Solved

Span one subnet across two physically separated sites

Posted on 2013-06-21
8
1,788 Views
Last Modified: 2013-06-27
Hello,

I want to span a single subnet across two physically separated sites.

We currently use Metro Ethernet and BGP for our routing protocol.  Our 11 branch locations are all on separate subnets which makes routing via BGP very easy.  What I want to do now is to extend our corporate LAN to our Disaster Recovery site, so that we can perform live migrations of our VMWare servers back and forth without having to change IP addresses.  

I can't seem to find information on how to configure a logical LAN that spans two sites.
We use Adtran 1335s  

Thanks for any help you can provide!
0
Comment
Question by:macdaddy2005
8 Comments
 
LVL 10

Accepted Solution

by:
tmoore1962 earned 250 total points
Comment Utility
Adtran must be in bridge mode.  You want to 'bridge' the 2 sites in the same network.
0
 
LVL 12

Expert Comment

by:ryan80
Comment Utility
This is not a simple task. The easiest way is just to get a direct line like dark fiber. or you can get some kind of ethernet connection between the two sites. This can be done with MPLS.

 The next easiest way would be to buy Nexus 7000's and use OTV which does exactly that, of course you are talking about some big bucks. Of course you are talking about 100's of thousands of dollars.

Alternative would be some kind of pseudo wire,  VPLS (which requires MPLS or MPLS over GRE) or L2TPv3.

All of these solutions have a lot of work needed and all have their own pros and cons.

I think that most likely you will need to get additional hardware or additional services to do this. The other option is to just to script the change of the IP addresses.
0
 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
I did this for a customer by using Anycast.

Put the same network range at each site and use HSRP/routing to control which site the traffic goes to.  It's a bit tricky to get working properly but it's virtually cost-free if you've got the right layout.
0
 
LVL 12

Expert Comment

by:ryan80
Comment Utility
craigbeck, just out of curiosity, how did you deploy this? I have looked at these options before and always reached the conclusion that it was to complicated and prone to problems, so I would love to hear about a working implementation.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 250 total points
Comment Utility
I'll be honest - it wasn't easy.

The two sites were connected via pure layer-2 LAN extension.  Without that, it would never work properly.  A router at each site connected the two sites via a /29 segment running HSRP.  This was just set so the main site's router had preference.  All clients on other subnets were routed to the servers via the HSRP address so if the main site failed they would just route to the same IP addresses via the second router at the DR site.

Replicating the data was the challenge but as the link between the two sites was L2 we could trunk a VLAN for data to be replicated between the SANs.  This made it easier to get the VMs to come up in the DR site exactly as they were at the main site.

Obviously there was a lot of trial and error here, but that's the bones of it.
0
 
LVL 25

Expert Comment

by:Fred Marshall
Comment Utility
Perhaps it would be helpful to review why you would NOT do this.  Then, HOW you might do it (or how you should NOT approach the solution) might be clearer:

First of all, let's assume that you have a host 192.168.1.3 at one site and 192.168.1.4 at the other site.  How will you reach from one to the other?
- If you use a "hard link" between the sites that's connected to a local switch at each end then that would work.  A number of suggestions tend in this direction.
- Otherwise, it's common to use a gateway or bridge or ..... at each end.  These devices have their own IP addresses and would have to be addressed as a "next hop" somewhere along the line.  Therein lies the problem.  How does a local gateway know when this device should be the "next hop"?  It can't.  Packets destined for the local subnet just get put out on the "wire" and the receiving host sees it.  That is all.

So, unless you can figure a way to have a "hard link" between switches, it seems you can't do this.  [No fair splitting the subnet into two.  That's not what you asked to do.]
Perhaps someone else knows how to surmount this apparent obstacle.

By "hard link" I mean like an Ethernet cable for all intents and purposes.

I don't really know what happens if you try to use an MPLS link "bare" to accomplish this.  It seems it would work.  That is, without using an "interim subnet" - which is what I do.
Why bother with the interim subnet?  Effectively that's like having the same subnet at both ends.
0
 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
@fmarshall - The point here is that ONLY one site will be used at a time.  Hosts at the main site won't be talking to hosts at the DR site (these hosts are an exact copy).

As MPLS is being used, QinQ is an option to extend the VLAN.
0
 

Author Comment

by:macdaddy2005
Comment Utility
Thanks for all the recommendations.

The idea behind my original idea of having the DR site and Corporate site be on the same extended LAN is so that we can do live migrations of servers without taking them down and needing to do re-routing to point everyone at the DR site.  

I know that the Metro Ethernet and MPLS that I use to connect my 11 locations is layer2 based as per CenturyLink.  If MOE and MPLS can utilize Layer2 to bind the locations, then in theory, I should be able to create an extended LAN across multiple physical sites.  I just don't know how to route traffic via Layer2.

I will look into the Adtran bridged-mode and see if that is the solution.  

Thanks again
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

This article is focussed on erradicating the confusion with slash notations. This article will help you identify and understand the purpose and use of slash notations. A deep understanding of this will help you identify networks quicker especially w…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now