Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Question on passing MAC addresses over switched metro ethernet

Reply
Thread Tools

Question on passing MAC addresses over switched metro ethernet

 
 
pfisterfarm
Guest
Posts: n/a
 
      12-14-2011
I've got a situation where several remote sites are connected to a
central location using AT&T's Customized Switched Metro Ethernet
(CSME). The core switches at each location are Cisco 4500 series
units.

The problem is this... each remote site has a server assigned to it,
which is being implemented as a virtual machine at the central
location in the vlan belonging to the remote site's core network. The
AT&T network learns the MAC addresses from each remote site, and the
switch at the central location learns them from AT&T. This is working
fine, but AT&T has to learn every MAC addresses from all the remote
sites. This means we need to make sure they're allowing sufficient
addresses to cover all the sites, plus they charge according to how
many they're allowing through.

I'm trying to research alternatives. Is there any way to pass the MAC
addresses from the remote site to the switches connecting the VMWare
servers (6 servers between 2 physical switches) without special setup
on AT&T's part? If it will require additional hardware, that's fine,
just need to look at all the options.
 
Reply With Quote
 
 
 
 
Rob
Guest
Posts: n/a
 
      12-14-2011
pfisterfarm <(E-Mail Removed)> wrote:
> I've got a situation where several remote sites are connected to a
> central location using AT&T's Customized Switched Metro Ethernet
> (CSME). The core switches at each location are Cisco 4500 series
> units.
>
> The problem is this... each remote site has a server assigned to it,
> which is being implemented as a virtual machine at the central
> location in the vlan belonging to the remote site's core network. The
> AT&T network learns the MAC addresses from each remote site, and the
> switch at the central location learns them from AT&T. This is working
> fine, but AT&T has to learn every MAC addresses from all the remote
> sites. This means we need to make sure they're allowing sufficient
> addresses to cover all the sites, plus they charge according to how
> many they're allowing through.
>
> I'm trying to research alternatives. Is there any way to pass the MAC
> addresses from the remote site to the switches connecting the VMWare
> servers (6 servers between 2 physical switches) without special setup
> on AT&T's part? If it will require additional hardware, that's fine,
> just need to look at all the options.


In a situation like that, we created an extra VLAN just for the links
and used IP routing to route the traffic over that VLAN to the remote
sites. Each links sees only the MAC addresses of the switches at each
end.

When you don't want IP routing you can of course use MAC-in-MAC tunneling.
 
Reply With Quote
 
 
 
 
pfisterfarm
Guest
Posts: n/a
 
      12-14-2011
> When you don't want IP routing you can of course use MAC-in-MAC tunneling.

Is this something the service provider needs to make happen, or can I
do something on my end?
 
Reply With Quote
 
Rob
Guest
Posts: n/a
 
      12-14-2011
pfisterfarm <(E-Mail Removed)> wrote:
>> When you don't want IP routing you can of course use MAC-in-MAC tunneling.

>
> Is this something the service provider needs to make happen, or can I
> do something on my end?


I don't know. We use the IP routing, and it can be done with any layer 3
switch. It cleanly solves the problem.

Just create an extra VLAN, assign it a small subnet, put two different
addresses on each end of the link and assign an untagged port for your
link. Put in routes to route your traffic back and forth and go...
 
Reply With Quote
 
pfisterfarm
Guest
Posts: n/a
 
      12-14-2011
On Dec 14, 3:51*pm, Rob <(E-Mail Removed)> wrote:
> Just create an extra VLAN, assign it a small subnet, put two different
> addresses on each end of the link and assign an untagged port for your
> link. *Put in routes to route your traffic back and forth and go...


Actually, that's the way we've got it set up now. Not many remote
sites have "ip routing" enabled in their config, but those that do
still have mac addresses showing up at the central site. Is there some
way to stop that?
 
Reply With Quote
 
Rob
Guest
Posts: n/a
 
      12-14-2011
pfisterfarm <(E-Mail Removed)> wrote:
> On Dec 14, 3:51*pm, Rob <(E-Mail Removed)> wrote:
>> Just create an extra VLAN, assign it a small subnet, put two different
>> addresses on each end of the link and assign an untagged port for your
>> link. *Put in routes to route your traffic back and forth and go...

>
> Actually, that's the way we've got it set up now. Not many remote
> sites have "ip routing" enabled in their config, but those that do
> still have mac addresses showing up at the central site. Is there some
> way to stop that?


Make sure the switchport that is connected to your link is only member
of the link VLAN, not of the default VLAN you use at the remote site.
 
Reply With Quote
 
pfisterfarm
Guest
Posts: n/a
 
      12-15-2011
On Dec 14, 4:45*pm, Rob <(E-Mail Removed)> wrote:
> pfisterfarm <(E-Mail Removed)> wrote:
> > On Dec 14, 3:51*pm, Rob <(E-Mail Removed)> wrote:
> >> Just create an extra VLAN, assign it a small subnet, put two different
> >> addresses on each end of the link and assign an untagged port for your
> >> link. *Put in routes to route your traffic back and forth and go...

>
> > Actually, that's the way we've got it set up now. Not many remote
> > sites have "ip routing" enabled in their config, but those that do
> > still have mac addresses showing up at the central site. Is there some
> > way to stop that?

>
> Make sure the switchport that is connected to your link is only member
> of the link VLAN, not of the default VLAN you use at the remote site.


It's set up as a trunk port
 
Reply With Quote
 
Rob
Guest
Posts: n/a
 
      12-15-2011
pfisterfarm <(E-Mail Removed)> wrote:
> On Dec 14, 4:45?pm, Rob <(E-Mail Removed)> wrote:
>> pfisterfarm <(E-Mail Removed)> wrote:
>> > On Dec 14, 3:51?pm, Rob <(E-Mail Removed)> wrote:
>> >> Just create an extra VLAN, assign it a small subnet, put two different
>> >> addresses on each end of the link and assign an untagged port for your
>> >> link. ?Put in routes to route your traffic back and forth and go...

>>
>> > Actually, that's the way we've got it set up now. Not many remote
>> > sites have "ip routing" enabled in their config, but those that do
>> > still have mac addresses showing up at the central site. Is there some
>> > way to stop that?

>>
>> Make sure the switchport that is connected to your link is only member
>> of the link VLAN, not of the default VLAN you use at the remote site.

>
> It's set up as a trunk port


That is not a good idea... at least not when this trunk port is also a
member of the default VLAN.

What we use is a port that is only a (tagged) member of the link VLAN.
Untagged could be used as well, but in tagged mode there can be priority
information with each frame.

As soon as you remove the port from the default VLAN, you should no longer
see the MAC addresses of the local devices on the link.
 
Reply With Quote
 
pfisterfarm
Guest
Posts: n/a
 
      12-15-2011
>> As soon as you remove the port from the default VLAN, you should no longer
> see the MAC addresses of the local devices on the link.


So, we need to make it an access port? And this will allow the vlan to
work at both locations?

 
Reply With Quote
 
Rob
Guest
Posts: n/a
 
      12-15-2011
pfisterfarm <(E-Mail Removed)> wrote:
>>> As soon as you remove the port from the default VLAN, you should no longer

>> see the MAC addresses of the local devices on the link.

>
> So, we need to make it an access port? And this will allow the vlan to
> work at both locations?


That is what you can do. Make it an access port for the vlan you use
for the link. Then the traffic will be sent untagged across the link.

It is possible to use a trunk port (tagged traffic) but you need to be
sure that the vlan you use for the local devices is not configured on
that port.

(I use HP Procurve and 3com switches so my terminology may be a bit
different than what you see on Cisco switches)

Of course, you IP addressing plan should be such that this configuration
is possible. I.e. you have some IP subnet at the locations and another
IP subnet at the central site where the server is located, so that you
can configure routing between the server and the site. The default gateway
configured in the server and the clients is the address of the switch at
each end (for the default VLAN). Then you need a third subnet, a /30
at minimum, for the VLAN used for the link between the switches.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
occasional unreachability on switched metro ethernet connection Steve Pfister Cisco 0 11-04-2012 07:54 PM
Circuit-Switched vs Packet-Switched Lawrence D'Oliveiro NZ Computing 7 01-19-2009 12:40 AM
upgrading -> metro Ethernet vs DS3 P.Schuman Cisco 0 04-17-2007 12:09 AM
Remote VLANs bridging over metro ethernet ... Pedro Ribeiro Cisco 4 07-21-2004 11:43 AM
Percentage of switched vs. non-switched Ethernet Networks ??? Chris Cisco 8 04-15-2004 09:56 PM



Advertisments