cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5128
Views
4
Helpful
9
Replies

QinQ configuration

Dirk Woellhaf
Level 1
Level 1

Hi guys,

can someone explain to me, how to configure QinQ on 6509 with Sup720, WS-X6748 with IOS 12.2(18)SXE6a.

I'm not shure, but I think there is something missing in the cisco-docs.

I found that I have to set the "switchport mode" to dot1q-tunnel, but how does the switch know where the "tunnel" starts and where it ends?

by Dirk

regards, Dirk (Please rate if helpful)
1 Accepted Solution

Accepted Solutions

interface fx/x

switchport mode do1tq-tunnel

switchport access-vlan 10

On the ingress and egress interfaces on the switches.

Make sure to allow vlan 10 on the 802.1q trunks.

The external Vlans will not be known to your switches. Your switches only care about Vlan 10.

A configuration example is provided in the Cat6500 QinQ configuration.

I don't have the hardware to do a customer duplication example, per your config.

HTH,

__

Edison.

View solution in original post

9 Replies 9

Edison Ortiz
Hall of Fame
Hall of Fame

Any interface with the switchport mode dot1q-tunnel and the customer Vlan is part of the tunnel.

802.1Q tunneling is not restricted to point-to-point tunnel configurations. Any tunnel port in a tunnel VLAN is a tunnel entry and exit point. An 802.1Q tunnel can have as many tunnel ports as are needed to connect customer switches.

HTH,

__

Edison.

Thanks for the reply,

I my case, I have to span the L2 infrastructure over two buildings.

My idea is/was:

I've got external vlan-id's 70-260, wanna encapsulate them into my internal vlan 10, transport them over my internal L2 (802.1q-trunk) infra to the other building remove the vlan-id 10, and forward the frame to the external devices.

Maybe, you can provide me with a configuration-example.

Dirk

regards, Dirk (Please rate if helpful)

interface fx/x

switchport mode do1tq-tunnel

switchport access-vlan 10

On the ingress and egress interfaces on the switches.

Make sure to allow vlan 10 on the 802.1q trunks.

The external Vlans will not be known to your switches. Your switches only care about Vlan 10.

A configuration example is provided in the Cat6500 QinQ configuration.

I don't have the hardware to do a customer duplication example, per your config.

HTH,

__

Edison.

if am correct are you trying to span the vlans 70-260 and then encapsulate them in vlan ten to another device on the next building for inspection or something.

That's correct!

regards, Dirk (Please rate if helpful)

well I think you will need more than just QinQ if you even need it at all.but am sure span port configuration will make your work easier, look into this doc and see if it might help, I am also reading it cause as a security person it will be of good use in deploying IPS. http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008015c612.shtml#descp

Careful.

The original poster mentioned 'span' in term of 'extending' the Vlan

NOT

Span the switchport for traffic analysis.

The 2 concepts are very different.

__

Edison.

HI, [Pls RATE if HELPS]

I have implemented a Scenario as below:

Base Station - A

=================

Metro Edge Switch Config:

int Gi 0/46

switchport access vlan 402 >> OuterVLAN in QnQ

switchport mode dot1q-tunnel

description X-Connect to BaseStation-LAN

Base Satation LAN Switch Config:

int GI 0/45

description X-connection to Metro Edge

switchport trunk encapsulation dot1q

switchport mode trunk

Bast Station - B

=================

Metro Edge Switch Config:

int GI 0/46

switchport access vlan 401 >> OuterVlan in QnQ

switchport mode dot1q-tunnel

description X-connect to Bast Station LAN

Base Station LAN Switch Config:

int GI 0/45

description X-Connect to Metro Edge

switchport trunk encapsulation dot1q

switchport mode trunk

NOC:

====

Metro Head end Switch Config:

int GI 0/45

description to X-Connect to Provider Edge

switchport mode dot1q-tunnel

switchport mode trunk

Provider Edge Router Config:

int Gi 0/1.402100

encapsulation dot1q 402 second-dot1q 100

!! 402 is the OuterVLAN and 100 is Customer VLAN

ip address 10.100.0.101 255.255.255.252

description Customer Bast Station - A

int Gi 0/1.401100

encapsulation dot1q 401 second-dot1q 100

!! 401 is the OuterVLAN and 100 is Customer VLAN

ip address 10.100.0.101 255.255.255.252

description Customer Bast Station - B

In the above Config the QnQ is enabled in the Metro Edge & provider edge routers encapsulation function will be carried out by the edge metro switches and PE Routers. By this way the VLAN's are duplicated are in Metro network itself also making the VLAN allocation locally.

Hope I am Informative.

PLS RATE if HELPS

Best Regards,

Guru Prasad R

accepted

now I understand wat the problem is.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: