Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Limint number of VLAN-s in QinQ

Hi everybody,

Is there any way to limit number of C(ustomer)-VLANs on QinQ tunnel port?

For example, only VLANS 10-20 are double tagged, all other traffic is dropped.

Thanks,

Branimir

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Limint number of VLAN-s in QinQ

Hello Branimir,

as far as I know this is not possible: you cannot choice what vlan-ids have to be tunneled and what should be filtered/stopped.

all vlan-tags presented to the dot1q tunnel interface are externally tagged with the service provider tag for this customer.

This is for forwarding efficiency.

see for example this chapter from config guide of C3750

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/swtunnel.html#wp1010370

Hope to help

Giuseppe

6 REPLIES
Hall of Fame Super Silver

Re: Limint number of VLAN-s in QinQ

Hello Branimir,

as far as I know this is not possible: you cannot choice what vlan-ids have to be tunneled and what should be filtered/stopped.

all vlan-tags presented to the dot1q tunnel interface are externally tagged with the service provider tag for this customer.

This is for forwarding efficiency.

see for example this chapter from config guide of C3750

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/swtunnel.html#wp1010370

Hope to help

Giuseppe

New Member

Re: Limint number of VLAN-s in QinQ

Hi Giuseppe,

Thank you for the information.

Regards,

Branimir

Re: Limint number of VLAN-s in QinQ

HI Branimir, [Pls RATE if HELPS]

Please let us know the requirement in detail.

Let us assume the Setup as:

BaseStation Switch==>Tunneling Switch ==> Core Switch ==> Edge RouterA.

Configuration for the QnQ Tag Interface at Tunneling Switch:

interface FastEthernet0/20

description For Edge RouterA

switchport access vlan 900

switchport mode dot1q-tunnel

speed 100

duplex full

no cdp enable

spanning-tree portfast trunk

spanning-tree bpdufilter enable

end

Note: VLAN 900 is the QnQ Tag VLAN ID.

BaseStation Switch <> Tunnelling Switch.

If the C(ustomer) VLANS eg: 30-40 are not allowed in the X-connected Interface towards the Tunneling Switch means; the VLANS are not Tagged and hence it is dropped.

Pls RATE if HELPS

Best Regards,

Guru Prasad R

New Member

Re: Limint number of VLAN-s in QinQ

Hi,

If i understood correctly, you are saying that i need to configure trunk port on BaseStation Switch with switchport allowed vlan 30-40.

Unfortunately BaseStation switch is not under my administration.

Re: Limint number of VLAN-s in QinQ

HI branimirturk, [Pls RATE if HELPS]

If you do not want VLAN Range 30 - 40 on QnQ path;

Don't allow VLAN 30 - 40 in the BaseStation Switch <> Tunnelling Switch.

Hope I am Informative.

Best Regards,

Guru Prasad R

New Member

Re: Limint number of VLAN-s in QinQ

Hi,

Thank you,

Branimir

291
Views
5
Helpful
6
Replies
CreatePlease to create content