppe

there was directly the second question:

Ok, when I use ASR1002 from both sides of providers with links:

Ouside (to ISP) - two links connected to 2 parallel 1Gb/s ISP

Inside (to LAN) - 1 etherchannel 2Gb/s link

how to realize balancing of a network load of L2TPv3 (or may be VPLS) directly on 2 ISP between ASR?

Review Cisco Networking for a $25 gift card