How to configure a l2gre tunnel that bridges a vlan. Note hierarchical tagging, that is multilevel dot1q tagging qinq, is not supported. Qinq interfaces are capable of terminating qinq traffic and translating qinq tags. Cisco qinq more than one provider vlan svlan on dot1q. The technique is also known as provider bridging, stacked vlans, or simply qinq or qinq. For a complete description of vlan commands used in this chapter, refer to the cisco ios switching commands chapter in thecisco ios switching services. After configuring both the necs and hps vlan 128 to be a service vlan as outlined in the unit test sections endtoend communication was possible. Few things to remember while configuring qinq tunnel. A more convenient way to use qinq is the new dot1qtunnel vlan mode. Qinq allows multiple vlan tags in an ethernet frame. A lan consists of all devices in the same broadcast domain. When qinq vlan mapping is configured under interface, like. Here is a simple question that might just save might life. Dot1qtunneling is a method of transporting vlanencapsulated frames in vlanencapsulated frames qinq.
Today i will discuss how to configuring qinq vlan tunnels in cisco switch. The result will be that the two sites are logically trunked, meaning that they are able to send vlans across to each other through the service providers dedicated qinq vlan. Qinq can for supported devices apply to ctag stacking on ctag ethernet type 0x8100. Qinq tunneling this is the method basically used by service providers to preserve vlanids and to segregate traffic of different customers. The book opens by discussing layer 2 vpn applications utilizing both atom and l2tpv3 protocols and comparing layer 3 versus layer 2 providerprovisioned vpns. On the port between sw2 and sw3cisco, set the mtu to the max, this is to avoid packet drops exceeding the mtu due to qinq tagging. Qinq configuration being provider and customer edg. Qinq, or dot1q tunnels, are used by service providers to keep customer traffic separate at. Chapter 9 configuring qinq vlan tunnels information about qinq tunnels inner vlan id is the vlan of the incoming traffic as assigned by the customer. On the coreswitches there will be connected some servers, firewalls and connections. We should have similar options as for trunk allowed vlan list addremove. In this example, the provider is going to be using vlan34 as the qinq vlan.
You can also tunnel the customers cdp, stp, vtp, and cos values by using the following commands. Termination of qinq tunnels in mx80 jnet community. However, vlanenabled switches cannot, by themselves, forward traffic across vlan boundaries. Example configuring an ex series switch with cisco qin.
Egress vlans on the tunnel bridge port set vlan egress 10 tbp. The first step is to configure the trunk between our two backbone switches. If we take three ex series switches and want to configure qinq with layer2 tunneling, assuming the svlan is configured over all three switches, does the qinq configuration need to be configured on every switch or just the end switches from a theory point of view i am presuming this is just the end. This document discusses the vlan protocol and provides stepbystep instructions for configuring vlan routing using the dell powerconnect 6024 and powerconnect 33xx switches. Traffic between devices within the same vlan is switched. For example, if you configure a drop threshold of 900 pps and the vlan receives traffic at rate of. If you recall from part 1 we have had to do a bit of a mcgyver and loop a cable in and out of our switch to bring up the tunnel. In this lab we are going to join 2 sites of a customer network using qinq through our service provider sp. It is a best practice to use a vlan other than vlan 1 as the native vlan. Traffic between devices in different vlans requires a layer3 device to communicate. Heading 1, heading 2, heading 3, and block are in book.
Configuring layer 2 protocol tunneling technical documentation. At first login your switch then apply bellow command. Use the interface range command in global configuration mode to simplify configuring trunking. Vlans usually dont extend past the wan however there are new alternatives that exist today that allow vlan traffic to pass through a wan. One of metro ethernet solution to extend layer 2 ethernet connection between two customer sites is use 802. Sw2 switchport access vlan 34 switchport mode dot1qtunnel. The actual qinq configuration takes place entirely on the transport switches, no modifications are required on the customer equipment. Configuring qinq tunneling techlibrary juniper networks.
The logical separation provided by vlans is not a layer3 function. A customer may have his own set of vlan tags that needs to be transported transparently through a service provider network, so this is, in effect, an access port that doesnt care whether the frames received contain vlantags or not. If youve not caught on already the term vlan is used to describe a virtual lan. Quick explanation on vlan and qinq on 450 even vlan. Virtual lans vlan allow to share a single physical infrastructure same devices, same cabling among multiple logical lans. There are ways to accomplish this, like using gre tunnels, however, the easiest thing would be to either use a bridged vpn mutiple ones for each vlan subnet, or possibly configuring the virtual interface for the tunnel to tag traffic or just use a routed vpn and use vlans at each site, then let the end points route to the appropriate devices. Disable spanning tree on the tunnel bridge port and the port between the two routers so the tunnel bridge port does not block set spantree portadmin tbp. Broadcasts from one vlan will not be forwarded to another vlan. On top of 0x8100, there is also a service vlan ethertype 0x88a8, but that one should always be used in the ethernet header, so. Qinq concept is explained based on the diagram below. Customer switch site a and b connected to sp service provider edge switch, usually use trunk mode on the port that facing to. Vlan configuration guide supermicro l2l3 switches configuration guide 5 1. Local area network designvirtual lans wikibooks, open. One of the connections is from equinix datacenter, called cloud exchange.
It worked well in that post, but now its time to open up the tunnel a bit more and allow more vlans through it. Qinq frames are convenient means of constructing layer 2 tunnels. Hi, im configuringing my coreswitches 2x hp5800 in the datacenter of my customer. This can be called vlan stacking, qinq tunnels, or dot1q tunnels.
There are no commands to change current configuration of qinq vlan mapping. It enables service providers to use a single vlan to support different customers who have a single or multiple vlans need to connect across providers network. Add ports connecting the customer network to the customer network vlan. A vlan is used to group together devices logically instead of physically, regardless of where they may be in a room, building, city or even the world. Well be using vlan 101 for customera, and 201 for customerb. Cisco nexus 3000 series nxos interfaces configuration guide, release 7.
By using a different vlan tag for each customer we can separate the. This double tagging is called tag stacking, doubleq, or qinq as shown in figure 92. For the purposes of this lab, a native vlan serves as a common identifier on opposing ends of a trunk link. Virtual lans vlans pfsense qinq configuration pfsense. World heritage encyclopedia, the aggregation of the largest online. Quick explanation on vlan and qinq on 450 even vlan remarking before understanding virtual local area networks or vlans, one should have a general understanding of the definition of a lan. The client is concerned that vlans will be bandwidth intensive because they will advertise to all devices ports on the receiving end of the hybrid port. Configuring qinq vlan tunnels on cisco switch port. Layer 2 protocol tunneling l2pt allows you to send layer 2 protocol data units pdus across a. Segmenting a switched lan as one or more vlans provides the following advantages.
Layer 2 vpn architectures is a comprehensive guide to consolidating network infrastructures and extending vpn services. I helped to create this network for a client utilizing a trunked vlan qinq that connects into a hybrid l2l3 port. This way the service provider can just configure one vlan for the customer and. For intervlan communication, a layer 3 router is required. Via this fiber connection, we are going to connect to mic. Hierarchical tagging, or multilevel dot1q tagging qinq, is not supported. As you will see, the configuration is rather quick and simple. Vlans allow for networks to be more flexible, secure and have maximum scalability. Identify qinq vlan in vlan without knowing 2nd vlan. Enabling qinq support in ovs is a simple configuration change.
1189 973 1609 1151 909 771 345 1100 14 1141 255 1407 114 1266 1270 1545 1244 1584 1063 266 1010 518 10 1467 556 577 771 1176 156 735 227 1279 41 169 913 459 1122 124 743 1119 1350 79 392 258 976