Community discussions

 
User avatar
ploquets
Member Candidate
Member Candidate
Topic Author
Posts: 128
Joined: Tue Nov 17, 2015 12:49 pm
Location: Uruguaiana, RS, Brazil
Contact:

Tip about VPLS

Tue Nov 17, 2015 1:26 pm

Hello guys, first post !!! and honestly, I'm kind of a beginner.... please be pacient

Well, people exchange knowledge and learn this way, so, I'm kindly asking for help :)

We are a internet service provider:
A brief about our infrastructure:

-- Towers do not connect direct to each other, all towers point to a single tower, which leads to border router (CCR)
-- We use P2P radios to connect all towers to the main tower
-- Routers and AP are connected in sequence "inside" the tower that distribute link to our costumers
-- Sometimes we use a RB750 as a "L3 Switch" . Because all AP are connected to it with /30 connection.
-- Clients SXT connects to some of these APs which pass all the way hoping all of the routers
-- PPPoE Server are these APs. We use Radius to authenticate and to give valid IP


The path to get to our customers needs to pass all L3 connections to routers, we do not have a Switch on the tower, so, what is bothering me is all those hops to get out and get back in.

We are used to work with static routes, assigning /27 valid range IP pool, but we are running out of IPs and we decided to go dynamic by using OSPF.

And to make a job more complete, I was reading about making a L2 Tunnel using VPLS (I'm aware of some MTU configuration, jumbo frames and most common problems that we face by implement MPLS) to be able to reach the border router with 1 hop.

Is it possible to use our L3 network to create a L2 Tunnel and use this tunnel to reduce hops making the path all the way to the border transparent?

any tips on that?

Thank you very much!
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1053
Joined: Fri Aug 10, 2012 6:46 am
Location: Jackson, MS, USA
Contact:

Re: Tip about VPLS

Tue Nov 17, 2015 4:54 pm

We use VPLS when building networks for ISPs all the time for exactly that reason. Aside from being a great way to backhaul PPPoE from different locations to a common BRAS, it works very well if you have a customer that you want to hand off a full BGP table to. By building a VPLS pseudowire, you can bring a customer directly from the edge into a PoP and peer them with a PE. That way you don't have to bring a full BGP table deep into your network and you aren't allowing the customer to participate in routing within the transport sections of your network.

VPLS can also be used to give a customer a private L2 handoff at multiple locations. You already mentioned the biggest problem people run into when deploying MPLS which is MTU. Typically if every piece of equipment will support a minimum of 1530 bytes, you can do just about anything you need to.

Good luck!
Global - MikroTik Support & Consulting - English | Francais | Español | Portuguese +1 855-645-7684
https://iparchitechs.com/services/mikro ... l-support/ mikrotiksupport@iparchitechs.com
 
User avatar
ploquets
Member Candidate
Member Candidate
Topic Author
Posts: 128
Joined: Tue Nov 17, 2015 12:49 pm
Location: Uruguaiana, RS, Brazil
Contact:

Re: Tip about VPLS

Tue Nov 17, 2015 5:36 pm

We use VPLS when building networks for ISPs all the time for exactly that reason. Aside from being a great way to backhaul PPPoE from different locations to a common BRAS, it works very well if you have a customer that you want to hand off a full BGP table to. By building a VPLS pseudowire, you can bring a customer directly from the edge into a PoP and peer them with a PE. That way you don't have to bring a full BGP table deep into your network and you aren't allowing the customer to participate in routing within the transport sections of your network.

VPLS can also be used to give a customer a private L2 handoff at multiple locations. You already mentioned the biggest problem people run into when deploying MPLS which is MTU. Typically if every piece of equipment will support a minimum of 1530 bytes, you can do just about anything you need to.

Good luck!
Thanks for your reply!
But, how can I forward traffic thru the VPLS tunnel ?

I've created a VPLS on the AP and CCR (which is my border) but, if I trace route to anywhere else, outside the POP (tower) network, I can see every hop. I would like to make this transparent, like you said, a pseudowire (using the L3 connection already done)

I don't know how to proceed. :(

I'm trying to simulate the cenario with GNS3, and this is what I've done so far:

Created 3 areas inside OSPF to simulate more than one POP (tower)
1- area1
2- area2
3- backbone

Area 1 and Area 2 are NSSA because I don't want the routes to be on every device. I want to segregate the routing table by PoP (tower) so, it is (not so) stub because I want to redistribute connected routes on the AP so it can propagate routes from clients connected by PPPoE .

It is working so far. CCR has 3 areas. Its concentrating all areas and all routes but is not injecting any routes to the NSSA routes that is not directly from that area. All clients connected to the AP by PPPoE are appearing on CCR's routing table and everything works.

I already accomplished MPLS implementation, the only problem is that when the VPLS is enable, it insist to use the path on the routing table and is not using the VPLS at all.

What am I missing?

Thanks again!
 
marcodefreitas
just joined
Posts: 20
Joined: Tue Feb 10, 2015 7:25 pm

Re: Tip about VPLS

Wed Nov 25, 2015 4:21 am

And to make a job more complete, I was reading about making a L2 Tunnel using VPLS (I'm aware of some MTU configuration, jumbo frames and most common problems that we face by implement MPLS) to be able to reach the border router with 1 hop.
You can do it merely enabling MPLS on every host.
 
User avatar
ploquets
Member Candidate
Member Candidate
Topic Author
Posts: 128
Joined: Tue Nov 17, 2015 12:49 pm
Location: Uruguaiana, RS, Brazil
Contact:

Re: Tip about VPLS

Wed Nov 25, 2015 5:45 pm

And to make a job more complete, I was reading about making a L2 Tunnel using VPLS (I'm aware of some MTU configuration, jumbo frames and most common problems that we face by implement MPLS) to be able to reach the border router with 1 hop.
You can do it merely enabling MPLS on every host.
Well, be enabling MPLS on every device will make MPLS to work, indeed.
But, even after MPLS working OK, I can create a VPLS, which works OK.

But, how to make OSPF to advertise all /32 routes from PPPoE clients to the border and make client's traffic to flow thru the VPLS tunnel ?
 
marcodefreitas
just joined
Posts: 20
Joined: Tue Feb 10, 2015 7:25 pm

Re: Tip about VPLS

Thu Nov 26, 2015 8:26 pm

But, how to make OSPF to advertise all /32 routes from PPPoE clients to the border and make client's traffic to flow thru the VPLS tunnel ?
If you want to concentrate the PPPoE tunnels in a single point you will need VPLS tunnels. If you can have several PPPoE server in the network you can do "one hop" pings via MPLS. In OSPF you can do the /32 advertising enabling "Redistribute Connected Routes" on each PPPoE host. The routes will be forwarded to the gateway.
 
User avatar
ploquets
Member Candidate
Member Candidate
Topic Author
Posts: 128
Joined: Tue Nov 17, 2015 12:49 pm
Location: Uruguaiana, RS, Brazil
Contact:

Re: Tip about VPLS

Fri Nov 27, 2015 2:13 am

But, how to make OSPF to advertise all /32 routes from PPPoE clients to the border and make client's traffic to flow thru the VPLS tunnel ?
If you want to concentrate the PPPoE tunnels in a single point you will need VPLS tunnels. If you can have several PPPoE server in the network you can do "one hop" pings via MPLS. In OSPF you can do the /32 advertising enabling "Redistribute Connected Routes" on each PPPoE host. The routes will be forwarded to the gateway.

Yes! That's exactly what I did.
I did run OSPF on every device and at the and, I've marked the "redistribute connected routes".
But, MPLS by it self will not make the path transparent to the border.... it still hops on every device in the middle.

What I want is to make the path transparent and using the PPPoE at the AP (which is where client's SXT are connected).

I'm aware that I can make a concentrated PPPoE server and bridge the WLAN and the VPLS tunnel to make the PPPoE client connect directly on "border" flowing thru the pseudowire VPLS. One thing I noticed is that with stub areas or NSSA areas the VPLS tunnel does not work for this purpose. I need to use a "normal" area to use VPLS and PPPoE inside.

But that is not what I want to know.

The goal I want to achieve is:

- Be able to deliver dynamic /32 to clients, saving IPs [the only way to do that is being able to advertise the client to the border dynamically on the moment that it connects to PPPoE Server]

- Use MPLS (VLPS) to be able to make the L3 path transparent by the VPLS pseudowire and to get only 1 hop to the border.

- Be able to advertise the /32 client on the border by OSPF (today I can do that by "redistributing connected routes" on the AP, the problem is that using this way (with NSSA areas) we could not make VPLS to work [yet, don't know if that is possible]; and by using a "normal" area [that way VPLS works] will be a lot of routes (all /32 clients routes) propagating inside all routers which will not help... maybe we will need to create some kind of filter, I really don't know)


-----------------------------------------------------------------------------------------
EDIT:
Yes, it works with NSSA areas and Sub areas.... only one thing to do is to advertise the loopback as the stub area network, and not as backbone area.
 
marcodefreitas
just joined
Posts: 20
Joined: Tue Feb 10, 2015 7:25 pm

Re: Tip about VPLS

Sat Nov 28, 2015 4:53 pm

[

- Be able to deliver dynamic /32 to clients, saving IPs [the only way to do that is being able to advertise the client to the border dynamically on the moment that it connects to PPPoE Server]

- Use MPLS (VLPS) to be able to make the L3 path transparent by the VPLS pseudowire and to get only 1 hop to the border.

- Be able to advertise the /32 client on the border by OSPF (today I can do that by "redistributing connected routes" on the AP, the problem is that using this way (with NSSA areas) we could not make VPLS to work [yet, don't know if that is possible]; and by using a "normal" area [that way VPLS works] will be a lot of routes (all /32 clients routes) propagating inside all routers which will not help... maybe we will need to create some kind of filter, I really don't know)


-----------------------------------------------------------------------------------------
EDIT:
Yes, it works with NSSA areas and Sub areas.... only one thing to do is to advertise the loopback as the stub area network, and not as backbone area.
You can do it using RFC1918 between routers and another CIDR for loopback (like CGNAT's 100.64/10). You can stub the RFC1918 point-to-point area and advertise the loopback area. Wtachout about MPLS MTU too. Try to encapsulate VLANs in the VPLS tunnel, I see PPPoE server don't like VPLS (I can be wrong about this).
 
User avatar
ploquets
Member Candidate
Member Candidate
Topic Author
Posts: 128
Joined: Tue Nov 17, 2015 12:49 pm
Location: Uruguaiana, RS, Brazil
Contact:

Re: Tip about VPLS

Sat Nov 28, 2015 5:51 pm

You can stub the RFC1918 point-to-point area and advertise the loopback area.
What is a point-to-point area?
What's the point of implementing it?

Thanks !
 
User avatar
nickshore
Member
Member
Posts: 473
Joined: Thu Mar 03, 2005 4:14 pm
Location: Suffolk, UK.
Contact:

Re: Tip about VPLS

Sat Nov 28, 2015 7:00 pm

But, how to make OSPF to advertise all /32 routes from PPPoE clients to the border and make client's traffic to flow thru the VPLS tunnel ?
If you want to concentrate the PPPoE tunnels in a single point you will need VPLS tunnels. If you can have several PPPoE server in the network you can do "one hop" pings via MPLS. In OSPF you can do the /32 advertising enabling "Redistribute Connected Routes" on each PPPoE host. The routes will be forwarded to the gateway.

Yes! That's exactly what I did.
I did run OSPF on every device and at the and, I've marked the "redistribute connected routes".
But, MPLS by it self will not make the path transparent to the border.... it still hops on every device in the middle.

You need to turn off propagate TTL in your MPLS settings. That will hide the internal hops

Nick
Nick Shore MTCNA MTCWE MTCRE MTCINE MTCTCE
LinITX.com - MultiThread Consultants
Get your MikroTik RBs and Training: http://linitx.com/brand/mikrotik
Official UK MikroTik Distributor
IRC chan: #routerboard on irc.z.je (IPv4 and IPv6)
 
User avatar
ploquets
Member Candidate
Member Candidate
Topic Author
Posts: 128
Joined: Tue Nov 17, 2015 12:49 pm
Location: Uruguaiana, RS, Brazil
Contact:

Re: Tip about VPLS

Mon Nov 30, 2015 12:40 am

You need to turn off propagate TTL in your MPLS settings. That will hide the internal hops
Nick

Nice man!
That way works!

But, thinking about performace, will this work same way as making a VPLS tunel and concentrating PPPoE ?

What would you recommend ?

Thank you! Nice tip!
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1053
Joined: Fri Aug 10, 2012 6:46 am
Location: Jackson, MS, USA
Contact:

Re: Tip about VPLS

Mon Nov 30, 2015 5:33 pm

You need to turn off propagate TTL in your MPLS settings. That will hide the internal hops
Nick

Nice man!
That way works!

But, thinking about performace, will this work same way as making a VPLS tunel and concentrating PPPoE ?

What would you recommend ?

Thank you! Nice tip!
As long as you have hardware that isn't overutilized and you've got all your MTUs squared away, VPLS performance is excellent.

In some DSL wireline networks we have designed that rely on PPPoE, we have used hundreds of VLANs over VPLS and 20,000+ subscribers on that architecture.
Global - MikroTik Support & Consulting - English | Francais | Español | Portuguese +1 855-645-7684
https://iparchitechs.com/services/mikro ... l-support/ mikrotiksupport@iparchitechs.com
 
marcodefreitas
just joined
Posts: 20
Joined: Tue Feb 10, 2015 7:25 pm

Re: Tip about VPLS

Wed Dec 02, 2015 8:10 pm


Nice man!
That way works!

But, thinking about performace, will this work same way as making a VPLS tunel and concentrating PPPoE ?

What would you recommend ?

Thank you! Nice tip!
No. MPLS works forwarding IP packets without processing then (no CRC check, no TTL decrement, no routing table lookups, no new CRC). VPLS works forwarding complete Ethernet frames.
 
User avatar
ploquets
Member Candidate
Member Candidate
Topic Author
Posts: 128
Joined: Tue Nov 17, 2015 12:49 pm
Location: Uruguaiana, RS, Brazil
Contact:

Re: Tip about VPLS

Wed Dec 02, 2015 10:20 pm

You need to turn off propagate TTL in your MPLS settings. That will hide the internal hops

Nick
One thing I've notice... it seems to show hops only from LERs... but the LSRs are transparent if I uncheck the TTL Propagate.

On my cenario, there is only one LSR between clients and border...
so, only one hop is not showing... others are shown by traceroute.
 
marcodefreitas
just joined
Posts: 20
Joined: Tue Feb 10, 2015 7:25 pm

Re: Tip about VPLS

Thu Dec 03, 2015 8:10 am


One thing I've notice... it seems to show hops only from LERs... but the LSRs are transparent if I uncheck the TTL Propagate.

On my cenario, there is only one LSR between clients and border...
so, only one hop is not showing... others are shown by traceroute.
You need to generate the packets, add labels to each: high CPU on edge.
The next hop only need to look the label: low CPU, no routing, no CRC, no TTL, no hop count, no traceroute.
You need to remove the label from the packets:high CPU on edge, routing, CRC, TTL decrease, CRC again, hop count, traceroute shown.

Who is online

Users browsing this forum: No registered users and 9 guests