• RELEVANCY SCORE 6.38

    DB:6.38:Qnq Solution For Layer2 Mpls Customers 1d





    Hello Experts,

    Requirement: QnQ Solution for L2 MPLS Customers.

    Kindly advice on the Solution and share your inputs.

    Thanks in advance for the Help.

    Best Regards,

    Guru Prasad R

    DB:6.38:Qnq Solution For Layer2 Mpls Customers 1d


    Please see this following link to help me with EoMPLS vlan transport :

    https://supportforums.cisco.com/message/3054538#3054538

  • RELEVANCY SCORE 2.88

    DB:2.88:2950 - 3524 Passing Qnq Tag ? 8x





    Hello -

    I have device that I pushing QnQ tags on both ends across a 2950 w/a trunk --- to a 3524.

    Is it possible to pass QnQ frames across this trunk or do I need to be running MPLS ?

    Not having any luck.

    DB:2.88:2950 - 3524 Passing Qnq Tag ? 8x


    Yes - trunk between the two and all is well but not passing the QnQ frames.

    yea - that's what I was thinking but wanted to ask.

    thanks !

  • RELEVANCY SCORE 2.81

    DB:2.81:Ip Solution Center 4.1.1 Mpls Vpn Auto-Discovery mc





    In IP solution center 4.1.1, some entities like "provider", "regions", "customers" and "sites" must be created in advance before running auto-discovery (v 4.1.1 no longer uses the file inventory.xml ).

    After discovering all MPLS VPN's ISC provides a message saying that the MPLS VPN are invalid and must be associated with a customer.

    When I try to perform the associaton between the VPN just discovered and the customer, none of the customer that I've created appear as an option. Only "DummyCustomer" appears.

    Does anyone has any idea why the customers created before running the discovery doesn't appear?

    Thanks in advance for your help.

    DB:2.81:Ip Solution Center 4.1.1 Mpls Vpn Auto-Discovery mc


    Hi,

    I'm using version 4.2.1 and facing the same problem as you are. When searching for some help saw your post. If you found the way out tell the procedure,

    Thx,


  • RELEVANCY SCORE 2.81

    DB:2.81:L2 Mpls Tunnel Solution sj



    I want to setup a L2 MPLS Tunnel accross our Layer 3 IP transit core network. Anybody has the useful link or infomation for this.

    DB:2.81:L2 Mpls Tunnel Solution sj


    To implement a PW or L2MPLS Transport you need to implement 3 encapsulations.

    1) PSN Tunnel - This is to get PDU from ingress to egress PE.

    You can use MPLS label, GRE tunnel, L2TP tunnel.

    Cisco implements this in MPLS Label.

    2) Demultiplexer field - This is used to identify individual circuits within a tunnel.

    Could be an MPLS label or GRE key. Cisco uses MPLS Label.

    3) Emulated VC encapsulation - This gives information on enclosed Layer-2 PDU.

    This is implemented as a 32-bit control word.

    Now since you have a IP Core Network. You can proceed as below.

    1) Implement you PSN Tunnel in MPLS Over GRE. We cannot make this pure GRE as the Demux field as a GRE key is not the supported option in Cisco.

    2) Run Directed LDP over this tunnel between the two Edge PE and exchange the Demux Field.

    This Demux Field is nothing but your VC Label which is generated by mapping of VCID and

    Interface.

    3) COntrol Word is negotiated based on the Emulated VC media type.

    So you have two options to go,

    a) Implement MPLS Over GRE with Directed LDP (There isnt a specific document for this)

    b) Implement L2 Pseudowire with L2TPV3.

    (The link for L2TPv3 has is the same given by Martin)

    This is how you can implement L2MPLS over a IP Core. Since pure GRE PSN method isnt implemented in Cisco although it is there in specifed in the RFC.

  • RELEVANCY SCORE 2.61

    DB:2.61:Mpls Image For 3550 Or 1750 f7



    Folks,

    Does anyone know if the 3550 or 1750 support MPLS image.

    Thanks,

  • RELEVANCY SCORE 2.60

    DB:2.60:Mpls Basics - A Few Questions 3s



    Hi All,

    Just had a few questions on MPLS and am hoping that everyone here can provide their thoughts and opinions. Appreciate the help.

    Q1.

    Under what situations would you consider deploying MPLS and what benefits can MPLS provide?

    I have read the books where it says that MPLS can be used for Traffic Engineering because traditional ip routing does not have any scalable mechanisms to use alternate paths (ie: policy routing ...)

    From what I have read and understand this is probably the only reason good enough to deploy MPLS. I do not see how MPLS VPNs are a benefit compared to traditional VPNs and that may be related to my next question.

    Question 2.

    How do MPLS VPNs differentiate from Traditional VPNs and what benefits does it provide?

    Question 3.

    MPLS is considered to be faster than traditional IP because it employs label lookup based on CEF etc. How much of a benefit does it really provide?

    Question 4.

    Is MPLS a viable solution only for Service Providers? Can large corporates use this in any way to benefit them compared to what they have already in place. How much of a difference would it really make as opposed to what they have in place already today.

    Thank you for your help.

    DB:2.60:Mpls Basics - A Few Questions 3s


    1. In my view, most of service provider are doing MPLS because of MPLS VPN, then because of TE and then QoS.

    2. MPLS VPN combines the pros of traditional layer 2 and layer 3 VPNs. E.g. IP address overlap, easy provision, full mesh, no n squared problem etc

    3. Personally, I think MPLS switching is not much faster, because the routers themselves are now very fatst. Those days, the routers were not this fast.

    4. Concepts like VRFs can be employed by enterprises (though, this does not really need MPLS) for segmenting of their department. If it is thought that they need a faster switching method, then MPLS can be employed.

  • RELEVANCY SCORE 2.56

    DB:2.56:Load Sharing + Redundancy, Over 2 Routers j1



    I am installing a new site overseas. I have ordered 2 T1/E1 circuits between us, which will terminate on 2 different routers at each end. Per the carrier the circuits will be layer3 MPLS.(Which i just found out a minute ago) but they can be changed to layer2. Here is my question(s).

    1. Can I home these on 2 separate routers if they are layer3 mpls? The carrier says I can not.

    2. Can I attain load sharing/fail over on these circuits?

    3. I've read about multichassis mlpp - but, that looks like its for voice and dial up...would that work?

    Thanks!

    DB:2.56:Load Sharing + Redundancy, Over 2 Routers j1


    Do you mean carrier is doing 'Any Transport Over MPLS'? Or is it carrier connects each of your locations to their (MPLS) edge routers then performs routing between those locations and your other locations?

    Simplest way to do load sharing using two routers is to setup equal cost routes. This will also automatically provide your with redundancy as long as routes disappear when circuit fails.

  • RELEVANCY SCORE 2.55

    DB:2.55:Router 7600 With Ws-Sup720 Card And Mpls Vpn ! fp



    hi all

    we has 7600 router with WS-SUP-720 card, the technical specification of this card said that it does not support MPLS VPN features.

    so is there any solution to use full MPLS VPN features on this router (MPLS VPN functions for both LAN and WAN port).

    somebody can help to tell me !

    Thank very much

  • RELEVANCY SCORE 2.55

    DB:2.55:Vmware Esxi 5 Mpls Support 31



    I am curious if the virtual switch can provide some MPLS support so that can be offloaded from the VM? Right now the Virtual switch looks like a simple layer2 switch. Is it possible to obtain more capabilities in the enterprise Vsphere?

    DB:2.55:Vmware Esxi 5 Mpls Support 31


    It VMware based, but not rackmount. It just runs as a VM on every ESXi host.

    You'd have to ask cisco for licensing costs.

  • RELEVANCY SCORE 2.52

    DB:2.52:Module Layer2/3 Is Busy. Please Try Later p7



    Hi,

    for a while now our Aruba 6000 controller has been acting up every week or so. the following message appears when trying to modify the configuration :

    Module Layer2/3 is busy. Please try later

    Wireless access and APs work fine but we can't administer the thing. A reboot solves the issue for a week or so...

    We have tried the early adopters versions in hope for a solution but even with the latest 6.3.1.1 no dice.

    anyone can shed a light? thanks

    DB:2.52:Module Layer2/3 Is Busy. Please Try Later p7


    I apologize. It is on the Aruba side under the VLAN interface configuration. Mind you, it is not guaranteed to work, but it will possibly relieve wired broadcasts for those VLANs. Opening up a support case will yield more targeted results like Pmonardo mentioned. EDIT: You should ONLY enable this on the user VLANs and NOT the management VLANS, for now.




    Colin JosephAruba Customer EngineeringLooking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

  • RELEVANCY SCORE 2.50

    DB:2.50:Help With Second-Dot1q Interface On 4948 a8



    Hi All,

    I am replacing a 7204 router with a 4948 and am having trouble trying to replicate the config for the qnq Layer3 interface.

    A bit of background - I am a service provider where  I have an interconnect with the carrier, who pass off WAN links to me as a standard VLAN Ids.  Some of these VLANs however I can do QnQ.

    Currently I terminate all the WAN LInks as Subinterfaces on the 7204 - see below:

    interface FastEthernet0/0.100

    description Customer WAN Link 1 (No QnQ)

    encapsulation dot1Q 100

    ip address x.x.x.x x.x.x.x

    Then on the QnQ services I can terminate this as the following

    interface FastEthernet0/0.10150

    description Customer WAN Link 2 (QnQ)

    encapsulation dot1Q 100 second-dot1q 50

    ip address x.x.x.x x.x.x.x

    This all work fine - but now that I am trying to move these interfaces either to my 6500 or 4900 switch, I can't seem to find the right config so I can create these interfaces.

    I have tried doing:

    interface vlan 100

    description Customer WAN Link 1 (No QnQ)

    ip address x.x.x.x x.x.x.x

    This works fine - but I can get the second-dot1q 50 command working properly

    Is there another way I need to do this?

    Any help would be much appreiciated.

    Thanks

    Andrew

    DB:2.50:Help With Second-Dot1q Interface On 4948 a8


    Where do you see those encapsulation errors ?

    Have you created the vlans in the vlan database ?

  • RELEVANCY SCORE 2.50

    DB:2.50:1800 Series Router - Mpls - Voip mx



    I have a customer who wants to implement a VoIP solution on an MPLS network. Will the 1800 series router work in this environment or would they need a different router? If not what would be the minimum router they would need?

    Thanks for the help.

    DB:2.50:1800 Series Router - Mpls - Voip mx


    Thank you much for the response. I appreciate the link to the product as well.

  • RELEVANCY SCORE 2.49

    DB:2.49:Need Mpls-Te Solution 9j



    I want to implement MPLS _ TE.

    If my A-D link fails (it is primary link) then i want my traffic will follow the given path

    D-B-C-A.

    For this i need MPLs-TE configuration.

    regards

    shivlu

    DB:2.49:Need Mpls-Te Solution 9j


    Hi,

    Your intention is to pass traffic between A and D, and want to reroute the traffic via B and C node.

    As FRR uses the tunnel in between to tunnel tail , i say if you create two tunnels between A and D as following :

    Tunnel 1 : A to D explicit path A - D

    Tunnel 2 : A to D explicit path A -C-B -D

    and prioritise the tunnel 1, you should achieve the required.

    Also note TE tunnels are unidirectional so create resiprocal tunnels for traffic from D to A

    Cheers

    Prince!

  • RELEVANCY SCORE 2.49

    DB:2.49:Dedicated Asbr For Inter-As Mpls 8k



    Hi,

    What are the advantages of having a dedicated ASBR for Inter-AS MPLS? At present I am using a PE as ASBR and it is shared for all types of customers. I am using Option-A for inter-AS.

    Regards,

    Prakash

    DB:2.49:Dedicated Asbr For Inter-As Mpls 8k


    Hello Prakashi,

    in addition to Guru's post some considerations:

    an ASBR for inter-AS MPLS VPN is challenged on the signalling plane more then in the forwarding plane.

    They need to build wide CEF tables for MPLS forwarding and for example this can create problems on some linecards on a GSR.

    If the amount of traffic is low a device like a C7200 VXR with NPE G1 or NPE-G2 that have 1 GB RAM can act as ASBR and it is cheaper then an engine 5 linecard on the GSR (12000).

    As Guru explained in its post the ASBR has to join the LSPs in two domains for all VPNs from this comes the high memory usage.

    Hope to help

    Giuseppe

  • RELEVANCY SCORE 2.48

    DB:2.48:Mpls Vpn Encryption zf



    Dear all,

    What kind of encryption is used in the MPLS VPN for providing the security?

    Regards,

    R.RajaRaman.

    DB:2.48:Mpls Vpn Encryption zf


    It is indeed possible to run MPLS VPN over an IP native core, using L2TPv3 to encapsulate traffic from the ingress to the egress PE. Is it what you are referring to? If so, here's a good url that discusses it:

    http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1829/products_feature_guide09186a0080227c91.html

    Hope this helps,

  • RELEVANCY SCORE 2.48

    DB:2.48:Mpls Vpn Shared Service 9c



    Hello:

    I am working a solution with customers with shared services over MPLS VPN, but the problem is that traffic initiated from shared services, and customer could access those shared services as well.

    Considering ip address conflict issue, It seems to me that it will be better to translate customer ip addresses.

    does anyone have any good ideas?

    thx

    DB:2.48:Mpls Vpn Shared Service 9c


    Generally a transalation service is deployed for such a scenario.

    Like you can implement a VRF Aware NAT gateway between the Shared Service and the Customers. Place this gateway close to the source i:e the Hosted or Shared Service location.

    And then you can try natting the user IP address to a IANA reserved public range. As these IP's wont be used by your customer ever. And you can have a clear NAT.

    ALso you need to implement all your routing control via imports exports on the NAT GW.

    Points to be careful about are:

    a) scalability of the hardware being used for natting.

    b) routing control between shared service and customer only via the NAT GW.

    c) Using totally unique IP transaltion for the RFC 1918 range of IP's.

    HTH-Cheers,

    Swaroop

  • RELEVANCY SCORE 2.48

    DB:2.48:Mpls ks



    Hi.

    The IOS IP BASE for 1841 support MPLS?

    Thanks

    DB:2.48:Mpls ks


    Hi there,

    No the IP BASE (its an entry level IOS - simplest) won't supports MPLS, you have to get SP, Advanced Services, Enterprise Services or Advanced Enterprise Services.

    Take a look at the attached diagram.

    HTH, please rate if it does help,

    Mohammed Mahmoud.

  • RELEVANCY SCORE 2.47

    DB:2.47:Is Mpls Any-To-Any Is A Better Solution As Compared To Dmvpn? ms



    Is MPLS any-to-any is a better solution as compared to DMVPN?

    We are planning to move for DMVPN in an MPLS, i came to know about the above given statement unable to understand.

    Any help on this will be highly appriciable.

    DB:2.47:Is Mpls Any-To-Any Is A Better Solution As Compared To Dmvpn? ms


    Is MPLS any-to-any is a better solution as compared to DMVPN?

    We are planning to move for DMVPN in an MPLS, i came to know about the above given statement unable to understand.

    Any help on this will be highly appriciable.

  • RELEVANCY SCORE 2.46

    DB:2.46:Mpls And S2s Failover Mgmt fx



    Most of my remote site is running MPLS primary (2821) and DMVPN (881) as a backup solution..Some of my sites run MPLS primary on 2821 and site to site as back up on 881 router.. MPLS here means the router that connected me to MPLS cloud of provider, not running any mpls..it is easy that way for us..

    When MPLS is down,

    The way s2s tunnel gets triggered is via HSRP on LAN i.e, the HSRP VIP is served by the 881..At the far end data center, the MPLS route of remote site is purged out, there is static route with higher admin distance will get into routing table.

    Remote site A LAN----- MPLS Router-----MPLS cloud-------MPLS router----------------Data Center LAN

    Remote site A LAN----- DSL Router-----internet cloud--------Data center ASA----------Data Center LAN

    In the MPLS plus s2s model, I often get into problem...the problem is how do I manage the 881 router via snmp, ccm , tacacs or any other management tools? There is a routing issue in hand that I canno route to and from to the mgt address of DSL. I cannot reach the loopback or mgmt vlan of the DSL router when the MPLS is active…but this will disallow all the management stuff we do on the DSL router.

    any solutions please..

    Please ask me further If I am not clear in presentation…

    DB:2.46:Mpls And S2s Failover Mgmt fx


    Hello Vinayaka,

    There is a routing issue in hand that I canno route to and from to the mgt address of DSL. I cannot reach the loopback or mgmt vlan of the DSL router when the MPLS is active

    And the topology is

    Remote site A LAN----- MPLS Router-----MPLS cloud-------MPLS router----------------Data Center LAN
    Remote site A LAN----- DSL Router-----internet cloud--------Data center ASA----------Data Center LAN

    You haven't provided all the details. So in the following I do a guess, but you may be already doing what I'm going to suggest.

    The first question is in the remote site A, there is any dynamic routing protocol running between MPLS router and DSL router on the LAN side?.

    If the answer is negative you are likely facing an asymmetric routing issue: if when MPLS is active the DSL router sends the return traffic back to the management server, tacacs server via the backup path on the site to site IPSec tunnel the ASA will see only the return traffic and not the queries that are going via the MPLS path.

    For the way the ASA as a stateful firewall works, it may block these returning packets for which it didn't see the packets in the opposite direction before.

    So it is likely that you need to make routing paths symmetrical when MPLS primary link is active. A way to do this is to make the DSL router to prefer a path via the colocated MPLS router for all HQ internal destinations when the MPLS link is active, and the easier way is to extend the dynamic routing protocol ( if any) between the MPLS router and the DSL router on the internal LAN side.

    I beg your pardon if you are already doing all this.

    See this post as just a starting point in the thread.

    Hope to help

    Giuseppe

  • RELEVANCY SCORE 2.46

    DB:2.46:Same As Two Mpls Clouds c8



    Can you use the same as # for two separte provider MPLS clouds? 

    DB:2.46:Same As Two Mpls Clouds c8


    Ray

    Can't really answer that without knowing quite a bit more about your topology ie.

    are you terminating both providers on the same router or separate routers

    what sits behind the routers in each site eg. L3 switches for inter vlan routing or L2 switches using the MPLS routers as their default gateway on the LAN interfaces etc.

    do you want to influence outbound traffic or return traffic or both ?

    etc.

    Jon

  • RELEVANCY SCORE 2.46

    DB:2.46:Can Netflow Collect Statistics On Layer2 Interfaces? 1x



    I have enabled netflow on a 6513 running 12.2(33)SXH2a. Right now it is collecting statistics for layer3 interfaces only. Can Netflow be configured to collect statistics for layer2 interfaces?

    DB:2.46:Can Netflow Collect Statistics On Layer2 Interfaces? 1x


    Hi,

    on a Cat6500 (Sup720) it is possible to monitor L2 traffic with netflow.

    See http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/netflow.html#wp1157805 (Enabling NetFlow for Ingress-Bridged IP Traffic) for details.

  • RELEVANCY SCORE 2.45

    DB:2.45:Training On Mpls dk



    Hi,

    Is there any course or training for MPLS?

    regards...

    DB:2.45:Training On Mpls dk


    Guys, I'm interested in taking this trac in hopes that I can renew my CCNP cert. Is there a BGP/MPLS trac that gives a professional level exam I can use to keep my CCNP current?

  • RELEVANCY SCORE 2.44

    DB:2.44:Running A Gatekeeper On An Mpls Vpn Core mk



    Does anyone know if gatekeeper services can be MPLS/VRF aware?

    We currently have core routers that support multiple customers in private network type environment, and we wish to use gatekeeper services for one of our VRF customers.

    Is this possible?

    Regards,

    Paul.

    DB:2.44:Running A Gatekeeper On An Mpls Vpn Core mk


    Makes sense. I couldn't seem to find any information about it.

    Just one other thing, what is the cheapest IOS available for running Gatekeeper services?

    I thought it would be possible with SP Services, but it seems that you cant.

    Its seems that this feature set is required: INT VOICE/VIDEO GK, IPIP GW, TDMIP GW

    Regards,

    Paul.

  • RELEVANCY SCORE 2.43

    DB:2.43:Terminatng Mpls ms



    hi

    What do I need for terminating a MPLS link that comes from telco site with fibr optic?

    thank you

    DB:2.43:Terminatng Mpls ms


    Since the 878 router doesnt have any optical ports on it, you will have to termiate that link on a local switch (if the switch has optics on it).

    If the switch also doesnt the compatible optics/or no optics then your best best to to purchase a good quality media convertor and connect the incoming fiber to the router via copper (this wont disable or degrade any functionality).

    HTH-Cheers,

    Swaroop

  • RELEVANCY SCORE 2.42

    DB:2.42:Layer2 Shaping a3



    Hi,

    is there any strategy for layer2 shaping?

    Regards,

    Mehrdad

    DB:2.42:Layer2 Shaping a3


    You could use Generic Traffic shaping or frame-relay traffic shaping based on whether you want to do it on an interface basis or to the vc level. You also have the option of using class based shaping for packets that are already classified.

  • RELEVANCY SCORE 2.42

    DB:2.42:Mpls Vpn Support For Eigrp pf



    http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/fteipece.html

    this is configured on PE routers, however most of our providers for our customers are reporting they do not support it. Aside from buidling DMVPN tunnels over the MPLS network to all my locations, is it possible to configure this solution on our CE routers?

    DB:2.42:Mpls Vpn Support For Eigrp pf


    Sprint supports EIGRP on their Global L3VPN product. Cisco's BGP cost community implementation with EIGRP works pretty well in terms of minimizing routing loops but convergence/transient loop conditions can still be an issue without appropriate filtering when backdoor routes are involved. EIGRP SoO on the PEs was not supported when I worked over there thus requiring you to still utilize route tagging and filtering on the CE side.

  • RELEVANCY SCORE 2.42

    DB:2.42:Mpls Vpn Nms 1f



    Does Cisco have NMS application for configuring MPLS VPNs, apart from IP Solution Center?

    We need some entry level, simple Web-based GUI tool that support all necessary functions for the engineering and configuration of MPLS based VPN tunnels.

    DB:2.42:Mpls Vpn Nms 1f


    There are two main network management implementation techniques for Multiprotocol Label Switching (MPLS) VPN networks.

    For more information, refer to the Management VPN Technique and Out-of-Band Technique sections of The ISC Management Network.

    Follow the URL :

    http://www.cisco.com/en/US/docs/net_mgmt/ip_solution_center/3.0/mpls/user/guide/7_iscqsg.html

  • RELEVANCY SCORE 2.41

    DB:2.41:Mpls Vpn Support For Vpnv6 7p



    All,

    which routers and IOS has MPLS VPN support for VPNv6?

    regards

    Devang Patel

    DB:2.41:Mpls Vpn Support For Vpnv6 7p


    Giuseppe,

    Thanks for your reply!!! Yeah I checked on feature navigator and found some images to run on 72XX which can support the MPLS VPN for IPv6!!!

    thanks again for your time!!!

    regards

    Devang Patel

  • RELEVANCY SCORE 2.41

    DB:2.41:Network Design, Routing, Mpls Etc 7s


    HiI currently have a mix of L2 and routed network.Only static routes though.To overcome the drawbacks of L2 I`m now redesigning.Need to have:Separate management network, use separate VLANs for this today. And being able to provide L2 VPNs for customers (use EoIP and VLANs today).What is the way to go? MPLS?

    DB:2.41:Network Design, Routing, Mpls Etc 7s

    We have a similar setup.. cool.http://forum.ubnt.com/showthread.php?p=442069post​ed=1#post442069

  • RELEVANCY SCORE 2.41

    DB:2.41:Can Mpls Function Without Vpn/Bgp jc



    Most of the document I have read all talking about using MPLS/VPN/BGP as a solution for enterprise network connection across the internet. Can MPLS be used without intergation with VPN and BGP?

    Thanks

    DB:2.41:Can Mpls Function Without Vpn/Bgp jc


    That's correct. Just LDP and your IGP should suffice.

  • RELEVANCY SCORE 2.41

    DB:2.41:Implementing Mpls Causes Bad Ip Behavoiour j9



    I work for a small SP, we have an existing plain IP core, and I am trying to implement MPLS.

    My approach has been to enable LDP and MP-BGP on a few links and watch what happens first, and implement VRF's later.

    When I enable LDP and MP-BGP, some applications/customers on that link perform badly or not at all. Some customers report their IPSec trafic stops working, where other customers with IPSec on those links have no problem. Some customers just using port 80 with no IPSec have poor web response times.

    When I remove the MPLS interface commands, everything is ok again. MP-BGP is still configured and causes no problem.

    The config I am using is this:

    ip cef

    mpls ip

    !

    router bgp 1

    no synchronization

    bgp log-neighbor-changes

    neighbor 1.1.1.1 remote-as 1

    neighbor 1.1.1.1 update-source Loopback1

    neighbor 1.1.1.1 route-reflector-client

    no auto-summary

    !

    address-family vpnv4

    neighbor 1.1.1.1 activate

    neighbor 1.1.1.1 send-community extended

    neighbor 1.1.1.1 route-reflector-client

    exit-address-family

    int FastEthernet0/0.500

    mpls label protocol ldp

    tag-switching mtu 1512

    tag-switching ip

    This config is pretty basic. IOS is 12.3(12).

    I also tried changing the "tag-switching mtu 1512" to a MTU of 1800. It made no difference.

    Some questions:

    a) Shouldn't existing traffic not be affected by MPLS, unless I put it in a VRF first? (which I am not)

    b) Am I correct in assuming existing IP traffic will not be labelled with MPLS with this config?

    c) Do I need MP-BGP as well as LDP?

    I need to get MPLS working in parallel with our existing IP customers. I only want to use MPLS for customers who want VPN.

    What am I doing wrong? I need to get a VRF working soon!

    DB:2.41:Implementing Mpls Causes Bad Ip Behavoiour j9


    scoure through the emails here mate - this has came up before but im too busy to do the search for you.

  • RELEVANCY SCORE 2.41

    DB:2.41:Issues With Single Mpls Backbone? fp



    Hi,

    I am going to start a design of IP/MPLS backbone with three P routers three PE routers. I wish to enable L3VPN, AToM VPLS on a single backbone. What are the possible issues in this solution?

    What are the recommended routers for this? budget is very limited need to entertain only some dozen of customers.

    Thanks in advance.

    DB:2.41:Issues With Single Mpls Backbone? fp


    I would recommend providing your requirements to your Cisco account team and asking for their assistance. They can assist you with which hardware fits your requirements. You will want to make sure the code you choose supports the features you are interested in. The hardware should be selected based on feature support and capacities required, i.e.: bandwidth, cpu, etc.

    Steve Lyons - Cisco

  • RELEVANCY SCORE 2.40

    DB:2.40:Migration With Mpls Core 8d



    Hi,

    Our company (AA) have just bought another company (BB). We are considering the migration solution. AA is running MPLS VPN over LSP tunnel while BB is running MPLS VPN over L2TP tunnel. Some one suggest to use CsC model and others prefert Inter-AS model. Could expert here give some pieces of advice for that? I am considering how to deploy MPLS QoS/TE, Multicast or AtoM / VPLS in such complex models. Are there any limitation or weakness of CsC/Inter-AS model?

    Thanks in advance

    DB:2.40:Migration With Mpls Core 8d


    These are actually two different models..

    Inter-AS according to the option used might not solve your problem. If you use option B ( Change NH at ASBR ) then certain things will not work i.e Multicast, latency based network not preserved ( Could use MED )..

    CsC..Where is your BGP infrastructure in this model???

  • RELEVANCY SCORE 2.40

    DB:2.40:Use Of Proxy In Mpls 77



    i ahve a customer who is using vpn as well as internet and for internet we are having proxy. can anyone tell me the design how to use the proxy for internet in mpls for customers.

    regards

    shivlu

    DB:2.40:Use Of Proxy In Mpls 77


    i ahve a customer who is using vpn as well as internet and for internet we are having proxy. can anyone tell me the design how to use the proxy for internet in mpls for customers.

    regards

    shivlu

  • RELEVANCY SCORE 2.39

    DB:2.39:Inter-As Qos 3j



    In the RFC2547bis Inter-AS solution, the first option is back-to-back VRF-to-VRF between the two ASBRx. Is there an IOS version requirements for this solution? I've search the cisco website i could'nt find one. do you have configuration guidelines for this solution?

    How about the QOS between the two ASBR on the three solutions of Inter-AS define in RFC2547bis? Is there an industry standard of IP QOS mapping to MPLS exp. bit? ex. IP precedence 0 = 0 MPLS EXP BIT (best effort).

    Is it possible to classify all of our VOICE traffic customer to enter the ingress PE router and map all the voice traffic in every

    ingress PE to a FEC that map to only 1 LSP from PE to PE? The idea is to have only 1 LSP per application (i.e. regardless the number of customers for MPLS VPN service? If this is feasible, will that raise a security issue (because no traffic separation). Any suggestion?

    DB:2.39:Inter-As Qos 3j


    Even in the case of DSCP if the last bit is "0" it falls under standard implementation wherein the first three bits automatically gets copied on to the EXP field of the MPLS shim header.

  • RELEVANCY SCORE 2.39

    DB:2.39:How To Communicate Between Layer2 Switches In A Intervlan? 1z



    Hereby i attached my packet tracer of my disscussion.

                       

    i cant able to communicate or telnet between the layer2 switches from the respected vlan ports.

                       

    Pls help my need.

                           

    advance thanks for ur solution.

  • RELEVANCY SCORE 2.39

    DB:2.39:Mpls Ttl Propagation ss



    Hi all,

    As we knew when turn off ttl propagation, MPLS network ips is not visible if we perform trace route.

    If MPLS network with dozen of customers(vrf) and I want specific customer not visible the mpls netwok and some customer do have visibility.

    How can I achive this ??

    Regards

    DB:2.39:Mpls Ttl Propagation ss


    Hi,

    MPLS TTL propagation can only be disabld globally and per VRF is not supported.

    You may have to use access-list on PE to allow/deny ICMP traffic per customer/VRF.

    HTH,

    Nagendra

  • RELEVANCY SCORE 2.38

    DB:2.38:Mpls fj



    Hello,

    we r ISP and we need to migrate to MPLS.We r planning to provide MPLS VPN , MPLS TE, End to end QoS , attacks Restrictions ( coming from outside and from our registered Users) .

    we r running a Catalyst 5509 as a backbone Layer 3 Switch ( serving our corporate users) and two Cisco router 7206 vxr with NPE 400 ,one is serving as a Main Gate and Broadband access aggregator for our PPPoE clients and the second one is used as LNS( terminating L2TP tunnels) for our dialup customers.

    i am asking what we need to build a MPLS backbone ? could it be done with the actual devices used ?

    then how the feature above will be provided to our customers ?

    any Basic Docs or urls that elaborate MPLS plus implementation , configuration and benefits will be an assest.

    Thanks Best Regards,

    Ali.

    DB:2.38:Mpls fj


    Hello,

    Thank you very much for your reply ,

    at the end of day we need to provide MPLS VPN and end to end QoS for our customers , so my question how could i start to implement MPLS in my network ?, what do i need to make backbone MPLS ?

    does MPLS TE will do that ?

    i will try to get book .

    Thanks anf Regards,

    Ali

  • RELEVANCY SCORE 2.38

    DB:2.38:802.1qay Solution k1



    Hello,

    Requirement: 802.1Qay (PBB-TE) solution for L2 MPLS Customers.

    I would like to receive your advice about the solution and share your inputs.

    Thanks in advance for your help.

    Best Regards,

    Giuseppe

    DB:2.38:802.1qay Solution k1


    is this available yet.  I was thinking 802.1ah in SRE (dec 09), and 802.1ay SRE3??? maybe

    mid 2010...

    any comments from anyone.

    Regards

    Jude Bryant

    Pioneer Telephone

  • RELEVANCY SCORE 2.37

    DB:2.37:Multihop Bgp c7



    Hello,

    In my MPLS network I have vrf Internet which I use to give my customers access to Internet. I'm having multihop BGP with customers that have their own IP address space. Problem is (see picture in attachment) that I want to avoid static routes in vrf Internet for customers prefixes received via BGP.

    This prefixes received by eBGP I inject via iBGP into vrf Internet so that next hop stays the same as it is announced by customer. Although the routing table and CEF show correct next hop, traceroute from customer B to Customer A shows that packet goes to CENTRAL ROUTER outside MPLS and than back to MPLS and then to Customer A.

    Traceroute should be like this

    traceroute 1.1.1.1

    1. PE3

    2. PE1

    3. CPE customer A

    I think it is problem with MPLS but I can't find where. Can anyone help me with this?

    Thanks in advance

    DB:2.37:Multihop Bgp c7


    Antonio,

    If you try to run more then one instance of BGP, Cisco routers will notify you that you already have one running. If it is Juniper route, then the second instance will replace the first one. Either way, you can only run one instance at the time per router.

    HTH

    Reza

  • RELEVANCY SCORE 2.37

    DB:2.37:Use Layer2 Switch For Voice Traffic as



    Hi,

    I am thinking of replacing the Router C with a layer2 switch in the network (see attachment) since it only needs to have 3 ethernet ports. Will I have any issues with voice quality later on?

    Thanks.

    DB:2.37:Use Layer2 Switch For Voice Traffic as


    Hi,

    I am thinking of replacing the Router C with a layer2 switch in the network (see attachment) since it only needs to have 3 ethernet ports. Will I have any issues with voice quality later on?

    Thanks.

  • RELEVANCY SCORE 2.37

    DB:2.37:Mpls Service Provider Configuration 88



    Here i would like to share the MPLS Service Provider Configuration

    In attach document is configured with RIPv2 ,OSPF , EIGRP for different customers.

    The MPLS BGP is configured with Route Reflector for more Scalability.

    Regards

    Chetan Kumar

    DB:2.37:Mpls Service Provider Configuration 88


    Here i would like to share the MPLS Service Provider Configuration

    In attach document is configured with RIPv2 ,OSPF , EIGRP for different customers.

    The MPLS BGP is configured with Route Reflector for more Scalability.

    Regards

    Chetan Kumar

  • RELEVANCY SCORE 2.37

    DB:2.37:L2 Redundancy For Mpls Layer2 Access Network sf



    Please find the attachment for the network diagram. MSAN is connected to the layer 2 access switch SW3. SW3 has two uplinks, one goes to SW1 and other goes to SW2. SW1 has the uplink to one of the PE and SW2 has the uplink to other PE. MSAN provides Internet, Voice and IPTV. Internet is using PPPoE. So there is an l2 tunnel from MSAN to BRAS which is connected to the MPLS. MSAN will use only one vlan for all the access PVCs. Voice is provided using L3 vpn. MSAN should access the VOICE VPN via both PE routers. IPTV is using multcast. PIM is configured till PE routers. Requirment is as follows,

    1)Failure of links between switches and routers should not affect any services.

    2) Failure of switches or routers should not affect the any services.

    What is the solution to acchive the requirments?

    Regards,

    Senthil

    We need to have redundant PPPOE connection via both PE routers.

    DB:2.37:L2 Redundancy For Mpls Layer2 Access Network sf


    Hi Giuseppe,

    Thanks for your reply.

    SW3 will be a stack switch. Multicast will be in global routing table. Our aim is to give fault tolerance at access level.

    Regards,

    Senthil

  • RELEVANCY SCORE 2.36

    DB:2.36:Mpls History 1s



    Hi,

    When does the MPLS service start in cisco? I mean the hardware and solution.

    rgds

    DB:2.36:Mpls History 1s


    Anita,

    MPLS was introduced in IOS 11.1(17)CT. Almost 10 years ago. Please refer the below info and URL for details.

    New Features in Release 11.1(17)CT

    In addition to the features in Release 11.1 CA and Release 11.1 CC, Release 11.1(17)CT supports the following new feature:

    MPLS-MPLS is a novel approach to network layer packet forwarding. The two main components of the MPLS architecture are forwarding and control. Forwarding is accomplished using simple label-swapping techniques. Control results form the use of the existing network layer routing protocols plus mechanisms for binding and distributing tags. MPLS retains the scaling properties of IP and can help improve the scalability of IP networks.

    http://www.cisco.com/en/US/docs/ios/11_1/release/notes/rn111ct.html#wp4671

    Regards,

    Arul

    *Pls rate all helpful posts*

  • RELEVANCY SCORE 2.36

    DB:2.36:Layer2 3 f3



    Hello Friends,

    Question regarding communications offrames/packets from Layer 2 to Layer 3.

    Which protocol is used while handing over the frames from LAYER2 to LAYER3. As know very bit about this that there is some Ethernet Header with frames which are moving or handing over to Layer3 from Layer2 , is this true for this typr of communication.

    DB:2.36:Layer2 3 f3


    I believe it's more a question of what header information is evaluated in order for a network device to make a forwarding decision.Let's use the following Ethernet topology as an example:Server Farm ---- L2-Switch01 ---- L3-Router ---- L2-Switch02 ---- LAN HostFor the LAN Host to communicate with a Server it will ARP for the MAC address of it's default gateway.  For this example we'll assume the default gateway is the L3-Router.  When a frame is forwarded out of the LAN host destined to a server it will posses an IP header and an Ethernet header.  The Ethernet header destination MAC address will be the MAC address of the L3-Router interface(default gateway)  The destination IP address will be the Server IP address.L2-Switch02 will only evaluate the Ethernet header in order to forward the frame to the L3-Router.  L2-Switch02 will forward this frame to the L3-Router based on an entry in it's MAC address table; in most cases it will have learned this dynamically by 'noticing' the frames coming in with a source MAC address.When L3-Router receives the frame it will strip off the Ethernet header and evaluate the IP header for a forwarding decision.  It will do a route look-up (actually a CEF table look-up but that's another story) and determine which interface to forward it out of.  L3-Router will install a new Ethernet header with a destination MAC address of the server and a source MAC address of the L3-Router interface facing the Server.Chris

  • RELEVANCY SCORE 2.36

    DB:2.36:Solution For Ip Vpn Failover On Mpls Vpn In Single Router cm



    we have 3 location, all 3 is connected through L3 MPLS VPN , now we are planing to setup IPVPN for fail over but its not working in 2 location;s could u help regarding the same,

    After L3 MPLS link goes down IPVPN get up but same was not happen , we have create tunnel and set matrix on each ip route.

  • RELEVANCY SCORE 2.36

    DB:2.36:Qinq Not An Option, Too Small For Mpls/Vpls ? md



    Hello,

    Thanks for reading .....

    Hope you can help me out .....

    Got two 7606 router(switches). One a DataCentre-A, the other at B.

    These switches are connected via two layer2 links (running etherchannel across two interconnects, YUK !!)

    The 7606's run about 100x VRFs for customers.(customers use overlapping IPs)

    Now, they have requested a third DataCentre (colocation)

    the problem is as follows:

    Layer2 across the WAN (as you know) is not desirable

    The Colo provider cannot support QinQ as an option to extend the VLANs out back to the DataCentre A/B

    Obviously they cannot run 100-200 vlans into the colo-providers network (ouch) and 'VLAN Mapping' I would guess is justgoing to be ugly.

    A native Layer three is not an option as we have overlapping IPs.

    One option would be to run a (L3) DOT1Q trunk, and use loads of layer3 subinterfaces at each end of the link, mapping to each customer VLAN. It would be very messy and long winded but would overcome the issues.

    I have limited to zero knowledge with MPLS and VPLS, but I am thinking this solution is crying out for MPLS-VPNs or VPLS. However, is it just too small ?

    I don't know of any other solutions. Stuck between a rock and hard place with this poor original design.

    Really appreciate you advise

    thank you

    Matt Croft

    DB:2.36:Qinq Not An Option, Too Small For Mpls/Vpls ? md


    Hello,

    Thanks for reading .....

    Hope you can help me out .....

    Got two 7606 router(switches). One a DataCentre-A, the other at B.

    These switches are connected via two layer2 links (running etherchannel across two interconnects, YUK !!)

    The 7606's run about 100x VRFs for customers.(customers use overlapping IPs)

    Now, they have requested a third DataCentre (colocation)

    the problem is as follows:

    Layer2 across the WAN (as you know) is not desirable

    The Colo provider cannot support QinQ as an option to extend the VLANs out back to the DataCentre A/B

    Obviously they cannot run 100-200 vlans into the colo-providers network (ouch) and 'VLAN Mapping' I would guess is justgoing to be ugly.

    A native Layer three is not an option as we have overlapping IPs.

    One option would be to run a (L3) DOT1Q trunk, and use loads of layer3 subinterfaces at each end of the link, mapping to each customer VLAN. It would be very messy and long winded but would overcome the issues.

    I have limited to zero knowledge with MPLS and VPLS, but I am thinking this solution is crying out for MPLS-VPNs or VPLS. However, is it just too small ?

    I don't know of any other solutions. Stuck between a rock and hard place with this poor original design.

    Really appreciate you advise

    thank you

    Matt Croft

  • RELEVANCY SCORE 2.35

    DB:2.35:Mpls Vpn k7



    Does c2600 series support for mpls vpn? if yes which release of ios is the minimum required?

    DB:2.35:Mpls Vpn k7


    Please, take a look at http://www.cisco.com/en/US/products/hw/routers/ps259/prod_bulletin09186a00800921d7.html. This document explicitly says that PE functionality is not supported on Cisco 2600. You can try to configure MPLS VPNs if CLI allows it, but be ready to get negative results.

    With best regards,

    Mikhail Bogdanov

  • RELEVANCY SCORE 2.35

    DB:2.35:Mpls Book 7s



    Can anyone recommend a good MPLS book?? I was thinking about going for the CCIP.

    Thanks!

    -lloyd

  • RELEVANCY SCORE 2.35

    DB:2.35:Xconnect Within The Router (Cisco7600) ms



    Hello,

    I have following situation:

    Two Cisco 7600 , routerA in POP-A anf routerB in POP-B.

    xconnect configured for layer2 service:

    RouterA:

    interface TenGigabitEthernet1/1.75

    description Link to CPE1

    encapsulation dot1Q 75

    xconnect b.b.b.b 100 encapsulation mpls

    RouterB:

    interface TenGigabitEthernet1/2.76

    description Link to CPE2

    encapsulation dot1Q 76

    xconnect a.a.a.a 100 encapsulation mpls

    Due to topology change link to CPE2 was moved to RouterA. xconnect refuses to take its own IP address for destination. I've tried to use simple "connect" on RouterA (had some success with it on Cisco7301 ):

    connect localLink TenGigabitEthernet1/1.75 TenGigabitEthernet1/1.76 100

    But it dosn't work.

    Anyone has any suggestions?

    Thanks.

    Julius

    DB:2.35:Xconnect Within The Router (Cisco7600) ms


    You can do it by creating service instances on the ports, and then connect ethernet ports.

    e.g:

    interface TenGigabitEthernetX/X

    service instance 1 ethernet

    encapsulation dot1q 10

    !

    interface TenGigabitEthernetX/X

    service instance 1 ethernet

    encapsulation dot1q 10

    connect NAME TenGigabitEthernetX/X  1 TenGigabitEthernetX/X 1

  • RELEVANCY SCORE 2.35

    DB:2.35:Mpls Te With Mpls Vpn dk



    Hi there,

    I'm looking for some basic configuration to turn on mpls te over existing mpls vpn. Worried to effect mpls vpn customers.

    Perhaps a link would be great!

    thanks in advance.

    maher

    DB:2.35:Mpls Te With Mpls Vpn dk


    hi hritter,

    thanks for the link.

    maher

  • RELEVANCY SCORE 2.35

    DB:2.35:Mpls Simulator fz



    Hi Friends,

    Can anyone of you pls tell me a software tool for MPLS Simulator.....?

    Regards,

    MAX

    DB:2.35:Mpls Simulator fz


    Hi Max

    Have a look at this, its a 7200 simulator, i have used it for MPLS labs with no issues except you will have to get the right image. let me know if you need anymore help. Also, do a search on these forums, there is quite alot postings about it

    http://www.ipflow.utc.fr/index.php/Cisco_7200_Simulator

    BR

    emaamur

  • RELEVANCY SCORE 2.35

    DB:2.35:Errors While Implementing Copp In 7606/Sup720 3bxl (12.2sxd) 38



    Hi I was following some instructions on how to implement Control Plane Policing in a 7600 series router (http://www.cisco.com/application/pdf/en/us/guest/products/ps1838/c1244/cdccont_0900aecd804ac831.pdf) and came across two problems....

    While trying to match protocol arp under class-map cp-layer2-cm, I got the error....

    QoS: match type in class cp-layer2-cm not supported on Control Plane Interface in PFC HW

    QoS: policy copp-policy-in actions for class cp-layer2-cm are not supported on Control Plane Interface

    QoS: match type in class cp-layer2-cm not supported on Control Plane Interface in PFC HW

    QoS: policy copp-policy-in actions for class cp-layer2-cm are not supported on Control Plane Interface

    QoS: match type in class cp-layer2-cm not supported on Control Plane Interface in PFC HW

    Additionally while I was trying to police traffic under class-default, i got the error ......

    Warning (QoS): Control Plane Interface: Problem installing policy copp-policy-in with class class-default. Class can only have

    'match access-group' OR

    'match ip dscp' OR 'match ip precedence' OR

    'match dscp' OR 'match precedence' OR 'match mpls exp' OR

    'match dscp' OR 'match precedence' with one of'match protocol ip' OR

    'match protocol ipv6'

    Any alternatives I could use to bypass the above?

    DB:2.35:Errors While Implementing Copp In 7606/Sup720 3bxl (12.2sxd) 38


    Hi I was following some instructions on how to implement Control Plane Policing in a 7600 series router (http://www.cisco.com/application/pdf/en/us/guest/products/ps1838/c1244/cdccont_0900aecd804ac831.pdf) and came across two problems....

    While trying to match protocol arp under class-map cp-layer2-cm, I got the error....

    QoS: match type in class cp-layer2-cm not supported on Control Plane Interface in PFC HW

    QoS: policy copp-policy-in actions for class cp-layer2-cm are not supported on Control Plane Interface

    QoS: match type in class cp-layer2-cm not supported on Control Plane Interface in PFC HW

    QoS: policy copp-policy-in actions for class cp-layer2-cm are not supported on Control Plane Interface

    QoS: match type in class cp-layer2-cm not supported on Control Plane Interface in PFC HW

    Additionally while I was trying to police traffic under class-default, i got the error ......

    Warning (QoS): Control Plane Interface: Problem installing policy copp-policy-in with class class-default. Class can only have

    'match access-group' OR

    'match ip dscp' OR 'match ip precedence' OR

    'match dscp' OR 'match precedence' OR 'match mpls exp' OR

    'match dscp' OR 'match precedence' with one of'match protocol ip' OR

    'match protocol ipv6'

    Any alternatives I could use to bypass the above?

  • RELEVANCY SCORE 2.35

    DB:2.35:Query - Selection Fields. 8k



    Hi,

    I create QUREY for QM notification, with info set - logical database QNQ.

    In the selection fields i ask for WORK CENTER and CODINIG, but i have no browser for those fields.

    thank you

    Aviva.

    DB:2.35:Query - Selection Fields. 8k


    in SQ01 for each table u have to select selection fields (select the check box ) and select output fields (select the check box ).

    save and activate and check d selection screen and output...

    u will b able to c those fields....

    Regards,

    ramesh.

  • RELEVANCY SCORE 2.35

    DB:2.35:Metro E Design Question dk



    We have a Qwest GeoMax connecting two data centers and have an oppurtunity for some configuration changes at each data center locations.

    My question is, Is MPLS what I need to look at for confiuration. I need to have A server at location A and B with-in the same network, but also would like to have some layer 3 running. Is MPLS a inbetween of layer2/layer3.

    DB:2.35:Metro E Design Question dk


    Are you going to handle MPLS service?

    If not does your provider offer layer 2 and layer 3 service on same „line“, port or what ever and if it does will you pay more for it?

    As i see it easiest way is to get layer 2 service and then build you own MPLS connectivity between sites. That will solve it all.

  • RELEVANCY SCORE 2.35

    DB:2.35:Mpls Issue c9



    I have setup basic MPLS switching between 5 routers. BGP is enable between Pescara and Pesaro with VRF routing for Customer A/B. if i do sh ip route vrf Customer_A and b on both routers, i cannot see the bgp routing for both customers even though bgp is active between both routers. Can someone pls check my config's. see attachment.

    Francisco

    DB:2.35:Mpls Issue c9


    yes that was it. after adding address-family vpn4 on both routers, all working now.

    Thanks all

    Francisco.

  • RELEVANCY SCORE 2.35

    DB:2.35:Bgp Community /Mpls ad



    Dear all, Question - if incoming routes from a CE are tagged with a community a:b, is this tagging kept as it passes through the Service Provider? What does the command set community 12456:9351 additive mean (this command is applied in the Service Providers PE for my customers VRF).

    Any help appreciated?

    Thanks

    Mary

    DB:2.35:Bgp Community /Mpls ad


    if you add a community with additive keyword it will be passed throughout the SP network but it will not be passed when its exit the other end PE to the other CE unless they enable send community in their PE toward the other end CE

    as mentioned by the pevous post maybe some SPs have it and others you need to ask for it

    good luck

    if helpful Rate

  • RELEVANCY SCORE 2.35

    DB:2.35:Rfc 4363 Question kz



    My understanding of RFC 4363(10a) is that it is intended to be used to provide reach from one MPLS  network into another MPLS network in another AS for the purpose of  providing carrier transparent support for MPLS VPN customers that have a  physical presence in both networks.

    However, could RFC 4363(10a) be used between two carrier networks where one is an MPLS network and  the other is a native IP only network?  The desire being for the native  IP network to be able to provide IP services such as VoIP to customers built on the MPLS network.  If so, can someone point me to documentation and example configurations for this type of setup on the non-MPLS side?   I have been looking at section 4 of "Implementing Advanced Features on MPLS-Based VPNs", which if I'm reading correctly applies in this type of situation.

    Thanks.

    DB:2.35:Rfc 4363 Question kz


    from the viewpoint of the MPLS VPN provider, the IPv4 ISP is simply a customer.

    I agree, and the solution I've discussed is a straight layer 3 connection between the two networks.  This would allow application traffic (hosted by the IPv4 network) to be exchanged with customers on the MPLS network without traversing the internet, giving a greater ability to control the quality of the service.   However, discussions about cpe visibility and questions relating to QoS on the public portion of the MPLS provider's network have driven the discussion in this direction.

  • RELEVANCY SCORE 2.34

    DB:2.34:About Mpls Te Forwarding Adjacency! pa



    Is which draft or rfc for mpls te forwarding adjacency ?

    thanks !

  • RELEVANCY SCORE 2.34

    DB:2.34:Cisco 7200s / Mpls Exp Bits / Tos / Default Mapping mm



    I found the following information while researching this topic.

    -----

    "The edge LSR that imposes the MPLS header needs to set the experimental field to some value. By default, Cisco IOS® Software copies the three most significant bits of the DiffServ code point (DSCP) or the IP precedence of the IP packet to the EXP field in the MPLS shim header. This action happens when the MPLS header is initially imposed on the IP packet. Another option is to define a mapping between the DSCP or IP precedence and the EXP bits. This mapping can be configured using the set mpls experimental or the police commands in the Modular QoS CLI (MQC)."

    http://www.cisco.com/warp/public/cc/pd/iosw/tech/mpotc_qp.htm

    -----

    We tested this functionality and it works as advertised (ie. IP Precedence of 7 maps to EXP Bit 7).

    Is there a way to turn off this default behavior? Ideally, we would like to mark EXP bits based on our network policies instead of our customers DSCP/IP Precedence bits.

    Right now, it looks like we would need a service-policy on every customer interface in our network. Most customer interfaces would have a generic service-policy that sets the EXP bits on their traffic to 1 for example. High priority customers would have a service-policy thats set the EXP bits to 5. We are looking for a way to forgo the generic service-policy on every customer interface so that only priority customer interfaces require a service-policy statement.

    Anyone found a creative solution for this type of setup?

    Thanks.

    Jeff Chambers

    DB:2.34:Cisco 7200s / Mpls Exp Bits / Tos / Default Mapping mm


    As far as I know, you need to explicitly reset the EXP bits if you want to prevent the customer to arbitrarly setting its value.

  • RELEVANCY SCORE 2.34

    DB:2.34:Mpls With One Router zk



    We are a ADSL service provider

    In part of our network all DSLAMs are connected to a switch

    DSLAMs are working in L2 mode

    I want to seperate customers using VLAN

    Each customer will have unique vlan and for evry vlan there will be a subinterface on router

    Is it possible to have L3VPN MPLS on this singel router ?

    DB:2.34:Mpls With One Router zk


    3750 hardware has support for VRF-Lite (Multi-VRF) from 12.2(25)SEC.

    http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps5012/prod_bulletin0900aecd802efa2b.html

    SO you can try upgrading the IOS to 12.2.(25)SEC and try the same.

    HTH-Cheers,

    Swaroop

  • RELEVANCY SCORE 2.33

    DB:2.33:Why Different Sla For Mpls Ip/Vpn And Internet Access?? cd



    Hello!

    I am studying SLAs in terms of services of VPN (MPLS Layer2 and Layer3) and Internet Access. My doubt is why the enterprises do establish two different SLA (one for VPN service and another one for VPN) if the parameters determined in both are the same (latency,jitter...). Does it have something to do the fact that the service of Internet access cannot be so controlled by te enterprise as the traffic goes out the infraestructure under the enterprise control?

    Thanks in advance!

    DB:2.33:Why Different Sla For Mpls Ip/Vpn And Internet Access?? cd


    Hi Alain,

    Different IP SLA are use as when you have MPLS VPN provider, all or most of the site will be provided connectivity by same provider. Hence, when it comes to time sensitive traffic or any traffic which is INTRANET for your organization it will be staying on provider's backbone/ network only.

    However, in case of internet, it has to break out from your provider's network and would  be travelling across don't know how many other provider's ASes. Also, practically using IP SLA for internet doesn't have much use as nobody can assure you SLA level over the internet.

    HTH,

    Smitesh

  • RELEVANCY SCORE 2.33

    DB:2.33:15540 Support Layer2 Switching Function? j9



    is the 15540 support layer2 swiching function ,and will it support?

    currently any other metro dwdm solution support layer2 switching?

    what is wavefill??? like Alidian's wavepack?

    thanks

    DB:2.33:15540 Support Layer2 Switching Function? j9


    "Wavefill" is one of many similar terms that refers to the ability of to multiplex various data streams onto a single wavelength. This allows a wavelength to be used most efficiently, maximizing the amount of traffic that can be transported between locations. This feature is present in the 15540.

    I’d suggest going to the following url for more detailed information of the Cisco ONS 15540: http://www.cisco.com/warp/public/cc/pd/olpl/metro/on15500/on15540/prodlit/index.shtml

  • RELEVANCY SCORE 2.33

    DB:2.33:Mpls Basics f1



    Hi,

    Please let know why we use MPLS for and basic idea of MPLS

    Advantage of using MPLS compare to normal

    Regards,

    Vinoth

    DB:2.33:Mpls Basics f1


    Hi Vinoth

    Back in the day MPLS (Multi Protocol Labelled Switching) was used for its speed.

    See all L3 packets were process switched, which ment routing was slow.

    The MPLS solution was to stick a Label / Tag in-between the layer 2 and 3 headers. Kind of L2.5 :)

    The routers would then exchange Labels / Tags to populate their LFIB.

    E.G.

    R1-R2-R3-R4

    R1 will tell R2 to reach network 10.10.10.0 connected to me use Label 4.

    R2 will then tell R3, hey I know how to get to 10.10.10.0, use Label 6 to reach this network.

    R3 will then tell R4, hey I know how to get to 10.10.10.0, use Label 3 to reach this network.

    R4 will then add the label 6 to the packets destined for 10.10.10.0 and switch it to R3.

    R3 will swap the label 3 with 6 and switch it to R2.

    R2 will switch the frame to R1 but "pop" the label since R1 is the last hop. (This is called pen ultimate hop popping)

    Thus R1 does not have to do a lookup in its LFIB and RIB, speeding up the process even more.

    The reason why the same label is not used across the board is because this is a dynamic process, and R2 could have used label 4 for network 20.20.20.0.

    Nowadays we have cef and other protocols speeding up the routing, thus MPLS is no longer used for its performance advantage.

    One of the spin offs of MPLS was MPLS VPNs, you see we just add another Label / Tag to associate the frame with a VPN.

    With MP-BGP we use extended communities to identify these labels with a VRF routing table (Matching the label on route targets) and thus creating a very scalable and flexible solution, with some other advanced features. (Beats the pants off IPsec and other VPNSs).

    Hope this quick and dirty explanation gives you an idea of the basics.

    Regards

    Phillip

  • RELEVANCY SCORE 2.33

    DB:2.33:Trusting Service Providers Mpls Vpn mz


    In your experience, do SP customers (i.e. Banks, Retail, Gov't etc) trust the MPLS VPN service? So by that, I am asking if it is common for SP customers to deploy encrypted overlay solutions (eg IPSEC) for lack of trust of the MPLS VPN? Or, do they trust the implicit security offered by the MPLS VPN service, and send clear text.

    I assume the answer isn't black and white, so looking for opinion and experience.

    DB:2.33:Trusting Service Providers Mpls Vpn mz


    Disclaimer

    The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

    Liability Disclaimer

    In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.

    Posting

    If the information is sensitive enough that it should be "secret", then as the other posters have noted, one should use some form of end-to-end encryption.  For more "routine" business traffic, MPLS VPN isolation is often "good enough" (as is ATM or Frame-Relay PVCs).

  • RELEVANCY SCORE 2.32

    DB:2.32:Internet_Access_Mpls-Network kx



    Hello everyone,

    I need your help to confirm internet access from remote network through MPLS cloud to another site.

    Let me explain.

    We have a MPLS network with Windstream as listed in the visio drawing; site 1 has internet access through the Time-Warner cloud for all users. Site2 has internet access through the Windstream MPLS router. Site three has no internet access, and only has LAN access layer2 through Windstream routers to Site1 for networks 192.168.0.0/24, 10.1.1.x/24. My question is can we give everyone at Site 3 internet access through the MPLS network down into Site 1 using the Time-Warner ISP cloud.

    I placed routes on the Site 3 3750 stack IP route 192.168.50.x 255.255.255.0 to the interface of the MPLS router at site3, then at site 1 we have IP route 192.168.50.x 255.255.255.0 to the MPLS interface, and able to ping all anything on the 192.168.50.0 network. I added the IP route 0.0.0.0 0.0.0.0 192.168.50.x the MPLS router interface, we do not have internet access at Site 3 using Site 1 network.

    I confirmed at Site 1 from the Cisco 3750 switch we can ping 4.2.2.2 = Google

    Can someone confirm this will work and what’s required to complete this connection to give everyone at site 3 internet access through Site 1 Time-Warner.

    Thank you

    DB:2.32:Internet_Access_Mpls-Network kx


    You're very welcome.. I hope that this solved your issue!

  • RELEVANCY SCORE 2.32

    DB:2.32:M2m Traffic Between Packet Core Network And Ip/Mpls And Internet k8



    Hi Guys

    I'm planing a solution for transport the traffic for M2M applications for mobile data users, as follow:

    We have customers who need to access to Internet and to their internal services at their offices through the IP/MPLS network using the same routers infraestructure that I'm planning to implement (2 ASR1000 due redundancy). The network is composed of GGSN who serves to the customers at the mobile access network, then these packets must be send to ASR1000 routers, and these routers should be able to receive these packets and route them to Internet or to customer offices (customer VRF), according to the type of application to which the client wants to use. I look forward to their recommendations about this design we are proposing.

    I hope your support!

    Marcelo

    DB:2.32:M2m Traffic Between Packet Core Network And Ip/Mpls And Internet k8


    Are you looking to isolate traffic ?

    If you want just reachability with some traffic seperation

    Creat 3 VRFs at pe/asr one for endpoints and one for Internet and third one for cust servers and do route leaking with mp-bgp over mpls

  • RELEVANCY SCORE 2.32

    DB:2.32:Configuration Of Layer3 Switch As Layer2 Switch 33



    i had been using 2960 catalyst switch for connecting to server farm of late we

    switched over to 6509 layer3 switch with sup32 engine how do i configure the device as layer2 because when i connect any host and access the net it gives request timed out

    DB:2.32:Configuration Of Layer3 Switch As Layer2 Switch 33


    By default, the switchports in the 6500 Series switch is set to Layer3 switchport.

    To change from Layer3 to Layer2, you enter switchport on the intended interface.

  • RELEVANCY SCORE 2.32

    DB:2.32:Type Of Ip Addresses In The Ip Vpn ma



    We are providing IP-VPN service to customers over MPLS. We are using global IP addresses for CEs' interfaces which intefarce with PE.

    So, nowadyas, any customer's site will have an global IP address regardless of his business or number of sites. I'm thinking about using private IP addresses. Do any body do this? Or have solution can conserve the global IP addresses?

    DB:2.32:Type Of Ip Addresses In The Ip Vpn ma


    Are there any policies or issues (RIPE, APNIC, IETF etc) as regards using private ip addresses for customers wan interfaces when as a service provider you are just provisioning MPLS VPN service?.

  • RELEVANCY SCORE 2.32

    DB:2.32:Pat Issues p3



    We have a MPLS network which is having some issues for customers using PAT. The case is if I have a CE configured with public IP address or static NAT they have no problems to navigate or do anything on Internet. But if I configure PAT they simply cannot open some pages like hotmail, etc. in that case if I adjust MTU or MSS they can navigate. There is some solution to avoid this?? or somebody knows why it can be happening? as long as I know the packet size doesnt change with PAT.

    Thanks for the help.

    DB:2.32:Pat Issues p3


    PAT will not work by IP translation. There has to be port translation as well !!

    When I said "TCP intercept" I didnot mean the TCP intercept command/feature available in Cisco which is used for security purposes to avoid DOS attcks.

    You cannot set the MSS size using this feature at all.

    When your routers translate ports they have to rewrite the TCP Header and maintain state for the transaltion. Is it possible to copy the options flag received for MSS and translate to the rewritten header?

    For more details refer to RFC 793 Section 3.1

    :-)

    HTH-Cheers,

    Swaroop

  • RELEVANCY SCORE 2.31

    DB:2.31:Layer 2 Vlan Traffic Engineering Mpls zm



    Trying to find information on how to configure Traffic Engineering, or something like rate limit, in a layer 2 VLAN EoMPLS solution.

    3800--layer2-VLAN---6509-------MPLS--------6509--layer2-VLAN--3800

    thanks, Kevin

    DB:2.31:Layer 2 Vlan Traffic Engineering Mpls zm


    Roman,

    that's a goood white-page

    thanks,

    Kevin

  • RELEVANCY SCORE 2.31

    DB:2.31:Mpls At The Customer Edge cd



    Greetings, ive been tasked with putting together an MPLS solution for one of my customers.

    We were originally going to be using individual WAN links and running a DMVPN on top for routing and security between sites.

    There will be 1 HO and 8 remote sites, a single ASA 5510 and 3800 ISR will sit at the HO and 2800 ISR's at all other sites.

    The HO will have a single leased line terminating on ethernet and all other sites will be on SDSL.

    Im semi aware of the capabilities of MPLS and that peering is normally achieved by using BGP, OSPF, RIPv2 etc but haven't any practical experience of configuring a collection of routers for customer sites.

    If someone could answer the questions below it would be much appreciated.

    1. Do all routers at customer sites run BGP or other dynamic routing protocols to advertise there internal networks into the cloud or is just one router namely the HO Router run BGP and all other sites use statics to enter the cloud?

    2. I continually see references to Layer 2 and Layer 3 (IPVPN) MPLS designs, can you utilise a Later 2 MPLS Network and run IPSec/GRE on top for security and routing purposes?

    3. Is MPLS a fully meshed topology by default or is a requested feature?

    4. Are there any CE router configuration examples available to see a real world configuration?

    Any help would be much appreciated.

    DB:2.31:Mpls At The Customer Edge cd


    Brilliant Martin just what i needed to hear!

    Regards

  • RELEVANCY SCORE 2.31

    DB:2.31:Nexus 7000 Mpls Troubleshooting Guide am



    Place Holder for N7k MPLS Troubleshooting Guide

    DB:2.31:Nexus 7000 Mpls Troubleshooting Guide am


    Place Holder for N7k MPLS Troubleshooting Guide

  • RELEVANCY SCORE 2.30

    DB:2.30:Conceptual Question On Backup Circuit Options To Mpls Network 1z


    Hi, can you give me your thoughts about this:

    Imagine organization with 3 sites in the US, 4 sites in Europe and 2 in Asia connected via MPLS.

    Requirement:In case of failure on primary router or circuit to MPLS network, we need to provide a redundant link to get to the MPLS network.

    Proposed solution:

    Service Provider offers a product called "Secure Gateway", which consists of a small Cisco router connected via Internet. Then the Internet circuit traffic flows thru a firewall and securely reaches our MPLS network - OK.

    Question:

    Some folks in my organization are asking: Instead of paying for such "Secure Gateway" solution, why not establish an IPSec tunnel from SiteWhichFails-MPLS to AnotherSite-MPLS and from there get to the MPLS network temporarily? I thought about the following cons about this:

    - I would need to verify that AnotherMPLS site has bandwidth to support the site which MPLS circuit went down? I may end up having to pay for the extra bandwidth anyway.

    - If I hop to another site, risk to increase latency and impact performance and maybe break current or existing applications?

    Please let me know whether my cons make sense and your thoughts and whether you have seen folks successfully hop to another MPLS site in order to provide temporary connectivity.

    DB:2.30:Conceptual Question On Backup Circuit Options To Mpls Network 1z


    Hi

    You can def opt out of the secure gateway solution and go ahead with point to point ipsec connectivity provided you have proper routing in place in all the location to route the traffic back properly through the ipsec tunnel.

    As far my knowledge goes you got to have good SLA's available on internet links as well but that will come with additional cost factor attached to the SLA.

    Also you havent clearly mentioned whether you are trying for point to multipoint communication or any to any communication here. If its any to any then the routing needs to be properly designed to tackle any kinda failure scenario.

    Assume that you have any to any topo and a simple problem only with the mpls network in asia region,then rest of your locations should be able to talk to the asia regions through the ipsec tunnel.

    I have worked on similar kinda setup but with mutiple protocols involved to enable the auto routing without any manual intervention.

    regds

  • RELEVANCY SCORE 2.30

    DB:2.30:Mpls Vpn- Voice Vrf c1



    Hi,

    Implemented MPLS VPN, however struggling with voice service. We have creted one common services VRF where all the services are teminated.Imported all other VRF routes into this VRF and vice versa. However the customers in diferent VRF's cannot call each other. we thought of seperate VRF for voice and it works.Or rather use the backbone for voice. Couldn't think of any other solution. Can this be resolved in any other way.

    Have a Nice day!

    Nishant

    DB:2.30:Mpls Vpn- Voice Vrf c1


    Hi Reza and Giuseppe

    fusion VRF : This is great!

    Did not notice fine details to wat n wher could we use it.

    Well, If there are soft ip phones used then we can use this.

    FYI

    Have a nice day!

    Nishant

  • RELEVANCY SCORE 2.30

    DB:2.30:Question On Multicast - Mpls p1



    Imagine one has

    HeadquarterCE---------(PE1 MPLS PE2)----------CEBranch1

    (Source)                                                        (Receiver)

    From reading the documentation below, I see the associated configuration that service provider would do in order to make PE and P routers as PIM neigbhors.

    Questions:From a customer perspective, what are the configurations left for the CE routers?

    I mean, I am just trying to understand how using multicast implemented on the MPLS network will save work and configuration time for customers.

    http://www.cisco.com/en/US/tech/tk828/tech_digest09186a00801a64a3.html

    DB:2.30:Question On Multicast - Mpls p1


    Hello Marlon,

    your understanding is correct: PIM SSM should be the preferred choice on SP side as it allows to skip RP configuration in VRF or to use MSDP towards customer RP.

    However, the customer may be still using PIM SM with RP(s)

    Hope to help

    Giuseppe

  • RELEVANCY SCORE 2.30

    DB:2.30:Layer2 Poe Switches 1z



    Hi,

    I searched Cisco catalyst switches products for PoE support, and all of these are layer3 switches like 3560 and 3750, but the new Catalyst 500 switches support this feature but not all of its ports.

    Does any other Layer2 switches support PoE?

    thanks in advance

    DB:2.30:Layer2 Poe Switches 1z


    Hi,

    Thanks alot... i have to purchase a new switches with Giga ethernet and also PoE, so the only solution is L3 switches. The problem for the Catalyst500 is the giga ethernet.

    Thank you

  • RELEVANCY SCORE 2.30

    DB:2.30:Cisco 2500 2600 Support For Mpls ??? c8



    Can Cisco Router 2500 2600 Series provide provide MPLS switching?

    DB:2.30:Cisco 2500 2600 Support For Mpls ??? c8


    2600 can be mpls pe , I did mpls vpn TE lab with a few 2600 router. but i forget the ios version

  • RELEVANCY SCORE 2.30

    DB:2.30:Qnq Vlans Over Power Bridge Not Working kc


    We are trying to configure wireless transport between two customer buildings for a corporate network with numerous. The equipment is setup as follows, all switches are Cisco Switches1. Customer Switch (Trunk Port) to Transport Switch1 (QnQ Port, Vlan 2500)2. Transport Switch 1 (Trunk Port, Vlan 2500,3000,3,4) to PowerBridge M365 (AP-WDS)3. PowerBridge M365 (STA-WDS) to Transport Switch2 (Trunk Port, Vlan 2500, 3000,3,4)4. Transport Switch2 (QnQ, Vlan 2500) to Customer Switch (Trunk Port)When we have the Trunk ports of the Transport Switches connected by Ethernet Cable everything works as desired. When we put the PowerBridges in place we have issues. Devices on each side of the Customer switches get DHCP from their respective Vlans, some data flows, some does not. Able to get Internet from the correct Gateway, able to connect to Exchange, able to Ping Servers and devices back and forth. Not able to connect to network folders, SIP registrations, or GUI based devices. Again, this all works when the PowerBridges are removed and both transport switches are connected by Ethernet.Any suggestions on what could be causing these problems?

    DB:2.30:Qnq Vlans Over Power Bridge Not Working kc

    Throw him a for the good advice. Lord knows, with the Oregon weather he can use it. :-)Cheers,Gene



    NEW FORUM MEMBERS:Seek knowledge. Press the [Knowledge Base] link at the top.

  • RELEVANCY SCORE 2.30

    DB:2.30:User Tracking Like Traceroute 7k



    May I get any kind report or tool for user tracking link traceroute?

    I mean is "user A or server -- layer2 switch -- layer2 switch -- gateway -- layer2 switch -- layer2 switch -- userB "

    May I get User tracking report user A to user B     or   User A to gateway

    I think old verison of lms have these reports

    DB:2.30:User Tracking Like Traceroute 7k


    The layer 2 path trace to which you refer no longer exists in LMS.  The application that did this, Path Analysis, was removed in LMS 3.0.

  • RELEVANCY SCORE 2.30

    DB:2.30:Ccip Mpls Test 1x



    any suggestions on the best book for the MPLS test.

    TIA

    Leo

    DB:2.30:Ccip Mpls Test 1x


    u can follow

    KnowledgeNet Implementing Cisco MPLS (MPLS) 2.0 Student Guide

    this is ebook which is a perfect match for exam point of view

  • RELEVANCY SCORE 2.30

    DB:2.30:Qos Appyling On Fast Ethernet In Mpls Network(Urgent) ak



    Hi,all

    Thanks in advance

    Their is some confusion in qos configuration in mpls network.

    One of my customer wants to deploy qos for bandwidth management in mpls network.

    Scenario is like below.

    MPLS sp provides 18 mb ethernet connection to customer.Bandwidth is controlled by MPLS sp.customer wants to reserve 16 mb for video traffic and remaining for data.But connection is comming on fastethernet port on 2811 router.I am plaaning to use CBLLQ.is it right solution or not?

    DB:2.30:Qos Appyling On Fast Ethernet In Mpls Network(Urgent) ak


    There are two issues you need to address. First, what to do with the traffic you send to MPLS. Second, what happens to the traffic as it exits MPLS.

    For the former, much as the other posters have also noted, a hierarchical shaper, with the parent's shaper configured for 18 Mbps, and the child's video class provided 16 Mbps, would often be the norm. If the video is not real-time, an ordinary CBWFQ class reservation of the necessary bandwidth usually works fine. If the video is real-time, e.g. video conferencing, LLQ is often the choice, but at these bandwidth levels, it's often not necessary.

    e.g. (pseudo config)

    policy-map parent

    class class-default

    shape 18 Mbps

    policy-map child

    class video

    bandwidth 16 Mbps (or priority 16 Mbps)

    class class-default

    no fair-queue (FQ, on most platforms, seems to disturb non-LLQ bandwidth reservations)

    fastethernet 0/0

    service-policy output parent

    The latter issue, what happens at MPLS egress, can be just as important. If your MPLS environment is multi-point, it's crucial too. If there are only two sites, your outbound policy, alone, might be all you need, but you still need to confirm what the MPLS provider does. For instance, they might rate-limit the MPLS egress bandwidth, and if their burst intervals differ from your shaper's, even though you both are configured for 18 Mbps, they might still drop some of your traffic.

    If you're working with multi-point MPLS, then you need to consider how to obtain the bandwidth reservation you need within that environment which is very dependent on what the MPLS vendor offers. The latter is usually accomplished by usage of some type of CoS/QoS marking, for which the MPLS provider guarantees some service level for particular markings.

  • RELEVANCY SCORE 2.30

    DB:2.30:Mpls x9



    Good day,

    please, what security enhancement brings by mpls ??

    There is particular feature for it ?

    Regards.

    DB:2.30:Mpls x9


    Hi Friend,

    Please see the mpls security paper :

    http://www.cisco.com/en/US/products/ps6822/products_white_paper09186a00800a85c5.shtml

    http://www.cisco.com/application/pdf/en/us/guest/products/ps6822/c1161/cdccont_0900aecd803b4552.pdf

    http://www.cisco.com/en/US/products/ps6822/prod_white_papers_list.html

    HTH, Please rate if it does.

    -amit singh

  • RELEVANCY SCORE 2.30

    DB:2.30:Cpe For Dynamic Mpls sd



    What is the minimum hardware /IOS requirements for implementing Dynamic MPLS over a CPE router?

    DB:2.30:Cpe For Dynamic Mpls sd


    Dear qaurav,

    The CPE customer router doesn't MPLS aware it can be router that running ip forwarding, for PE the PE routers starting from C2600.

    Please rate helpful posts,

    Best Regards,

    Mounir Mohamed

  • RELEVANCY SCORE 2.30

    DB:2.30:L3 Mpls Vpns: What Do You Think? fd



    Hello,

    This is not a conversation about a particular network issue related to L3 MPLS VPNs. I just wanted to listen to experiences of people here with the particular solution and I am trying to get a feeling of the popularity of the solution.

    I will start first. According to literature (and cisco press in particular), L3 MPLS VPNs are very popular (if not the most popular MPLS application). I am having a hard time to believe that. There are advantages, but I think the setup and troubleshooting are quite complex. I admittedly like routing and I like thinking about hard routing scenarios. However, in the best case those scenarios are a plain intellectual challenge and in the worst case a plain headache. I think the person who tries to solve an issue has to think about a lot of factors and lots of protocols. I don't know, perhaps if BGP was the only PE-CE routing protocol, the solution would be more elegant.

    Probably L3 MPLS VPNs apply well to remote access in a VPN scenarios. I cannot think of any other case where L2 MPLS VPNs cannot be an alternative solution that also provides a clean separation between customer and provider routing. In addition, redistribution between IGP and BGP has been upgraded from a better avoided practice to an actually needed one.

    In my previous job we have been working in software development for automating the generation of configuration for various VPN scenarios and topologies using a very simple web GUI. Still, even with such a tool available, administrators seemed to prefer L2 MPLS VPNs (especially in hub and spoke topologies). I guess the tool could not help if they had to resolve routing issues.

    What do you think? Do you like L3 MPLS VPNs? Are they really so popular? Do customers really like them and am I lucky enough to not have to deal with them daily at this point of my life? :-)

    Kind Regards,

    Maria

  • RELEVANCY SCORE 2.30

    DB:2.30:Isps Layer2 Link But Not Vpls. What Kind Of Technology? kp



    I understood that service provider will use hardware Alcatel 6850 on the distribution/core and Zyxel 2108G on customer access level.

    The query is that service provider says it's not VPLS which should work most probably through MPLS network of ISP.

    ISP noted that it would be direct 802.1q VLAN between two sites without any Layer3 on ISP side.

    Can you please help me to:

    - understand what kind of connection this will be?

    - is this connection is fine for customer?

    - identify if this kind of connection will be fine for converge network (voice+data) ?

    - what should I ask to ISP to clarify details?

    Many thanks...

    DB:2.30:Isps Layer2 Link But Not Vpls. What Kind Of Technology? kp


    Kishore Chennupati wrote:

    Hi,

    There are 2 things here.

    The SP can simply use a dedicated trunk port on their switch and ship your vlans this across on their infrastructure.

    WOW, I never heard that before! Talk about horrible service agreement.

    I can see other customers sharing the same ISP switch incorrectly using other customers Vlans and leaking their data into each others' networks.

    The main reasoning behind Q-in-Q is that the ISP customer facing port has a dedicated Vlan for that customer and Vlan leaking wouldn't occur due to customer misconfiguration.

    Additionally, with the 'trunk' design,  the customer can only send one Vlan while with Q-in-Q, the customer can configure the ISP facing port as trunk and send multiple Vlans.

  • RELEVANCY SCORE 2.30

    DB:2.30:Mpls Vpn Solution 9a



    Hi i am desinging an MPLs ip based vpn for large enterprise.is there any simulator where I can check my results for various applications like voip,videoconferencing etc.

    Thanx

    Usman Shaikh

    DB:2.30:Mpls Vpn Solution 9a


    Unfortunately not. The easiest way would be to put a proof of concept lab together.

    Hope this helps,

  • RELEVANCY SCORE 2.30

    DB:2.30:Mpls Question 7z



    Just want to know if the CIR that providers give to customers have burst just like FR? example, they give me 128k for my link. Do it has a burst like 256k if your using MPLS VPN. Please enlighten me. Tnx a lot!

    DB:2.30:Mpls Question 7z


    Hi,

    burst is burst whether its an MPLS-VPN service or Fram-relay service.

    The point here is that up to which limit you can burst? and this should be agreed with the SP.

    As for Bc, Be calculation, If you just a CIR value provided by the provider, Cisco routers will calculate (Bc, Be) values, unless you manually change it.

    It depends on which method you use, single token bucket or dual token bucket.

    HTH

    Mohamed

    F

  • RELEVANCY SCORE 2.30

    DB:2.30:Vrf Traffic Over Mpls Te Tunnel dk



    Hi.

    I have MP-BGP/MPLS in my network and different customers vpns. For example, i'd like to put traffic of certain VRF to certain MPLS TE tunnel. I think it is possible to use PBR or static routing, but in this case i have to do a lot of manual configuration.

    Is there more dynamic way?

    DB:2.30:Vrf Traffic Over Mpls Te Tunnel dk


    There is no other way I know of for elegantly routing VRF to a specific TE tunnel...However, in a L2VPN pseudowire, under the pseudowire-class configuration you can specify the next-hop interface which can be a TE tunnel.

    Let me know if this clarifies.

  • RELEVANCY SCORE 2.30

    DB:2.30:Qos On A Layer2 Only Subnet mf



    I have a layer2 only vlan across different floors on a number of 6500s running IOS, is there a simple way to mark the traffic on that vlan efficiently instead of marking on hundred of ports manually ? Thanks for the input.

    DB:2.30:Qos On A Layer2 Only Subnet mf


    Unsure, what all the 6500 supports, but for L2 only, you might be able to mark on just L2 uplinks. Or, if you are also running L3, mark at the (virtual) gateway interface.

  • RELEVANCY SCORE 2.30

    DB:2.30:7300 Support For Mpls Te kp



    Does the 7300 currently support MPLS TE, either in the PXF path or software processed?

    DB:2.30:7300 Support For Mpls Te kp


    The 7300 does support MPLS TE. You can choose the version that supports if you have access to the Feature navigator tool which requires a CCO account.

  • RELEVANCY SCORE 2.30

    DB:2.30:Mpls 3f



    Hi 2 All

    I got little idea about MPLS and routing. Can someone help me to find solution to my concern.

    We got Two DataCenter and 65 small regional sites.

    DC1 connects to DC2 via Fiber and backup link 10MB with Broadband.

    In order to have remote branch connectivity DC1 connects to SP MPLS cloud with 20MB all 65 remote sites connects to DC1 using SP MPLS link.

    For Lan Segment all sites use OSPF as routing protocol and SP uses BGP for MPLS connectivity.

    We plan to connect DC2 to the MPLS cloud with 10MB.  Once this link is connected ; routing issues would start.

    What would be an ideal way to configure routing so that DC1 or DC2 prefer Fiber as primary connection, broadband as secondary connection and if both are down then MPLS link to communicate. How would I handle the 65 regional office traffic.

    Please give me some advice

    Best wishes

    Anthony

    DB:2.30:Mpls 3f


    Chris thanks alot for helping on this post.

    Best Wishes

    Anthony

  • RELEVANCY SCORE 2.30

    DB:2.30:Crtp In Mpls Vpn 88



    If customer config cRTP in CE Router (to PE link), do the PE router need to do something or cRTP support only in pure point to point link (layer2)?

    DB:2.30:Crtp In Mpls Vpn 88


    Hi,

    cRTP should be configured for both sides, CE and PE in order that you can reach to a better voice quality. If it is a F/R VoIP configuration " frame-relay ip rtp header-compression" command line should be under the both sides of CE and PE sub-ifs. If It is leased-line, i mean hdlc encapsulation is on, directly put ip rtp header-compression for both sides. You may find an awful lots of information about cRTP if you give a search on CCO.

    Regards,

  • RELEVANCY SCORE 2.30

    DB:2.30:Mpls Vpn - Dhcp m3



    Hi

    looking for a solution to use DHCP as a central service in MPLS VPN. DHCP server needs to be able to support overlapping IP ranges.

    Option82/VPN ID - what DHCP server supports this solution?

    Jon

  • RELEVANCY SCORE 2.30

    DB:2.30:For Mpls Which Book Is Best For Beginners ? aa



    Please advice What you started to use for learning MPLS ?

  • RELEVANCY SCORE 2.30

    DB:2.30:Inter-As Or Csc jm



    Hi All,

    I have a probelm on hand, can someone here advise.

    Am designing a medium size MPLS network. And the MPLS service is spread in different regions.Now this SP doesnt own a MPLS backbone. So need a Transit MPLS service provider. Now the question is what is the best method of recommending a solution. Whther Inter-AS transit service method or CSC method.

    Typical Topology,

    SPA - PoP1 =====Transit MPLS==== SPA - POP2

    This transit MPLS should be via CSC or inter=AS method.

    can someone help me with the pros and cons for each method.

    Thanks in advance,

    Jasvinder.

    DB:2.30:Inter-As Or Csc jm


    you have a few other issues as well. What IGP are you running? Hope its OSPF as ISIS is a no no in a vrf (apparently it is there but i still havent seen code that supports it). Also on the multicast front - MVPN within a CSC environment is fine - i tested that a good few years ago and works absolutely no problems.

    HTH

    Remember that with CSC the routing table that the SP takes is your IGP, that is it the SP has no knowledge of the thousands of vrfs. ALSO some SPs will not do such an interface due to the inability to hide their core hops (the no mpls ip propogate-ttl command has no affect in CSC envronment - this is being sorted tho).

    HTH

  • RELEVANCY SCORE 2.30

    DB:2.30:Am I Right About This??? c3



    Hi there...

    The main difference between layer 2 and layer 3 MPLS based VPNs is the type of customer connectivity that happens with Service Provider (SP)...In layer2 VPNs, the connectivity is simple L2 (e.g. q-in-q/VPLS) and in Layer 3 it is basically using routing protocols from CE to PE End...

    Now my question is, let it be any connectivity between CE-PE...But what I'm interested in is the MPLS behaviour...It's going to be Layer 3 connectivity in MPLS cloud regardless of what mechanism is being used for CE-PE, right????????

    Now I have other question....Say I have a customer A in San Jose connecting thru SP A and I have a customerB in New York Connecting thru SP B....Two different customers but belonging to SAME ENTERPRISE but connecting thru two different SPs..Can I have VPLS services offered to these two different customers of SAME ENTERPRISE thru two different SPs?????Or is that all manadatory to use only ONE service provider offering VPLS services in different Metros say San Jose,CA,VA,NY etc...????`

    Sorry for asking such basic level questions, but just wanted to clear doubts in my mind...

    Regards,

    NISHA

  • RELEVANCY SCORE 2.30

    DB:2.30:Mpls In Parallel cj



    Hi community,

    I am looking for the best solution for migrating to a new MPLS provider.  I am running a 7200 router with vrf's configured and it has our current provider that supplies internet and mpls.  How do I add the new mpls provider at the same time and cut each remote location over to the new MPLS.  Should I add another router in the mix for the new provider or do I connect the circuit into my current router?

    Thanks guys!

    DB:2.30:Mpls In Parallel cj


    Earl

    Okay, that makes more sense.

    I think if you can i would use another router for exactly the reasons you describe. It just makes everythiing a lot easier (in my opinion) and minimises the risk of any new configuration affecting your exsiting network.

    Once it is migrated then you can migrate the other VRFs across or just keep the two routers running together.

    Jon

  • RELEVANCY SCORE 2.30

    DB:2.30:Edgerouter - Failover Solution For Airfiber (Layer2) x7



    Hello All,

    Sorry about the chart.

    I am looking for a way to have a Layer2 failover for my Airfiber links. I am planning to use rocketM5 as backup in case my Airfiber RF goes down for rain fade. The problem i see is that my network is working at Layer2 only. I didn't see at edgerouter at least at GUI an option to handle this scenario.

    Can somebody please, help me on this? If Edgerouter is not a good solution , maybe Toughtswitch using STP, could work? Please, share opinions.










    Attachments:




    DB:2.30:Edgerouter - Failover Solution For Airfiber (Layer2) x7


    Wow, that was fast; thanks UBNT-stig! We'll try this out shortly.

    Sorry to make another stig joke, but it's obligatory (in my mind, at least): I guess they wouldn't call you the 'stig' if you weren't so fast.

  • RELEVANCY SCORE 2.30

    DB:2.30:Af24 Layer2 Failover Solutions. ms



    Hello,

    I am facing a lot of issues in my town at this time with my airfibers. I have about 18 links, most of them with about 8km distance. When strong rain happens , i have to pray for my network be UP. I am looking for a solution that works under layer2 failover for my links. I was planning to use 5.8ghz or 3.65ghz as backup. I've checked ubiquiti forums and seems that mikrotik does this job. Is there any other alternative?

    DB:2.30:Af24 Layer2 Failover Solutions. ms


    ''doush', you're arguing for yet another feature.

    I don't doubt that 'PLA' is a more elegant solution,but simply providing multiple paths will yield theredundancy asked for here. If one path fails toprovide throughput, the other path takes over. Dave




    HQ in Seacoast region New Hampshire U.S.A. Ubiquiti Certified Trainer [UCT] for: UBWA [AirMax] / UEWA [UniFi] / UBRSS [EdgeOS (routers)]