Hello AdTran Community!
I'm trying to do something that may or may not even be possible and I need some help.
We've purchased a Layer 3 MPLS connection between our Data Center in Canada and our branch office in Portland. I need to forward all traffic from the Portland Branch Office via this MPLS link with separation between various subnets for security requirements (segregating Wireless access from normal LAN activities for example.)
We also need to forward our internal OSPF routing protocol between the two sites so our internal routers know about each other.
My first idea was to use a GRE tunnel between my two CE routers (both AdTran NetVanta 3430s.) This works for the OSPF traffic and for normal network activity but I'm having major fragmentation problems and I don't have the ability to separate the Wireless from the Trusted traffic. So, the GRE tunnel needs to be replaced by something else.
It is my understanding that a "normal" IKE/IPSEC VPN wouldn't work either as the OSPF traffic would not be forwarded. It would help for the segregation of traffic since I can create a VPN tunnel for each subnet. I've also run into additional problems with getting the two ADTRAN routers to form a Security Association.
What I'm thinking of doing now is establishing my own VPLS (MPLS L2 VPN) that runs on-top of the MPLS network provided by my service provider. So, my ADTRAN routers will become PE with myself as the provider and the internal routers that they're plugged into will become my CE. That way I can create various sub-interfaces for the various network types for segregation and will still be able to pass OSPF between my internal routers.
What I don't know is how to do this (if it's even possible) using the ADTRAN NetVanta 3430's that I currently have.
I have attached a quick and dirty network diagram showing my current network topology with the GRE tunnel.