VLAN communication over WAN

Need a little clarification.

Lets say I have two branches, I want each branch to have the same vlans (based on departments).
Now I get how this would work locally with departments (vlans) just communicating within their own subnet and using inter-vlan routing for any communication between departments.
But I also want the same vlans on the other branch and for them to communicate across a WAN as though it's a big LAN, which is not possible if I'm using the same subnet right? I have to use a different addressing scheme?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

OctalDump

You probably would not want to have VLANs traversing slow WAN links for a whole bunch of reasons. It's doable, probably the 'simplest' way would be to use a layer 2 vpn.

But if what you mean is to just reuse a VLAN scheme across multiple sites, then that could be reasonable. Like if every site used VLAN 10 for Voice, VLAN 99 for management, and VLAN 103 as the blackhole default. These are layer 2 issues. It would analogous to using the same (or similar) physical layout eg these switches, these routers, these ports as trunks, these ports as uplinks etc. Some of this can actually be good practice, as a standard configuration can be easier to manage, so less prone to error.

You'd terminate the VLANs at the site in this case - maybe even at a switch level - and they definitely wouldn't traverse the WAN.

Depending on your needs you might be able to reuse subnets, it comes down to whether they need to be routed across sites. Something with only local significance for example AV equipment control. In general you would want

pinkiaiii

well frame relay has multiple sub interfaces ,then you can encapsulate whole interface or just summarize whole range of vlans into single address ,tried playing on packet tracer with ppp relay but didnt manage to set it up right,thus wouldnt mind remembering whole vlans and trunks.

Since my thinking is you do create whole vlans 1,20,30,40 set trunk port going towards router and native vlan then on routers sub interface do s0/0/0.1,2,3,4 encapsulations dot1q and set whole s0/0/0 to encapsulation frame-relay,reverse on other side and g2g ?

networker050184

What you're looking for is VPLS type service. There is rarely an actual technical need for L2 connectivity over a WAN though.

james43026

networker050184 wrote: »

What you're looking for is VPLS type service. There is rarely an actual technical need for L2 connectivity over a WAN though.

I agree on this. You would want to use a layer 2 VPN service lke VPLS, metro ethernet, dark fiber, something along those lines. You could also connect the sites using a site-to-site VPN over the internet if you wanted to save a lot of money.