Solved

Bridging VLAN across two datacenters

Posted on 2016-09-29
3
81 Views
Last Modified: 2016-10-05
We are in the process of building a new datacenter to transfer our operations.

Each site has a dedicated WAN link.

To assist during the cutover we have gotten a dedicated Layer 2 fibre backbone run between the two locations. The fiber provided by our ISP has a VLAN tag associated with it.

Is there anyway I can encapsulate VLAN tags overs this link?
I would like to have the same VLANs available in both sites simultaneously during the cutover so that services in one datacenter can access servers and routers in the other seamlessly.
That way we can hot migrate a server to the new datacenter without having to change it's IP and configuration. It would still use the default gateway router and IP structure of the old datacenter until we're ready to cutover that part.

DatacenterCutover.pdf
0
Comment
Question by:PerimeterIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 41822880
Disclaimer: I've never personally done this as my network-fu isn't strong enough and I'd rely on a guru to assist me if I HAD to.

1. Be very careful as you can take down your world
http://www.netcraftsmen.com/spanning-layer-2-between-data-centers/

https://www.packetmischief.ca/2013/04/09/dci-the-need-for-stretched-layer-2/

2. Here is good starting reading for the how.
http://www.cisco.com/c/en/us/products/collateral/data-center-virtualization/data-center-interconnect/white_paper_c11_493718.html
1
 
LVL 14

Assisted Solution

by:SIM50
SIM50 earned 250 total points
ID: 41823417
Here is a couple of options I can think of:
1. Contact your ISP and ask them to enable QnQ on that L2 link.
2. Setup L2 MPLS VPN. You will need routers for this or 6500 switches. Not sure if 4500 support this.
3. Setup OTV or VXLAN.  You will need Nexus 7K switches with the right options license.

2. Here is good starting reading for the how.
http://www.cisco.com/c/en/us/products/collateral/data-center-virtualization/data-center-interconnect/white_paper_c11_493718.html

The article linked by Aaron provides a decent description of L2 MPLS VPN.
0
 
LVL 46

Accepted Solution

by:
Craig Beck earned 250 total points
ID: 41831026
QinQ is the way to go.  The circuit provider will just wrap all of your 802.1Q-encapsulated packets in their own 802.1Q wrapper for transport over the link.  At the other end the outer-wrapper will get stripped on egress from their switch to your switch/router.  It just looks like a L2 trunk from your perspective.  You'll need to create a subinterface or SVI at each end and the ISP will translate.
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VPN speed vs Internet Bandwidth 3 77
DHCP behind catalyst 3750 POE-48 2 76
bitlocker admin and monitoring 2 39
vpn through Cisco ASA appliance 3 26
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question