homeaboutcontacttestimonialsregistercourse scheduleblog            
Cisco Routing and Switching: Q n Q Tunneling

 

December 16, 2008
By David Clark, CCIE#14742 (Routing and Switching), CCSI# 31937

For a pdf of this article: Q n Q Tunneling



Service providers often have multiple customers with overlapping VLAN ranges. Q-in-Q tunneling or 802.1Q tunneling is the
mechanism that allows service providers to preserve customer VLANS being transported through the service provider networks.
Q-in-Q tunneling uses a two-level VLAN tag structure. Each customer is assigned a unique VLAN within the service providers
network, this unique tag is added to all incoming frames from the customer network. The original frame from the customer remains untouched. The inner frame is often referred to as the customer VLAN tag because the customer originally assigns it.


Q-in-Q tunneling significantly reduces the number of VLAN required within a customer network as each customer is assigned a
unique VLAN. To the customer the service provider network appears as a transparent bridge connecting their sites together.


When configuring Q-in-Q tunneling the ports connected directly to the customer switch are configured with the command
“switchport trunk encapsulation dot1q”. The customer ports are configured as per normal and require no extra configuration.


interface FastEthernet0/20
description customer
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
end


Interface FastEthernet0/21
description service provider
switchport access vlan 21
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
end


In the above example Fast 0/20 resides on the customer switch, while Fast 0/21 is on the service provider switch and configured
as a tunnel port. VLAN 21 becomes the outer tag and is added to all frames from Fast 0/20 sent down to Fast 0/21. The service
provider port is specifically configured also to carry CDP, STP and VTP frames. The configuration can be verified with the
command “show l2protocol-tunnel interface fast 0/21”


If the customer is running a negotiated EtherChannel a slightly different configuration is required. On the customer side a normal
EtherChannel is configured.


interface Fastethernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable

 

interface Fastethernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable

The service provider configuration is slightly different from the previous example.

 

interface Fastethernet0/1
switchport access vlan 17
switchport mode dot1q-tunnel
l2protocol-tunnel point-to-point pagp
end


interface fastethernet0/2
switchport access vlan 18
switchport mode dot1q-tunnel
l2protocol-tunnel point-to-point pagp
end


In this case we use the “l2protocol-tunnel point-to-point pagp” command to carry the PagP frames across the service provider
network. Also one customer VLAN is assigned per incoming from port from the customer switch. For LACP the ““l2protocol-tunnel
point-to-point LACP” would be used.

 


 

CCBOOTCAMP
375 N. Stephanie Street, Bldg 21 Suite 2111 Henderson, NV 89014
Website: www.ccbootcamp.com Phone: 877.654.2243

For questions or comments about this article please email sales@ccbootcamp.com





CC Bootcamp Twitter
CC Bootcamp Linkedin
Pearson Vue
CONTACT US | TOLL FREE: 1.877.654.2243 or 1.877.NLI.CCIE | INTERNATIONAL: +1.702.968.5100
©2010 Network Learning, Inc. All Rights Reserved.