Afenioux's Blog page

3am; darkness; Maintenance window closing. Safety net: rollback.

QinQ & Vlan mapping / translation

Written by Arnaud no comments

VLAN mapping, QinQ, SELECTIVE QinQ and STACKED VLAN examples...

VLAN MAPPING

You have a custommer using the same vlan as you? In the example we want to map his vlan 21 to our 117.

This is not working on all cisco switches (6500 are ok)

interface GigabitEthernet2/25
 switchport mode trunk
 switchport trunk allowed vlan 117,500
 switchport vlan mapping enable
 switchport vlan mapping 21 117

to check if it's ok :

 sh int gi2/25 vlan mapping     
State: enabled
Original VLAN Translated VLAN
------------- ---------------
  21             117

Source :  https://geni-orca.renci.org/trac/wiki/VLANMapping
and http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/vlans.html
and http://www.cisco.com/en/US/docs/switches/metro/me3400e/software/release/12.2_44_ey/configuration/guide/swtunnel.html


QinQ

If you need to encapsulate all Customer Vlan in one of your vlan (in this example VLAN 2), you have to dedicate one port for this

interface Gi1/1
  switchport access vlan 2
  switchport mode dot1q-tunnel

Be aware that the SP-VLAN (here vlan 2) MUST NOT be a native vlan on your trunk links between your switches. You can use the command "vlan dot1q tag native" in the global configuration mode to avoid this.

 

SELECTIVE QinQ

If you don't want to tunnel all vlan, you can use "Selective QinQ"
In this example we will only encapsulate C-VLAN 110 to 120 into the SP-VLAN 2

interface Gi1/1
  switchport mode trunk
  switchport vlan mapping 110-120 dot1q-tunnel 2

in these two previous examples, you may also need to tunnel L2 protocols

interface Gi1/1
  l2protocol-tunnel cdp
  l2protocol-tunnel stp
  l2protocol-tunnel vtp

You may need to limit L2 protocols usage on port, in this example we drop cdp packets over 1024/sec and shutdown the port if we exceed 512 stp packets/sec

errdisable recovery cause l2ptguard
interface Gi1/1
  l2protocol-tunnel drop-threshold cdp 1024
  l2protocol-tunnel shutdown-threshold stp 512

Source : http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/54sg...

 

STACKED VLAN

Stacked Vlan is AFAIK the same as QinQ (802.1ad) but maybe the "router side of the thing". Once you have encapsulated your frame (which has now 2 vlan tags) you can still create a sub-interface on your router.
In this example the interface Gi1/1.2 of your P router has an IP address in the Customer VLAN 110 which is encapsulated in the Service Provider VLAN 2

interface Gi1/1.2
  encapsulation dot1q 2 second-dot1q 110
  ip address X.X.X.X X.X.X.X

You can use the keyword any to match all unspecified C-VLAN on sub-interfaces, if no EoMPLS is configured packets are dropped

interface Gi1/1.999
  encapsulation dot1q 2 second-dot1q any
  xconnect X.X.X.X 999 encapsulation mpls

Source : http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/qinq.html

Classified in : cisco Tags : none

Comments are closed.

Rss feed of the article's comments