Re: Virtual tunnel between 2950 switches

mansoor_nawaz78 · ‎04-04-2006

I would like to creat a virtual trunk between two 2950, both are far from each other i mean many switches install between them, how can i creat a tunnel between or Virtual trunk port.

ankurbhasin · ‎04-04-2006

Hi Mansoor,

AFAIK it is not possible in 2950 but something similar (dot1q tunneling) is possible in 3550 switches

Check this link

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225seb/scg/swtunnel.htm#

HTH, if yes please rate the post.

Ankur

mansoor_nawaz78 · ‎04-04-2006

If i have one 3550 switch with 12 GIBC Port and all Gig bit port connected with 2950 switch, can i creat that tunnel between these two 2950 switches, One thing more all these 2950 switch are further connected with another 2950 switches.

Thank You.

amit-singh · ‎04-04-2006

Mansoor ,

That is not possible with 2950's. They donot support 802.1q tunneling. 3550's support it.

Dot1q is basically used by ISP for metro ethernet to provide L2 tunneling/VPN and they map difft Vlans of a customer to a single vlan to carry the customet raffic from one office to another across their network.

Please use the link posted above by Ankur to get more info on this.

HTH, Please rate if it does.

-amit singh

ankurbhasin · ‎04-04-2006

Hi Mansoor,

You have to have a switch which suppots tunneling atleast at the 2 ends which will be connected to 2950.

Example

2950(trunk)--(tunnel port)3550(trunk)--(trunk)2950(trunk)----(trunk)3550(tunnel port)----(trunk)2950

When the frames move to the tunnel port they add a label on it also need some mechanism on the remote end who can understand that label and remove that label so that it can be a normal tagged frame.

If you have a look at this link the picture will be clear.

HTH, if yes please rate the post.

Ankur

mansoor_nawaz78 · ‎04-04-2006

Two Ports of 3550 attached with two differtent 2950 series switches.

Can i creat top ended 2950switches which are at the ends of hierarchy

3550 (tunnel Port)----(Trunk)2950-----(Trunk)2950 End

(tunnel Port)

|

(Trunk)

2950

|

(Trunk)

2950 End

ankurbhasin · ‎04-04-2006

Hi Mansoor,

Yes that seems to be possible.

Traffic from end 2950 will move till 3550 as a dot1q frame and will get a dot1q tunnel label on 3550 tunnel port there and it will be removed while going out from different tunnel port on 3550.

But what do you want to achieve here. I don't fine any difference or any advantage of using tunnel config in this scenario.

This scenario is best suited for an ISP which want to transfer customer data on layer 2 transparently through their network.

HTH, if yes please rate the post.

Ankur

mansoor_nawaz78 · ‎04-04-2006

You r right, i would like to creat tunnle between customer two offices one at the other 2950 switch and the other is at other 2950 switch.

So to execute this scenario i have to established a new VLAN at 3550(VTP Domain Server) and trunk port of 2950 Switch allow only this VLAN.

ankurbhasin · ‎04-04-2006

Hi Mansoor,

Yes you have to establish new vlan but you should allow all the vlans from customer to pass through cause tunneling is done on 3550 till thee all vlans should be allowed. But I have not tested it with vlan restrictions.

Also make sure the vtp domain name server and password does not matches the customer or else it will do disaster.

Have a look at this link and the one I posted above for configuration guidelines

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/12_1e/swconfig/dot1qtnl.htm#wp1001228

HTH, if yes please rate the post.

Ankur

amit-singh · ‎04-04-2006

Hi mansoor,

I addition to Ankur's post above, you can filter the vlans on the trunk port of 2950 and only allow the customer vlans that you want to allow. There is no need for all the vlans to travel to 3550.

HTH,Please rate if it does.

-amit singh