RE: L2 vs L3 [7:73255]
Thanks for the kind words, Michelle! Bill Creighton CCNP Network Design Engineer, eVPN NSPM AT&T Business Service Delivery 231 Martingale Rd. Suite 800 Schaumburg, IL 60173-2008 Office: 847-407-4108 Fax: 847-598-6400 Mobile: 630-290-7000 [EMAIL PROTECTED] > -Original Message- > From: Truman, Michelle, RTSLS > Sent: Thursday, July 31, 2003 12:33 PM > To: [EMAIL PROTECTED] > Subject: RE: L2 vs L3 [7:73255] > > > Actually John, contrary to what was stated, AT&T has a really great > bunch of pre-sales engineers who do give customers lots of > time, and the > time of day if they need it, to talk about VPN's. Not to > mention lots of > support on the backend if you are already a customer. We've > been running > 2547 VPN's since 1998 over Fr/ATM and since 2000 over our IP backbone. > Customers using VOIP really like our VPN's because they have inherent > full mesh topologies and built in QOS using CBFWQ/LLQ/WRED. > > L2 VPN's are for carriers who don't have other choices, such > as Sprint, > which has IP globally, but not frame relay. They are able to provide a > global VPN that way. They didn't really have a choice. Now, they have > totally done an about face due to massive customer pressure and are > implementing 2547 after saying for years that it wasn't necessary, > sucks, etc. > > the industry choice appears to be 2547 though you can't > forget the Qwest > solution as it is popular with many customers. L2 is nice for > end to end > routing control also. But only if you NEED full mesh. > Otherwise, there's > nothing wrong with good old fashioned FR and ATM pvc's. 2547 VPN's are > different and require some thought, because you are > essentially routing > WITH your carrier instead of transparently to your carrier. > > Michelle > > Michelle Truman CCIE # 8098 > Principal Technical Consultant > AT&T Solutions Center > mailto:[EMAIL PROTECTED] > Work: 651-998-0949 > > > > > > -Original Message- > From: John Neiberger [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 31, 2003 10:55 AM > To: [EMAIL PROTECTED] > Subject: Re: L2 vs L3 [7:73255] > > > >You have a lot of options. I recommend Sprint first, then Level-3, > >then GX. Unless you are already in bed with Qwest or AT&T, they > >won't give you the time-of-day for support (and you are going to > >need good support for an offering like this). In particular, I > >recommend Sprint's PW option (UTI on Cisco GSR), and Level-3's > >(3)Packet MPLS-VPN option (Martini L2VPN on Laurel Networks). > > > > I just checked the Sprintbiz site and they seem to offer a > network-based > IP > VPN and a CPE-based IP VPN. It appears to me that these are both L3 > VPNs. > It's hard to find much more than marketing materials on their site, > though, > and I'd love to read more details. Are those the Sprint services you > were > referring to? And what is the PW option you refer to? > > I've already read a little about the Level-3 MPLS-VPN and it sounded > like a > good option but we come back to the full-mesh issue. It would > take over > 5300 > PVCs to create a full mesh with their L2 VPN. A full mesh isn't a > requirement, but it is a very nice feature of the Qwest PRN > service and > given our network design and traffic flow, that is a great benefit. > > John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73304&t=73255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: L2 vs L3 [7:73255]
John Neiberger 7/31/03 10:36:14 AM >>> >>You have a lot of options. I recommend Sprint first, then Level-3, >>then GX. Unless you are already in bed with Qwest or AT&T, they >>won't give you the time-of-day for support (and you are going to >>need good support for an offering like this). In particular, I >>recommend Sprint's PW option (UTI on Cisco GSR), and Level-3's >>(3)Packet MPLS-VPN option (Martini L2VPN on Laurel Networks). >> > >I just checked the Sprintbiz site and they seem to offer a network-based IP >VPN and a CPE-based IP VPN. It appears to me that these are both L3 VPNs. >It's hard to find much more than marketing materials on their site, though, >and I'd love to read more details. Are those the Sprint services you were >referring to? And what is the PW option you refer to? > >I've already read a little about the Level-3 MPLS-VPN and it sounded like a >good option but we come back to the full-mesh issue. It would take over 5300 >PVCs to create a full mesh with their L2 VPN. A full mesh isn't a >requirement, but it is a very nice feature of the Qwest PRN service and >given our network design and traffic flow, that is a great benefit. > >John I hate to follow-up on my own posts but after further reading about Sprint's IP VPN network it appears to be very similar to the Qwest PRN except that it uses IS-IS at the core instead of OSPF, while they both appear to use IPSec for tunneling. Could it be that they're both based on 2764? I'm going to call our Sprint account rep and ask her about this service. She could probably put me in touch with an engineer who could answer some of these questions. John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73288&t=73255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L2 vs L3 [7:73255]
Actually John, contrary to what was stated, AT&T has a really great bunch of pre-sales engineers who do give customers lots of time, and the time of day if they need it, to talk about VPN's. Not to mention lots of support on the backend if you are already a customer. We've been running 2547 VPN's since 1998 over Fr/ATM and since 2000 over our IP backbone. Customers using VOIP really like our VPN's because they have inherent full mesh topologies and built in QOS using CBFWQ/LLQ/WRED. L2 VPN's are for carriers who don't have other choices, such as Sprint, which has IP globally, but not frame relay. They are able to provide a global VPN that way. They didn't really have a choice. Now, they have totally done an about face due to massive customer pressure and are implementing 2547 after saying for years that it wasn't necessary, sucks, etc. the industry choice appears to be 2547 though you can't forget the Qwest solution as it is popular with many customers. L2 is nice for end to end routing control also. But only if you NEED full mesh. Otherwise, there's nothing wrong with good old fashioned FR and ATM pvc's. 2547 VPN's are different and require some thought, because you are essentially routing WITH your carrier instead of transparently to your carrier. Michelle Michelle Truman CCIE # 8098 Principal Technical Consultant AT&T Solutions Center mailto:[EMAIL PROTECTED] Work: 651-998-0949 -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Thursday, July 31, 2003 10:55 AM To: [EMAIL PROTECTED] Subject: Re: L2 vs L3 [7:73255] >You have a lot of options. I recommend Sprint first, then Level-3, >then GX. Unless you are already in bed with Qwest or AT&T, they >won't give you the time-of-day for support (and you are going to >need good support for an offering like this). In particular, I >recommend Sprint's PW option (UTI on Cisco GSR), and Level-3's >(3)Packet MPLS-VPN option (Martini L2VPN on Laurel Networks). > I just checked the Sprintbiz site and they seem to offer a network-based IP VPN and a CPE-based IP VPN. It appears to me that these are both L3 VPNs. It's hard to find much more than marketing materials on their site, though, and I'd love to read more details. Are those the Sprint services you were referring to? And what is the PW option you refer to? I've already read a little about the Level-3 MPLS-VPN and it sounded like a good option but we come back to the full-mesh issue. It would take over 5300 PVCs to create a full mesh with their L2 VPN. A full mesh isn't a requirement, but it is a very nice feature of the Qwest PRN service and given our network design and traffic flow, that is a great benefit. John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73293&t=73255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: L2 vs L3 [7:73255]
>You have a lot of options. I recommend Sprint first, then Level-3, >then GX. Unless you are already in bed with Qwest or AT&T, they >won't give you the time-of-day for support (and you are going to >need good support for an offering like this). In particular, I >recommend Sprint's PW option (UTI on Cisco GSR), and Level-3's >(3)Packet MPLS-VPN option (Martini L2VPN on Laurel Networks). > I just checked the Sprintbiz site and they seem to offer a network-based IP VPN and a CPE-based IP VPN. It appears to me that these are both L3 VPNs. It's hard to find much more than marketing materials on their site, though, and I'd love to read more details. Are those the Sprint services you were referring to? And what is the PW option you refer to? I've already read a little about the Level-3 MPLS-VPN and it sounded like a good option but we come back to the full-mesh issue. It would take over 5300 PVCs to create a full mesh with their L2 VPN. A full mesh isn't a requirement, but it is a very nice feature of the Qwest PRN service and given our network design and traffic flow, that is a great benefit. John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73285&t=73255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: L2 vs L3 [7:73255]
> ""John Neiberger"" wrote in message ... > > bulk of their traffic. When considering a move to VoIP or expanded > > video conferencing this can create some traffic shaping issues. > > For VoIP, you want to consider a control/data plane that makes this > traffic forwarding optimal...the topology is of less concern, no? The topology is not much of a concern for VoIP. Assuming point-to-point links we'd need each location to have at least two routes back to the hub for other reasons. This increased the number of frame relay PVCs at each location, which in turn caused over-restrictive-yet-necessary traffic shaping issues. > > > traffic shaping. In fact, traffic shaping might not be necessary; > > LLQ might be all that is necessary. I'll have to ponder that some > > more. > > You'll probably want outbound queue and drop mechanisms on a > class-based model (e.g. CBLLQ with WRED). Shaping and FR > Interworking seem to over-complicate what you are trying to do. > > > Regardless, with a 2764-style VPN like the Qwest PRN we'd end up > > with a fully-meshed network where all nodes appear to be one-hop > > Where did you read that L2VPN's (or L2TPv3 Pseudowires) don't do > full-mesh? I guess that was an assumption. After reading the interview with Martini I took a look at Level3's offering and it is point-to-point. In my mind I just assumed that meant more of a traditional hub-and-spoke design and not a full mesh. A full mesh in our network would require the creation and management of over 5300 PVCs. Is that reasonable? > > > on a per-PVC basis. Since we're still considering moving to IP > > Telephony and we're expanding our use of video conferencing this > > You have a lot of options. I recommend Sprint first, then Level-3, > then GX. Unless you are already in bed with Qwest or AT&T, they > won't give you the time-of-day for support (and you are going to > need good support for an offering like this). In particular, I > recommend Sprint's PW option (UTI on Cisco GSR), and Level-3's > (3)Packet MPLS-VPN option (Martini L2VPN on Laurel Networks). I haven't checked into Sprint yet and I've just browsed through the marketing blurbs of Level-3's option. We are heavily in bed with Qwest, but they also have the benefit of infrastructure in Denver. They might even be better prepared to handle our network than Level-3. I don't know if these other providers have the infrastructure in Colorado to support our network. As an example, I checked into one offering over a year ago--I think it was Worldcom, but I'm not sure--and they only had a single POP in Denver, and there may have been only a single router, with some redundancy, to handle our entire network. That sounded a little silly to me. Do you really get the benefit of MPLS when your traffic never leaves the router? :-) Besides, they also said that they would have to especially provision new big pipes out to some outlying cities in order to reach many of our branches. It would simply have been too much of a pain to deal with. At least with Qwest our connectivity would be quite diverse and there wouldn't be a single point of failure. Perhaps competitor's networks have been built out enough that this is no longer an issue. Regardless of the possibilities of failure, Qwest can reach *every* branch--including the few in California--right now. Still, I will check further into these other options. I'm really enjoying learning about the possibilities. > > Any other VPN offering sounds iffy to mecoming from my experience, > but you should seek other opinions and do a full analysis for > yourself. I had never even heard of RFC 2764 before, and I've > never been impressed by the Passport/Accelar/etc. The Qwest PRN runs on the Shasta BSN-5000 platform. > > > My feeling after spending a few days reading about this is that > > given a moderately large hub-and-spoke network, a L3 VPN might be > > of more benefit than a L2 VPN. > > I'm curious as to how you came to this conclusion, what did you > read/hear? > > -dre That was only an initial supposition, really, not a solid position, and that's based primarily on my assumption that a full mesh with an L2 VPN would be cumbersome. If that's not true then I'll have to rethink my supposition. Keep in mind that I'm a newby with this VPN stuff. :-) It's very interesting but I've really only digging into it deeply for a handful of days. Many thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73262&t=73255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: L2 vs L3 [7:73255]
""John Neiberger"" wrote in message ... > bulk of their traffic. When considering a move to VoIP or expanded > video conferencing this can create some traffic shaping issues. For VoIP, you want to consider a control/data plane that makes this traffic forwarding optimal...the topology is of less concern, no? > traffic shaping. In fact, traffic shaping might not be necessary; > LLQ might be all that is necessary. I'll have to ponder that some > more. You'll probably want outbound queue and drop mechanisms on a class-based model (e.g. CBLLQ with WRED). Shaping and FR Interworking seem to over-complicate what you are trying to do. > Regardless, with a 2764-style VPN like the Qwest PRN we'd end up > with a fully-meshed network where all nodes appear to be one-hop Where did you read that L2VPN's (or L2TPv3 Pseudowires) don't do full-mesh? > on a per-PVC basis. Since we're still considering moving to IP > Telephony and we're expanding our use of video conferencing this You have a lot of options. I recommend Sprint first, then Level-3, then GX. Unless you are already in bed with Qwest or AT&T, they won't give you the time-of-day for support (and you are going to need good support for an offering like this). In particular, I recommend Sprint's PW option (UTI on Cisco GSR), and Level-3's (3)Packet MPLS-VPN option (Martini L2VPN on Laurel Networks). GX has a lot of MPLS-VPN experience with both Cisco GSR and Juniper (but their financials are up in the air and Juniper T-series is a poor platform for low-latency because of the sequence error and other problems - however, knowing GX engineers they probably already worked around these). As a fourth option, I would even look at C&W over Qwest/others - even though they are leaving the US marketbecause their PW offering (very similar to Sprint's) is also top-notch. Maybe something good will happen to GX and C&W? Any other VPN offering sounds iffy to mecoming from my experience, but you should seek other opinions and do a full analysis for yourself. I had never even heard of RFC 2764 before, and I've never been impressed by the Passport/Accelar/etc. And I'm definitely not a Qwest fan (except maybe old school USWest FR, the !NTERPRISE Networking Services group was probably some of the best carrier services I have ever received in my life -- they were actually proactive about customer outages and would call you within seconds of your service going down). > My feeling after spending a few days reading about this is that > given a moderately large hub-and-spoke network, a L3 VPN might be > of more benefit than a L2 VPN. I'm curious as to how you came to this conclusion, what did you read/hear? -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73260&t=73255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VPNs: L2 vs L3 [7:73255]
As some of you can tell I'm on a VPN-related kick lately. Sorry. I just finished reading an interview with Luca Martini and that got me interested in finding out more about L2 VPNs. I'm already getting fairly familiar with RFC 2764-style L3 VPNs, particularly Qwest's PRN offering. After reading the interview I checked into Level3's (3)Packet Data Services solution and it seems to be pretty cool, as well. However, I'm still leaning toward L3 VPNs and here's why. Right now we have a frame relay network where most of our locations has at least two or three PVCs and sometimes as many as four or five that carry the bulk of their traffic. When considering a move to VoIP or expanded video conferencing this can create some traffic shaping issues. For example, in frame relay you want to shape your traffic such that no PVC can burst over its CIR. If you have three PVCs that limits each of them to 512k even when no critical traffic is present! This is not flexible, and during our VoIP testing it really irritated our LAN group who were used to transferring large amounts of data at night to these locations. As I understand L2 VPNs, at least the Martini/Level3 variety, we'd still end up with a large, hub-and-spoke, point-to-point network and hence would have similar traffic shaping issues. Perhaps the big benefit is that we don't have the CIR limitation so we might not have to be so restrictive with our traffic shaping. In fact, traffic shaping might not be necessary; LLQ might be all that is necessary. I'll have to ponder that some more. Regardless, with a 2764-style VPN like the Qwest PRN we'd end up with a fully-meshed network where all nodes appear to be one-hop away from all other nodes. It's a multipoint solution where each location gets to use the full access pipe into the network without worrying about shaping or queueing on a per-PVC basis. Since we're still considering moving to IP Telephony and we're expanding our use of video conferencing this provides some amazing benefits from a functional perspective but it also greatly reduces the complexity of our router configuration. There are some operational trade-offs but I think those are workable. My feeling after spending a few days reading about this is that given a moderately large hub-and-spoke network, a L3 VPN might be of more benefit than a L2 VPN. Any thoughts? Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73255&t=73255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]