cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1064
Views
0
Helpful
5
Replies

802.1Q Tunneling Problem

alexloh83
Level 1
Level 1

Hi All,

I got some technical issue in my 802.1Q tunneling lab, please advice if you know it....thanks

Objective:

- To isolate customer VLAN with provider VLAN (CoreSW01, CoreSW02, and CoreSW03)

- To save VLAN used by customers

- By implementing 802.1Q tunneling, customer have their own VLAN

Concern:

- Understand 802.1Q tunneling require additional 4bytes of vlan hearder, if I increase systems mtu to 1504byte, does it impact to standard packet? I try to show interface on "Non-802.1Q tunneling" interface and found they are also using 1504. Please advice..

Problems:

I got a problem to setting up 802.1Q Tunneling, If I remove the CoreSW02, everything are working fine, but when i put back the CoreSW02, then i will loss the connection between SwitchA01 and SwitchA02.

Please find the network diagram and config in the attached PDF file.

2 Accepted Solutions

Accepted Solutions

owalter
Level 1
Level 1

Does VLAN 50 exist on CoreSW02 ?

View solution in original post

Hello Alex,

vlan 50 is needed on all switches in the middle because frames travel on the L2 SP network portion as double tagged with external tag = vlan 50.

you will see your setup working when you will add vlan 50 to core2 switch.

core switches don't need to know about the vlans used on the customer side that are the internal tags.

it is also important to be sure that vlan 50 is never the native vlan on a trunk to avoid to expose the internal tags.

As an alternative way you can enable native vlan tagging everywhere on SP switches.

note on terminology: the external vlan is called the customer vlan-id that is each customer gets one or more vlan-ids.

Hope to help

Giuseppe

View solution in original post

5 Replies 5

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Alex,

does customer vlan 50 exist on Coreswitch2?

Is  STP instance for vlan50 running on coreswitch2?

you can use

sh vlan id 50

sh spanning-tree vlan 50

to perform these checks

Hope to help

Giuseppe

Hello Giuslar and Owalter,

First, thanks for your reply....

Correct me if i am wrong, from my understanding the CoreSW02 switch dont need to create vlan 50, becaues it only carry CoreSW01 to CoreSW03 as a trunk, and both interfaces are allowed vlan 1-1000.

I will try to create vlan50 on CoreSW02 in this case and see what is the result, I will get back to you all on Monday....

Hello Alex,

vlan 50 is needed on all switches in the middle because frames travel on the L2 SP network portion as double tagged with external tag = vlan 50.

you will see your setup working when you will add vlan 50 to core2 switch.

core switches don't need to know about the vlans used on the customer side that are the internal tags.

it is also important to be sure that vlan 50 is never the native vlan on a trunk to avoid to expose the internal tags.

As an alternative way you can enable native vlan tagging everywhere on SP switches.

note on terminology: the external vlan is called the customer vlan-id that is each customer gets one or more vlan-ids.

Hope to help

Giuseppe

owalter
Level 1
Level 1

Does VLAN 50 exist on CoreSW02 ?

alexloh83
Level 1
Level 1

Hello Giuslar and Owalter,

Thanks for your help, after I created a VLAN 50 on CoreSW02 everything is normal now.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: