SlideShare a Scribd company logo

Dot1qtnl

Hector Cojulún
Hector Cojulún

802.1Q tunneling enables service providers to use a single VLAN to support multiple customer VLANs while preserving customer VLAN IDs. The document discusses how 802.1Q tunneling works by double tagging customer traffic and transporting it through a tunnel VLAN. It also provides guidelines and restrictions for configuring 802.1Q tunneling, such as using tunnel ports only to form asymmetrical links between customer and provider networks.

BusinessTechnology
1 of 8
Download to read offline
C H A P T E R 17 Configuring IEEE 802.1Q Tunneling This chapter describes how to configure IEEE 802.1Q tunneling on the Catalyst 6500 series switches. • For complete syntax and usage information for the commands used in this chapter, refer to the Cisco IOS Master Command List, Release 12.2SX at this URL: • http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_book.html • Note The WS-X6548-GE-TX, WS-X6548V-GE-TX, WS-X6148-GE-TX, and WS-X6148V-GE-TX switching modules do not support IEEE 802.1Q tunneling. This chapter consists of these sections: • • 802.1Q Tunneling Configuration Guidelines and Restrictions, page 17-3 • Tip Understanding How 802.1Q Tunneling Works, page 17-1 Configuring 802.1Q Tunneling, page 17-6 For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page: http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html Participate in the Technical Documentation Ideas forum Understanding How 802.1Q Tunneling Works 802.1Q tunneling enables service providers to use a single VLAN to support customers who have multiple VLANs, while preserving customer VLAN IDs and keeping traffic in different customer VLANs segregated. A port configured to support 802.1Q tunneling is called a tunnel port. When you configure tunneling, you assign a tunnel port to a VLAN that you dedicate to tunneling, which then becomes a tunnel VLAN. To keep customer traffic segregated, each customer requires a separate tunnel VLAN, but that one tunnel VLAN supports all of the customer’s VLANs. 802.1Q tunneling is not restricted to point-to-point tunnel configurations. Any tunnel port in a tunnel VLAN is a tunnel entry and exit point. An 802.1Q tunnel can have as many tunnel ports as are needed to connect customer switches. Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF OL-3999-08 17-1
Chapter 17 Configuring IEEE 802.1Q Tunneling Understanding How 802.1Q Tunneling Works The customer switches are trunk connected, but with 802.1Q tunneling, the service provider switches only use one service provider VLAN to carry all the customer VLANs, instead of directly carrying all the customer VLANs. With 802.1Q tunneling, tagged customer traffic comes from an 802.1Q trunk port on a customer device and enters the service-provider edge switch through a tunnel port. The link between the 802.1Q trunk port on a customer device and the tunnel port is called an asymmetrical link because one end is configured as an 802.1Q trunk port and the other end is configured as a tunnel port. You assign the tunnel port to an access VLAN ID unique to each customer. See Figure 17-1 on page 17-2 and Figure 17-2 on page 17-3. Figure 17-1 IEEE 802.1Q Tunnel Ports in a Service-Provider Network Customer A VLANs 1 to 100 Customer A VLANs 1 to 100 802.1Q trunk port 802.1Q trunk port Service provider 802.1Q trunk port 802.1Q trunk port Tunnel port VLAN 30 Tunnel port VLAN 30 Trunk ports 802.1Q trunk port 802.1Q trunk port Tunnel port VLAN 30 Trunk ports Tunnel port VLAN 40 Tunnel port VLAN 40 802.1Q trunk port 802.1Q trunk port 74016 802.1Q trunk port Customer B VLANs 1 to 200 Trunk Asymmetric link Customer B VLANs 1 to 200 Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF 17-2 OL-3999-08
Chapter 17 Configuring IEEE 802.1Q Tunneling 802.1Q Tunneling Configuration Guidelines and Restrictions Figure 17-2 Untagged, 802.1Q-Tagged, and Double-Tagged Ethernet Frames Source address Destination Length/ address EtherType SA Len/Etype DA SA Etype DA SA Etype Data Tag Tag FCS Len/Etype Etype Tag Original Ethernet frame Data FCS Len/Etype 802.1Q frame from customer network Data FCS Double-tagged frame on trunk links between service provider network devices 79831 DA Frame Check Sequence When a tunnel port receives tagged customer traffic from an 802.1Q trunk port, it does not strip the received 802.1Q tag from the frame header; instead, the tunnel port leaves the 802.1Q tag intact, adds a 2-byte Ethertype field (0x8100) followed by a 2-byte field containing the priority (CoS) and the VLAN. The received customer traffic is then put into the VLAN to which the tunnel port is assigned. This Ethertype 0x8100 traffic, with the received 802.1Q tag intact, is called tunnel traffic. A VLAN carrying tunnel traffic is an 802.1Q tunnel. The tunnel ports in the VLAN are the tunnel’s ingress and egress points. The tunnel ports do not have to be on the same network device. The tunnel can cross other network links and other network devices before reaching the egress tunnel port. A tunnel can have as many tunnel ports as required to support the customer devices that need to communicate through the tunnel. An egress tunnel port strips the 2-byte Ethertype field (0x8100) and the 2-byte length field and transmits the traffic with the 802.1Q tag still intact to an 802.1Q trunk port on a customer device. The 802.1Q trunk port on the customer device strips the 802.1Q tag and puts the traffic into the appropriate customer VLAN. Note Tunnel traffic carries a second 802.1Q tag only when it is on a trunk link between service-provider network devices, with the outer tag containing the service-provider-assigned VLAN ID and the inner tag containing the customer-assigned VLAN IDs. 802.1Q Tunneling Configuration Guidelines and Restrictions When configuring 802.1Q tunneling in your network, follow these guidelines and restrictions: • Use asymmetrical links to put traffic into a tunnel or to remove traffic from a tunnel. • Configure tunnel ports only to form an asymmetrical link. Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF OL-3999-08 17-3
Chapter 17 Configuring IEEE 802.1Q Tunneling 802.1Q Tunneling Configuration Guidelines and Restrictions • Dedicate one VLAN for each tunnel. • Assign only tunnel ports to VLANs used for tunneling. • Trunks require no special configuration to carry tunnel VLANs. • Tunnel ports are not trunks. Any commands to configure trunking are inactive while the port is configured as a tunnel port. • Tunnel ports learn customer MAC addresses. • We recommend that you use ISL trunks to carry tunnel traffic between devices that do not have tunnel ports. Because of the 802.1Q native VLAN feature, using 802.1Q trunks requires that you be very careful when you configure tunneling: a mistake might direct tunnel traffic to a non-tunnel port. • By default, the native VLAN traffic of a dot1q trunk is sent untagged, which cannot be double-tagged in the service provider network. Because of this situation, the native VLAN traffic might not be tunneled correctly. Be sure that the native VLAN traffic is always sent tagged in an asymmetrical link. To tag the native VLAN egress traffic and drop all untagged ingress traffic, enter the global vlan dot1q tag native command. • Configure jumbo frame support on tunnel ports: – See the “Configuring Jumbo Frame Support” section on page 9-10. – Take note of the modules listed in the “Configuring Jumbo Frame Support” section that do not support jumbo frames. • Jumbo frames can be tunneled as long as the jumbo frame length combined with the 802.1Q tag does not exceed the maximum frame size. • Because tunnel traffic has the added ethertype and length field and retains the 802.1Q tag within the switch, the following restrictions exist: – The Layer 3 packet within the Layer 2 frame cannot be identified in tunnel traffic. – Layer 3 and higher parameters cannot be identified in tunnel traffic (for example, Layer 3 destination and source addresses). – Because the Layer 3 addresses cannot be identified within the packet, tunnel traffic cannot be routed. – The switch can provide only MAC-layer filtering for tunnel traffic (VLAN IDs and source and destination MAC addresses). – The switch can provide only MAC-layer access control and QoS for tunnel traffic. – QoS cannot detect the received CoS value in the 802.1Q 2-byte Tag Control Information field. • On an asymmetrical link, the Cisco Discovery Protocol (CDP) reports a native VLAN mismatch if the VLAN of the tunnel port does not match the native VLAN of the 802.1Q trunk. The 802.1Q tunnel feature does not require that the VLANs match. Ignore the messages if your configuration requires nonmatching VLANs. • Asymmetrical links do not support the Dynamic Trunking Protocol (DTP) because only one port on the link is a trunk. Configure the 802.1Q trunk port on an asymmetrical link to trunk unconditionally. • The 802.1Q tunneling feature cannot be configured on ports configured to support private VLANs. • The following Layer 2 protocols work between devices connected by an asymmetrical link: – CDP – UniDirectional Link Detection (UDLD) – Port Aggregation Protocol (PAgP) – Link Aggregation Control Protocol (LACP) Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF 17-4 OL-3999-08
Chapter 17 Configuring IEEE 802.1Q Tunneling 802.1Q Tunneling Configuration Guidelines and Restrictions • Spanning-tree BPDU filtering is enabled automatically on tunnel ports. • CDP is automatically disabled on tunnel ports. • VLAN Trunk Protocol (VTP) does not work between the following devices: – Devices connected by an asymmetrical link – Devices communicating through a tunnel Note • VTP works between tunneled devices if Layer 2 protocol tunneling is enabled. See Chapter 18, “Configuring Layer 2 Protocol Tunneling,” for configuration details. To configure an EtherChannel as an asymmetrical link, all ports in the EtherChannel must have the same tunneling configuration. Because the Layer 3 packet within the Layer 2 frame cannot be identified, you must configure the EtherChannel to use MAC-address-based frame distribution. The following configuration guidelines are required for your Layer 2 protocol tunneling configuration: • On all the service provider edge switches, PortFast BPDU filtering must be enabled on the 802.1Q tunnel ports as follows: Router(config-if)# spanning-tree bpdufilter enable Router(config-if)# spanning-tree portfast Note Spanning-tree BPDU filtering is enabled automatically on tunnel ports. • At least one VLAN must be available for Native VLAN tagging (vlan dot1q tag native option). If you use all the available VLANs and then try to enable the vlan dot1q tag native option, the option will not be enabled. • On all the service provider core switches, tag native VLAN egress traffic and drop untagged native VLAN ingress traffic by entering the following command: Router(config)# vlan dot1q tag native • On all the customer switches, either enable or disable the global vlan dot1q tag native option. Note If this option is enabled on one switch and disabled on another switch, all traffic is dropped; all customer switches must have this option configured the same on each switch. The following configuration guidelines are optional for your Layer 2 protocol tunneling configuration: • Because all the BPDUs are being dropped, spanning tree PortFast can be enabled on Layer 2 protocol tunnel ports as follows: Router(config-if)# spanning-tree portfast trunk • If the service provider does not want the customer to see its switches, CDP should be disabled on the 802.1Q tunnel port as follows: Router(config-if)# no cdp enable Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF OL-3999-08 17-5
Chapter 17 Configuring IEEE 802.1Q Tunneling Configuring 802.1Q Tunneling Configuring 802.1Q Tunneling These sections describe 802.1Q tunneling configuration: • • Caution Configuring 802.1Q Tunnel Ports, page 17-6 Configuring the Switch to Tag Native VLAN Traffic, page 17-6 Ensure that only the appropriate tunnel ports are in any VLAN used for tunneling and that one VLAN is used for each tunnel. Incorrect assignment of tunnel ports to VLANs can forward traffic inappropriately. Configuring 802.1Q Tunnel Ports To configure 802.1Q tunneling on a port, perform this task: Command Purpose Step 1 Router(config)# interface type Step 2 1 Router(config-if)# switchport slot/port Selects the LAN port to configure. Configures the LAN port for Layer 2 switching: • • Step 3 You must enter the switchport command once without any keywords to configure the LAN port as a Layer 2 interface before you can enter additional switchport commands with keywords. Required only if you have not entered the switchport command already for the interface. Router(config-if)# switchport mode dot1q-tunnel Configures the Layer 2 port as a tunnel port. Router(config-if)# no switchport mode dot1q-tunnel Clears the tunnel port configuration. Step 4 Router(config-if)# end Exits configuration mode. Step 5 Router# show dot1q-tunnel [{interface type interface-number}] Verifies the configuration. 1. type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet This example shows how to configure tunneling on port 4/1 and verify the configuration: Router# configure terminal Router(config)# interface fastethernet 4/1 Router(config-if)# switchport mode dot1q-tunnel Router(config-if)# end Router# show dot1q-tunnel interface Configuring the Switch to Tag Native VLAN Traffic The vlan dot1q tag native command is a global command that configures the switch to tag native VLAN traffic, and admit only 802.1Q tagged frames on 802.1Q trunks, dropping any untagged traffic, including untagged traffic in the native VLAN. Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF 17-6 OL-3999-08
Chapter 17 Configuring IEEE 802.1Q Tunneling Configuring 802.1Q Tunneling To configure the switch to tag traffic in the native VLAN, perform this task: Command Purpose Router(config)# vlan dot1q tag native Configures the switch to tag native VLAN traffic. Router(config)# no vlan dot1q tag native Clears the configuration. Step 2 Router(config)# end Exits configuration mode. Step 3 Router# show vlan dot1q tag native Verifies the configuration. Step 1 This example shows how to configure the switch to tag native VLAN traffic and verify the configuration: Router# configure terminal Router(config)# vlan dot1q tag native Router(config)# end Router# show vlan dot1q tag native Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page: http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html Participate in the Technical Documentation Ideas forum Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF OL-3999-08 17-7
Chapter 17 Configuring IEEE 802.1Q Tunneling Configuring 802.1Q Tunneling Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF 17-8 OL-3999-08

Recommended

Exos concepts guide_15_4
Exos concepts guide_15_4Exos concepts guide_15_4
Exos concepts guide_15_4
alexandr martynjuk
 
Tn 310 vlan-trunking
Tn 310 vlan-trunkingTn 310 vlan-trunking
Tn 310 vlan-trunking
sali Ibrahimu
 
At8000 s configurando vla_ns
At8000 s configurando vla_nsAt8000 s configurando vla_ns
At8000 s configurando vla_nsNetPlus
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routing
Muhd Mu'izuddin
 
CCNA- part 9 vlan
CCNA- part 9 vlanCCNA- part 9 vlan
CCNA- part 9 vlan
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Inter VLAN Routing
Inter VLAN RoutingInter VLAN Routing
Inter VLAN Routing
Netwax Lab
 
VLAN Network for Extreme Networks
VLAN Network for Extreme NetworksVLAN Network for Extreme Networks
VLAN Network for Extreme Networks
Dani Royman Simanjuntak
 
Inter-VLAN Routing
Inter-VLAN RoutingInter-VLAN Routing
Inter-VLAN Routingrmosate
 

Recommended

Exos concepts guide_15_4
Exos concepts guide_15_4Exos concepts guide_15_4
Exos concepts guide_15_4
alexandr martynjuk
 
Tn 310 vlan-trunking
Tn 310 vlan-trunkingTn 310 vlan-trunking
Tn 310 vlan-trunking
sali Ibrahimu
 
At8000 s configurando vla_ns
At8000 s configurando vla_nsAt8000 s configurando vla_ns
At8000 s configurando vla_nsNetPlus
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routing
Muhd Mu'izuddin
 
CCNA- part 9 vlan
CCNA- part 9 vlanCCNA- part 9 vlan
CCNA- part 9 vlan
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Inter VLAN Routing
Inter VLAN RoutingInter VLAN Routing
Inter VLAN Routing
Netwax Lab
 
VLAN Network for Extreme Networks
VLAN Network for Extreme NetworksVLAN Network for Extreme Networks
VLAN Network for Extreme Networks
Dani Royman Simanjuntak
 
Inter-VLAN Routing
Inter-VLAN RoutingInter-VLAN Routing
Inter-VLAN Routingrmosate
 
Chapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routingChapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routing
teknetir
 
Config vlans
Config vlansConfig vlans
Config vlans
amri am
 
Guia completa vlan
Guia completa vlanGuia completa vlan
Guia completa vlan1 2d
 
Day 14.2 configuringvla ns
Day 14.2 configuringvla nsDay 14.2 configuringvla ns
Day 14.2 configuringvla ns
CYBERINTELLIGENTS
 
Day 14.2 inter vlan
Day 14.2 inter vlanDay 14.2 inter vlan
Day 14.2 inter vlan
CYBERINTELLIGENTS
 
Ccna3 mod9-vtp
Ccna3 mod9-vtpCcna3 mod9-vtp
Ccna3 mod9-vtpMilton Bengui
 
KPUCC-Rs instructor ppt_chapter3_final
KPUCC-Rs instructor ppt_chapter3_finalKPUCC-Rs instructor ppt_chapter3_final
KPUCC-Rs instructor ppt_chapter3_final
Fisal Anwari
 
Final exam ccna exploration 3 lan switching and wireless
Final exam ccna exploration 3 lan switching and wirelessFinal exam ccna exploration 3 lan switching and wireless
Final exam ccna exploration 3 lan switching and wirelesskratos2424
 
Ccna3 mod9-vtp
Ccna3 mod9-vtpCcna3 mod9-vtp
Ccna3 mod9-vtpjmdoger
 
Switching & VLAN(4knet.ir)
Switching & VLAN(4knet.ir)Switching & VLAN(4knet.ir)
Switching & VLAN(4knet.ir)
Azad Kaki
 
Cap6 intervlan routing
Cap6 intervlan routingCap6 intervlan routing
Cap6 intervlan routing
Hector Camba Lainez
 
Ch3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wirelessCh3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wirelesskratos2424
 
Expl sw chapter_06_inter_vlan
Expl sw chapter_06_inter_vlanExpl sw chapter_06_inter_vlan
Expl sw chapter_06_inter_vlanaghacrom
 
Vlans and inter vlan routing
Vlans and inter vlan routingVlans and inter vlan routing
Vlans and inter vlan routing
Mohammedseleim
 
Ccna 3 v 4.0 final-exam-17-07-2010
Ccna 3 v 4.0 final-exam-17-07-2010Ccna 3 v 4.0 final-exam-17-07-2010
Ccna 3 v 4.0 final-exam-17-07-2010irbas
 
Vlans
VlansVlans
Vlans1 2d
 
vlan
vlanvlan
vlan
Mohammadnoor Noori
 
Vlan final
Vlan finalVlan final
Vlan finalVeena Rao
 
CCNA Lab 5-Configuring Inter-VLAN Routing
CCNA Lab 5-Configuring Inter-VLAN RoutingCCNA Lab 5-Configuring Inter-VLAN Routing
CCNA Lab 5-Configuring Inter-VLAN Routing
Amir Jafari
 
Vlans (virtual local area networks)
Vlans (virtual local area networks)Vlans (virtual local area networks)
Vlans (virtual local area networks)
Kanishk Raj
 
802 1ad
802 1ad802 1ad
802 1adjcbp_peru
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocol
Tom Chou
 

More Related Content

What's hot

Chapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routingChapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routing
teknetir
 
Config vlans
Config vlansConfig vlans
Config vlans
amri am
 
Guia completa vlan
Guia completa vlanGuia completa vlan
Guia completa vlan1 2d
 
Day 14.2 configuringvla ns
Day 14.2 configuringvla nsDay 14.2 configuringvla ns
Day 14.2 configuringvla ns
CYBERINTELLIGENTS
 
Day 14.2 inter vlan
Day 14.2 inter vlanDay 14.2 inter vlan
Day 14.2 inter vlan
CYBERINTELLIGENTS
 
KPUCC-Rs instructor ppt_chapter3_final
KPUCC-Rs instructor ppt_chapter3_finalKPUCC-Rs instructor ppt_chapter3_final
KPUCC-Rs instructor ppt_chapter3_final
Fisal Anwari
 
Final exam ccna exploration 3 lan switching and wireless
Final exam ccna exploration 3 lan switching and wirelessFinal exam ccna exploration 3 lan switching and wireless
Final exam ccna exploration 3 lan switching and wirelesskratos2424
 
Ccna3 mod9-vtp
Ccna3 mod9-vtpCcna3 mod9-vtp
Ccna3 mod9-vtpjmdoger
 
Switching & VLAN(4knet.ir)
Switching & VLAN(4knet.ir)Switching & VLAN(4knet.ir)
Switching & VLAN(4knet.ir)
Azad Kaki
 
Cap6 intervlan routing
Cap6 intervlan routingCap6 intervlan routing
Cap6 intervlan routing
Hector Camba Lainez
 
Ch3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wirelessCh3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wirelesskratos2424
 
Expl sw chapter_06_inter_vlan
Expl sw chapter_06_inter_vlanExpl sw chapter_06_inter_vlan
Expl sw chapter_06_inter_vlanaghacrom
 
Vlans and inter vlan routing
Vlans and inter vlan routingVlans and inter vlan routing
Vlans and inter vlan routing
Mohammedseleim
 
Ccna 3 v 4.0 final-exam-17-07-2010
Ccna 3 v 4.0 final-exam-17-07-2010Ccna 3 v 4.0 final-exam-17-07-2010
Ccna 3 v 4.0 final-exam-17-07-2010irbas
 
Vlans
VlansVlans
Vlans1 2d
 
vlan
vlanvlan
vlan
Mohammadnoor Noori
 
CCNA Lab 5-Configuring Inter-VLAN Routing
CCNA Lab 5-Configuring Inter-VLAN RoutingCCNA Lab 5-Configuring Inter-VLAN Routing
CCNA Lab 5-Configuring Inter-VLAN Routing
Amir Jafari
 
Vlans (virtual local area networks)
Vlans (virtual local area networks)Vlans (virtual local area networks)
Vlans (virtual local area networks)
Kanishk Raj
 

What's hot (20)

Chapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routingChapter 16 : inter-vlan routing
Chapter 16 : inter-vlan routing
 
Config vlans
Config vlansConfig vlans
Config vlans
 
Guia completa vlan
Guia completa vlanGuia completa vlan
Guia completa vlan
 
Day 14.2 configuringvla ns
Day 14.2 configuringvla nsDay 14.2 configuringvla ns
Day 14.2 configuringvla ns
 
Day 14.2 inter vlan
Day 14.2 inter vlanDay 14.2 inter vlan
Day 14.2 inter vlan
 
Ccna3 mod9-vtp
Ccna3 mod9-vtpCcna3 mod9-vtp
Ccna3 mod9-vtp
 
KPUCC-Rs instructor ppt_chapter3_final
KPUCC-Rs instructor ppt_chapter3_finalKPUCC-Rs instructor ppt_chapter3_final
KPUCC-Rs instructor ppt_chapter3_final
 
Final exam ccna exploration 3 lan switching and wireless
Final exam ccna exploration 3 lan switching and wirelessFinal exam ccna exploration 3 lan switching and wireless
Final exam ccna exploration 3 lan switching and wireless
 
Ccna3 mod9-vtp
Ccna3 mod9-vtpCcna3 mod9-vtp
Ccna3 mod9-vtp
 
Switching & VLAN(4knet.ir)
Switching & VLAN(4knet.ir)Switching & VLAN(4knet.ir)
Switching & VLAN(4knet.ir)
 
Cap6 intervlan routing
Cap6 intervlan routingCap6 intervlan routing
Cap6 intervlan routing
 
Ch3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wirelessCh3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wireless
 
Expl sw chapter_06_inter_vlan
Expl sw chapter_06_inter_vlanExpl sw chapter_06_inter_vlan
Expl sw chapter_06_inter_vlan
 
Vlans and inter vlan routing
Vlans and inter vlan routingVlans and inter vlan routing
Vlans and inter vlan routing
 
Ccna 3 v 4.0 final-exam-17-07-2010
Ccna 3 v 4.0 final-exam-17-07-2010Ccna 3 v 4.0 final-exam-17-07-2010
Ccna 3 v 4.0 final-exam-17-07-2010
 
Vlans
VlansVlans
Vlans
 
vlan
vlanvlan
vlan
 
Vlan final
Vlan finalVlan final
Vlan final
 
CCNA Lab 5-Configuring Inter-VLAN Routing
CCNA Lab 5-Configuring Inter-VLAN RoutingCCNA Lab 5-Configuring Inter-VLAN Routing
CCNA Lab 5-Configuring Inter-VLAN Routing
 
Vlans (virtual local area networks)
Vlans (virtual local area networks)Vlans (virtual local area networks)
Vlans (virtual local area networks)
 

Similar to Dot1qtnl

Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocol
Tom Chou
 
Virtual Local Area Network
Virtual Local Area NetworkVirtual Local Area Network
Virtual Local Area Network
Atakan ATAK
 
CCNA R&S-10-Implementing Ethernet Virtual LANs
CCNA R&S-10-Implementing Ethernet Virtual LANsCCNA R&S-10-Implementing Ethernet Virtual LANs
CCNA R&S-10-Implementing Ethernet Virtual LANs
Amir Jafari
 
Expl sw chapter_03_vla_ns_part_ii
Expl sw chapter_03_vla_ns_part_iiExpl sw chapter_03_vla_ns_part_ii
Expl sw chapter_03_vla_ns_part_iiaghacrom
 
ENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptxENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptx
ManuelRojas960410
 
IT0527 Inter-VLAN Routing
IT0527 Inter-VLAN RoutingIT0527 Inter-VLAN Routing
IT0527 Inter-VLAN Routingrmosate
 
Inter-VLAN Routing
Inter-VLAN RoutingInter-VLAN Routing
Inter-VLAN Routingrmosate
 
CCNA_RSE_Chp6.pptx
CCNA_RSE_Chp6.pptxCCNA_RSE_Chp6.pptx
CCNA_RSE_Chp6.pptx
santosh Kumar
 
VLANs_Module_3.pptx
VLANs_Module_3.pptxVLANs_Module_3.pptx
VLANs_Module_3.pptx
BOURY1
 
Mod8 vlans
Mod8 vlansMod8 vlans
Mod8 vlans
Mohan Kumaresan
 
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram SnehiVLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
MR. VIKRAM SNEHI
 
Vlan.pdf
Vlan.pdfVlan.pdf
Vlan.pdf
itwkd
 
mod8-VLANs.ppt
mod8-VLANs.pptmod8-VLANs.ppt
mod8-VLANs.ppt
SAROORNAGARCMCORE
 
VLAN chapters for networking CCNA_RSE_Chp6.pptx
VLAN chapters for networking CCNA_RSE_Chp6.pptxVLAN chapters for networking CCNA_RSE_Chp6.pptx
VLAN chapters for networking CCNA_RSE_Chp6.pptx
muhammadFaheem656405
 
Ccna 3 v4.0 final-exam-17-07-2010
Ccna 3 v4.0 final-exam-17-07-2010Ccna 3 v4.0 final-exam-17-07-2010
Ccna 3 v4.0 final-exam-17-07-2010irbas
 
VLAN
VLANVLAN
VLAN
ISMT College
 
Vlan and vtp
Vlan and vtpVlan and vtp
Vlan and vtp
Raj sekar
 
Vlan and vtp
Vlan and vtpVlan and vtp
Vlan and vtp
Raj sekar
 

Similar to Dot1qtnl (20)

802 1ad
802 1ad802 1ad
802 1ad
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocol
 
Virtual Local Area Network
Virtual Local Area NetworkVirtual Local Area Network
Virtual Local Area Network
 
Vlan
Vlan Vlan
Vlan
 
CCNA R&S-10-Implementing Ethernet Virtual LANs
CCNA R&S-10-Implementing Ethernet Virtual LANsCCNA R&S-10-Implementing Ethernet Virtual LANs
CCNA R&S-10-Implementing Ethernet Virtual LANs
 
Expl sw chapter_03_vla_ns_part_ii
Expl sw chapter_03_vla_ns_part_iiExpl sw chapter_03_vla_ns_part_ii
Expl sw chapter_03_vla_ns_part_ii
 
ENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptxENCOR_Capitulo 1.pptx
ENCOR_Capitulo 1.pptx
 
IT0527 Inter-VLAN Routing
IT0527 Inter-VLAN RoutingIT0527 Inter-VLAN Routing
IT0527 Inter-VLAN Routing
 
Inter-VLAN Routing
Inter-VLAN RoutingInter-VLAN Routing
Inter-VLAN Routing
 
CCNA_RSE_Chp6.pptx
CCNA_RSE_Chp6.pptxCCNA_RSE_Chp6.pptx
CCNA_RSE_Chp6.pptx
 
VLANs_Module_3.pptx
VLANs_Module_3.pptxVLANs_Module_3.pptx
VLANs_Module_3.pptx
 
Mod8 vlans
Mod8 vlansMod8 vlans
Mod8 vlans
 
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram SnehiVLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
 
Vlan.pdf
Vlan.pdfVlan.pdf
Vlan.pdf
 
mod8-VLANs.ppt
mod8-VLANs.pptmod8-VLANs.ppt
mod8-VLANs.ppt
 
VLAN chapters for networking CCNA_RSE_Chp6.pptx
VLAN chapters for networking CCNA_RSE_Chp6.pptxVLAN chapters for networking CCNA_RSE_Chp6.pptx
VLAN chapters for networking CCNA_RSE_Chp6.pptx
 
Ccna 3 v4.0 final-exam-17-07-2010
Ccna 3 v4.0 final-exam-17-07-2010Ccna 3 v4.0 final-exam-17-07-2010
Ccna 3 v4.0 final-exam-17-07-2010
 
VLAN
VLANVLAN
VLAN
 
Vlan and vtp
Vlan and vtpVlan and vtp
Vlan and vtp
 
Vlan and vtp
Vlan and vtpVlan and vtp
Vlan and vtp
 

Recently uploaded

anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
anasabutalha2013
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
seri bangash
 
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdfModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
fisherameliaisabella
 
20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
tjcomstrang
 
ikea_woodgreen_petscharity_dog-alogue_digital.pdf
ikea_woodgreen_petscharity_dog-alogue_digital.pdfikea_woodgreen_petscharity_dog-alogue_digital.pdf
ikea_woodgreen_petscharity_dog-alogue_digital.pdf
agatadrynko
 
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
taqyed
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
dylandmeas
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
Operational Excellence Consulting
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
Cynthia Clay
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
tanyjahb
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
HumanResourceDimensi1
 
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraTata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Avirahi City Dholera
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
Bojamma2
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
creerey
 
amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
marketing317746
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptx
Workforce Group
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
Ben Wann
 
LA HUG - Video Testimonials with Chynna Morgan - June 2024
LA HUG - Video Testimonials with Chynna Morgan - June 2024LA HUG - Video Testimonials with Chynna Morgan - June 2024
LA HUG - Video Testimonials with Chynna Morgan - June 2024
Lital Barkan
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
sarahvanessa51503
 
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
BBPMedia1
 

Recently uploaded (20)

anas about venice for grade 6f about venice
anas about venice for grade 6f about veniceanas about venice for grade 6f about venice
anas about venice for grade 6f about venice
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
 
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdfModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
 
20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
 
ikea_woodgreen_petscharity_dog-alogue_digital.pdf
ikea_woodgreen_petscharity_dog-alogue_digital.pdfikea_woodgreen_petscharity_dog-alogue_digital.pdf
ikea_woodgreen_petscharity_dog-alogue_digital.pdf
 
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
 
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraTata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
 
amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptx
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
 
LA HUG - Video Testimonials with Chynna Morgan - June 2024
LA HUG - Video Testimonials with Chynna Morgan - June 2024LA HUG - Video Testimonials with Chynna Morgan - June 2024
LA HUG - Video Testimonials with Chynna Morgan - June 2024
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
 
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
 

Dot1qtnl

  • 1. C H A P T E R 17 Configuring IEEE 802.1Q Tunneling This chapter describes how to configure IEEE 802.1Q tunneling on the Catalyst 6500 series switches. • For complete syntax and usage information for the commands used in this chapter, refer to the Cisco IOS Master Command List, Release 12.2SX at this URL: • http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_book.html • Note The WS-X6548-GE-TX, WS-X6548V-GE-TX, WS-X6148-GE-TX, and WS-X6148V-GE-TX switching modules do not support IEEE 802.1Q tunneling. This chapter consists of these sections: • • 802.1Q Tunneling Configuration Guidelines and Restrictions, page 17-3 • Tip Understanding How 802.1Q Tunneling Works, page 17-1 Configuring 802.1Q Tunneling, page 17-6 For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page: http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html Participate in the Technical Documentation Ideas forum Understanding How 802.1Q Tunneling Works 802.1Q tunneling enables service providers to use a single VLAN to support customers who have multiple VLANs, while preserving customer VLAN IDs and keeping traffic in different customer VLANs segregated. A port configured to support 802.1Q tunneling is called a tunnel port. When you configure tunneling, you assign a tunnel port to a VLAN that you dedicate to tunneling, which then becomes a tunnel VLAN. To keep customer traffic segregated, each customer requires a separate tunnel VLAN, but that one tunnel VLAN supports all of the customer’s VLANs. 802.1Q tunneling is not restricted to point-to-point tunnel configurations. Any tunnel port in a tunnel VLAN is a tunnel entry and exit point. An 802.1Q tunnel can have as many tunnel ports as are needed to connect customer switches. Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF OL-3999-08 17-1
  • 2. Chapter 17 Configuring IEEE 802.1Q Tunneling Understanding How 802.1Q Tunneling Works The customer switches are trunk connected, but with 802.1Q tunneling, the service provider switches only use one service provider VLAN to carry all the customer VLANs, instead of directly carrying all the customer VLANs. With 802.1Q tunneling, tagged customer traffic comes from an 802.1Q trunk port on a customer device and enters the service-provider edge switch through a tunnel port. The link between the 802.1Q trunk port on a customer device and the tunnel port is called an asymmetrical link because one end is configured as an 802.1Q trunk port and the other end is configured as a tunnel port. You assign the tunnel port to an access VLAN ID unique to each customer. See Figure 17-1 on page 17-2 and Figure 17-2 on page 17-3. Figure 17-1 IEEE 802.1Q Tunnel Ports in a Service-Provider Network Customer A VLANs 1 to 100 Customer A VLANs 1 to 100 802.1Q trunk port 802.1Q trunk port Service provider 802.1Q trunk port 802.1Q trunk port Tunnel port VLAN 30 Tunnel port VLAN 30 Trunk ports 802.1Q trunk port 802.1Q trunk port Tunnel port VLAN 30 Trunk ports Tunnel port VLAN 40 Tunnel port VLAN 40 802.1Q trunk port 802.1Q trunk port 74016 802.1Q trunk port Customer B VLANs 1 to 200 Trunk Asymmetric link Customer B VLANs 1 to 200 Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF 17-2 OL-3999-08
  • 3. Chapter 17 Configuring IEEE 802.1Q Tunneling 802.1Q Tunneling Configuration Guidelines and Restrictions Figure 17-2 Untagged, 802.1Q-Tagged, and Double-Tagged Ethernet Frames Source address Destination Length/ address EtherType SA Len/Etype DA SA Etype DA SA Etype Data Tag Tag FCS Len/Etype Etype Tag Original Ethernet frame Data FCS Len/Etype 802.1Q frame from customer network Data FCS Double-tagged frame on trunk links between service provider network devices 79831 DA Frame Check Sequence When a tunnel port receives tagged customer traffic from an 802.1Q trunk port, it does not strip the received 802.1Q tag from the frame header; instead, the tunnel port leaves the 802.1Q tag intact, adds a 2-byte Ethertype field (0x8100) followed by a 2-byte field containing the priority (CoS) and the VLAN. The received customer traffic is then put into the VLAN to which the tunnel port is assigned. This Ethertype 0x8100 traffic, with the received 802.1Q tag intact, is called tunnel traffic. A VLAN carrying tunnel traffic is an 802.1Q tunnel. The tunnel ports in the VLAN are the tunnel’s ingress and egress points. The tunnel ports do not have to be on the same network device. The tunnel can cross other network links and other network devices before reaching the egress tunnel port. A tunnel can have as many tunnel ports as required to support the customer devices that need to communicate through the tunnel. An egress tunnel port strips the 2-byte Ethertype field (0x8100) and the 2-byte length field and transmits the traffic with the 802.1Q tag still intact to an 802.1Q trunk port on a customer device. The 802.1Q trunk port on the customer device strips the 802.1Q tag and puts the traffic into the appropriate customer VLAN. Note Tunnel traffic carries a second 802.1Q tag only when it is on a trunk link between service-provider network devices, with the outer tag containing the service-provider-assigned VLAN ID and the inner tag containing the customer-assigned VLAN IDs. 802.1Q Tunneling Configuration Guidelines and Restrictions When configuring 802.1Q tunneling in your network, follow these guidelines and restrictions: • Use asymmetrical links to put traffic into a tunnel or to remove traffic from a tunnel. • Configure tunnel ports only to form an asymmetrical link. Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF OL-3999-08 17-3
  • 4. Chapter 17 Configuring IEEE 802.1Q Tunneling 802.1Q Tunneling Configuration Guidelines and Restrictions • Dedicate one VLAN for each tunnel. • Assign only tunnel ports to VLANs used for tunneling. • Trunks require no special configuration to carry tunnel VLANs. • Tunnel ports are not trunks. Any commands to configure trunking are inactive while the port is configured as a tunnel port. • Tunnel ports learn customer MAC addresses. • We recommend that you use ISL trunks to carry tunnel traffic between devices that do not have tunnel ports. Because of the 802.1Q native VLAN feature, using 802.1Q trunks requires that you be very careful when you configure tunneling: a mistake might direct tunnel traffic to a non-tunnel port. • By default, the native VLAN traffic of a dot1q trunk is sent untagged, which cannot be double-tagged in the service provider network. Because of this situation, the native VLAN traffic might not be tunneled correctly. Be sure that the native VLAN traffic is always sent tagged in an asymmetrical link. To tag the native VLAN egress traffic and drop all untagged ingress traffic, enter the global vlan dot1q tag native command. • Configure jumbo frame support on tunnel ports: – See the “Configuring Jumbo Frame Support” section on page 9-10. – Take note of the modules listed in the “Configuring Jumbo Frame Support” section that do not support jumbo frames. • Jumbo frames can be tunneled as long as the jumbo frame length combined with the 802.1Q tag does not exceed the maximum frame size. • Because tunnel traffic has the added ethertype and length field and retains the 802.1Q tag within the switch, the following restrictions exist: – The Layer 3 packet within the Layer 2 frame cannot be identified in tunnel traffic. – Layer 3 and higher parameters cannot be identified in tunnel traffic (for example, Layer 3 destination and source addresses). – Because the Layer 3 addresses cannot be identified within the packet, tunnel traffic cannot be routed. – The switch can provide only MAC-layer filtering for tunnel traffic (VLAN IDs and source and destination MAC addresses). – The switch can provide only MAC-layer access control and QoS for tunnel traffic. – QoS cannot detect the received CoS value in the 802.1Q 2-byte Tag Control Information field. • On an asymmetrical link, the Cisco Discovery Protocol (CDP) reports a native VLAN mismatch if the VLAN of the tunnel port does not match the native VLAN of the 802.1Q trunk. The 802.1Q tunnel feature does not require that the VLANs match. Ignore the messages if your configuration requires nonmatching VLANs. • Asymmetrical links do not support the Dynamic Trunking Protocol (DTP) because only one port on the link is a trunk. Configure the 802.1Q trunk port on an asymmetrical link to trunk unconditionally. • The 802.1Q tunneling feature cannot be configured on ports configured to support private VLANs. • The following Layer 2 protocols work between devices connected by an asymmetrical link: – CDP – UniDirectional Link Detection (UDLD) – Port Aggregation Protocol (PAgP) – Link Aggregation Control Protocol (LACP) Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF 17-4 OL-3999-08
  • 5. Chapter 17 Configuring IEEE 802.1Q Tunneling 802.1Q Tunneling Configuration Guidelines and Restrictions • Spanning-tree BPDU filtering is enabled automatically on tunnel ports. • CDP is automatically disabled on tunnel ports. • VLAN Trunk Protocol (VTP) does not work between the following devices: – Devices connected by an asymmetrical link – Devices communicating through a tunnel Note • VTP works between tunneled devices if Layer 2 protocol tunneling is enabled. See Chapter 18, “Configuring Layer 2 Protocol Tunneling,” for configuration details. To configure an EtherChannel as an asymmetrical link, all ports in the EtherChannel must have the same tunneling configuration. Because the Layer 3 packet within the Layer 2 frame cannot be identified, you must configure the EtherChannel to use MAC-address-based frame distribution. The following configuration guidelines are required for your Layer 2 protocol tunneling configuration: • On all the service provider edge switches, PortFast BPDU filtering must be enabled on the 802.1Q tunnel ports as follows: Router(config-if)# spanning-tree bpdufilter enable Router(config-if)# spanning-tree portfast Note Spanning-tree BPDU filtering is enabled automatically on tunnel ports. • At least one VLAN must be available for Native VLAN tagging (vlan dot1q tag native option). If you use all the available VLANs and then try to enable the vlan dot1q tag native option, the option will not be enabled. • On all the service provider core switches, tag native VLAN egress traffic and drop untagged native VLAN ingress traffic by entering the following command: Router(config)# vlan dot1q tag native • On all the customer switches, either enable or disable the global vlan dot1q tag native option. Note If this option is enabled on one switch and disabled on another switch, all traffic is dropped; all customer switches must have this option configured the same on each switch. The following configuration guidelines are optional for your Layer 2 protocol tunneling configuration: • Because all the BPDUs are being dropped, spanning tree PortFast can be enabled on Layer 2 protocol tunnel ports as follows: Router(config-if)# spanning-tree portfast trunk • If the service provider does not want the customer to see its switches, CDP should be disabled on the 802.1Q tunnel port as follows: Router(config-if)# no cdp enable Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF OL-3999-08 17-5
  • 6. Chapter 17 Configuring IEEE 802.1Q Tunneling Configuring 802.1Q Tunneling Configuring 802.1Q Tunneling These sections describe 802.1Q tunneling configuration: • • Caution Configuring 802.1Q Tunnel Ports, page 17-6 Configuring the Switch to Tag Native VLAN Traffic, page 17-6 Ensure that only the appropriate tunnel ports are in any VLAN used for tunneling and that one VLAN is used for each tunnel. Incorrect assignment of tunnel ports to VLANs can forward traffic inappropriately. Configuring 802.1Q Tunnel Ports To configure 802.1Q tunneling on a port, perform this task: Command Purpose Step 1 Router(config)# interface type Step 2 1 Router(config-if)# switchport slot/port Selects the LAN port to configure. Configures the LAN port for Layer 2 switching: • • Step 3 You must enter the switchport command once without any keywords to configure the LAN port as a Layer 2 interface before you can enter additional switchport commands with keywords. Required only if you have not entered the switchport command already for the interface. Router(config-if)# switchport mode dot1q-tunnel Configures the Layer 2 port as a tunnel port. Router(config-if)# no switchport mode dot1q-tunnel Clears the tunnel port configuration. Step 4 Router(config-if)# end Exits configuration mode. Step 5 Router# show dot1q-tunnel [{interface type interface-number}] Verifies the configuration. 1. type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet This example shows how to configure tunneling on port 4/1 and verify the configuration: Router# configure terminal Router(config)# interface fastethernet 4/1 Router(config-if)# switchport mode dot1q-tunnel Router(config-if)# end Router# show dot1q-tunnel interface Configuring the Switch to Tag Native VLAN Traffic The vlan dot1q tag native command is a global command that configures the switch to tag native VLAN traffic, and admit only 802.1Q tagged frames on 802.1Q trunks, dropping any untagged traffic, including untagged traffic in the native VLAN. Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF 17-6 OL-3999-08
  • 7. Chapter 17 Configuring IEEE 802.1Q Tunneling Configuring 802.1Q Tunneling To configure the switch to tag traffic in the native VLAN, perform this task: Command Purpose Router(config)# vlan dot1q tag native Configures the switch to tag native VLAN traffic. Router(config)# no vlan dot1q tag native Clears the configuration. Step 2 Router(config)# end Exits configuration mode. Step 3 Router# show vlan dot1q tag native Verifies the configuration. Step 1 This example shows how to configure the switch to tag native VLAN traffic and verify the configuration: Router# configure terminal Router(config)# vlan dot1q tag native Router(config)# end Router# show vlan dot1q tag native Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples and troubleshooting information), see the documents listed on this page: http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html Participate in the Technical Documentation Ideas forum Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF OL-3999-08 17-7
  • 8. Chapter 17 Configuring IEEE 802.1Q Tunneling Configuring 802.1Q Tunneling Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF 17-8 OL-3999-08