|
Customer wants virtual tunnel accross our networkWe have a customer whom is paying a fair price per month at the moment for a 10Mb semi-dedicated connection from us. He only wants it for his private cinema which uses apple tv and spotify around the house. At the moment he has his own cisco router at the house, and we just route a public to it over privates via PPPoE. He has been having qos issues recently, and would like to avoid our traffic shapers at the core. So what I was suggesting was for us to place a rb750 or similar at the customers home, and run an EOIP tunnel from it right back to our RB1200 router at the core. From here, the core, I was going to just bridge an ethernet port with a private ip on it back to the end of the tunnel and route the public over the tunnel somehow back to the wan port of the customers cisco router.
I would like to hear how anyone else would go about doing this, or is the way I just explained the norm? It would be nice to do it right at the start. I would also like to know how I would just route the public from our WAN on the core router and out accross the tunnel. |
|
InssomniakThe Glitch Premium Member join:2005-04-06 Cayuga, ON |
said by Bigpaddy_Irl:We have a customer whom is paying a fair price per month at the moment for a 10Mb semi-dedicated connection from us. He only wants it for his private cinema which uses apple tv and spotify around the house. At the moment he has his own cisco router at the house, and we just route a public to it over privates via PPPoE. He has been having qos issues recently, and would like to avoid our traffic shapers at the core. So what I was suggesting was for us to place a rb750 or similar at the customers home, and run an EOIP tunnel from it right back to our RB1200 router at the core. From here, the core, I was going to just bridge an ethernet port with a private ip on it back to the end of the tunnel and route the public over the tunnel somehow back to the wan port of the customers cisco router.
I would like to hear how anyone else would go about doing this, or is the way I just explained the norm? It would be nice to do it right at the start. I would also like to know how I would just route the public from our WAN on the core router and out accross the tunnel. EOIP is extremely inefficient. use a VLAN. I think in your case (bridged network) its simple to implement. |
|
warwick join:2009-06-05 Hollywood, FL |
As Inssomniak mentioned... Eoip is not incredibly efficient although it has it's uses.
If you have a routed network and can ensure end-to-end connectivity then I'd really look into establishing an mpls based' network and using vpls to created routed virtual lans.
Not really difficult if you have a routed network from end to end. If you can post a diagram of your current setup it'll help. |
|
InssomniakThe Glitch Premium Member join:2005-04-06 Cayuga, ON |
to Bigpaddy_Irl
+1 for the MPLS. |
|
|
|
to Inssomniak
Can you explain how EOIP is insufficent? What are its draw backs and why? |
|
TomS_Git-r-done MVM join:2002-07-19 London, UK |
TomS_
MVM
2012-Dec-17 5:59 pm
Protocol overheads I would say.
Each tunnelling protocol has a number of bytes of overheads for each packet that gets carried. This increases the utilisation of your links, and also reduces the effective MTU available to your payload.
Link utilisation might be the least of your worries, but a reduction in MTU can have bigger consequences, like reduced performance due to the need to send a higher number of smaller packets, and perhaps connectivity issues if end hosts dont correctly account for the lower MTU and try to blast 1500 byte packets through. |
|
InssomniakThe Glitch Premium Member join:2005-04-06 Cayuga, ON |
to Bigpaddy_Irl
Mikrotiks EoIP fragments every packet, if it needs it or not, and adds to each packet (on top of the regular headers) a header for EoIP so it can get reassembled at the other end. It will allow a 1500 byte packet, split in 2. |
|
|
to Bigpaddy_Irl
VLAN will also be less CPU overhead than almost any other option. MPLS is damn fast, but it's not trivial to setup. VLAN is pretty easy, doesn't frag, and will also give you visibility into the traffic if needed. |
|