[c-nsp] Platform experience and recommendations for L2TPv3.

Lamar Owen lowen at pari.edu
Tue Aug 19 07:33:40 EDT 2008


Good morning list.

No rant today. :-)

I am looking, however, for the collected experience of this list in platform 
experience and recommendations for providing six to twelve point to point 
L2TPv3 (or equivalent technology) tunnels at up to 150Mb/s rates between 
APS-protected OC3 endpoints (if you have experience in that area; otherwise 
just straight tunnels).  I have a limited selection of 7500-series routers 
available, a single 3845, and a 12012 (but no OC48 POS card for a tunnel 
server; wish I could use the single card 'half' of an OC48 SRP set to do 
that, as I have one of those).

I am open to suggestions on alternative means of providing layer 2 adjacency 
for multiple VLANs across an OC3 POS link, as well.

I'd also like to hear the experience of the list on how to prevent hairpinning 
of traffic across an L2TPv3 tunnel; that is:

I've got four devices: A, B, C, and D (I know, creative names).  A and B are 
on one end of the link; C and D are on the other.  A and C are in the same 
subnet and are layer 2 adjacent through tunnel X.  B and D are both in a 
different subnet, and have layer 2 adjacency with each other through tunnel 
Y.  

How to I prevent traffic between A and B (or between C and D) of traversing 
the tunnel twice? (that is, one direction on tunnel X, through a router, then 
back through tunnel Y)  I've thought of some form of HSRP or similar 
protocol.  Or is there a better way?  A needs to use a router on its end of 
the link, and C needs to use a router on its end of the link (oh, and just 
manipulating the default routes in A or C's OS isn't a possibility due to 
what A and C would be: VMware guests).

The application is VMotion and HA/DRS on VMware across an OC3 POS WAN link 
between two VMware ESX hosts (one at the prime site, one at the DR); VMotion 
requires layer 2 adjacency (and does MAC hijacking, which has its own things, 
but I'm not that far yet) between the two ESX hosts in order to work.  

Thanks in advance for any responses.
-- 
Lamar Owen
Chief Information Officer
Pisgah Astronomical Research Institute
1 PARI Drive
Rosman, NC  28772
http://www.pari.edu


More information about the cisco-nsp mailing list