I will assume that the untagged frame received by the provider switch will be treated as native VLAN ==> VLAN1 (since untagged). Since you didn't configure tag native VLAN1 will still flow untagged through the network.
I still can't see how you would get double tagging on this setup, only tag for VLAN1000 should be present in your ISP network.
Since you have setup this in a LAB I would suggest that you configure a SPAN session and use wireshark to see what's hapening.
make sure tha you use replicate option if configuring SPAN session on lower end switch (3700 etc...) and/or that the port is configured as trunk for other device type (6500 etc...)
Make sure that the driver on your wireshark PC don't strip off VLAN tags
You didn't mentioned anything about MTU size I assume that you have it under control.
The traffic is not getting double tagged. Put it this way. The port on SW1 (dot1q tunnel port) is an access port i.e it has an access vlan which in your case is 1000. So your untagged traffic from SW3 will go into vlan 1000 which will be transported across the ISP as a single tagged packet and it gets stripped off at the other end on SW2. Now SW2 will send that untagged traffic out to SW4.and then SW4 puts it in the right vlan 48 and then it goes down to location 2.
So in the ISP its just a single tagged vlan between SW1 and SW2. Native vlan concept comes only on trunk ports and not access ports
dot1q tunneling is very helpful in a way that customers can use the same vlan numbers and still they will be able to get the services like internet , IPVPN etc.because the ISP vlans encapsulate these and pass them around.
Now in regards to your question for internet, it depends, if you already are sending a tagged frame(C-TAG) into the ISP into vlan 1000 for eg: then that 1000(S-TAG) will terminate on an aggregate switch where it will strip of the outer vlan and then your vlan is sent into a subinterface or something on a edge router which will have VRF's configured etc or it might end up on a customer GW router whereby the customer GW router directly talks to the border router in the ISP which then talks to upstream routers in the public space.
Thanks a lot for your explanation! Now I am not confused anymore.
A last question. I guess that tagging all VLANs in my example (with "vlan dot1q tag native") would have double tag the customer traffic in the ISP core when sending traffic from customer as untagged. It is correct?
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...