Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

dot1q tunneling

Hello,

I have a network topology as shown in document in the attachment. If second provider doesn't tunnel BPDU packets(i.e. missconfiguration), is it possible to have a layer 2 loop? Will PROVIDER 2 drop bpdu packets, or there is some mechanism that will take care situations like this?

regards,

A.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: dot1q tunneling

Hello Antonio,

yes your switches need to be aware that both links are going to the same place unless you are permitting two different sets of vlans with no overlapping it will create a loop.

providers switches cannot distinguish between vlans to be tunneled and vlans to be blocked you need to use

swithcport trunk allowed vlan

to define only the needed vlans that should go over each pipe.

Hope to help

Giuseppe

7 REPLIES

Re: dot1q tunneling

Hi,

I couldnt view the attach file, however, Tunneling from the provider prespective shouldnt dropp BPDus unless BPDU filtering is configured at the provider edge.

So, the result , with QinQ tunneling , you could still have layer2 loops.

HTH

Mohamed

New Member

Re: dot1q tunneling

Hi,

I've attached topology now as a word document.

The thing is that I don't know if any link in network will be blocked in this scenario, because PROVIDER 2 dosen't tunnel BPDUs. And consequence is layer 2 loop.

A

Hall of Fame Super Silver

Re: dot1q tunneling

Hello Antonio,

also the second provider should implement L2 protocol tunneling for STP.

otherwise a loop can occur

the tunnel port should automatically enable bpdu filtering of service provider STP instances.

Hope to help

Giuseppe

Re: dot1q tunneling

Hi,

Yes, In this case , you could end up with layer-2 loop.

HTH

Mohamed

New Member

Re: dot1q tunneling

Hi,

So this could be or definitely is a layer2 loop?

just a clarification: PROVIDER 1 and 2 has configured dot1q tunneling for my VLANs. SWITCH1 and 2 have trunk on their ports towards PROVIDERS.

A

Hall of Fame Super Silver

Re: dot1q tunneling

Hello Antonio,

yes your switches need to be aware that both links are going to the same place unless you are permitting two different sets of vlans with no overlapping it will create a loop.

providers switches cannot distinguish between vlans to be tunneled and vlans to be blocked you need to use

swithcport trunk allowed vlan

to define only the needed vlans that should go over each pipe.

Hope to help

Giuseppe

New Member

Re: dot1q tunneling

Thanks Giuseppe.

142
Views
5
Helpful
7
Replies
CreatePlease to create content