Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Contivity 1750 with Bonded T1s

Status
Not open for further replies.

AyrishGrl

Technical User
Feb 14, 2005
129
US
We have a site that is currently using a Contivity 1100 over a T1. They have maxed out their bandwidth and are still growing so it is time to look at a circuit upgrade. I was planning on bumping them to a Contivity 1750 and a frac T3, but everyone keeps offering us bonded T1s. I always thought VPN encrypted data would not work over bonded T1s. I guess that isn't entirely accurate. The tunnel will work, but the encrypted traffic will only take a single T1 and you will not get the benefit of multiple circuits. We force all traffic over the tunnel back to our corporate site so all traffic is encrypted. I do not want to agree to a bonded solution is this will not work for us. The telco says that they will give us an ethernet handoff and that to us it will appear as one circuit even though they are using bonded T1s. Will this work?
 
I hope someone can verify this but here is what I now:

Bonded T-1 providers use what is known as IMA,MPPP or ML-IP which will allow aggregated bandwidth for a VPN. Usually this is done with multiple "WICs" inside a router on each end; this is where you will get the ethernet handoff you spoke of.
Depending on your area there are some telco vendors that offer a product call "Gigaman & Optiman". This product provides true point to point ethernet across the WAN link.
I have had success with both the former and the latter but I must admit, I never verified that the VPN over the bonded T-1s are actually going over multiple T-1s simaltaneously.
I hope this is useful.
 
The bonded T1 would be fine, but don't take the Ethernet handoff..,MLPPP is typically what is used for this, and this is a standardized protocol over synchronous links that work just fine (esp at only a 3mbps line). Get the nailed up T, and dont take chances with an Ethernet conversion on one side or the other...(sounds like the provider is trying to kill 2 birds with one stone on transport). MLPPP will only work configured on both sides, and you want to ensure two true DS1 between sites for communication. The 1100s can handle it fine -even at 3DES throughput. They will appear as one interface anyway. We have run encrypted IpSec across MLPPP using T1s with no issue whatsoever.
I hope this is helpful
-HH
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top