Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet?
Hi Chris, Hi all, Q-in-Q / L2Tunnel and 802.1ad with LACP works with Cisco switches without any problem. On ME switch and I tested it with small low-cost 3560G, it works too. Here's an example: http://www.cisco.com/en/US/docs/switches/metro/me3400e/software/release/12.2_55_se/configuration/guide/swtunnel.html#wp1066465 Is it what you are looking for? Cheers, Jerome Jerome Tissieres ___ Head of Network Engineering Operations Ticinocom SA Via Stazione 5 CH-6600 Locarno Phone +41 91 220 00 00 Fax +41 91 220 00 10 www.ticino.com ___ 2013/6/16 chris burri chris.bu...@hotmail.ch Unfortunately, QinQ (which is called vman in the Extreme Networks world) does not work with LACP. Corroborating to the problem is the fact that the LAG ports originate on the same switch that provides the transport vmans. Since QinQ transports share src/dst MAC address-space with the connected customer VLANs, the direct approach does not even work for non-LACP LAGs. I successfully employed encapsulation of the LACP LAG legs with a pair of EdgeMAX Lite routers, configured for L2 GRE Bridging. I was then able to pipe the encapsulated LAG legs back into the Summit X460 Switch where they originally came from, and transport them over the vmans. Unfortunately, the performance achieved by this solution (~350mbps on a single leg) is far from sufficient. Two kind members of the NANOG mailing list pointed me to ethernet demarcation devices (E-Line being of interest here) from accedian and ciena, which might just do the trick at GigE wire speed: http://www.accedian.com/en/products/ethernid-family.html http://www.ciena.com/products/3902/ Silvan also pointed out that Mikrotik's EoIP might provide adequate performance when provided by a pair of CCR1036 36 core CPU routers. However, it looks as if the accedian/ciena devices would offer a much more cost-effective approach. Mit freundlichen Grüssen Chris Burri --- -= Amat Victoria Curam =- Date: Sun, 16 Jun 2013 12:19:39 +0200 From: swinog-l...@dudes.ch To: swinog@lists.swinog.ch Subject: Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet? I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need full (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary. Since you don't need encryption, aren't these more or less the same requirements as to transport dot1q tags within an existing vlan, that is, q-in-q? The foundry/brocade approach would be to override the frame tag on the entry and exit ports and declare those ports as access-ports (untagged to transport-vlan XYZ), thus transporting anything that comes in there via vlan XYZ to the destination. Or is LACP more low-level and can't be tricked to be relayed by playing with frame types? Cheers, Markus ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet?
Hi Chris, Here are two more that support LACP tunneling at wire speed. Juniper EX series http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/l2pt-ex-series.html RAD ETX series http://www.rad.com/12/Ethernet-over-Fiber/13101/ Regards, Fadi On Mon, Jun 17, 2013 at 9:21 AM, Jérôme Tissières j...@ticino.com wrote: Hi Chris, Hi all, Q-in-Q / L2Tunnel and 802.1ad with LACP works with Cisco switches without any problem. On ME switch and I tested it with small low-cost 3560G, it works too. Here's an example: http://www.cisco.com/en/US/docs/switches/metro/me3400e/software/release/12.2_55_se/configuration/guide/swtunnel.html#wp1066465 Is it what you are looking for? Cheers, Jerome Jerome Tissieres ___ Head of Network Engineering Operations Ticinocom SA Via Stazione 5 CH-6600 Locarno Phone +41 91 220 00 00 Fax +41 91 220 00 10 www.ticino.com ___ 2013/6/16 chris burri chris.bu...@hotmail.ch Unfortunately, QinQ (which is called vman in the Extreme Networks world) does not work with LACP. Corroborating to the problem is the fact that the LAG ports originate on the same switch that provides the transport vmans. Since QinQ transports share src/dst MAC address-space with the connected customer VLANs, the direct approach does not even work for non-LACP LAGs. I successfully employed encapsulation of the LACP LAG legs with a pair of EdgeMAX Lite routers, configured for L2 GRE Bridging. I was then able to pipe the encapsulated LAG legs back into the Summit X460 Switch where they originally came from, and transport them over the vmans. Unfortunately, the performance achieved by this solution (~350mbps on a single leg) is far from sufficient. Two kind members of the NANOG mailing list pointed me to ethernet demarcation devices (E-Line being of interest here) from accedian and ciena, which might just do the trick at GigE wire speed: http://www.accedian.com/en/products/ethernid-family.html http://www.ciena.com/products/3902/ Silvan also pointed out that Mikrotik's EoIP might provide adequate performance when provided by a pair of CCR1036 36 core CPU routers. However, it looks as if the accedian/ciena devices would offer a much more cost-effective approach. Mit freundlichen Grüssen Chris Burri --- -= Amat Victoria Curam =- Date: Sun, 16 Jun 2013 12:19:39 +0200 From: swinog-l...@dudes.ch To: swinog@lists.swinog.ch Subject: Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet? I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need full (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary. Since you don't need encryption, aren't these more or less the same requirements as to transport dot1q tags within an existing vlan, that is, q-in-q? The foundry/brocade approach would be to override the frame tag on the entry and exit ports and declare those ports as access-ports (untagged to transport-vlan XYZ), thus transporting anything that comes in there via vlan XYZ to the destination. Or is LACP more low-level and can't be tricked to be relayed by playing with frame types? Cheers, Markus ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Fwd: Transparent 1Gig Ethernet over IP/Ethernet?
Hi Chris, Here are two more that support LACP tunneling at wire speed. Juniper EX series http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/l2pt-ex-series.html RAD ETX series http://www.rad.com/12/Ethernet-over-Fiber/13101/ Regards, Fadi On Mon, Jun 17, 2013 at 9:21 AM, Jérôme Tissières j...@ticino.com wrote: Hi Chris, Hi all, Q-in-Q / L2Tunnel and 802.1ad with LACP works with Cisco switches without any problem. On ME switch and I tested it with small low-cost 3560G, it works too. Here's an example: http://www.cisco.com/en/US/docs/switches/metro/me3400e/software/release/12.2_55_se/configuration/guide/swtunnel.html#wp1066465 Is it what you are looking for? Cheers, Jerome Jerome Tissieres ___ Head of Network Engineering Operations Ticinocom SA Via Stazione 5 CH-6600 Locarno Phone +41 91 220 00 00 Fax +41 91 220 00 10 www.ticino.com ___ 2013/6/16 chris burri chris.bu...@hotmail.ch Unfortunately, QinQ (which is called vman in the Extreme Networks world) does not work with LACP. Corroborating to the problem is the fact that the LAG ports originate on the same switch that provides the transport vmans. Since QinQ transports share src/dst MAC address-space with the connected customer VLANs, the direct approach does not even work for non-LACP LAGs. I successfully employed encapsulation of the LACP LAG legs with a pair of EdgeMAX Lite routers, configured for L2 GRE Bridging. I was then able to pipe the encapsulated LAG legs back into the Summit X460 Switch where they originally came from, and transport them over the vmans. Unfortunately, the performance achieved by this solution (~350mbps on a single leg) is far from sufficient. Two kind members of the NANOG mailing list pointed me to ethernet demarcation devices (E-Line being of interest here) from accedian and ciena, which might just do the trick at GigE wire speed: http://www.accedian.com/en/products/ethernid-family.html http://www.ciena.com/products/3902/ Silvan also pointed out that Mikrotik's EoIP might provide adequate performance when provided by a pair of CCR1036 36 core CPU routers. However, it looks as if the accedian/ciena devices would offer a much more cost-effective approach. Mit freundlichen Grüssen Chris Burri --- -= Amat Victoria Curam =- Date: Sun, 16 Jun 2013 12:19:39 +0200 From: swinog-l...@dudes.ch To: swinog@lists.swinog.ch Subject: Re: [swinog] Transparent 1Gig Ethernet over IP/Ethernet? I need to transparently (especially LACP frames) transport a gigabit ethernet link with at least 1500 MTU over either IP or Ethernet. Jumbo frames are enabled on the L2 transport backbone. While I need full (some encap overhead will be acceptable) GigE wire speed, encryption is unnecessary. Since you don't need encryption, aren't these more or less the same requirements as to transport dot1q tags within an existing vlan, that is, q-in-q? The foundry/brocade approach would be to override the frame tag on the entry and exit ports and declare those ports as access-ports (untagged to transport-vlan XYZ), thus transporting anything that comes in there via vlan XYZ to the destination. Or is LACP more low-level and can't be tricked to be relayed by playing with frame types? Cheers, Markus ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] sflow proxy/multiplexer
Hi there, Maybe some of you folks can give me a hint on this... I do have a linux box which is receiving sflow data from routers/switches/etc. I want this box to forward the sflow data to two or three other hosts. So I am looking for a decent sflow proxy/multiplexer. Any suggestions are welcome - preferably opensource :) Thanks in advance. Cheers, Julian ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] sflow proxy/multiplexer
should be quite easy to solve with a small C program which reads UDP packets from a socket and replicates them to some other destinations. Easy-peasy :) From: Julian Rutz m...@jurutz.com To: swi...@swinog.ch Sent: Monday, June 17, 2013 8:46 PM Subject: [swinog] sflow proxy/multiplexer Hi there, Maybe some of you folks can give me a hint on this... I do have a linux box which is receiving sflow data from routers/switches/etc. I want this box to forward the sflow data to two or three other hosts. So I am looking for a decent sflow proxy/multiplexer. Any suggestions are welcome - preferably opensource :) Thanks in advance. Cheers, Julian ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] sflow proxy/multiplexer
Oh hai You may have some success with iptables, I didn't test that though: iptables -t mangle -A PREROUTING -p udp --dport 2055 -j TEE --gateway IP of your target host http://stackoverflow.com/questions/14896390/clone-and-forward-with-iptables HTH - Mathias On Jun 17, 2013, at 8:46 PM, Julian Rutz m...@jurutz.com wrote: Hi there, Maybe some of you folks can give me a hint on this... I do have a linux box which is receiving sflow data from routers/switches/etc. I want this box to forward the sflow data to two or three other hosts. So I am looking for a decent sflow proxy/multiplexer. Any suggestions are welcome - preferably opensource :) Thanks in advance. Cheers, Julian ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
