Take a look on this page (Cisco didn’t update it with new models for a long time ) http://www.cisco.com/c/en/us/td/docs/routers/asr1000/configuration/guide/chassis/asrswcfg/scaling.html

The 1002 is limited to 12K
We didnt test the 1002-x but on a 1004 with ESP-20 and RP2 we cross the 32K L2TP sessions without a problem (48K and even 64K for short time )  but it is not recommended to cross the limits

>
> BTW, any ideas  on the first question? 🙂 that is, realistic numbers
> of active broadband users on a 1002 with a 24K license?
>
> > You may actually want to look at summarizing this. The best practice
> would
> > be to have a per-LNS pool (either locally managed or from RADIUS)
> > and advertise the summary from the LNS up to the network.
> > You may need to redistribute also connected routes for “fixed IP”
> services
> > where a user may have a custom IP from the RADIUS.
> >
> > Not summarizing means that every connection (and disconnection) is a
> > BGP update driving your CPU utilization across the BGP domain…

> >> Secondly, how does one handle running two LNS servers? How does the
> >> border router know which edge (LNS) to forward too for a particular
> >> IP?
> >
> >      I do it with iBGP where my router is advertising individual /32’s.
> > Yes it makes the route tables longer but it works well in my environment.
> > YMMV.

Under each Ethernet service instance you can define the following.

1) What frames arriving from the trunk port are to be associated with the particular service instance.
-that is accomplished with the “encapsulation” command.
-in your case “encapsulation dot1q 1048” dictates that service instance 10 will accept only frames with top VLAN tag 1048 followed by any subsequent VLAN tag(s) or data(IP packet).

2) Ingres VLAN tag manipulation removing, adding or translating 1 or 2 topmost tags.
-that is accomplished with the “rewrite” command.
-in your case pop-ing the first/single topmost VLAN tag.

3) Bridging operation aka what to do next with the frame (complete frame i.e. data and possibly adjacent/remaining VLAN tags).
-that is accomplished with the “bridge-domain” command.
– in your case the frame ends within bridge-domain 10.

IP interface for bridge-domain 10 is interface vlan 10.
But as Pshem already mentioned IP operation can be done only on untagged frames.

Though I don’t understand, how the service is supposed to operate, from your other email.
Because if the provider is creating a platform for the hub and spoke setup than they are responsible for pop-ing the top tag 1048.

>
> I am trying to configure an interface on a ME3600 to accept Q in Q
> from a provider. The p-vlan the provider is using is 1048 and they are
> carrying customer vlans (c-vlan) 1058-1098, one from each site. I’m
> new to the 3600 and have not done Q in Q on it yet. I’ve worked up
> this much of the config but it does not seem right. Can anyone give me
> some pointers or links to help me along ? I’ve only got one customer site configed, there will be 14.
>
>
> !
> vlan 1048
>  name WINDSTREAM
> !
> vlan 1058
>  name WINDSTREAM-HOBBS
> !
> interface GigabitEthernet0/6
>  description Windstream VLS IP.LVXX.xxxxxx..WCI.001  port-type nni
> switchport trunk allowed vlan none  switchport mode trunk  service
> instance
> 10 ethernet
>   encapsulation dot1q 1048
>   rewrite ingress tag pop 1 symmetric
>   bridge-domain 10
>  !
> !
> interface Vlan1048
>  description Windstream VLS
>  no ip address
> !
> interface Vlan1058
>  description WINDSTREAM-HOBBS
>  ip address xxx.xx.xx.1 255.255.255.0
>
>
>
> Thanks,
>
> James