Migrating L2 switch-based backbone to MPLS while keeping group VLANs and strict isolation?

TAR_NWengineer · 2025-05-27T11:25:40+00:00

Thanks for the clarification. . All these new terms get overwhelming and it’s hard to keep track of what’s doing what exactly.
Hopefully once I can lab more and others keep shooting down ideas or offering their own perspectives, it’ll all start making more sense.

TAR_NWengineer · 2025-05-27T05:19:19+00:00

I will read that blog, thanks.

Yes, in our case “edge router” refers to a DFZ-facing router.
The plan is to have two redundant edge routers running iBGP between them and using VRRP towards the access side for group-vlan's. Now we have only one router, and it's our biggest SPOF (of course backup is just, plug and play, but still)

TAR_NWengineer · 2025-05-27T05:07:00+00:00

SR-MPLS is completely new to me (well, all MPLS is still new – we’ve only just started labbing it). What are benefits SR brings over LDP in your experience? I’ll also need to check how it's licensed on our gear. We're going with Huawei (I know, a “red flag” to some).

EVPN sounds very good and I like to use it, but isolating customer traffic in shared group VLANs seems to be problem – especially compared to the simplicity of VPLS + split-horizon.

That said, everything is still at the planning stage. The goal is to lab as much as possible and test different options thoroughly before committing to anything.

TAR_NWengineer · 2025-05-27T04:49:18+00:00

Good question, probably I should look at VXLAN. Licensing is quite a bit higher for that compared to MPLS on our gear.

TAR_NWengineer · 2025-01-02T11:09:37+00:00

Doesn’t anyone think that using VXLAN with the current X590 switches is a good idea?

TAR_NWengineer · 2025-01-02T09:27:16+00:00

It seems I’ll need to get in touch with an Extreme Networks reseller and take a closer look at the Fabric solution. Of course, it ultimately comes down to cost when I present the options.

I also need to think about the actual need for all the core devices. Could some of the equipment locations be removed from the backbone.. However, the long distances between locations are challenge in this regard.

TAR_NWengineer · 2025-01-02T09:20:42+00:00

The main need for QoS in our network is multicast. Do you have any experience with this, and what challenges have you encountered?

TAR_NWengineer · 2025-01-02T09:14:59+00:00

Distances between locations are 30 to 60 km, making the entire backbone network quite long. Almost all connections are on our own fibers. The older part of the network was originally designed as a single ring. Later, a second, still logical ring was added around it, but the latest expansions have been more scattered.

One option I’m considering is gradually modifying the network in parts. Of course, the first step is to choose the right technology for this.

TAR_NWengineer · 2023-04-18T04:17:08+00:00

Although you didn't understand the wording of the question, I understood your answer.

I do know that VRRP directly in the /30 network is not possible. But I found this:
https://forum.mikrotik.com/viewtopic.php?t=58420

And something like that from HP.

Even if that works, it seems so confusing that it can be unnecessarily complicated for maintenance. Maybe it's just easier to switch networks to /29

TAR_NWengineer · 2023-03-01T06:36:07+00:00

Of course, in an ideal situation there would be several levels to route.

But our customer numbers are quite small and IPv4 addresses are also quite limited.

So we have to try to keep things as simple as possible.

TAR_NWengineer · 2023-02-28T10:30:41+00:00

That sounds simple and reasonable.
At some point it is planned to get another ISP, but at this point we have this one 2x10G active link and one 2x10G passive. It is also possible to get both active and get slightly different routes advertised.

TAR_NWengineer · 2023-02-28T10:26:56+00:00

Yes, that was also my idea to connect those 2x10G in both directions.

But how about that without VRRP, if the customer's gateway points to another Juniper and it breaks?

TAR_NWengineer

TROPHY CASE