[c-nsp] ME3600 Configuration
Sikandar Ali
sikandar at hotmail.co.uk
Tue Jun 30 09:09:37 EDT 2015
Hello Guys
We have a requirement to provide several L2 services on
Fibre and Ethernet circuits to atleast 50 sites.
These services include multitenant solutions, Management for
Wireless, Videoconferencing etc.
All the fibre and Ethernet circuits use the VLANs
provisioned by wholesale providers and my plan is to encapsulate C-VLANs within
a Provider VLANs and use a single /22 or /24 to terminate all services. So
configuration of ME3600 would look like:
In the example below, VLANs 1000,2000 and 3000 are provider
VLANs and VLANs 3800-3802 are internal
interface GigabitEthernet0/14
description || Interface facing Wholesale Provider e.g.
Colt, BT etc
!
service instance 1000 ethernet
description || Service Instance for site1 ||
encapsulation dot1q 1000 second-dot1q 3800-3802
rewrite ingress tag pop1 symmetric
bridge-domain 1000
!
service instance 2000 ethernet
description || Service Instance for site2 ||
encapsulation dot1q 2000 second-dot1q 3800-3802
rewrite ingress tag pop1 symmetric
bridge-domain 2000
!
service instance 3000 ethernet
description || Service Instance for site2 ||
encapsulation dot1q 3000 second-dot1q 3800-3802
rewrite ingress tag pop1 symmetric
bridge-domain 3000
!
And so on…
interface GigabitEthernet0/24
description || Facing our core router||
!
service instance 1000 ethernet
encapsulation dot1q 3800-3802
bridge-domain 1000
!
service instance 2000 ethernet
encapsulation dot1q 3800-3802
bridge-domain 2000
!
service instance 3000 ethernet
encapsulation dot1q 3800-3802
bridge-domain 3000
!
All these dot1qs will be terminated on the core router using
single /24 or/22.e.g.
interface GigabitEthernet0/0.3800
description Single /22 for Videoconferencing
encapsulation dot1Q 3800
ip address 10.38.0.0 255.255.252.0
!
interface GigabitEthernet0/0.3801
description Single /22 for Wifi Management
encapsulation dot1Q 3801
ip address 10.39.0.0 255.255.252.0
!
interface GigabitEthernet0/0.3802
description Single /22 for Switch management
encapsulation dot1Q 3802
ip address 10.40.0.0 255.255.252.0
My questions are:
1)
Is this configuration safe considering we will
have 50+ sites using the same Gateway for each service? Would you guys
recommend this? If yes, please give your reasons
2)
I am worried about spanning tree especially some
switches at the customer network will not be in our control? However, we would
have managed switch at the end of each circuit. Any suggestions on how should
we configure MST?
3)
Another worry is broadcast storm especially if
ME3600 restarts etc
Please let me know what do you think and if you have any
suggestions, that would be much appreciated.
Regards,
Sikandar
More information about the cisco-nsp
mailing list