[nsp] DSL customers seeing each other (fwd)

Siva Valliappan svalliap at cisco.com
Fri Aug 15 17:35:37 EDT 2003 

Hi Mark,

comments inline.

cheers
.siva

On Thu, 14 Aug 2003, Mark E. Mallett wrote:

>
> Hi--
>
> I asked a couple of related questions recently on the cisco-bba list.

yeah just answered one of them.

> One is about DSL users [not] seeing each other when they are aggregated
> via IRB, and whether there is any q&d fix I can do to make that happen.

yes they can be aggregated via IRB but it's not recommended for performance
reasons.  BVI interfaces enforce bridging rules (or subscribed isolation).

so if you configured:

int a0/0.1 multipoint

pvc A
pvc B
pvc C

bridge group blah

int bvi blah

bridge blah route ip
bridge blah protocol ieee


in the above case, pvc A,B,C seem to be part of the same "cable" or "wire"
for a bridged interface, so communication between A, B, C is not allowed.

if you wanted to permit them to talk to each other, you want to put them
in different interfaces:

int atm 0/0.2 point
pvc A
bridge group blah

int atm 0/0.3 point
pvc B
bridge group blah

bridge blah route ip
bridge blah protocol ieee

pvcs A & B are not part of the same "cable" so you are permitted to
bridge between them.  of course if you didn't, you can configure
bridge policies to limit what is permitted between them.

hope this clarifies.

cheers
.siva



> The other is about migrating from IRB to RBE (which will, probably,
> solve the first question but not immediately).
>
> I did get one enlightening response to the second question that helped
> move me along a little (thank you!) but that was all.  I don't know
> whether the cisco-bba list is not well populated or whether I am
> asking stupid questions.  Hoping that it's the former more than the
> latter I guess I will repeat here..
>
> Yours,
> -mm-
>
>
>
> ----- Forwarded message from "Mark E. Mallett" <mem at mv.mv.com> -----
>
> > Subject: [cisco-bba] DSL customers seeing each other
> > From: "Mark E. Mallett" <mem at mv.mv.com>
> > Date: Wed, 6 Aug 2003 15:47:25 -0400
> > To: cisco-bba at puck.nether.net
> >
> > Hi-
> >
> > I'm sure this has come up but I can't find it in various archives.  We
> > have a Cisco 7200 with some DSL customers bridged on several ATM
> > PVCs.  This is Verizon EAST- unlike some other providers where DSL
> > connections each get their own PVC, while there are multiple PVCs
> > quite a number of DSL connections are bridged on the same PVC, and the
> > multiple PVCs are bridged together.  We're using an IRB
> > configuration.  An issue is that individual customers can't see each
> > other.  I can see ARP requests come in but since broadcasts are not
> > propagated between customers they do not get answered.
> >
> > Short of going to RBE, is there a way to make the router respond to
> > ARP requests on the DSL subnet(s) with its own MAC address?  Kind
> > of like a proxy arp, but for the same subnet (like a local-proxy-arp
> > in other environments).  I suspect the response is "use RBE"-- that's
> > perfectly valid but I'm wondering if IRB mode can be made to do this
> > as an interim fix.  (I have another set of questions about RBE for
> > another message .. this list is too quiet anyway, no?)
> >
> > (BTW we have some other DSL aggregation with a CLEC on another ATM
> > circuit- that CLEC intercepts the ARP requests on the DSL subnet(s)
> > before they get to us and respond with our MAC address).
> >
> > The IRB configuration is something like:
> >
> > bridge irb
> > !
> > interface BVI10
> >  description DSL BVI
> >  mac-address 0000.xxxx.yyyy
> >  ip address 192.168.10.1 255.255.255.0
> >  no ip proxy-arp
> >  ip route-cache same-interface
> >  no ip mroute-cache
> > !
> > interface ATM1/0.1 multipoint
> >  description DSL #1
> >  no ip proxy-arp
> >  pvc dsl1 1/301
> >  !
> >  bridge-group 10
> >  bridge-group 10 spanning-disabled
> > !
> > interface ATM1/0.2 multipoint
> >  description BA DSL #2
> >  no ip proxy-arp
> >  pvc dsl2 1/302
> >  !
> >  bridge-group 10
> >  bridge-group 10 spanning-disabled
> > !
> > ! repeat for other PVCs
> > !
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list