802.1Q Tunneling Problem

Answered Question
Feb 26th, 2010
User Badges:

Hi All,



I got some technical issue in my 802.1Q tunneling lab, please advice if you know it....thanks


Objective:

- To isolate customer VLAN with provider VLAN (CoreSW01, CoreSW02, and CoreSW03)

- To save VLAN used by customers

- By implementing 802.1Q tunneling, customer have their own VLAN


Concern:

- Understand 802.1Q tunneling require additional 4bytes of vlan hearder, if I increase systems mtu to 1504byte, does it impact to standard packet? I try to show interface on "Non-802.1Q tunneling" interface and found they are also using 1504. Please advice..


Problems:

I got a problem to setting up 802.1Q Tunneling, If I remove the CoreSW02, everything are working fine, but when i put back the CoreSW02, then i will loss the connection between SwitchA01 and SwitchA02.


Please find the network diagram and config in the attached PDF file.

Correct Answer by Giuseppe Larosa about 7 years 2 months ago

Hello Alex,

vlan 50 is needed on all switches in the middle because frames travel on the L2 SP network portion as double tagged with external tag = vlan 50.


you will see your setup working when you will add vlan 50 to core2 switch.


core switches don't need to know about the vlans used on the customer side that are the internal tags.


it is also important to be sure that vlan 50 is never the native vlan on a trunk to avoid to expose the internal tags.

As an alternative way you can enable native vlan tagging everywhere on SP switches.


note on terminology: the external vlan is called the customer vlan-id that is each customer gets one or more vlan-ids.


Hope to help

Giuseppe

Correct Answer by owalter about 7 years 2 months ago

Does VLAN 50 exist on CoreSW02 ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Giuseppe Larosa Fri, 02/26/2010 - 06:02
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Alex,

does customer vlan 50 exist on Coreswitch2?

Is  STP instance for vlan50 running on coreswitch2?


you can use

sh vlan id 50

sh spanning-tree vlan 50


to perform these checks


Hope to help

Giuseppe

alexloh83 Fri, 02/26/2010 - 19:53
User Badges:

Hello Giuslar and Owalter,



First, thanks for your reply....


Correct me if i am wrong, from my understanding the CoreSW02 switch dont need to create vlan 50, becaues it only carry CoreSW01 to CoreSW03 as a trunk, and both interfaces are allowed vlan 1-1000.


I will try to create vlan50 on CoreSW02 in this case and see what is the result, I will get back to you all on Monday....

Correct Answer
Giuseppe Larosa Sat, 02/27/2010 - 03:12
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Alex,

vlan 50 is needed on all switches in the middle because frames travel on the L2 SP network portion as double tagged with external tag = vlan 50.


you will see your setup working when you will add vlan 50 to core2 switch.


core switches don't need to know about the vlans used on the customer side that are the internal tags.


it is also important to be sure that vlan 50 is never the native vlan on a trunk to avoid to expose the internal tags.

As an alternative way you can enable native vlan tagging everywhere on SP switches.


note on terminology: the external vlan is called the customer vlan-id that is each customer gets one or more vlan-ids.


Hope to help

Giuseppe

Correct Answer
owalter Fri, 02/26/2010 - 06:17
User Badges:

Does VLAN 50 exist on CoreSW02 ?

alexloh83 Sun, 02/28/2010 - 19:18
User Badges:

Hello Giuslar and Owalter,



Thanks for your help, after I created a VLAN 50 on CoreSW02 everything is normal now.

Actions

This Discussion