Hello guys, first post !!! and honestly, I’m kind of a beginner… please be pacient
Well, people exchange knowledge and learn this way, so, I’m kindly asking for help
We are a internet service provider:
A brief about our infrastructure:
– Towers do not connect direct to each other, all towers point to a single tower, which leads to border router (CCR)
– We use P2P radios to connect all towers to the main tower
– Routers and AP are connected in sequence “inside” the tower that distribute link to our costumers
– Sometimes we use a RB750 as a “L3 Switch” . Because all AP are connected to it with /30 connection.
– Clients SXT connects to some of these APs which pass all the way hoping all of the routers
– PPPoE Server are these APs. We use Radius to authenticate and to give valid IP
The path to get to our customers needs to pass all L3 connections to routers, we do not have a Switch on the tower, so, what is bothering me is all those hops to get out and get back in.
We are used to work with static routes, assigning /27 valid range IP pool, but we are running out of IPs and we decided to go dynamic by using OSPF.
And to make a job more complete, I was reading about making a L2 Tunnel using VPLS (I’m aware of some MTU configuration, jumbo frames and most common problems that we face by implement MPLS) to be able to reach the border router with 1 hop.
Is it possible to use our L3 network to create a L2 Tunnel and use this tunnel to reduce hops making the path all the way to the border transparent?
We use VPLS when building networks for ISPs all the time for exactly that reason. Aside from being a great way to backhaul PPPoE from different locations to a common BRAS, it works very well if you have a customer that you want to hand off a full BGP table to. By building a VPLS pseudowire, you can bring a customer directly from the edge into a PoP and peer them with a PE. That way you don’t have to bring a full BGP table deep into your network and you aren’t allowing the customer to participate in routing within the transport sections of your network.
VPLS can also be used to give a customer a private L2 handoff at multiple locations. You already mentioned the biggest problem people run into when deploying MPLS which is MTU. Typically if every piece of equipment will support a minimum of 1530 bytes, you can do just about anything you need to.
Thanks for your reply!
But, how can I forward traffic thru the VPLS tunnel ?
I’ve created a VPLS on the AP and CCR (which is my border) but, if I trace route to anywhere else, outside the POP (tower) network, I can see every hop. I would like to make this transparent, like you said, a pseudowire (using the L3 connection already done)
I don’t know how to proceed.
I’m trying to simulate the cenario with GNS3, and this is what I’ve done so far:
Created 3 areas inside OSPF to simulate more than one POP (tower)
1- area1
2- area2
3- backbone
Area 1 and Area 2 are NSSA because I don’t want the routes to be on every device. I want to segregate the routing table by PoP (tower) so, it is (not so) stub because I want to redistribute connected routes on the AP so it can propagate routes from clients connected by PPPoE .
It is working so far. CCR has 3 areas. Its concentrating all areas and all routes but is not injecting any routes to the NSSA routes that is not directly from that area. All clients connected to the AP by PPPoE are appearing on CCR’s routing table and everything works.
I already accomplished MPLS implementation, the only problem is that when the VPLS is enable, it insist to use the path on the routing table and is not using the VPLS at all.
If you want to concentrate the PPPoE tunnels in a single point you will need VPLS tunnels. If you can have several PPPoE server in the network you can do “one hop” pings via MPLS. In OSPF you can do the /32 advertising enabling “Redistribute Connected Routes” on each PPPoE host. The routes will be forwarded to the gateway.
Yes! That’s exactly what I did.
I did run OSPF on every device and at the and, I’ve marked the “redistribute connected routes”.
But, MPLS by it self will not make the path transparent to the border… it still hops on every device in the middle.
What I want is to make the path transparent and using the PPPoE at the AP (which is where client’s SXT are connected).
I’m aware that I can make a concentrated PPPoE server and bridge the WLAN and the VPLS tunnel to make the PPPoE client connect directly on “border” flowing thru the pseudowire VPLS. One thing I noticed is that with stub areas or NSSA areas the VPLS tunnel does not work for this purpose. I need to use a “normal” area to use VPLS and PPPoE inside.
But that is not what I want to know.
The goal I want to achieve is:
**- Be able to deliver dynamic /32 to clients, saving IPs [the only way to do that is being able to advertise the client to the border dynamically on the moment that it connects to PPPoE Server]
\
Use MPLS (VLPS) to be able to make the L3 path transparent by the VPLS pseudowire and to get only 1 hop to the border.
\
Be able to advertise the /32 client on the border by OSPF (today I can do that by “redistributing connected routes” on the AP, the problem is that using this way (with NSSA areas) we could not make VPLS to work [yet, don’t know if that is possible]; and by using a “normal” area [that way VPLS works] will be a lot of routes (all /32 clients routes) propagating inside all routers which will not help… maybe we will need to create some kind of filter, I really don’t know)**
EDIT:
Yes, it works with NSSA areas and Sub areas… only one thing to do is to advertise the loopback as the stub area network, and not as backbone area.
You can do it using RFC1918 between routers and another CIDR for loopback (like CGNAT’s 100.64/10). You can stub the RFC1918 point-to-point area and advertise the loopback area. Wtachout about MPLS MTU too. Try to encapsulate VLANs in the VPLS tunnel, I see PPPoE server don’t like VPLS (I can be wrong about this).
As long as you have hardware that isn’t overutilized and you’ve got all your MTUs squared away, VPLS performance is excellent.
In some DSL wireline networks we have designed that rely on PPPoE, we have used hundreds of VLANs over VPLS and 20,000+ subscribers on that architecture.
No. MPLS works forwarding IP packets without processing then (no CRC check, no TTL decrement, no routing table lookups, no new CRC). VPLS works forwarding complete Ethernet frames.
You need to generate the packets, add labels to each: high CPU on edge.
The next hop only need to look the label: low CPU, no routing, no CRC, no TTL, no hop count, no traceroute.
You need to remove the label from the packets:high CPU on edge, routing, CRC, TTL decrease, CRC again, hop count, traceroute shown.
