- L2TPv3 vs GRE for layer 2 bridging?
- Posted by Rob on February 27th, 2004
I need to create a solution which allows me to bridge non-IP traffic
between two sites, but I'd like to do it over the Internet instead of
getting a leased line. With a P-to-P T1, this is easy. Turn on
bridging of the appropriate interfaces and away you go.
But over an IP network, what is the best way? Does basic GRE
tunneling work, or does it require L2TPv3, of which I read a little
about on CCO.
Assume the ISP will not be helping with this endeavor. I want to do
it via the endpoint routers which I control.
Thanks,
Robert
- Posted by Erik Tamminga on February 28th, 2004
Hi,
Haven't done L2TPv3 but GRE works fine. The approach is actually the same as
with the PtP T1, just bridge between the appropriate interfaces (ex. int
Ethernet0/0 and int Tunnel0).
Erik
"Rob" <bobh1234@hotmail.com> wrote in message
news:ddtu309sjm825ih2fc8omvls25od9uiv2a@4ax.com...
- Posted by Rob on February 28th, 2004
I haven't been able to put Bridge-group X on a Tunnel interface.
On Sat, 28 Feb 2004 12:13:13 +0100, "Erik Tamminga"
<newsgroups@NeOtammiSnPgAaM.nl> wrote:
- Posted by Craig Johnson on February 29th, 2004
I tried bridging over a GRE tunnel once; I had a terrible time of it. You
should probably look into using DLSw+ for this. This is what its designed
for, and you can encrypt it via IPSEC. This is probably the best way to do
it. I've never done L2TPv3 VPNs before; they may work better.
Craig Johnson, CCIE #6965
"Rob" <bobh1234@hotmail.com> wrote in message
news:mj31409micqi1rj4efk9b89rqesijq7i6s@4ax.com...
- Posted by Rob on February 29th, 2004
I didn't think of DLSW. It routes any layer 2 packet, not just
SNA/NetBIOS?
On Sun, 29 Feb 2004 11:31:27 -0600, "Craig Johnson"
<cjohnson6965@spamno.nospam.comcast.net> wrote:
- Posted by Craig Johnson on February 29th, 2004
DLSw+ will pass all of your ethernet frames. What makes it so powerful for
applications like this is that you can restrict communication between MAC
addresses, which will lower the bandwidth you use. You can also
troubleshoot issues much more effectively with DLSw+. Now, the only thing
you need to worry about is performance. Layer 2 tends to be a little delay
sensitive, and you might have issues going over the internet. This applies
to whatever technology you decide to use, though.
Craig Johnson, CCIE #6965
"Rob" <bobh1234@hotmail.com> wrote in message
news:n3e44096m547rusmmp8hjh87omfog5k4j4@4ax.com...
- Posted by Rob on March 1st, 2004
I asksed the TAC. They said DLSW will not work, but L2TPv3 is what I
want. Reading up on it.......
On Sun, 29 Feb 2004 14:58:31 -0600, "Craig Johnson"
<cjohnson6965@spamno.nospam.comcast.net> wrote:
- Posted by Craig Johnson on March 1st, 2004
L2TPv3 is a great technology, and probably will be what you want. However,
it's really new and requires 12.3T, which I'm not prepared to run yet.
They are wrong about DLSw+, though. It will bridge anything in ethernet.
You have to use a BVI and not put an IP on the ethernet interface, but it
will work. I'm not sure why they would have told you that it doesn't. They
may not support this configuration, though. If you've got the means, use
L2TPv3. It's definitely the way to go.
Craig Johnson, CCIE #6965
"Rob" <bobh1234@hotmail.com> wrote in message
news:3qh6409n9872nogefjl0uqtt6b81qqafub@4ax.com...
