Span one subnet across two physically separated sites


I want to span a single subnet across two physically separated sites.

We currently use Metro Ethernet and BGP for our routing protocol.  Our 11 branch locations are all on separate subnets which makes routing via BGP very easy.  What I want to do now is to extend our corporate LAN to our Disaster Recovery site, so that we can perform live migrations of our VMWare servers back and forth without having to change IP addresses.  

I can't seem to find information on how to configure a logical LAN that spans two sites.
We use Adtran 1335s  

Thanks for any help you can provide!
Who is Participating?
tmoore1962Connect With a Mentor Commented:
Adtran must be in bridge mode.  You want to 'bridge' the 2 sites in the same network.
This is not a simple task. The easiest way is just to get a direct line like dark fiber. or you can get some kind of ethernet connection between the two sites. This can be done with MPLS.

 The next easiest way would be to buy Nexus 7000's and use OTV which does exactly that, of course you are talking about some big bucks. Of course you are talking about 100's of thousands of dollars.

Alternative would be some kind of pseudo wire,  VPLS (which requires MPLS or MPLS over GRE) or L2TPv3.

All of these solutions have a lot of work needed and all have their own pros and cons.

I think that most likely you will need to get additional hardware or additional services to do this. The other option is to just to script the change of the IP addresses.
Craig BeckCommented:
I did this for a customer by using Anycast.

Put the same network range at each site and use HSRP/routing to control which site the traffic goes to.  It's a bit tricky to get working properly but it's virtually cost-free if you've got the right layout.
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

craigbeck, just out of curiosity, how did you deploy this? I have looked at these options before and always reached the conclusion that it was to complicated and prone to problems, so I would love to hear about a working implementation.
Craig BeckConnect With a Mentor Commented:
I'll be honest - it wasn't easy.

The two sites were connected via pure layer-2 LAN extension.  Without that, it would never work properly.  A router at each site connected the two sites via a /29 segment running HSRP.  This was just set so the main site's router had preference.  All clients on other subnets were routed to the servers via the HSRP address so if the main site failed they would just route to the same IP addresses via the second router at the DR site.

Replicating the data was the challenge but as the link between the two sites was L2 we could trunk a VLAN for data to be replicated between the SANs.  This made it easier to get the VMs to come up in the DR site exactly as they were at the main site.

Obviously there was a lot of trial and error here, but that's the bones of it.
Fred MarshallPrincipalCommented:
Perhaps it would be helpful to review why you would NOT do this.  Then, HOW you might do it (or how you should NOT approach the solution) might be clearer:

First of all, let's assume that you have a host at one site and at the other site.  How will you reach from one to the other?
- If you use a "hard link" between the sites that's connected to a local switch at each end then that would work.  A number of suggestions tend in this direction.
- Otherwise, it's common to use a gateway or bridge or ..... at each end.  These devices have their own IP addresses and would have to be addressed as a "next hop" somewhere along the line.  Therein lies the problem.  How does a local gateway know when this device should be the "next hop"?  It can't.  Packets destined for the local subnet just get put out on the "wire" and the receiving host sees it.  That is all.

So, unless you can figure a way to have a "hard link" between switches, it seems you can't do this.  [No fair splitting the subnet into two.  That's not what you asked to do.]
Perhaps someone else knows how to surmount this apparent obstacle.

By "hard link" I mean like an Ethernet cable for all intents and purposes.

I don't really know what happens if you try to use an MPLS link "bare" to accomplish this.  It seems it would work.  That is, without using an "interim subnet" - which is what I do.
Why bother with the interim subnet?  Effectively that's like having the same subnet at both ends.
Craig BeckCommented:
@fmarshall - The point here is that ONLY one site will be used at a time.  Hosts at the main site won't be talking to hosts at the DR site (these hosts are an exact copy).

As MPLS is being used, QinQ is an option to extend the VLAN.
macdaddy2005Author Commented:
Thanks for all the recommendations.

The idea behind my original idea of having the DR site and Corporate site be on the same extended LAN is so that we can do live migrations of servers without taking them down and needing to do re-routing to point everyone at the DR site.  

I know that the Metro Ethernet and MPLS that I use to connect my 11 locations is layer2 based as per CenturyLink.  If MOE and MPLS can utilize Layer2 to bind the locations, then in theory, I should be able to create an extended LAN across multiple physical sites.  I just don't know how to route traffic via Layer2.

I will look into the Adtran bridged-mode and see if that is the solution.  

Thanks again
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.