VPLS with resilience

Hi all

I work with a client who has VPLS network linking all of their sites. The VPLS network is a single instance, creation of a single broadcast domain.

The customer has purchased links to backup VPLS for two of their offices as shown in the attached diagram. The links are attached to the Cisco 3560 switches and L3 is managed by Lass, routes static and HSRP. Like all all the links are in the same VLAN and spanning tree blocks backup circuits 1 and 2 offices.

He is currently working and manageable, but this network will increase over the next months a few more added 5 sites all with VPLS primary circuits and backup. My fear is that will spawn in a big mess of tree cover and will be difficult to evolve and manage,

Is there a better way to achieve resilience without using the tree covering weight? I thought that dynamic routing can be used, but this custom stop prevention loop base layer 2 place unless the ports in the face of the VPLS are routed. Is this possible? If I go with routed port primary and backup links should be in different subnets?

Any help is appreciated.

Thank you

Yes, office 3 will be a network 1 desktop via Office 2 accessibility and

Office 1 will have 3 via Office 2 office network accessibility.

Remember messages useful rate.

Tags: Cisco Network

Similar Questions

  • Question of vlan Cisco 7600 PFD

    Hello!

    Please help with a question.

    In our network, we have 7600 and I need to create a service of vpls with two different VLAN associated with a PFD:

    L2 PFD manual test
    VPN id 100
    neighbor 1.1.1.1 mpls encapsulation

    interface Vlan120
    no ip address
    Shutdown
    PFD xconnect tests
    !
    interface Vlan121
    no ip address

    And when I try to reach "xconnect PFD testing:

    Incompatible with the PFD configured setting.
    Check the interface MTU, VLAN ID size
    Or try to configure BPDU PW on routed SVI, which is not allowed

    Is it possible to do or not? No mapping VLANs etc.

    Thank you all!

    Hi Dimitri, you can do it, but the link is made to port vlan does not level level IVR.

    Here is a configuration snippet:

    the GigabitEthernet4/1/0 interface

    101 ethernet service instance

    encapsulation dot1q 101 second 10

    rewrite the penetration pop tag 2 symmetrical

    interface GigabitEthernet4/1/1

    ethernet 100 service instance

    encapsulation dot1q 100

    rewrite tag pop 1 symmetrical penetration

    connect GigabitEthernet4/1/0 eline-101 101 100 GigabitEthernet4/1/1

    Xander

  • 600 GB HARD disc

    They are supported by the 600 GB 15 k RPM HDD in RAID 5?
    What is the size of VMFS for this configuration?

    -2 x Dell PE720xd
    -HARD drive: 600 GB15k RPM
    -Raid 5

    Thank you

    5.1 VSA, SAS, 8 600 GB drives with a spare drive is (as you say) a size of data store of 3.6, with resilience.005.  This is a configuration support for VSA

  • Proof of Concept w / ESX + LeftHand VSA

    Hello

    I'll set up a lab for the proof of concept environment. My infrastructure plan is:

    2 ESXi hosts

    Left 2 VSA

    1 box of Physics for the execution of vCenter + Lefthand management room

    1 layer of extreme Networks Summit 24 400 3 switch port

    1 vlan for the esx host / management box

    1 vlan for VSA iSCSI traffic

    Each of the ESXi hosts have dual port NIC so I figure 1 dedicated to virtual machines and 1 dedicated to iSCSI

    This sounds like a good Setup, any consideration you may think?

    Any ideas would be greatly appreciated. Thank you!

    This is a test environment - so it depends a lot on what you are testing. I'd rather have 4 NICs - two for the management and VMtraffic - they may be active passive failover to the other on the same vSwitch and then create a separate vSwitch for my iSCSI traffic using the other 2 cards for this network.  If I went into production that I would seek to 6 ports of nic - dedicated NIC for iSCSI traffic, and VM traffic management with resilience and redundancy.

  • Sony VPL-HW30AES projector

    Im having trouble with the correction of the trapezoidal distortion on my Sony projector VPL-HW30AES

    Uni

    Hello Uni,

    Let us know the exact problem that you experience by changing the parameters of Keystone in the projector.

    See the manual page # 58 for information to change the settings for the key of V.

    http://www.docs.Sony.com/release/VPLHW30ES_HW30AES.PDF

    If my post answered your question, please mark it as an "accepted Solution".

  • EoMPLS vs. VPLS (part 2)

    Hi gentlemen:

    Please answer each question separately:

    (5) are propagated via an EoMPLS connection broadcast L2 frames? If so, how can it be avoided? What about VPLS?

    (6) for a SP now offering MPLS VPN of L3, which is easier and less expensive to implement, EoMPLS or VPLS?

    (7) is pressed GSR12000 VPLS? 76xx Cisco? Which version of IOS?

    (8) if I want to use EoMPLS and 802. 1 q, transport tunnel n not routed VLAN site A to site B, but I also need to do the routing between some of these VLANs, where should that routing, in the cloud of SP or in some sites, I've implemented? Why? Please suggest.

    Regarding your question number 7, the answer is Yes. the 7600 series routers support VPLs.

    I think that the following document will answer many of your questions VPLs. If the following document does not respond to your questions, then let me know so that I will provide you with a more detailed response.

    http://www.Cisco.com/en/us/products/HW/routers/ps368/products_white_paper09186a00801df1df.shtml

  • Intermediate nodes VPLS network

    When you configure a VPLS network, I am wrong in my assumption that the intermediate nodes between two PEs participating in a VPLS need not understand VPLS? They simply just run MPLS, correct?

    Hello

    Yes it's true. It's sexy with MPLS, service can be deployed quickly, because the heart doesn't have to be changed (except QoS and bandwidth). A core DSL will make labels based on the top label switching... do not "know" what it carries.

    Service is deployed by implementing all the features on the EP.

    I hope this helps! Please note all messages.

    Regards, Martin

  • Meet the VPLS and EoMPLS circuit

    Hi all

    I have ASR1006 IOS - XE as router PE who have connected to another model with the same PE. And I have VPLS put in place to provide E - LAN service. Interface of multiple GE on the two site have joined this group VPLS. Now that we have an another EP (ISR G2 router, use small scale) who must join that group VPLS. Since IOS ISR G2 do not support VPLS, we can get EoMPLS(E-LINE) service.

    Is it possible to interconnect VPLS and EoMPLS.  Referring to the below example configuration, can I do 110 the Service Instance as a member in bridge - 10 field? Is who would eventually interconnect EoMPLS to VPLS? All the router currently in production. Any ideas would be much appreciated.

    context of PFD l2vpn PFD-TEST / / VPLS
    VPN id 10
    members 10.166.10.2 mpls encapsulation

    Bridge-area 10
    Members GigabitEthernet0/0/0 instance-service 101
    Members GigabitEthernet0/0/0 service instance-102
    Members GigabitEthernet0/0/0-service instance 103
    PFD PFD-TEST members

    interface GigabitEthernet0/0/0
    101 ethernet service instance
    encapsulation dot1q 101
    rewrite tag pop 1 symmetrical penetration
    !
    102 ethernet service instance
    encapsulation dot1q 102
    rewrite tag pop 1 symmetrical penetration
    !
    ethernet 103 service instance
    encapsulation dot1q 103
    rewrite tag pop 1 symmetrical penetration
    !
    110 ethernet service instance
    encapsulation dot1q 110
    rewrite tag pop 1 symmetrical penetration
    XConnect 10.200.149.110 10 mpls encapsulation / / EoMPLS
    !

    I have not tested but I think it should work. We have the two Eompls/VPLS in a hub-and-spoke topology. However given that this topology is not entirely mesh you must disable split horizon for PE2 and PE3 talk to each other.

    PE2 - VPLS - PE1 - EOMPLS - PE3.

    PE1:

    Manual of PFD VPLS-10 L2

    VPN id 10

    Bridge-area 10

    neighbor 102.102.102.102 mpls encapsulation

    neighbor 103.103.103.103 encapsulating mpls non-decoupage of the horizon

    PE2:

    Manual of PFD VPLS-10 L2

    VPN id 10

    Bridge-area 10

    neighbor 101.101.101.101 mpls encapsulation

    PE3:

    interface GigabitEthernet0/0/2

    no ip address

    auto negotiation

    XConnect 101.101.101.101 10 mpls encapsulation

    Best regards

    Anne Isabelle

  • UNI-DIRECTIONAL normal/aggressive with several neighbors

    Hello

    We lack 4 c4500 switches to 2 sites linked together through the layer 2 cryptographic boxes and VPLS in a point-to-multipoint configuration which is completely transparent (it's more or less like connecting them via a Hub - each switch sees the other 3 as neighbours).

    Our basic configs have Uni-directional globally active in aggressive mode.

    I wanted to only disable interfaces (routed ports) to crypto boxes, because I don't want their ErrDisabled for 5 minutes if there is connectivity problems in the VPLS-cloud (each switch also had 3 UNI-DIRECTIONAL due to the P2MP configuration neighbors).

    Mode config-if I could do it simply with 'disable the port Uni-Directional', but I thougt it would be better (not aggressive) normal mode execution for the chance to use UNI-DIRECTIONAL-show commands. So, I have configured 'Uni-directional port' for the affected interfaces.

    interface GigabitEthernet1/2

    Uni-directional port

    !

    Parts of the show command:

    ! P2MP port to crypto-box

    Interface item in gi1/2

    Port enable the administrative configuration setting: enabled

    Port enable operational state: enabled

    (...)

    ! standard port with the default configuration

    Gi2/1 interface

    Port enable the setting of administrative configuration: default of the unit follows

    Port enable operational state: active / aggressive mode

    (...)

    I was very surprised to discover that a single interface will still in State of ErrDisable after discovering an error UNI-DIRECTIONAL:

    % UNI-DIRECTIONAL-4-UDLD_PORT_DISABLED: UNI-DIRECTIONAL disabled interface item in gi1/2, detected one-way binding

    % Of PM-4-ERR_DISABLE: Uni-directional error detected on item in gi1/2, by putting the gi1/2 item in condition of err - disable

    Now, I'm stumped: have I misunderstood the difference between normal and aggressive mode? Or something wrong with my setup?

    IOS version: 12.2 (54) SG

    Thank you

    Rolf

    What I don't understand is why it ends up in errdisable state when it's configured in normal mode.

    You have configured UNI-DIRECTIONAL on BOTH sides right?

    If the answer is Yes, then I recommend that you enable the record link "enable connection logging" on the interface to determine if you have a potential problem with this link.

    Furthermore, this link is the fiber optic, no?

    If this is not the case, UNI-DIRECTIONAL is good if you have fiber.  I would recommend not UNI-DIRECTIONAL on a link of copper.

  • QoS implementationon MCU with conductor and operation

    Hi all

    We added the MCU to the driver for resilience, but design QoS on MCU is configured on the conductor or MCU?

    In addition, we would like to discuss about layout MCU control. Based on the advanced driver parameter of model - custom layout, it's a change in real time? Given that we change the MCU available directly.

    Best regards

    Benjamin Lai

    If you use TMS with driver, you'd make all your changes Conference there and not directly on the MCU.  While you can make the changes on the MCU, if using TMS just be careful because TMS could see the MCU that do one thing while you make changes manually.  That said, you can make changes on the MCU, nothing wrong with that, actually make us ourselves on some occasions where we need, simply because of where we are or what device we use, because TMS is not compatible with everything, because it uses Java, IE a mobile device if it is what I happen to have on hand instead of a laptop.

    There is a question that I know with TMS and layouts of conductor (see but CSCuq62737) is that you can change the layout on a basis of individual endpoints and it works fine, however if you try and wide Conference on change page layouts, only currently works for new members added to the Conference.

    Regarding the quality of service, I'm not quite sure, I think it would be considered data, because the presentation is really just another video channel.

  • storage iSCSI with UCS

    Hi all

    Can I ask a question regarding the connection of iSCSI storage for use with UCS. Look at us with Nimble iSCSI based storage & want to understand best practice recommendations on how to connect it to UCS to get the best level of performance & reliability / resilience etc.

    Another issue is more closely how VMware deals with loss of connectivity on a path (where double connections are the installation program from the warehouse to the tissues), would he re - route traffic to the path running?

    Any suggestion would be appreciated.

    Kassim

    Hello Kassim,

    Currently the agile iSCSI storage is certified with UCS 2.0.3 firmware version.

    http://www.Cisco.com/en/us/docs/unified_computing/UCS/interoperability/matrix/r_hcl_B_rel2.03.PDF

    The following guide can serve as a reference.

    Virtualization solution Cisco with the agile storage reference Architecture

    http://www.Cisco.com/en/us/solutions/collateral/ns340/ns517/ns224/ns836/ns978/guide_c07-719522.PDF

    In above installation, ESXi software iSCSi multipath with PSP Round Robin algorithm is implemented to take care of the IO and failover with load balancing two paths.

    HTH

    Padma

  • Cluster of Freeway with deployment of FW DMZ port 3

    Hello

    We currently have one Highway C & E with E deployed behind an ASA according to 3-Port FW DMZ with only VCS Expressway Interface LAN (http://www.cisco.com/c/en/us/support/docs/unified-communications/express...), so the E has a DMZ IP address and uses only one LAN port.

    We must deploy a new pair of C & E as a cluster for resilience.

    My question is if the cluster can be configured using the IP of the LAN 1 DMZ address unique or if we must activate the LAN2 and connect within the network for cluster communication. It's a deployment of layer 2, so if it takes a second connection the E could have an IP address for clustering on the same VLAN as the primary.

    Thank you very much

    Paul

    For Expressway-e: Yes, you must enable the LAN 2 interface. You will also need to make LAN 2 your address to the public since only LAN 1 can be used for clustering. LAN 1 cannot have NAT enabled on it when there's a cluster. It is documented in Creating Cluster Cisco Expressway and Maintenance Deployment Guide (page 9). Don't forget that this LAN 1 and LAN 2 should be in separate subnets, you can not create just a second host IPv4 address in your existing DMZ subnet.

  • HA response of Isolation with VSANs

    Hi everyone, I hope that someone can offer some advice on that.

    I am new to vSAN, but try to get a few together for HA clusters design decisions in a vSAN environment. Our environment (in short0 looks like this:)

    • 8-node cluster
    • All nodes have storage and participate in the vSAN
    • n + 1 resilience required
    • HA/DRS required
    • Double, 10 GbE NIC will be used for all traffic (with the NIOC shares configured for QoS)
    • VMFS datastore (shared between all hosts) will be used for templates, ISO etc.


    It is, I'm a little on some aspects of the response of isolation. There are a few good articles out there, and I would say that I understand 80-90% of it. In our scenario, if a host had become isolated, then HA heartbeats (via the network of vSAN) would fail and the response of isolation would be triggered, it's very well (in our scenario off power / stop I guess that would be the best option that VM would have lost all network access too).

    It is, how having a data store available to all VMFS the cluster hosts (that HA re for heartbeat data store) changing the decision for which use of response of insulation?

    In addition, if there is, say, two guests who become partitioned form the other hosts in the cluster, the response of isolation would not be triggered by these two hosts because they simply elect a new master and continue to operate (as well as the virtual machines running on the host). However, other hosts (say 6 of them) who are now in their own partition can not see the other two hosts and they start the answer HA (restarting the virtual machine of the other two hosts). What strategy must be in place to deal with this?

    Thanks in advance.

    Andy

    Hi there, good question. Let go on it.

    It is, how having a data store available to all VMFS the cluster hosts (that HA re for heartbeat data store) changing the decision for which use of response of insulation?

    This will not affect the decision to define the response of isolation. It looks differently, when the VSAN network doesn't have the host cannot access the components of the affected objects any longer. This means that virtual machines that are running on the host computer that is isolated just lost connection with their storage. If the connection is lost with the storage more often then the virtual computers running it will be useless. Even if you add the data warehouses of heartbeat that it does not change the fact that these virtual machines are not able to connect to the storage system. Whatever it is, I'd always go for "turn off". That way when isolation is lifted the 'remote' VM has already gone.

    For a partition, it's different. There is no "response of partition" that you can set. So if there is a partition, then the partition that owns > 50% of the components will get the property of the object, the other side will lose the property. And then the virtual machine can be restarted... but he will not be turned off automatically as can be done with a solitary event. In the case of a partition when the partition is lifted the host that is running the virtual computer that has lost access to its storage space will recognize that he has lost access and then kill the process from the virtual machine.

    Who help me?

  • Please help with ESXi Network Setup

    Hello, I would like to know how to put on a range of network in a single network adapter,

    because when you put two machines using the same virtual

    NIC, an ex-adresse IP: 200.100.100.100 and the other with 200.200.200.200, one of

    machines does not. Thank you.

    You can use the Exchange on your vSwitch, but in reality it is not best practice and I would suggest your more NICs for resilience and security

    If you have found this device or any other answer useful please consider useful or correct buttons using attribute points

    Tom Howarth

    VMware communities user moderator

    Blog: www.planetvm.net

  • My iPhone 6 installed 10.0.2 stops when it gets to 40% of autonomy.  In addition, it seems to pass power WAY to fast with the new software.  Does anyone else have this problem?

    My iPhone 6 installed 10.0.2 stops when it gets to 40% of autonomy.  In addition, it seems to pass power WAY to fast with the new software.  Does anyone else have this problem?

    Hello brooksm549,
    Thank you for using communities of Apple Support.

    I got your message which, since updating your iPhone 6 to iOS 10.0.2 your iPhone stops when it is 40% and the power to empty very quickly. I understand your concern with the iPhone turn off and drains the battery. I recommend you to review the use of the battery to see what app contributes more to the battery drain. The following article will provide you with steps on how to check the use of the battery:

    On the use of the battery on your iPhone, iPad and iPod touch

    When you know about the soft uses more battery, you can change your settings in order to optimize the battery life:

    Maximize the life of the battery and battery life

    Best regards.

Maybe you are looking for