Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

preserve remote vlan with Q in Q

One of our remote sites needs to move their servers to our datacenter. We need to do this while maintaining the server vlan of the remote site so the server's addresses do not change when they are

moved here.

Currently the remote site is connected over a point to point fiber link. There is a 4506 on the remote site end, with a gig link configured with a 30 bit address (i.e.

The other end connects to an intermediate site of ours into a 6509 with a corresponding address defind on the port (i.e. The 6509 in turn is connected to our datacenter 6513 over a trunk port (connected by fiber).

We've since had another fiber line run between the remote site and our datacenter where the 6513 is housed. We can now eliminate the intermediary link from the 4506 to the 6509 and connect the remote site's 4506 directly into our 6513. How do we do this in a way that preserves their vlans (and therefore their address ranges) so that we can move their servers over here with their addresses intact?

I've been looking at Q in Q vlan stacking but I'm not quite sure this is the right solution. I've also looked at a variation of Q in Q that uses that subinterfaces for vlan mapping from

customer to service provider vlans, but I'm not sure this is the right solution either.

What is the best way to do this? Please ask questions if more information is needed.

Hall of Fame Super Silver

Re: preserve remote vlan with Q in Q

If you really have the sites connected via fiber that you light with no carrier equipment providing an IP interface, your switches can just VLAN trunk to each other.

If that's not possible, have you considered using tunnel interfaces? You only said you need to maintain the server's IP addresses (though that does lead one to question why theyt are accessed via IP address and not DNS name... but some things we can't always control), not their Layer 2 broadcast domain (the VLAN).

See for details on configuring tunnels.

Hope this helps, please rate helpful posts.

CreatePlease login to create content