[c-nsp] ME3600 Configuration

Sikandar Ali sikandar at hotmail.co.uk
Tue Jun 30 09:09:37 EDT 2015 


Hello Guys 

 

We have a requirement to provide several L2 services on
Fibre and Ethernet circuits to atleast 50 sites. 

 

These services include multitenant solutions, Management for
Wireless, Videoconferencing etc. 

 

All the fibre and Ethernet circuits use the VLANs
provisioned by wholesale providers and my plan is to encapsulate C-VLANs within
a Provider VLANs and use a single /22 or /24 to terminate all services. So
configuration of ME3600 would look like:

 

In the example below, VLANs 1000,2000 and 3000 are provider
VLANs and VLANs 3800-3802 are internal

 

interface GigabitEthernet0/14

description || Interface facing Wholesale Provider e.g.
Colt, BT etc

!

service instance 1000 ethernet

description || Service Instance for site1 ||

encapsulation dot1q 1000 second-dot1q 3800-3802

rewrite ingress tag pop1 symmetric

bridge-domain 1000

!

service instance 2000 ethernet

description || Service Instance for site2 ||

encapsulation dot1q 2000 second-dot1q 3800-3802

rewrite ingress tag pop1 symmetric

bridge-domain 2000

!

service instance 3000 ethernet

description || Service Instance for site2 ||

encapsulation dot1q 3000 second-dot1q 3800-3802

rewrite ingress tag pop1 symmetric

bridge-domain 3000

!

And so on…

 

interface GigabitEthernet0/24

description || Facing our core router||

!

service instance 1000 ethernet

encapsulation dot1q 3800-3802

bridge-domain 1000

!

service instance 2000 ethernet

encapsulation dot1q 3800-3802

bridge-domain 2000

!

service instance 3000 ethernet

encapsulation dot1q 3800-3802

bridge-domain 3000

!

 

All these dot1qs will be terminated on the core router using
single /24 or/22.e.g. 

 

 

interface GigabitEthernet0/0.3800

description Single /22 for Videoconferencing

encapsulation dot1Q 3800

ip address 10.38.0.0 255.255.252.0

 

!

interface GigabitEthernet0/0.3801

description Single /22 for Wifi Management

encapsulation dot1Q 3801

ip address 10.39.0.0 255.255.252.0

 

!

 

interface GigabitEthernet0/0.3802

description Single /22 for Switch management

encapsulation dot1Q 3802

ip address 10.40.0.0 255.255.252.0

 

My questions are:

 

1)     
Is this configuration safe considering we will
have 50+ sites using the same Gateway for each service? Would you guys
recommend this? If yes, please give your reasons

2)     
I am worried about spanning tree especially some
switches at the customer network will not be in our control? However, we would
have managed switch at the end of each circuit. Any suggestions on how should
we configure MST?

3)     
Another worry is broadcast storm especially if
ME3600 restarts etc

 

Please let me know what do you think and if you have any
suggestions, that would be much appreciated. 

 

Regards, 

 

Sikandar

More information about the cisco-nsp mailing list