![background image](http://html.mh-extra.com/html/cisco/sce-1000-and/sce-1000-and_configuration-manual_64496172.webp)
6-6
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 6 Configuring the Line Interface
Tunneling Protocols
Limitations for VPN mode
Mutually exclusive system modes
When the system is working in VPN mode, the following modes are not supported:
•
TCP Bypass-establishment
•
DDoS
•
Value Added Services (VAS) mode
Number of MPLS labels
•
The choice of the unique VPN site must be based on the BGP label only. The BGP label must be the
innermost label.
•
The MPLS/VPN solution supports various combinations of labels.
•
The system does not support VPNs for which other MPLS-related features, such as MPLS-TE or
MPLS-FRR, are enabled
Subscriber-related limitations
•
The SM must be configured to operate in Push mode.
•
Introduced subscriber aging is not supported when using VPN-based subscribers
Topology-related limitations
•
An asymmetrical routing topology in which the traffic may be unidirectional, is not supported, since
the identification of the VPN relies on the bidirectional nature of the traffic for various mechanisms.
TCP-related requirements
•
Number of Upstream TCP Flows – There must be enough TCP flows opening from the subscriber
side on each PE-PE route in each period of time. The higher the rate of TCP flows from the
subscriber side, the higher the accuracy of the mechanism can be.
VPN configuration requirements
•
Two VPN sites must be aggregated into one VPN if the following conditions are both true:
–
They are both connected to the same SCE platform
–
They both communicate with a common remote site using the same upstream labels and P
router.
•
In MPLS-based VPNs (MPLS auto-learn mode), a subscriber MAY NOT have IP mappings over
more than one VPN
•
In VLAN-based VPNs (VLAN symmetric classify mode), a subscriber may have IP mappings over
more than one VPN, but only if the IP mappings are the full range of the VPN (0.0.0.0/0). (This
option is provided for backwards compatibility, supporting legacy multi-VLAN subscribers.)
Selecting the Tunneling Mode
Use these commands to configure tunneling:
•
ip-tunnel
•
vlan
•
mpls
•
L2TP identify-by