Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

802.1Q Tunneling Problem

Hi All,

I got some technical issue in my 802.1Q tunneling lab, please advice if you know it....thanks

Objective:

- To isolate customer VLAN with provider VLAN (CoreSW01, CoreSW02, and CoreSW03)

- To save VLAN used by customers

- By implementing 802.1Q tunneling, customer have their own VLAN

Concern:

- Understand 802.1Q tunneling require additional 4bytes of vlan hearder, if I increase systems mtu to 1504byte, does it impact to standard packet? I try to show interface on "Non-802.1Q tunneling" interface and found they are also using 1504. Please advice..

Problems:

I got a problem to setting up 802.1Q Tunneling, If I remove the CoreSW02, everything are working fine, but when i put back the CoreSW02, then i will loss the connection between SwitchA01 and SwitchA02.

Please find the network diagram and config in the attached PDF file.

2 ACCEPTED SOLUTIONS

Accepted Solutions
New Member

Re: 802.1Q Tunneling Problem

Does VLAN 50 exist on CoreSW02 ?

Hall of Fame Super Silver

Re: 802.1Q Tunneling Problem

Hello Alex,

vlan 50 is needed on all switches in the middle because frames travel on the L2 SP network portion as double tagged with external tag = vlan 50.

you will see your setup working when you will add vlan 50 to core2 switch.

core switches don't need to know about the vlans used on the customer side that are the internal tags.

it is also important to be sure that vlan 50 is never the native vlan on a trunk to avoid to expose the internal tags.

As an alternative way you can enable native vlan tagging everywhere on SP switches.

note on terminology: the external vlan is called the customer vlan-id that is each customer gets one or more vlan-ids.

Hope to help

Giuseppe

5 REPLIES
Hall of Fame Super Silver

Re: 802.1Q Tunneling Problem

Hello Alex,

does customer vlan 50 exist on Coreswitch2?

Is  STP instance for vlan50 running on coreswitch2?

you can use

sh vlan id 50

sh spanning-tree vlan 50

to perform these checks

Hope to help

Giuseppe

New Member

Re: 802.1Q Tunneling Problem

Hello Giuslar and Owalter,

First, thanks for your reply....

Correct me if i am wrong, from my understanding the CoreSW02 switch dont need to create vlan 50, becaues it only carry CoreSW01 to CoreSW03 as a trunk, and both interfaces are allowed vlan 1-1000.

I will try to create vlan50 on CoreSW02 in this case and see what is the result, I will get back to you all on Monday....

Hall of Fame Super Silver

Re: 802.1Q Tunneling Problem

Hello Alex,

vlan 50 is needed on all switches in the middle because frames travel on the L2 SP network portion as double tagged with external tag = vlan 50.

you will see your setup working when you will add vlan 50 to core2 switch.

core switches don't need to know about the vlans used on the customer side that are the internal tags.

it is also important to be sure that vlan 50 is never the native vlan on a trunk to avoid to expose the internal tags.

As an alternative way you can enable native vlan tagging everywhere on SP switches.

note on terminology: the external vlan is called the customer vlan-id that is each customer gets one or more vlan-ids.

Hope to help

Giuseppe

New Member

Re: 802.1Q Tunneling Problem

Does VLAN 50 exist on CoreSW02 ?

New Member

Re: 802.1Q Tunneling Problem

Hello Giuslar and Owalter,

Thanks for your help, after I created a VLAN 50 on CoreSW02 everything is normal now.

561
Views
0
Helpful
5
Replies