Hi all,
I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need "full" (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary.
Can anyone suggest a product -ideally some low-maintenance, high-reliability, perhaps ASIC-based hardware- that can do this?
I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need "full" (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary.
Since you don't need encryption, aren't these more or less the same requirements as to transport dot1q tags within an existing vlan, that is, q-in-q? The foundry/brocade approach would be to override the frame tag on the entry and exit ports and declare those ports as access-ports (untagged to transport-vlan XYZ), thus transporting anything that comes in there via vlan XYZ to the destination. Or is LACP more low-level and can't be tricked to be relayed by playing with frame types?
Cheers, Markus
Unfortunately, QinQ (which is called "vman" in the Extreme Networks world) does not work with LACP. Corroborating to the problem is the fact that the LAG ports originate on the same switch that provides the transport vmans. Since QinQ transports share src/dst MAC address-space with the connected "customer" VLANs, the "direct" approach does not even work for non-LACP LAGs.
I successfully employed encapsulation of the LACP LAG legs with a pair of EdgeMAX Lite routers, configured for L2 GRE Bridging. I was then able to pipe the encapsulated LAG legs back into the Summit X460 Switch where they originally came from, and transport them over the vmans. Unfortunately, the performance achieved by this solution (~350mbps on a single leg) is far from sufficient.
Two kind members of the NANOG mailing list pointed me to ethernet demarcation devices (E-Line being of interest here) from accedian and ciena, which might just do the trick at GigE wire speed:
http://www.accedian.com/en/products/ethernid-family.html http://www.ciena.com/products/3902/
Silvan also pointed out that Mikrotik's EoIP might provide adequate performance when provided by a pair of CCR1036 36 core CPU routers. However, it looks as if the accedian/ciena devices would offer a much more cost-effective approach.
Mit freundlichen Grüssen Chris Burri
---
-= Amat Victoria Curam =-
Date: Sun, 16 Jun 2013 12:19:39 +0200 From: swinog-list@dudes.ch To: swinog@lists.swinog.ch Subject: Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet?
I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need "full" (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary.
Since you don't need encryption, aren't these more or less the same requirements as to transport dot1q tags within an existing vlan, that is, q-in-q? The foundry/brocade approach would be to override the frame tag on the entry and exit ports and declare those ports as access-ports (untagged to transport-vlan XYZ), thus transporting anything that comes in there via vlan XYZ to the destination. Or is LACP more low-level and can't be tricked to be relayed by playing with frame types?
Cheers, Markus
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
To add info from my end, I belive the CCR 1036 is massively overpowered, but I will conduct some tests on my own ;) I expect the CCR1036 can saturate 4-8x Gbit that way.
----- Ursprüngliche Mail ----- Von: "chris burri" chris.burri@hotmail.ch An: "Markus Wild" swinog-list@dudes.ch, swinog@lists.swinog.ch Gesendet: Sonntag, 16. Juni 2013 13:00:18 Betreff: Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet?
Unfortunately, QinQ (which is called "vman" in the Extreme Networks world) does not work with LACP. Corroborating to the problem is the fact that the LAG ports originate on the same switch that provides the transport vmans. Since QinQ transports share src/dst MAC address-space with the connected "customer" VLANs, the "direct" approach does not even work for non-LACP LAGs.
I successfully employed encapsulation of the LACP LAG legs with a pair of EdgeMAX Lite routers, configured for L2 GRE Bridging. I was then able to pipe the encapsulated LAG legs back into the Summit X460 Switch where they originally came from, and transport them over the vmans. Unfortunately, the performance achieved by this solution (~350mbps on a single leg) is far from sufficient.
Two kind members of the NANOG mailing list pointed me to ethernet demarcation devices (E-Line being of interest here) from accedian and ciena, which might just do the trick at GigE wire speed:
http://www.accedian.com/en/products/ethernid-family.html http://www.ciena.com/products/3902/
Silvan also pointed out that Mikrotik's EoIP might provide adequate performance when provided by a pair of CCR1036 36 core CPU routers. However, it looks as if the accedian/ciena devices would offer a much more cost-effective approach.
Mit freundlichen Grüssen Chris Burri
---
-= Amat Victoria Curam = -
Date: Sun, 16 Jun 2013 12:19:39 +0200 From: swinog-list@dudes.ch To: swinog@lists.swinog.ch Subject: Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet?
I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need "full" (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary.
Since you don't need encryption, aren't these more or less the same requirements as to transport dot1q tags within an existing vlan, that is, q-in-q? The foundry/brocade approach would be to override the frame tag on the entry and exit ports and declare those ports as access-ports (untagged to transport-vlan XYZ), thus transporting anything that comes in there via vlan XYZ to the destination. Or is LACP more low-level and can't be tricked to be relayed by playing with frame types?
Cheers, Markus
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Hi Chris, Hi all,
Q-in-Q / L2Tunnel and 802.1ad with LACP works with Cisco switches without any problem. On ME switch and I tested it with small low-cost 3560G, it works too.
Here's an example: http://www.cisco.com/en/US/docs/switches/metro/me3400e/software/release/12.2...
Is it what you are looking for?
Cheers, Jerome
Jerome Tissieres ___________________________________ Head of Network Engineering & Operations
Ticinocom SA Via Stazione 5 CH-6600 Locarno Phone +41 91 220 00 00 Fax +41 91 220 00 10 www.ticino.com ___________________________________
2013/6/16 chris burri chris.burri@hotmail.ch
Unfortunately, QinQ (which is called "vman" in the Extreme Networks world) does not work with LACP. Corroborating to the problem is the fact that the LAG ports originate on the same switch that provides the transport vmans. Since QinQ transports share src/dst MAC address-space with the connected "customer" VLANs, the "direct" approach does not even work for non-LACP LAGs.
I successfully employed encapsulation of the LACP LAG legs with a pair of EdgeMAX Lite routers, configured for L2 GRE Bridging. I was then able to pipe the encapsulated LAG legs back into the Summit X460 Switch where they originally came from, and transport them over the vmans. Unfortunately, the performance achieved by this solution (~350mbps on a single leg) is far from sufficient.
Two kind members of the NANOG mailing list pointed me to ethernet demarcation devices (E-Line being of interest here) from accedian and ciena, which might just do the trick at GigE wire speed:
http://www.accedian.com/en/products/ethernid-family.html http://www.ciena.com/products/3902/
Silvan also pointed out that Mikrotik's EoIP might provide adequate performance when provided by a pair of CCR1036 36 core CPU routers. However, it looks as if the accedian/ciena devices would offer a much more cost-effective approach.
Mit freundlichen Grüssen Chris Burri
-= Amat Victoria Curam =-
Date: Sun, 16 Jun 2013 12:19:39 +0200 From: swinog-list@dudes.ch To: swinog@lists.swinog.ch Subject: Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet?
I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need "full" (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary.
Since you don't need encryption, aren't these more or less the same requirements as to transport dot1q tags within an existing vlan, that is, q-in-q? The foundry/brocade approach would be to override the frame tag on the entry and exit ports and declare those ports as access-ports (untagged to transport-vlan XYZ), thus transporting anything that comes in there via vlan XYZ to the destination. Or is LACP more low-level and can't be tricked to be relayed by playing with frame types?
Cheers, Markus
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Hi Chris,
Here are two more that support LACP tunneling at wire speed.
Juniper EX series http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/l2pt-ex-serie...
RAD ETX series http://www.rad.com/12/Ethernet-over-Fiber/13101/
Regards, Fadi
On Mon, Jun 17, 2013 at 9:21 AM, Jérôme Tissières jt@ticino.com wrote:
Hi Chris, Hi all,
Q-in-Q / L2Tunnel and 802.1ad with LACP works with Cisco switches without any problem. On ME switch and I tested it with small low-cost 3560G, it works too.
Here's an example:
http://www.cisco.com/en/US/docs/switches/metro/me3400e/software/release/12.2...
Is it what you are looking for?
Cheers, Jerome
Jerome Tissieres ___________________________________ Head of Network Engineering & Operations
Ticinocom SA Via Stazione 5 CH-6600 Locarno Phone +41 91 220 00 00 Fax +41 91 220 00 10 www.ticino.com ___________________________________
2013/6/16 chris burri chris.burri@hotmail.ch
Unfortunately, QinQ (which is called "vman" in the Extreme Networks world) does not work with LACP. Corroborating to the problem is the fact that the LAG ports originate on the same switch that provides the transport vmans. Since QinQ transports share src/dst MAC address-space with the connected "customer" VLANs, the "direct" approach does not even work for non-LACP LAGs.
I successfully employed encapsulation of the LACP LAG legs with a pair of EdgeMAX Lite routers, configured for L2 GRE Bridging. I was then able to pipe the encapsulated LAG legs back into the Summit X460 Switch where they originally came from, and transport them over the vmans. Unfortunately, the performance achieved by this solution (~350mbps on a single leg) is far from sufficient.
Two kind members of the NANOG mailing list pointed me to ethernet demarcation devices (E-Line being of interest here) from accedian and ciena, which might just do the trick at GigE wire speed:
http://www.accedian.com/en/products/ethernid-family.html http://www.ciena.com/products/3902/
Silvan also pointed out that Mikrotik's EoIP might provide adequate performance when provided by a pair of CCR1036 36 core CPU routers. However, it looks as if the accedian/ciena devices would offer a much more cost-effective approach.
Mit freundlichen Grüssen Chris Burri
-= Amat Victoria Curam =-
Date: Sun, 16 Jun 2013 12:19:39 +0200 From: swinog-list@dudes.ch To: swinog@lists.swinog.ch Subject: Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet?
I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need "full" (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary.
Since you don't need encryption, aren't these more or less the same requirements as to transport dot1q tags within an existing vlan, that is, q-in-q? The foundry/brocade approach would be to override the frame tag on the entry and exit ports and declare those ports as access-ports (untagged to transport-vlan XYZ), thus transporting anything that comes in there via vlan XYZ to the destination. Or is LACP more low-level and can't be tricked to be relayed by playing with frame types?
Cheers, Markus
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Hi Chris,
Here are two more that support LACP tunneling at wire speed.
Juniper EX series http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/l2pt-ex-serie...
RAD ETX series http://www.rad.com/12/Ethernet-over-Fiber/13101/
Regards, Fadi
On Mon, Jun 17, 2013 at 9:21 AM, Jérôme Tissières jt@ticino.com wrote:
Hi Chris, Hi all,
Q-in-Q / L2Tunnel and 802.1ad with LACP works with Cisco switches without any problem. On ME switch and I tested it with small low-cost 3560G, it works too.
Here's an example:
http://www.cisco.com/en/US/docs/switches/metro/me3400e/software/release/12.2...
Is it what you are looking for?
Cheers, Jerome
Jerome Tissieres ___________________________________ Head of Network Engineering & Operations
Ticinocom SA Via Stazione 5 CH-6600 Locarno Phone +41 91 220 00 00 Fax +41 91 220 00 10 www.ticino.com ___________________________________
2013/6/16 chris burri chris.burri@hotmail.ch
Unfortunately, QinQ (which is called "vman" in the Extreme Networks world) does not work with LACP. Corroborating to the problem is the fact that the LAG ports originate on the same switch that provides the transport vmans. Since QinQ transports share src/dst MAC address-space with the connected "customer" VLANs, the "direct" approach does not even work for non-LACP LAGs.
I successfully employed encapsulation of the LACP LAG legs with a pair of EdgeMAX Lite routers, configured for L2 GRE Bridging. I was then able to pipe the encapsulated LAG legs back into the Summit X460 Switch where they originally came from, and transport them over the vmans. Unfortunately, the performance achieved by this solution (~350mbps on a single leg) is far from sufficient.
Two kind members of the NANOG mailing list pointed me to ethernet demarcation devices (E-Line being of interest here) from accedian and ciena, which might just do the trick at GigE wire speed:
http://www.accedian.com/en/products/ethernid-family.html http://www.ciena.com/products/3902/
Silvan also pointed out that Mikrotik's EoIP might provide adequate performance when provided by a pair of CCR1036 36 core CPU routers. However, it looks as if the accedian/ciena devices would offer a much more cost-effective approach.
Mit freundlichen Grüssen Chris Burri
-= Amat Victoria Curam =-
Date: Sun, 16 Jun 2013 12:19:39 +0200 From: swinog-list@dudes.ch To: swinog@lists.swinog.ch Subject: Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet?
I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need "full" (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary.
Since you don't need encryption, aren't these more or less the same requirements as to transport dot1q tags within an existing vlan, that is, q-in-q? The foundry/brocade approach would be to override the frame tag on the entry and exit ports and declare those ports as access-ports (untagged to transport-vlan XYZ), thus transporting anything that comes in there via vlan XYZ to the destination. Or is LACP more low-level and can't be tricked to be relayed by playing with frame types?
Cheers, Markus
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Hi, Chris
You wrote:
I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need "full" (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary.
Can anyone suggest a product -ideally some low-maintenance, high-reliability, perhaps ASIC-based hardware- that can do this?
You definitely want hardware forwarding well before the Gig-E traffic level, especially if you plan to have several of them.
The MPLS capable Extreme X-series boxes have a feature that can do this well (vpws) and are the cheapest cost-per-port that I can find at the 10GE and 1GE levels. You're looking at the X460 models for Gig copper/SFP, or X670 for 10GE capable SFP+.
They are great for deployments which don't need a large number of MPLS LSPs across the platform, or a large number of VPLS instances terminating on the same box (point to point ethernet links that you configure burn two such VPLS instances). Based on what you have written, if there is nothing more complicated with your requirement, I would probably go for the boxes.
They don't do so well on high-reliability depending on what you mean - the boxes I run have a reliable history, but they don't have a redundant control plane, redundant power supplies, etc. There can be management-plane limitations sometimes (the config format and cli hurt, and the otherwise great automation isn't complete in the pseudo wire area). There are some other weird limitations which have hurt me on some designs (inability to wrap a single vlan into many vpls instances on a single port is one use case I really want).
I run two networks that offer e-line services, one uses Extreme, the other does not. Talk to me off list any time if you want more information.
Best wishes, Andy
-
Andy Davidson -
chris burri -
chris burri -
Fadi Bushnaq -
Jérôme Tissières -
Markus Wild -
Silvan M. Gebhardt