Introduction
To begin with, recall that VLAN is essentially a broadcast domain. Private VLANs (PVANs) allow splitting the domain into multiple isolated broadcast “subdomains”, introducing sub-VLANs inside a VLAN. As we know, Ethernet VLANs can not communicate directly with each other – they require a L3 device to forward packets between separate broadcast domains. The same restriction applies to PVLANS – since the subdomains are isolated at Level 2, they need to communicate using an upper level (L3/packet forwarding) device – such as router.
In reality, different VLANs normally map to different IP subnets. When we split a VLAN using PVLANs, hosts in different PVLANs still belong to the same IP subnet, yet now they need to use a router (L3 device) to talk to each other (for example, by using Local Proxy ARP). In turn, the router may either permit or forbid communications between sub-VLANs using access-lists. Commonly, these configurations arise in “shared” environments, say ISP co-location, where it’s beneficial to put multiple customers into the same IP subnet, yet provide a good level of isolation between them.
more ->
http://blog.ine.com/2008/07/14/private-vlans-revisited/
6/27/2011
blog mobile template enabled
google just rocks. You can enable mobile view for your blog from the blog settings menu.
6/24/2011
Brussels lab location (IPexpert)
http://www.youtube.com/watch?v=9bRbL_SOYfo&feature=player_embedded#at=202
6/23/2011
MLPPP LFI
Looks like this is one of the tricky small topics which every ccie r&s candidate should know.
So imagine the following scenario. You have two routers R4 and R5 with serial interface and you have to configure multilink interleaving and fragmentation. One of the most important thing you should remember is that the interleaving is working only on "fair-queue" enabled interfaces. So usually the tricky question is when you are asked to configure frame relay traffic shaping and enable the ppp multilink interleaving and fragmentation(which will be automatically configured for you if you don't specify it)
so, the first thing that you have to remember is if you have frame relay traffic-shaping it will disable the fair queue on the interface. So what we should do is to configure the interleaving on the Multilink interface. So there is the configuration output example:
[I am using Internetwork Expert R&S Workbook 1, task 10.55, version of the document 5.019]
Also in this particular INE task they are asking to configure back-to-back frame-relay with single p2p interface using DLCI 100 - if you ever have this case don't forget to enable the frame-frame relay switching.
[R4 Serial1/0] --- [Serial 1/0 R5]
R4#sh running-config interface serial 0/1
Building configuration...
Current configuration : 199 bytes
!
interface Serial0/1
no ip address
encapsulation frame-relay
no keepalive
clock rate 2000000
frame-relay traffic-shaping
frame-relay interface-dlci 100 ppp Virtual-Template1
class FRTS
end
R4#sh running-config interface multilink 1
Building configuration...
interface Multilink1
ip address 10.77.45.4 255.255.255.0
fair-queue
ppp multilink
ppp multilink interleave
ppp multilink group 1
ppp multilink fragment delay 10
end
R4#sh running-config interface virtual-template 1
Building configuration...
!
interface Virtual-Template1
bandwidth 512
no ip address
ppp multilink
ppp multilink group 1
end
and there is the verification
R4#show ppp multilink
Multilink1
Bundle name: R5
Remote Endpoint Discriminator: [1] R5
Local Endpoint Discriminator: [1] R4
Bundle up for 00:03:16, total bandwidth 512, load 1/255
Receive buffer limit 12000 bytes, frag timeout 1000 ms
Interleaving enabled
0/0 fragments/bytes in reassembly list
0 lost fragments, 0 reordered
0/0 discarded fragments/bytes, 0 lost received
0x9 received sequence, 0x9 sent sequence
Member links: 1 active, 1 inactive (max not set, min not set)
Vi1, since 00:03:16, 640 weight, 630 frag size
Vt1 (inactive)
No inactive multilink interfaces
R4#
You can disable the fair-queue on the multilink interface and see the difference.
So imagine the following scenario. You have two routers R4 and R5 with serial interface and you have to configure multilink interleaving and fragmentation. One of the most important thing you should remember is that the interleaving is working only on "fair-queue" enabled interfaces. So usually the tricky question is when you are asked to configure frame relay traffic shaping and enable the ppp multilink interleaving and fragmentation(which will be automatically configured for you if you don't specify it)
so, the first thing that you have to remember is if you have frame relay traffic-shaping it will disable the fair queue on the interface. So what we should do is to configure the interleaving on the Multilink interface. So there is the configuration output example:
[I am using Internetwork Expert R&S Workbook 1, task 10.55, version of the document 5.019]
Also in this particular INE task they are asking to configure back-to-back frame-relay with single p2p interface using DLCI 100 - if you ever have this case don't forget to enable the frame-frame relay switching.
[R4 Serial1/0] --- [Serial 1/0 R5]
R4#sh running-config interface serial 0/1
Building configuration...
Current configuration : 199 bytes
!
interface Serial0/1
no ip address
encapsulation frame-relay
no keepalive
clock rate 2000000
frame-relay traffic-shaping
frame-relay interface-dlci 100 ppp Virtual-Template1
class FRTS
end
R4#sh running-config interface multilink 1
Building configuration...
interface Multilink1
ip address 10.77.45.4 255.255.255.0
fair-queue
ppp multilink
ppp multilink interleave
ppp multilink group 1
ppp multilink fragment delay 10
end
R4#sh running-config interface virtual-template 1
Building configuration...
!
interface Virtual-Template1
bandwidth 512
no ip address
ppp multilink
ppp multilink group 1
end
and there is the verification
R4#show ppp multilink
Multilink1
Bundle name: R5
Remote Endpoint Discriminator: [1] R5
Local Endpoint Discriminator: [1] R4
Bundle up for 00:03:16, total bandwidth 512, load 1/255
Receive buffer limit 12000 bytes, frag timeout 1000 ms
Interleaving enabled
0/0 fragments/bytes in reassembly list
0 lost fragments, 0 reordered
0/0 discarded fragments/bytes, 0 lost received
0x9 received sequence, 0x9 sent sequence
Member links: 1 active, 1 inactive (max not set, min not set)
Vi1, since 00:03:16, 640 weight, 630 frag size
Vt1 (inactive)
No inactive multilink interfaces
R4#
You can disable the fair-queue on the multilink interface and see the difference.
6/15/2011
basic MPLS VPN scenario
It's really basic topology with two VPN clients. I decided to use VRF CLIENT_A and VRF CLIENT_B; CLIENT_A is running OSPF and CLIENT_B is running BGP. There is another link between SW3 and SW2. I have configured sham-link to avoid it.
Something interesting and maybe a common mistake is when you configure the sham-links to use wrong "area id" and what would happen is that the routes in your fib table will appear as INTER-AREA routes instead of INTRA-AREA routes.
There is nothing specific about VRF CLIENT_B, anyway, if someone is digging and looking for some scenario maybe this picture will be useful.
Something interesting and maybe a common mistake is when you configure the sham-links to use wrong "area id" and what would happen is that the routes in your fib table will appear as INTER-AREA routes instead of INTRA-AREA routes.
There is nothing specific about VRF CLIENT_B, anyway, if someone is digging and looking for some scenario maybe this picture will be useful.
Subscribe to:
Posts (Atom)