[c-nsp] L2TPv3 and VLANs
Paul Stewart
paul at paulstewart.org
Thu Jun 18 20:31:42 EDT 2009
Thanks... we don't want to touch each workstation - would involve way too
much time for our installations...;)
With UDP traffic, does anything "normally" break that comes to mind on
larger MTU? I can't think of anything hence why I'm asking...
Cheers,
Paul
-----Original Message-----
From: Ge Moua [mailto:moua0100 at umn.edu]
Sent: June 18, 2009 11:33 AM
To: Paul Stewart
Cc: 'Ziv Leyes'; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] L2TPv3 and VLANs
Yep, ran into that to; on the upstream layer-3 hop from hosts do
something like "tcp-mss adjust 1300" which will ensure tcp packets haver
enough head-room for l2tpv3 headers. With UDP traffic, this get more
tricky; I haven't done this yet but one can adjust max segment size on
end-station hosts to something like 1300 (which of course would affect
all protocol types); there are open source tools to do this, but
downside is that all the end-station hosts need to touched for
consistency; i suppose I'm too lazy : - (
Regards,
Ge Moua | Email: moua0100 at umn.edu
Network Design Engineer
University of Minnesota | Networking & Telecommunications Services
Paul Stewart wrote:
> How did you deal with MTU issues from l2tpv3? In our testing we would see
> packets drop instead of fragmenting where they should... I've been meaning
> to followup on this as we have some great l2tpv3 deployments waiting in
the
> wings...
>
> Paul
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Ge Moua
> Sent: Thursday, June 18, 2009 10:44 AM
> To: Ziv Leyes
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] L2TPv3 and VLANs
>
>
> > How do I make this happen on the HQ router?
>
> Each l2tp tunnel will have its own vc: "sh l2tun all"
>
> You obviously have thoughts this all out as your logic for how it will
> and should work is sound.
>
> We are doing a very similar setup over here at the UofMn and this is
> working well for us.
>
>
> Regards,
> Ge Moua | Email: moua0100 at umn.edu
>
> Network Design Engineer
> University of Minnesota | Networking & Telecommunications Services
>
>
>
> Ziv Leyes wrote:
>
>> Hi,
>> I'm trying to make sure this following scenario can work.
>> 3 remote sites, one is the HQ which has a switch that handles 2 vlans,
>>
> let's say vlan 10 and vlan 20.
>
>> The other two branches needs to be connected to the HQ and have a flat
LAN
>>
> between them and the HQ, but each branch to it's own vlan, branch 1 to
vlan
> 10 and branch 2 to vlan 20. They must NOT see each other's traffic.
>
>> Every site has a switch and a router (C2801 I think) Is it possible to
do?
>> If yes, then I was thinking about L2TPv3, but in this case I'd need to
>>
> make two different xconnections between HQ-->Branch 1 and HQ-->Branch 2.
>
>> How do I make this happen on the HQ router? I was thinking to bring the
>>
> vlans via a trunk from the switch and then finishing them on
sub-interfaces
> with dot1q and then xconnecting the sob-interface to each l2tp tunnel to
> each respective branch. Is it correct or there is a better way?
>
>> Will this work?
>>
>> Thanks in advance for your help
>> Ziv
>>
>>
>>
>>
>>
>>
>
****************************************************************************
> ********
>
>> This footnote confirms that this email message has been scanned by
>> PineApp Mail-SeCure for the presence of malicious code, vandals &
computer
>>
> viruses.
>
>
****************************************************************************
> ********
>
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
More information about the cisco-nsp
mailing list