Solved: Q-in-Q with only ONE switch. Will it work or not?

alexandrfedchenko · ‎08-11-2010

Hello

If I configure catalyst 3560 like this:

interface fa0/1

switchport mode access

switchport access vlan 1

interface fa0/2

switchport mode access

switchport access vlan 2

interface fa0/3

switchport mode access

switchport access vlan 3

interface fa0/22

switchport mode trunk

switchport trunk encapsulation dot1q

switchport trunk allowed vlan add 1-10

interface fa0/23

switchport access vlan 312

switchport mode dot1q-tunnel

interface fa0/24

switchport mode trunk

switchport trunk encapsulation dot1q

switchport trunk allowed vlan add 312

and then connect port 22 and 23 with patch-cord, will traffic on port 24 be Q-in-Q incapsulated?

Jayakrishna Mada · ‎08-11-2010

Hi Alexandr,

I am not sure why you want to do it like this but that should work. The packest leaving port 24 should have 2 tags, External 312 and Internal (1-10).

JayaKrishna

View solution in original post

arun kumar · ‎08-12-2010

Hi Alexandr,

You config should work. We have the same config in our network working fine without any issues.

HTH

Arun

View solution in original post

Chad Peterson · ‎08-17-2010

I think with some of the later code this works on the 3560/3750.

A few years ago I saw some issues with it when double tagged frames come into the switch with dest mac and IP of the switch...I think we were trying to telnet to it from a device across the tunnel. Instead of switching the traffic out again to a tunnel to decap it, we instead were sending it directly to the CPU...which couldn't understand the frame due to the doubletagging, and dropped it.

The soultion worked for traffic going through the switch, but ultimatly some managment issue were the only pain point from across the tunnel...now I'm not sure if that problem still exists. Just something to keep an eye on.

I'm pretty sure a co-worker of mine tested this again recently and didn't encounter the issue I saw a few years ago. I didnt get a chance to look at his setup, but looks like it may work like you'd expect now.

View solution in original post

Jayakrishna Mada · ‎08-11-2010

Hi Alexandr,

I am not sure why you want to do it like this but that should work. The packest leaving port 24 should have 2 tags, External 312 and Internal (1-10).

JayaKrishna

alexandrfedchenko · ‎08-12-2010

I am not sure why you want to do it like this

Because I don't want to buy two switches, when enough only one

You can look at pictures of my network config here:

https://supportforums.cisco.com/thread/2035034

arun kumar · ‎08-12-2010

Hi Alexandr,

You config should work. We have the same config in our network working fine without any issues.

HTH

Arun

PAT_BILL · ‎01-17-2020

Good Day everyone,

I worked for an ISP but presently the network runs on L2 with one point (FW) that does all the routing..and switches cannot support QinQ. A customer is requesting for just L2VPN...I am asking for what type of cisco switch that support Q in Q and how can these be integrated with the exjsting platform...

cristip · ‎08-12-2010

Sorry ...wrong question

Chad Peterson · ‎08-17-2010

I think with some of the later code this works on the 3560/3750.

A few years ago I saw some issues with it when double tagged frames come into the switch with dest mac and IP of the switch...I think we were trying to telnet to it from a device across the tunnel. Instead of switching the traffic out again to a tunnel to decap it, we instead were sending it directly to the CPU...which couldn't understand the frame due to the doubletagging, and dropped it.

The soultion worked for traffic going through the switch, but ultimatly some managment issue were the only pain point from across the tunnel...now I'm not sure if that problem still exists. Just something to keep an eye on.

I'm pretty sure a co-worker of mine tested this again recently and didn't encounter the issue I saw a few years ago. I didnt get a chance to look at his setup, but looks like it may work like you'd expect now.

alexandrfedchenko · ‎08-21-2010

Many thanks to all!