01-21-2014 09:58 PM
Is there some way you can assign more than one VLAN per layer 2 GRE tunnel? I guess I'd really like to have a 'GRE dot1q trunk'. At present all I know about doing this is creating one tunnel per VLAN.
I'd like a big guest network, but I'd like to assign a VLAN pool to it to break up the broadcast domain, I'd like to bridge the VLANs across a GRE tunnel as I find offloading the defautl gateway of a guest from the main controller to a DMZ controller very desirable (I am currently routing multiple VLANS across a layer 3 GRE tunnel)
Anyone addressed this kind of capacity issue to events ~2000 nodes plus?
Solved! Go to Solution.
01-21-2014 11:06 PM
I guess what I am really trying yo achieve here is not having to create 10 (or 20 tunnels including fault tolerance) between internal and DMZ controllers per VLAN, and looking to have a single IP used only.
I'd rather not assign a /16 address block for broadcast domain reduction.
01-22-2014 03:27 AM - edited 01-22-2014 03:27 AM
The configuration syntax is there to support multiple VLANs in a single static GRE tunnel yes. My 22.214.171.124 controller allow me seemingly to put lots of VLANs in it (hundreds). My understanding is that the VLAN IDs are retained within it.
I can't say I've implemented it on that scale though, so couldn't comment on performance. I've done a few with a couple of VLANs in GRE inside IPSEC (public traversal). I supose as long as the controller is a big one, and the network topology throughout could sustain the tunnel scale/potential, it sounds like a reasonable idea (unless the Aruba guys say different).
Personally, I'm not a big fan of these architectures, but in some cases, it's needed of course.
01-22-2014 03:32 AM
you should be able to add multiple VLANs to the the "tunnel vlan" command of the tunnel interface. You should be able to use a "," or "-" to designate multiple. For example:
interface tunnel 500
tunnel vlan 500-510
interface tunnel 500
tunnel vlan 500,505,510
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX