Configure Cisco L3 switches for PTP circuit
I need some guidance on configuring my cisco switches to support a new PTP circuit that will be provisioned between my corporate office and colocation facility. I have several vlans that will need to pass traffic between the sites.
Environment
Corporate office
WS-C2960S-48TD-L switches uplinked to a WS-C3750X-24T-E IP services
Colocation
WS-C2960S-48TD-L switches uplinked to a S-C4500X-16SFP+ IP Base
I have ordered a C3KX-NM-10G=/GLC-SX-MM SFP for the 3750 to support the corporate office connection and a GLC-LH-SM SFP to support the colocation connection. The SFP were chosen based on the information Cogent provided.
The circuit is a Cogent L2 PTP
Gig-E
Metro
On-Net
Access (Untagged) /Standard (PTP only)
200mbps
If someone could please provide me with the steps on configuring both devices to support this circuit and the traffic that will flow to and from each site.
Thank you in advance.
Ron
Environment
Corporate office
WS-C2960S-48TD-L switches uplinked to a WS-C3750X-24T-E IP services
Colocation
WS-C2960S-48TD-L switches uplinked to a S-C4500X-16SFP+ IP Base
I have ordered a C3KX-NM-10G=/GLC-SX-MM SFP for the 3750 to support the corporate office connection and a GLC-LH-SM SFP to support the colocation connection. The SFP were chosen based on the information Cogent provided.
The circuit is a Cogent L2 PTP
Gig-E
Metro
On-Net
Access (Untagged) /Standard (PTP only)
200mbps
If someone could please provide me with the steps on configuring both devices to support this circuit and the traffic that will flow to and from each site.
Thank you in advance.
Ron
Don Johnston
Did you tell the provider that you want to transport multiple VLANs? Because "Access (Untagged)" would seem to indicate that they are not expecting multiple VLANs.
ASKER
I dont recall having that discussion with them. Should I have them change to VLAN tagging? Is this the better way of provisioning? I will send the provider a note requesting vlan tagging.
Can you tell me the steps to configure my equipment?
Thanks in advance.
Ron
Can you tell me the steps to configure my equipment?
Thanks in advance.
Ron
If in fact your ISP is QinQ'ing your traffic the only thing you need to do from a customer perspective is create a trunk with dot1q encapsulation on your switch interface that connects to the ISP's circuit/equipment. Make sure you tag ALL vlans, no native vlan traffic.
ASKER
I asked the ISP about vlan tagging and here is the response.
Technically, if you are internally routing between the office and the data center, the internal VLAN’s won’t pass, since TCP/IP would consider that an internal gateway and not in the same broadcast domain. One of the benefits of routing internally, across point-to-point, and wide area links, is it allows some separation between broadcast domains, and directing traffic to specific networks/IP addresses.
If you had to pass VLAN information across your routed link, you would essentially be creating a VPN across, but if so, we could enable Q in Q out (you would then have to tag your VLAN id’s and accept both ends on Trunked ports) so you can pass your VLAN id’s natively, but that places each end on the same broadcast domains be passed.
Technically, if you are internally routing between the office and the data center, the internal VLAN’s won’t pass, since TCP/IP would consider that an internal gateway and not in the same broadcast domain. One of the benefits of routing internally, across point-to-point, and wide area links, is it allows some separation between broadcast domains, and directing traffic to specific networks/IP addresses.
If you had to pass VLAN information across your routed link, you would essentially be creating a VPN across, but if so, we could enable Q in Q out (you would then have to tag your VLAN id’s and accept both ends on Trunked ports) so you can pass your VLAN id’s natively, but that places each end on the same broadcast domains be passed.
ASKER
I spoke with the engineer and he will provision whichever method I want. Can you tell me what is the best way to configure this circuit?
Ron
Ron
The second paragraph is pretty much what I stated. Now which option is up to you. Do you want both locations on the same L2 domain,ie. do you want networks in each location on same vlans? If not and normal network separation and routing between sites is fine then go with option 1. Option 2 if you want the span L2 between sites.
ASKER
The networks/vlans at the corporate office are specific to that site and the same holds true for the colocation. So as an example 10.0.41.0/24 - 10.0.42.0/24 are networks that sit only at the corporate office and 10.0.1.0/24 - 10.0.8.0/24 are only at the colocation site. They only need to see each other.
Okay, so you just want normal routing between the sites then.
ASKER
Thats the way its looking. So knowing that can you provide me with the specific steps to configure each L3 switch at each end?
Also do I need to ensure that ISP is providing Q in Q out?
Ron
Also do I need to ensure that ISP is providing Q in Q out?
Ron
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Bah, Don beat me to it. :)
ASKER
From the looks of it I was overthinking the setup :)
What about the QinQout peice with the ISP?
What about the QinQout peice with the ISP?
If you're not sending VLAN tags, Q-in-Q is irrelevant. It's only a factor (for you) if you're doing trunks.
ASKER
Thank you for all of the help.
Ron
Ron