It is currently Fri Dec 13, 2019 9:36 am


All times are UTC




Post new topic Reply to topic  [ 8 posts ] 
Author Message
 Post subject: Q-in-Q switching method vs. Quad NICs method
PostPosted: Sun Dec 15, 2013 2:05 pm 
Offline

Joined: Sat Nov 17, 2012 7:01 pm
Posts: 21
Back to the forum after a very long time, so hi to all my great and knowledgeable friends out there.

So, the scenario is that I was comfortably working with the quad-NICs (PCI-X) option until I started facing weird problems with my lab-PC and I had to sell it away recently. The problem is that I can no longer find any old workstation systems in the local market here in which I could get at least 3 PCI-X slots.

Now I was wondering if I can sell the quad-NICs or get them traded with another switch to be used as a break-out switch, in which case I'll have to deal with Q-in-Q. But before I finalize this decision, I need to know what are, or could be the drawbacks of forfeiting the quad-NICs in favor of a break-out switch. Will I be able to achieve the same functional results in GNS with Q-in-Q (apart from another level of tagging) as with quad-NICs or I'll face discrepancies during complex and advanced labs?

Appreciate your precious responses and suggestions.




Top
 Profile  
 
 Post subject: Re: Q-in-Q switching method vs. Quad NICs method
PostPosted: Sun Dec 15, 2013 11:55 pm 
Offline

Joined: Tue Jul 17, 2012 1:34 pm
Posts: 214
rlakhani11 wrote:
Back to the forum after a very long time, so hi to all my great and knowledgeable friends out there.

So, the scenario is that I was comfortably working with the quad-NICs (PCI-X) option until I started facing weird problems with my lab-PC and I had to sell it away recently. The problem is that I can no longer find any old workstation systems in the local market here in which I could get at least 3 PCI-X slots.

Now I was wondering if I can sell the quad-NICs or get them traded with another switch to be used as a break-out switch, in which case I'll have to deal with Q-in-Q. But before I finalize this decision, I need to know what are, or could be the drawbacks of forfeiting the quad-NICs in favor of a break-out switch. Will I be able to achieve the same functional results in GNS with Q-in-Q (apart from another level of tagging) as with quad-NICs or I'll face discrepancies during complex and advanced labs?

Appreciate your precious responses and suggestions.


Breakout switches are a great way way to integrate real switches into GNS3, and are nice because they don't require extra adapters in your PC (as you already pointed out).

In my experience they work best if you use an OS like Ubuntu Linux. The reason for this is that other OS's (like OS X and Windows) may strip the VLAN tags from from frames as they leave GNS3 on their way to the breakout switch. Without the proper VLAN tagging, your breakout switch won't know how to forward the frames from the breakout switch to your other live switches.

_________________
J.Neumann, GNS3 Contributor & Forum Moderator (Minion ID: sin.zx81.1981ad)
Author: Cisco Routers for Small Business (Apress)


Top
 Profile  
 
 Post subject: Re: Q-in-Q switching method vs. Quad NICs method
PostPosted: Mon Dec 16, 2013 7:15 am 
Offline

Joined: Sat Nov 17, 2012 7:01 pm
Posts: 21
Thank you very much Jason.

That's exactly what I was thinking of, that is, converting to Ubuntu Linux due to this VLAN stripping issue in windows (tried almost everything from drivers to registry fiddling, but for absolutely NO good). But:

1. What about the CCIE lab technologies themselves? The MTU on the PC/break-out switch will need to be adjusted to accommodate the extra tag alright. But apart from that, will this double-tagging in any way have adverse effects on GNS while working on very complex and advanced topologies, with multiple Layer 2/Layer 3 technologies working in tandem?

And one little out-of-context query:

2. In the Linux scenario, will the tags from the virtual routers automatically be kept intact while leaving the PC (with no extra configuration), or I'll have to create/configure the respective VLANs in Linux and map them between the clouds and routers' ports?


Thanks a lot once again.


Top
 Profile  
 
 Post subject: Re: Q-in-Q switching method vs. Quad NICs method
PostPosted: Mon Dec 16, 2013 10:15 pm 
Offline

Joined: Tue Jul 17, 2012 1:34 pm
Posts: 214
I've only used a breakout switch in rudimentary CCNP scenarios but hopefully this will answer some questions, and get you started.

Quote:
1. What about the CCIE lab technologies themselves? The MTU on the PC/break-out switch will need to be adjusted to accommodate the extra tag alright. But apart from that, will this double-tagging in any way have adverse effects on GNS while working on very complex and advanced topologies, with multiple Layer 2/Layer 3 technologies working in tandem?


It shouldn’t since GNS3 packets are merely passing through the breakout switch. In other words, neither Linux nor the breakout switch itself is part of your GNS3 topology. Your GNS3 devices will think they are directly connected to any real switches that are connected to the breakout switch.

Quote:
2. From the break-out switch, every connection towards the switches need to be through a tunnel-port (correct?). If that's the case, the other end must be a trunk, which should work just fine everywhere else except layer-3 ports on the 4x switches which can't be the trunk. How to overcome that scenario?


Right. Trunking occurs from Linux to the breakout switch, and tunneling occurs from the breakout switch to your live switches. Tunneling allows GNS3 devices, like routers, to think they are directly connected to your real switches. But the ports on the live switches (the ones connected to the breakout switch) are not configured with trunking. Instead, you can assign them to a VLAN used in your GNS3 project. However, my understanding is that the the Cisco model of your breakout switch is important to ensure full L2 and L3, and CDP compatibility. To get full functionality, you’ll need to use a 3750 with an IP services image. I've only used a 3550 as a breakout switch and it works fine for me, but does limit what CDP information I can see between devices.

Quote:
And one little out-of-context query:

3. In the Linux scenario, will the tags from the virtual routers automatically be kept intact while leaving the PC (with no extra configuration), or I'll have to create/configure the respective VLANs in Linux and map them between the clouds and routers' ports?


You’ll create the VLANs in Linux and then add the VLAN interfaces to a Cloud node using Generic Ethernet interfaces from the NIO-GEN pulldown (for example using nio_gen_eth:eth0.10 for VLAN 10, or nio_gen_eth:eth0.20 for VLAN 20). Here's a quick run down on configuring a breakout switch using two VLANS - 10 and 20).

Configuring Linux:
$ sudo apt-get install vlan
$ sudo modprobe 8021q
$ sudo ifconfig eth0 mtu 1546
$ sudo vconfig add eth0 10
$ sudo vconfig add eth0 20

Configuring your Breakout switch:
Breakout(config)# system mtu 1546
Breakout(config)# vtp mode transparent
Reload the switch...

-- configure a trunk from the breakout switch to your PC and GNS3 --
Breakout# configure terminal
Breakout(config)# interface FastEthernet 0/0
Breakout(config-if)# switchport trunk encapsulation dot1q
Breakout(config-if)# switchport mode trunk
Breakout(config-if)# switchport trunk allowed vlan all

-- configure vlans and uplink ports to real switches (tunneling) --
Breakout(config)# vlan 10
Breakout(config-vlan)# vlan 20
Breakout(config-vlan)# exit
Breakout(config)# interface FastEthernet 0/1
Breakout(config-if)# switchport access vlan 10
Breakout(config-if)# switchport mode dot1q-tunnel
Breakout(config-if)# l2protocol-tunnel cdp
Breakout(config-if)# interface FastEthernet 0/2
Breakout(config-if)# switchport access vlan 20
Breakout(config-if)# switchport mode dot1q-tunnel
Breakout(config-if)# l2protocol-tunnel cdp

I hope this gets you going... best of luck!

_________________
J.Neumann, GNS3 Contributor & Forum Moderator (Minion ID: sin.zx81.1981ad)
Author: Cisco Routers for Small Business (Apress)


Top
 Profile  
 
 Post subject: Re: Q-in-Q switching method vs. Quad NICs method
PostPosted: Tue Dec 17, 2013 7:54 am 
Offline

Joined: Sat Nov 17, 2012 7:01 pm
Posts: 21
Jason,

Thanks very much for the detailed response.
Jason wrote:
But the ports on the live switches (the ones connected to the breakout switch) are not configured with trunking. Instead, you can assign them to a VLAN used in your GNS3 project.

I found this in dot1Q tunneling section of 3750 configuration guide:
"Customer traffic tagged in the normal way with appropriate VLAN IDs comes from an IEEE 802.1Q trunk port on the customer device and into a tunnel port on the service-provider edge switch. The link between the customer device and the edge switch is asymmetric because one end is configured as an IEEE 802.1Q trunk port, and the other end is configured as a tunnel port."

And I'm grateful for the detailed linux config that you shared. But that raises another question. The "Direct VLAN Mapping" guide on GNS3 website does show router sub-interfaces connecting to a single VLAN, but GNS3 does not allow connection to virtual routers at a sub-interface level and only the main interface could be connected to a VLAN/PC physical port. So not sure how it could be done. Please share your experience if you've successfully tried it.

Also, if I were using the quad-NICs option, would it have been possible to make router sub-interfaces reachable without creating a linux VLAN? Or dot1q tunneling is the only way?

Thanks.


Top
 Profile  
 
 Post subject: Re: Q-in-Q switching method vs. Quad NICs method
PostPosted: Wed Dec 18, 2013 6:28 pm 
Offline

Joined: Tue Jul 17, 2012 1:34 pm
Posts: 214
I've successfully done this quite a few times. I'll break out my switches and a Linux box today, and post the exact configurations for you this evening.

Cheers!

<EDIT / UPDATE>

Okay. I pulled my gear out of the cellar, and configured a breakout switch. My instructions above are correct with the caveat that you have to elevate the permissions on dynamips or run GNS3 as root, and you should use a NIC that supports an MTU frame size above 1500. The elevated permissions allow GNS3 to communicate directly with your Ethernet hardware, and the expanded MTU adds padding for VLANs.

In this example, I created simple VLAN routing using a breakout switch (c3550) and one real Cisco switch (c1811). This topology allows two GNS3 routers (on separate networks) to ping each other through the live 1811 switch. I could have added more live switches and created a more complex topology, but I kept it simple. I'm using GNS3-0.8.6 on Ubuntu Linux 12.04.

Here are the Physical Ethernet Connections:
c3550 Breakout F0/1 -------> Linux PC Ethernet
c3550 Breakout F0/2 -------> c1811 F02
c3550 Breakout F0/2 -------> c1811 F03

Here is one way to elevate dynamips permissions on Linux:
$ sudo chown root dynamips*
$ sudo chmod 4755 dynamips*

Configure the Linux VLANs used for the breakout switch
$ sudo apt-get install vlan
$ sudo modprobe 8021q
$ sudo vconfig add eth1 10
$ sudo vconfig add eth1 20

Note: Your Linux system may use eth0 instead of eth1

Next, I added a Cloud node to my GNS3 Workspace and added the VLAN insterfaces (using Generic Ethernet):
Image
Note: Use the pulldown menu to select and add the nio_gen_eth:eth1.10 and nio_gen_eth:eth1.20 interfaces.


I completed my topology by adding a couple of routers and linking them to Linux VLAN interfaces on the Cloud node:
Image

Now that my GNS3 project is created, I moved on to configure the c3550 breakout switch:
(c3550 using IOS Version: c3550-ipbasek9-mz.122-44.SE6)

Configuring your Breakout switch:
Breakout(config)# system mtu 1546

Breakout# configure terminal
Breakout(config)# interface FastEthernet 0/1
Breakout(config-if)# description Uplink Trunk to Linux\GNS3
Breakout(config-if)# switchport trunk encapsulation dot1q
Breakout(config-if)# switchport mode trunk
Breakout(config-if)# switchport trunk allowed vlan all

! create the breakout switch VLANs using same VLAN IDs as Linux)
Breakout(config)# vlan 10
Breakout(config-vlan)# vlan 20
Breakout(config-vlan)# exit

! enable tunneling
Breakout(config)# interface FastEthernet 0/2
Breakout(config-if)# switchport access vlan 10
Breakout(config-if)# switchport mode dot1q-tunnel
Breakout(config-if)# l2protocol-tunnel cdp

Breakout(config-if)# interface FastEthernet 0/3
Breakout(config-if)# switchport access vlan 20
Breakout(config-if)# switchport mode dot1q-tunnel
Breakout(config-if)# l2protocol-tunnel cdp

Finally, I configured my c1811 switch. It's important to note here that the 1811 ports connected to the breakout switch are not configured as trunk ports, as you proposed. Instead, I've assigned them to VLANs that I chose to use in my GNS3 project. These VLANs have nothing to do with the breakout switch VLANs.

Create VLANS 101 and 101, then assign them each to an interface:

c1811(config)# interface FastEthernet2
c1811(config-if)# switchport access vlan 101

c1811(config)# interface FastEthernet3
c1811(config-if)# switchport access vlan 102

c1811(config)# interface vlan101
c1811(config-if)# ip address 10.10.10.1 255.255.255.0

c1811(config)# interface vlan102
c1811(config-if)# ip address 20.10.10.1 255.255.255.0


The last step is to configure the routers. Here is my configuration for R1:

R1(config)# interface f0/0
R1(config-if)# ip address 10.10.10.100 255.255.255.0
R1(config-if)# ip route 0.0.0.0 0.0.0.0 10.10.10.1

...and router R2:

R2(config)# interface f0/0
R2(config-if)# ip address 20.10.10.100 255.255.255.0
R2(config-if)# ip route 0.0.0.0 0.0.0.0 20.10.10.1

That's all there is to it. My R1 router is now able to ping R2 and vise versa. A ping request leaving R1 goes through the dot1q trunk to the breakout switch via my PCs ethernet adapter, where it is tunneled to an interface on my c1811 switch. The ping reply returns to R1 in revers order.

That's it. It's tested and it works. Now I'm going to lug my equipment back to the cellar. :D

_________________
J.Neumann, GNS3 Contributor & Forum Moderator (Minion ID: sin.zx81.1981ad)
Author: Cisco Routers for Small Business (Apress)


Top
 Profile  
 
 Post subject: Re: Q-in-Q switching method vs. Quad NICs method
PostPosted: Thu Dec 19, 2013 11:40 pm 
Offline

Joined: Sat Nov 17, 2012 7:01 pm
Posts: 21
Jason,

It's very nice of you to share the test configs as they could be really beneficial to me once I start using the break-out switch option.
Jason wrote:
It's important to note here that the 1811 ports connected to the breakout switch are not configured as trunk ports, as you proposed. Instead, I've assigned them to VLANs that I chose to use in my GNS3 project. These VLANs have nothing to do with the breakout switch VLANs.

I never proposed anything dude :). I only pasted what's in 3750 config guide. And it's really interesting that you were able to make it work without configuring the tunnel-facing interfaces as trunks. It'll only make it simpler.

Well thank you very much Jason, for all the help and advise. I think I'll avoid the mess of purchasing (after awaiting the availability) another PC. Q-in-Q with a break-out switch seems to be a very promising and productive option.


Top
 Profile  
 
 Post subject: Re: Q-in-Q switching method vs. Quad NICs method
PostPosted: Sun Jan 12, 2014 5:39 pm 
Offline

Joined: Sat Jan 11, 2014 6:53 am
Posts: 11
Just a foot note for those using Fedora 20, I found that after a reboot all of my vlans were gone. This appears to do with the modprobe 8021q not being active after a boot, if you install as a user with sudo or su. You need to do this as the root user and even then you may find that they are gone. To recover, run sudo modprobe 8021q from a terminal before you open GNS3
.
If you loose all your vlans also then you will need to repeat the following commands for your vlans.
$ sudo vconfig add eth1 10
$ sudo vconfig add eth1 20
etc...
I also found that a cloud will not remember all of the vlans attached to it, unless there is a router or switch installed on the connection too.




Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group

phpBB SEO