L2TPv3 or EoMPLSoGRE

Similar Questions

• Connect the 2 locations using RV016 router to fill 2 different networks.

  I have a RV016 connected to a comcast cable modem to slot 1 with IP 192.168.6.1

  I have a RV016 connected to a comcast cable modem at the 2 with 192.168.10.1 IP location

  I installed a VPN tunnel from gateway to gateway between 2 routers RV016.

  I have a LAN in slot 1 with the IP 192.168.1.1, which connects to the internet through an Adtran router with 4 lines of T1 servile.

  I have a LAN with IP 192.168.5.1 2 location that connects to the internet through an Adtran router with 3 T1 lines servile.

  I like a computer to location 2 to connect to the RV016 in the local Comcast modem to the Comcast modem at location 1 in the RV016 to slot 1 then go out to the local network at location 1 and communicate with an application server on LAN 1.

  Help, please.

  You can't do that with a RV016. The RV016 only supports layer 3 tunnel. This means that the two ends are different networks with different subnets. The traffic between them is not filled.

  If you want to really two bridged networks, i.e. join in a single LAN with a single IP subnet and a single broadcast domain you need a layer 2 tunnel, for example a tunnel L2TPv3. That works on layer 2, which is on the MAC addresses inside your networks. In this way, you can use the same IP subnet at both ends and on each side, it seems that the other side is connected to the same ethernet network.

  The RV016 does not support the tunneling of layer 2. You can create an IPSec tunnel, which is layer 3. If there is really a need for a tunnel layer 2, you get different devices. I recommend that you evaluate if a layer 2 connection is really necessary or not.

• Extend the L2 VLAN multi-site WAN

  Hello

  I have several sites connected over a MPLS network provider, everything works as expected, have full connectivity L3 in all these sites.

  I now need to establish layer 2 connectivity (VLAN) on the 21 sites. Ideally, I would intend to attach additional routers behind routers of THIS (don't have no access to these suppliers or PEs, but provider may re - configure BGP on the CE peer with our device) and use a port on these routers as port Lan Layer 2, but do not know which technology to use

  1. L2TPv3 comes to mind, but can L2TPv3 works in a multipoint configuration? Can I have a site as a hub and others like rays and talk through the hub? Traditional using L2TPV3 config, how do I use multiple Xconnects for the same VLAN on the same interface?
  2. Worse, I can run on (also our new routers VPLS PEs) MPLS VPLS, but seems like overkill.

  What you guys say is the most simple/more elegant solution for this puzzle?

  L2TPv3 does not support multitouch.  It can perform point to point.

  VPLS does support multitouch, but you need much more expensive kit to do.

  I have just a brainwave!  You only use the IP protocol for this network of layer 2?  If so, use LISP.  It works on the same lower end kit of Cisco.  I would like to convert your entire network to him.

  In particular, you must activate the LISP mobility.

  General information of LISP:

  http://Lisp.Cisco.com/

  An example of an extension of the continuous complex layer 2 using LISP with full redundancy.  You don't want something this complex, but it shows what you want to do, and the massive power that LISP has.

  http://www.Cisco.com/c/en/us/TD/docs/solutions/Enterprise/Data_Center/DCI/5-0/LISPmobility/DCI_LISP_Host_Mobility/LISPmobile_4.html

• Using L2TP xconnect on 7600/ss20

  Dear friends,

  A colleague asked me to help him establish a L2TP pseudowire between two routers in the 7600 series. At first, I thought that it is an easy task, but it has suddenly become a problem we couldn't solve.

  The goal was to provide a plain pseudowire L2TP between two different ports (no interoperability, just a simple pseudowire) 7600 routers. This pseudowire has been configured in a simple manner with the help of a simple class pseudowire and respective order xconnect on Ethernet interfaces:

  pseudowire-class PW-Class
  
      encapsulation l2tpv3
  
      ip local interface Loopback0
  
      !
  interface GigabitEthernet3/0/0
  
      no ip address
  
      speed 1000
  
      no mls qos trust
  
      xconnect A.B.C.D 1234 encapsulation l2tpv3 pw-class PW-Class
  

  The problem is that while the L2TP control connection is established successfully, this tunnel operates all the data either:

  7604-First# show l2tp
  L2TP Tunnel and Session Information Total tunnels 1 sessions 1
  LocTunID   RemTunID   Remote Name   State  Remote Address  Sessn L2TP Class/
  
                                                                 Count VPDN Group
  
      2978780432 1598333693 7604-Second   est    A.B.C.D         1     l2tp_default_cl
  LocID      RemID      TunID      Username, Intf/      State  Last Chg Uniq ID  
  
                                       Vcid, Circuit                                 
  
      9560       21227      2978780432 1234, Gi3/0/0        est    00:36:55 20
  7604-First# show l2tp session packets
  L2TP Session Information Total tunnels 1 sessions 1
  LocID      RemID      TunID      Pkts-In    Pkts-Out   Bytes-In   Bytes-Out
  
      9560       21227      2978780432 0          0          0          0
  

  We have tried several ways to configure the pseudowire as well using the xconnect directly on the physical interface and creating a "service instance" and using the xconnect inside the service instance configuration. Nothing has had a positive effect. The L2TP control connection gets easily implemented, but frames received by IG3/0/0 seem not yet to be passed in the pseudowire. The problem is the same on both ends of the pseudowire.

  The question is - is there a problem in the config or not the 7600 with the absence of ss20 line card appropriate for establishing L2TP pseudowires support?

  Information about the versions of hardware and software of the equipment:

  IOS version: Cisco IOS software, software c7600rsp72043_rp (c7600rsp72043_rp-ADVIPSERVICESK9-M), Version 12.2 (33) SRD4, VERSION of the SOFTWARE (fc2)

  Excerpt from 'Show inventory:

  NAME: 'CISCO7604', DESCR: "Cisco Systems Cisco 7600 4 - slot Chassis System.
  NAME: 'CLK-7600 1', DESCR: "clock of the OSR - 7600 FRU 1"
  NAME: 'CLK-7600 2', DESCR: "clock of the OSR - 7600 FRU 2"
  NAME: "module 1", DESCR: "RSP720 - 3 c - 2 ports Route Switch processor 720 Apocalypse 5.9" GE
  NAME: "msfc sub-module 1', DESCR: ' 7600-MSFC4 C7600 MSFC4 Rev 1.5 daughter card"»
  NAME: "engine switching sub-module 1', DESCR:" policy 7600-PFC3C card 3 Rev 1.2 feature "»
  NAME: "module 3', DESCR: ' 7600-ss20-GE3C ESM20G Rev 1.5".»
  NAME: "LINK sub-module 3', DESCR: '7600-ss20-20GE link Daugher card rev. 1.1 "
  NAME: "subslot transceiver 3/0 0', DESCR:"GE T ".
  NAME: "subslot 3/0 Radio 1', DESCR:"GE T ".
  NAME: "subslot 3/0 transceiver 2', DESCR:"GE T ".
  NAME: "subslot 3/0 transceiver 3', DESCR:"GE T ".
  NAME: "subslot 3/0 transceiver 4', DESCR:"GE T ".
  NAME: "subslot 3/0 transceiver 5', DESCR:"GE T ".
  NAME: "subslot 3/0 transceiver 18', DESCR:"GE T ".
  NAME: "subslot 3/0 transceiver 19', DESCR:"GE T ".
  NAME: "CPU sub-module 3', DESCR:" type of 7600-ss20-PROC FRU (0 x 6005, 0x6A5 (1701)) Rev. " 1.4 "
  NAME: "engine switching sub-module 3', DESCR: ' 7600-ss20-D3C ESM20G / PFC3C Distributed Forwarding Card Rev 1.2".
  NAME: 'FAN-MOD-4HS 1', DESCR: "Module ventilation high speed for CISCO7604 1"
  NAME: "PS 1 PWR-2700-AC/4 ', DESCR:"2700W power supply for CISCO7604 1 "
  NAME: ' PS 2 PWR-2700-AC/4 ', DESCR: "2700W power supply for CISCO7604 2"

  Any help or advice is much appreciated!

  Best regards

  Peter

  Have you watched the L2TPv3 related restrictions to 7600? You need a SIP-400 line card access or ARE + face. -20 as facing access is not supported. Base coating can be any line card.

• Disaster recovery network topology

  I am creating an exact replica of the production network to the location of DR.  Using replication from host to host, host to vmdk and data backup, I am replicating servers and data via.  Now, I need delete it even subnet and the server and domain names.  The network of production and the location of Dr. currently use different subnet separated by a point T3 connection to point addresses.

  Main reasons:

  1. Applications were not designed with Dr. in mind.  The resources are referenced by name or IP address.
  2. Easier to clone DC and specific application systems.
  3. Other systems can be online on the subnet of DR and replication of data until the time of the disaster, then give DR server with the same name and IP address of the production system.
  4. You need to be able to put a server on the field mirrored online to test without affecting the production network and the domain.

  Considered L2TPv3, but this does not solve my problem of mirroring systems.  I can't make it appear 2 controllers domain mirrored or replicated upwards at the same time servers.

  Thinking of using a router NAT of DR subnet for the subnet of replicated production. Adds a lot of complexity and the mapping of IP conplexity.

  Whereas also the implementation of a DMZ on DR PIX with the subnet of production.  Allows me to route traffic to the Dr and the Internet subnet.  Allows me to filter traffic to avoid conflicts by IP and name.

  Of course any test that will be done will require disabling the T3 connection and access to the network of DR from a different path as the VPN.

  Looking for previous configurations, thoughts, recommendations.

  Thanks in advance.

  Hello

  It is a typical site of the DR cold installation which normally only used in times of disaster only. The only two test available ti DR site system option are as below.

  Turn off the main site communication

  Apply the NAT & ACl to DR router to link to main site.

  Option two allows Dr. validation of access and the application of the system of main site.

  Thank you

  Mustafa

• Question about router 72XX and LAN switching

  Hello 2Tous

  There is a 7204VXR/NPE-G2 router, our client wishes to ensure the transparent flow of about three hundred vlan via the router, switch functionality as trunking switchport allowed vlan xxx, yyy, zzz. Given that the router is not broadcast a vlan and for the 72xx series, I have found no commuting port adapter, is it possible to meet the demand of customers without having to install additional standalone switch.

  Hello Sultanov,

  > our customer wants to make sure that the transparent flow of about three hundred vlan via the router,

  You can use vlan based on IP with L2TPv3 transport

  See

  http://www.Cisco.com/en/us/docs/iOS/12_3t/12_3t2/feature/guide/gtl2tpv3.html#wp1043064

  However, I'm seriously worried about the amount of traffic that the customer is supposed to move around on the links:

  a NPE - G2 can handle 500 Mbps of traffic full suplex between two GE ports.

  And sharing 300 VLAN between two sites look as inappropriate.

  Be aware of this, L2TPv3 should be able to carry the frames of the 300 VLAN between two sites on an IP network, but traffic levels must be controlled in some way or the router the Wan link can be submerged

  Edit:

  If the customer wants to take over the 300 VLAN locally within a single site, it is a work of lan switch and I would use one (C4500 or better) with a link routed to the C7204 that act as router WAN

  L2TPv3 could support local switching but this has an impact on performance (traffic not called twice by the router)

  Hope to help

  Giuseppe

• Expand the production VLAN behind ASA5510 to the remote site and 2821

  I have a 5510 ASA and here to contact one of the subnets behind this ASA out to my house which has a modem cable, a switch/router wireless and then behind that I have a router 2821.  I have read and it seems that L2TP can be the way to go, but can not find config examples.  Yet once again, I'd extend an and nail a permanent connection of one of VLAN in the production network to the bottom of my house using my cable modem and the 2821.  Examples of configuration would be very appreciated!  In addition, any recommendations for the IOS 2821 would be very appreciated.  Finally, the L2TP looks like how I need to go?  I enclose a very basic Visio diagram of what I'm trying to do.  Thank you, john

  You must L2TPv3.

  ASA does not support but will pass L2TPv3 borrowing.

  At work, you will need to add another router. L3 switches does not support it.

  The configuration of a router would be:

  Pseudowire-class test

  L2TPv3 encapsulation

  IP local interface loopback0 (this will be the source of the tunnel, can use any interface with the IP address access remote xconnect)

  !

  int fas0/0.30

  (do not put an ip address here)

  encapsulation dot1q 30

  pw-class xconnect X.X.X.X 1000 test

  X.X.X.X is the IP the remote router interface, it serves to "interface local ip" in the remote configuration

  Make sure that corresponds to 1000 (VC ID) on both sides