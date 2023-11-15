QinQ
A QinQ VLAN tunnel enables a service provider (SP) to segregate the traffic of different customers in their infrastructure, while still giving the customer a full range of VLANs for their internal use by adding a second 802.1Q VLAN tag to an already tagged frame.
So let us assume for example that an SP exists which needs to offer L2 connectivity to two corporations, “X” and “Y”, that have campuses located in both “A”, “B”. All campuses run Ethernet LANs, and the customers intend to connect through the SP’s L2 VPN network so that their campuses are in the same LAN (L2 network). Hence, it would be desirable for “X”, “Y” to have a single LAN each in both “A”, “B” which could easily exceed the VLAN limit of 4096 of the 802.1Q specification.
QinQ can be enabled on a port or according to predefined conditions.
C-VLAN is the VLAN tag assigned to the ingress traffic of a QinQ-enabled interface.
S-VLAN is the VLAN tag assigned to the egress traffic of a QinQ-enabled interface.
ACL-mode: Adding and removing S-VLAN is determined by an ACL-dependent action
Port-mode: All ingress traffic to a specific QinQ-enabled interface is tagged with an additional VLAN 802.1Q tag (also known as S-VLAN). The S-VLAN ID is equal to that interface’s PVID (access VLAN).
The S-VLAN tag is added regardless of whether the traffic is tagged or untagged. Traffic coming out from this port, has the S-VLAN stripped from it.
Create the C-VLAN. Run:
switch(config) # vlan
200
switch(config vlan
200) # exit
Enter the configuration mode of an Ethernet, LAG, or MLAG interface. Run:
switch(config) #
interfaceport-channel
100
Change the switchport mode of the interface to enable QinQ. Run:
switch(config
interfaceport-channel
100) # switchport mode dot1q-tunnel
Change its port VLAN ID (PVID). This configures the S-VLAN. Run:
switch(config
interfaceport-channel
100) # switchport access vlan
200
Verify the configuration. Run:
switch(config
interfaceport-channel
100) # show
interfaceport-channel
100Po100 Admin state: Enabled Operational state: Up Description: N\A Mac address:
00:
00:
00:
00:
00:
00MTU:
1500bytes(Maximum packet size
1522bytes) lacp-individual mode: Disabled Flow-control: receive off send off Actual speed:
1X
40Gbps Width reduction mode: disabled Switchport mode: dot1q-tunnel QoS mode: uniform MAC learning mode: Enabled Last clearing of
"show interface"counters : Never
60seconds ingress rate:
0bits/sec,
0bytes/sec,
0packets/sec
60seconds egress rate:
0bits/sec,
0bytes/sec,
0packets/sec Rx
0packets
0unicast packets
0multicast packets
0broadcast packets
0bytes
0error packets
0discard packets Tx
0packets
0unicast packets
0multicast packets
0broadcast packets
0bytes
0discard packets
Verify the configuration. Run:
switch(config
interfaceport-channel
100) # show interfaces switchport Interface Mode Access vlan Allowed vlans ------------------------------------------------------------------------- Eth1/
1access
1Eth1/
2access
1Eth1/
3access
1Eth1/
4access
1Eth1/
5access
1Eth1/
6access
1... Eth1/
27access
1Eth1/
33access
1Eth1/
34access
1Eth1/
35access
1Eth1/
36access
1Po400 dot1q-tunnel
200
switchport dot1q-tunnel qos-mode
|
switchport dot1q-tunnel qos-mode {pipe | uniform}
no switchport dot1q-tunnel qos-mode
Assigns QoS to the service provider’s traffic.
The no form of the command resets the parameter value to its default.
|
Syntax Description
|
pipe
|
Gives the service provider’s traffic the same QoS as the customer’s traffic
|
uniform
|
Gives the service provider’s traffic QoS 0
|
Default
|
pipe
|
Configuration Mode
|
config interface ethernet
config interface port-channel
config interface mlag-port-channel
|
History
|
3.4.3000
|
Example
|
switch (config interface ethernet 1/1) # switchport dot1q-tunnel qos-mode uniform
|
Related Commands
|
show vlan
show interfaces switchport
switchport access vlan
switchport [trunk | hybrid] allowed-vlan
vlan
|
Notes