[c-nsp] Wireless Controllers, SVIs and WCCP
Andrew Miehs
andrew at 2sheds.de
Sun Nov 18 18:53:20 EST 2012
On Mon, Nov 19, 2012 at 10:35 AM, Jeff Kell <jeff-kell at utc.edu> wrote:
> You can "VRF-Lite" this arrangement without MPLS. We run our wireless
> (Aruba, but similar central controller) with APs/Controllers in their
> own VRF, and the userland SVIs from the controller split across multiple
> VRFs depending on the resulting wireless role for the user. Simple
> trunks work just fine with a dedicated vlan per VRF as the backbone
> link, no need for official MPLS here.
>
We have an MPLS backbone - we need to somehow connect the new "routers"
back to the core.
We could either connect via an existing PE, or add an additional PE/CE for
only wireless.
This would save us one hop and would ensure that any CPU load on the other
PE would not effect wireless traffic.
There is the issue of tunneling the APs back to the controller... for
> remote sites, if you can't encapsulate the MPLS layer-2 connectivity,
> you can of course just let it tunnel naturally (assume the Cisco's can
> do that like the Aruba's) back to the controller. For remotes, we use
> IPsec VPN and bring it back a little more securely than plain public
> internet tunneling would provide.
We already have MPLS/ PEs and CEs with vrf-lite for doing that.
> We used to use 3750s, but they will max out at 6K mac addresses. We
> have an intermediate 4500 now that seems to be handling the load.
>
We have 3750s doing that at the moment as well - and that is part of the
problem.
If you change the template the support a max of 12K MAC addresses.
(show sdm prefer)
The problem with the 4500s is that they do not support VSS at the moment -
otherwise
we probably would have just used 4500s and connected them as a CE.
Andrew
More information about the cisco-nsp
mailing list