At 10/13/2012 11:27 AM, Tim Densmore wrote: >Hi Fred, > >I think a lot of the confusion here comes from the fact that you're >using generic terms like "switching" and "VLAN" to describe complex >Metro-E/Carrier-E scenarios. Standard VLANs break up broadcast domains, >but they don't create virtual circuits or provide total isolation - this >is one of the reasons I initially asked what you were describing. >Metro-e q-in-q with stag/ctag UNIs and EVCs behave much differently than >standard packet switched ethernet "dot1q" VLANs in that regard. I'd >reference the different metro-e IEEE standards if I were smart enough to >keep them all in my head or unlazy enough to look them up.
Yep, the terminology is confusing. I'm talking about Metro-E (a/k/a Carrier Ethernet), which is "switching" and uses the "VLAN" tag, but sure isn't LAN switching. The confusion is that the original 1980s Orange Hose Ethernet was a broadcast-topology LAN, and the original bridges were designed to be transparent. So by the 1990s orange hose was gone, and all Ethernet was switched, but it was switched using the bridge construct. And this still works fine for LANs and the home application. They don't need isolation. I see a lot of confusion between these two worlds in the wireline/IT world too. Data centers use big managed "switches" that are still LAN-model, or use VLANs with limited isolation. They rarely deal with QoS. But when you hit the WAN space, the Carrier Ethernet construct makes more sense, generally to provide a 2-point pipe between routers, or a fan-in. The ILECs are selling these things like crazy. What's frustrating is that there are differences between each carriers' offerings; they don't have an easy apples-to-apples comparison. Some of this is policy (do they want to sell CIR and EIR separately?) and some of this is hardware limitations (VZ-Core's Fujitsu 4500s can't do EVPL, so they map EPLs onto SONET VCGs). The Metro Ethernet Forum wrote its standards using constructs adapted from earlier switches, based of course on what vendors were building. So the VLAN tag is used as the VCI, even though it's too small. And a lot of switches can do both the CE and LAN application, depending on how they're configured. (Extreme comes to mind.) Throw in the term "layer 3 switching" and you realize that we're a bit short of unique nouns in our vocabulary! >Tons of info available at metroethernetforum.org for folks who are >trying to figure out what I'm talking about. > >I'd be extremely impressed to learn that you could do a decent metro-e >roll-out with ubnt and mt. In the WISP world, I'd expect single-tagged >dot1q VLANs to be enough to differentiate customer traffic, even in >large-ish MPOP scenarios. How many POPs generally hang off a single >network segment before hitting a router? I would not expect a large-scale Metro-E/Carrier-E network to be built using MT or UBNT in the middle. But a WISP or small ISP might want to provide some "isolated" Ethernet pipes between a customers' locations -- think of schools in a district, for instance, or some other operation that has internal networking, uses its own private address space, and wants to maintain one firewall, hanging other sites behind it. That's one application. Another is the CPE: The RB2011 with the SFP slot looks like a potential CPE for a building that has one fiber drop feeding multiple networks. The application that comes to mind is a state office building with offices for motor vehicles, social services, and taxation in it -- each has its own isolated network, but why not share fiber? Ciena-class boxes are typically used for that, at a much higher price. (I ran into this while doing a procurement cycle for a state network.) One other way to look at the difference: The usual ISP view is that there is one global public IP address space, and NAT is the exception used at the customer location. The enterprise-IT view is that everybody has their own private IP network, and the public Internet is that dangerous space on the other side of a firewall. Where you stand on that influences the design of the network and switches. >Thanks for the interesting discussion! I've enjoyed it. I still hope somebody at some point figures out just how close you can get to an MEF-type switch using RouterOS or AirOS. Or EdgeOS, Real Soon Now. (They're all Linux under the skin, after all.) >TD > >On 10/12/2012 10:14 PM, Fred Goldstein wrote: > > I'm not sure we're talking about the same thing. It is allowing only > > the VLAN to go from A to B, while nothing else goes to A or B, and the > > VLAN is invisible to everyone else. Which is really virtual circuit > > behavior; VLAN is the legacy name of the VC ID. > > > > In CE switching, then, the VLAN receives no broadcasts from anyone > > else on the switch or network, and sends no broadcasts outside. What > > goes onto that mapped port, or onto a VLAN pre-tagged to go to that > > port, is totally and completely invisible to all other users. So it's > > secure enough for public safety use on a shared PMD. This is > > different from a bridge, where broadcasts go everywhere. One type of > > MEF service (EP-LAN) does actually emulate a LAN with >2 ports and > > broadcasts among them, but the more common EPL and EVPL would not know > > a broadcast frame from anything else, since they just pass the MAC > > addresses transparently. > >_______________________________________________ >Wireless mailing list >Wireless@wispa.org >http://lists.wispa.org/mailman/listinfo/wireless -- Fred Goldstein k1io fgoldstein "at" ionary.com ionary Consulting http://www.ionary.com/ +1 617 795 2701 _______________________________________________ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless