[c-nsp] 7609 DHCP alternatives - EVC / Subinterfaces

Victor Lyapunov victor.lyapunov at gmail.com
Sun Oct 25 17:30:46 EDT 2009


Thank you all for the replies

To be honest I was leaning towards the subinterfaces alternative for
implementing
L3 termination points for DHCP subscribers.

Just to sum things up:

Subinterfaces alternative:

-They comsume an internal VLAN for each subintreface.
-For each subsciber no mac-address table is required, just and ARP entry.

EVC alternative:

-Using a bridge domain only one VLAN will suffice.
-But because of the bridge-domain the 7600 will have to populate its mac-address
table with one entry for each subscriber.

-Also since the evc-alternative is "partly L2 based" the dhcp-snooping security
mechanisms can be employed.

I am concerned about the mac-address capacity. Since servicing DHCP subscribers
in ES+ is purely a L3 service there should be no need to populate the
mac-table with
extra entries (in this way more resources can be used for other L2 services).

Victor

>On Sat, Oct 24, 2009 at 5:19 PM, Arie Vayner (avayner) <avayner at cisco.com> wrote:
> Victor,
>
> Use the EVC alternative.
> It would allow you to get the flexibility offered by EVC with regards to
> VLAN number space, L2 services scalability, QOS and many other advanced
> capabilities.
>
> Arie
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Victor Lyapunov
> Sent: Tuesday, October 20, 2009 09:54
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] 7609 DHCP alternatives - EVC / Subinterfaces
>
> Hi All
>
> I am trying to test DHCP functionality with 7600 router. Traffic
> arrives from all customer facing interfaces (ES+), arrive using the
> same VLAN. 7600 perfoms DHCP relay and acts as a gateway for all of
> them. With the new cards ES+ we have two options for the configuration
> of customer facing interfaces
>
> 1. Using EVC + SVI interface
>
>  int g4/1
>     service instance 100 ethernet
>     encapsulation dot1q 100
>     rewrite ingress tag pop 1 symmetric
>     bridge-domain 100 split-horizon
>  int g4/2
>     service instance 100 ethernet
>     encapsulation dot1q 100
>     rewrite ingress tag pop 1 symmetric
>     bridge-domain 100 split-horizon
>
>  int Vlan 100
>     ip address 10.0.0.1 255.255.255.0
>     ip helper address 192.168.0.1
>
> 2. Using IP subinterfaces
>
>  int loopback 100
>     ip address 10.0.0.1 255.255.255.0
>
>  int g4/1.100
>     encapsulation dot1q 100
>     ip address unnumbered loopback 100
>     ip helper address 192.168.0.1
>
>  int g4/2.100
>     encapsulation dot1q 100
>     ip address unnumbered loopback 100
>     ip helper address 192.168.0.1
>
>
> Both configurations seem to achieve the same effect but I am not sure
> which one
> is the preferable for large amount of traffic / subscribers.
>
> For example due to the bridge domain I would expect that the first
> alternative will
> create more entries in the mac-address table.
>
> Thanx
>
> Victor
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list