MPLS & Internet

calvinj

[H]ard|Gawd
Joined
Mar 2, 2009
Messages
1,738
So were starting to dabble in MPLS through our ISP. Currently we have two locations and the only reason why were looking is the fact our voice quality is in the shitter. We are working with them to get a private mpls (no internet across this). Should be straight forward setup.

Couple things I thought I might get input from you guys.

Do you guys force internet through your HQ location or do you have separate internet at each location? How big of a connection do you guys have between sites? Did you have to provide your own routers / firewalls to terminate the mpls connection or did the ISP provide it. If you had to provide your own equipment can you mention what you used? Anything else about the MPLS connection?
 

MikeTrike

[H]F Junkie
Joined
Nov 16, 2005
Messages
11,484
Forcing it all through a single choke point is easier to firewall I would think. However any provider should be able to provide it multi-layered where each site is drilled into the MPLS network and also goes out the public internet independently at each site still. Of course you'd still need to have QoS in place for VoIP traffic, etc.

Cisco is almost always good for these types of things. 1.5Mb T1's on up to whatever you can get, it really depends on what your provider(s) in the area offer.
 

Macco

Limp Gawd
Joined
Oct 15, 2010
Messages
148
Generally your SP will provide the equipment to terminate the circuit and configure a port for you to hook your equipment up to. As far as what they use for the CE router it varies based on the specific requirements but most Cisco routers from the 870 on up can function as a CE.

As far as your topology goes it depends on what you want/need. Tunneling everything back to your main office makes things such as firewalling and content filtering easier to do, however you've got a single point of failure if the link to the internet goes down. With separate internet links at each site you'd essentially have a backup connection if you felt like configuring it for that.

Another thing to look out for as well, though I'm not sure if it applies to you, is QoS over an MPLS link is a bit tricky due to the way it maps DSCP to TC on the MPLS Label when it enters the SP network. A couple good articles that explain it more indepth.

http://etherealmind.com/dscp-qos-over-mpls-thoughts/

http://blog.ioshints.info/2010/10/qos-over-mplsvpn-networks.html

Quite a few MPLS/MPLSVPN articles on IOS Hints and Tricks if you're interested, though a lot of them pertain to DC to DC scenarios a lot of the info is still relevant.
 
Top