On 11/18/2012 6:20 PM, Andrew Miehs wrote: > Although not a bad idea, it will be a little difficult to convince > management that we now want to replace the controllers. > The reason for MPLS is that we could just hang all the wireless gear off a > wireless only PE, rather than requiring an extra hop from a CE. > This is a large campus network, and I am a big believer in collapsed PE/CE > for this type of environment.
You can "VRF-Lite" this arrangement without MPLS. We run our wireless (Aruba, but similar central controller) with APs/Controllers in their own VRF, and the userland SVIs from the controller split across multiple VRFs depending on the resulting wireless role for the user. Simple trunks work just fine with a dedicated vlan per VRF as the backbone link, no need for official MPLS here. There is the issue of tunneling the APs back to the controller... for remote sites, if you can't encapsulate the MPLS layer-2 connectivity, you can of course just let it tunnel naturally (assume the Cisco's can do that like the Aruba's) back to the controller. For remotes, we use IPsec VPN and bring it back a little more securely than plain public internet tunneling would provide. > The other issue is that we will still need a router to host all the SVIs. > All of our "routers" are 6500s or smaller switches and the number of > wireless users we have causes quite a load on the CPU - so regardless, we > would still need to buy an additional router. We used to use 3750s, but they will max out at 6K mac addresses. We have an intermediate 4500 now that seems to be handling the load. Jeff _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
