Login
- Table of Contents
-
- 04-Layer 2 - LAN Switching Configuration Guide
- 00-Preface
- 01-MAC address table configuration
- 02-Ethernet link aggregation configuration
- 03-Port isolation configuration
- 04-Spanning tree configuration
- 05-Loop detection configuration
- 06-VLAN configuration
- 07-MVRP configuration
- 08-QinQ configuration
- 09-VLAN mapping configuration
- 10-LLDP configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 08-QinQ configuration | 181.45 KB |
This document uses the following terms:
· CVLAN—Customer network VLANs, also called inner VLANs, refer to VLANs that a customer uses on the private network.
· SVLAN—Service provider network VLANs, also called outer VLANs, refer to VLANs that a service provider uses to transmit VLAN tagged traffic for customers.
Overview
802.1Q-in-802.1Q (QinQ) adds an 802.1Q tag to 802.1Q tagged customer traffic. It enables a service provider to extend Layer 2 connections across an Ethernet network between customer sites.
QinQ provides the following benefits:
· Enables a service provider to use a single SVLAN to convey multiple CVLANs for a customer.
· Enables customers to plan CVLANs without conflicting with SVLANs.
· Enables customers to keep their VLAN assignment schemes unchanged when the service provider changes its VLAN assignment scheme.
· Allows different customers to use overlapping CVLAN IDs. Devices in the service provider network make forwarding decisions based on SVLAN IDs instead of CVLAN IDs.
How QinQ works
As shown in Figure 1, a QinQ frame transmitted over the service provider network carries the following tags:
· CVLAN tag—Identifies the VLAN to which the frame belongs when it is transmitted in the customer network.
· SVLAN tag—Identifies the VLAN to which the QinQ frame belongs when it is transmitted in the service provider network. The service provider allocates the SVLAN tag to the customer.
The devices in the service provider network forward a tagged frame based on its SVLAN tag. The CVLAN tag is transmitted as part of the frame's payload.
Figure 1 Single-tagged Ethernet frame header and double-tagged Ethernet frame header
As shown in Figure 2, customer A has remote sites CE 1 and CE 4. Customer B has remote sites CE 2 and CE 3. The CVLANs of the two customers overlap. The service provider assigns SVLANs 3 and 4 to customers A and B, respectively.
When a tagged Ethernet frame from CE 1 arrives at PE 1, the PE tags the frame with SVLAN 3. The double-tagged Ethernet frame travels over the service provider network until it arrives at PE 2. PE 2 removes the SVLAN tag of the frame, and then sends the frame to CE 4.
Figure 2 Typical QinQ application scenario
QinQ implementations
QinQ is enabled on a per-port basis. The link type of a QinQ-enabled port can be access, hybrid, or trunk. The QinQ tagging behaviors are the same across these types of ports.
A QinQ-enabled port tags all incoming frames (tagged or untagged) with the PVID tag.
· If an incoming frame already has one tag, it becomes a double-tagged frame.
· If the frame does not have any 802.1Q tags, it becomes a frame tagged with the PVID.
QinQ provides the most basic VLAN manipulation method to tag all incoming frames (tagged or untagged) with the PVID tag. To perform advanced VLAN manipulations, use VLAN mapping (see "Configuring VLAN mapping") or QoS policies. For example:
· To use different SVLANs for different CVLAN tags, use one-to-two VLAN mapping.
· To replace the SVLAN ID, CVLAN ID, or both IDs for an incoming double-tagged frame, use two-to-two VLAN mapping.
· To set the 802.1p priority in SVLAN tags, configure a QoS policy as described in "Setting the 802.1p priority in SVLAN tags."
Protocols and standards
· IEEE 802.1Q, IEEE Standard for Local and Metropolitan Area Networks-Virtual Bridged Local Area Networks
· IEEE 802.1ad, IEEE Standard for Local and Metropolitan Area Networks-Virtual Bridged Local Area Networks-Amendment 4: Provider Bridges
Restrictions and guidelines
The inner 802.1Q tag of QinQ frames is treated as part of the payload. For correct transmission of QinQ frames, H3C recommends that you set the MTU to a minimum of 1504 bytes for each port on the forwarding path of QinQ frames. This value is the sum of the default Ethernet interface MTU (1500 bytes) and the length (4 bytes) of a VLAN tag.
Enabling QinQ
Enable QinQ on customer-side ports of PEs. A QinQ-enabled port tags an incoming frame with its PVID.
To enable QinQ:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Enable QinQ. |
qinq enable |
By default, QinQ is disabled. |
Setting the 802.1p priority in SVLAN tags
By default, the device copies the 802.1p priority in the CVLAN tag to the SVLAN tag.
To set the 802.1p priority in SVLAN tags on customer-side ports:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Create a traffic class and enter traffic class view. |
traffic classifier classifier-name [ operator { and | or } ] |
By default, no traffic class is configured. |
|
3. Configure CVLAN match criteria. |
· Match CVLAN IDs: · Match 802.1p priority: |
N/A |
|
4. Return to system view. |
quit |
N/A |
|
5. Create a traffic behavior and enter traffic behavior view. |
traffic behavior behavior-name |
N/A |
|
6. Replace the priority in the SVLAN tags of matching frames with the configured priority. |
remark dot1p dot1p-value |
N/A |
|
7. Return to system view. |
quit |
N/A |
|
8. Create a QoS policy and enter QoS policy view. |
qos policy policy-name |
N/A |
|
9. Associate the traffic class with the traffic behavior in the QoS policy. |
classifier classifier-name behavior behavior-name |
N/A |
|
10. Return to system view. |
quit |
N/A |
|
11. Enter Layer 2 Ethernet interface view. |
interface interface-type interface-number |
N/A |
|
12. Apply the QoS policy to the inbound direction of the interface. |
qos apply policy policy-name inbound |
N/A |
For more information about QoS policies, see ACL and QoS Configuration Guide.
Displaying and maintaining QinQ
Execute display commands in any view.
|
Task |
Command |
|
Display QinQ-enabled ports. |
display qinq [ interface interface-type interface-number ] |
QinQ configuration example
By default, Ethernet, VLAN, and aggregate interfaces are down. You must use the undo shutdown command to bring up these interfaces. This example assumes that all these interfaces are already up.
Network requirements
As shown in Figure 3:
· The service provider assigns VLAN 100 to Company A's VLANs 10 through 70.
· The service provider assigns VLAN 200 to Company B's VLANs 30 through 90.
Configure QinQ on PE 1 and PE 2 to transmit traffic in VLANs 100 and 200 for Company A and Company B, respectively.
Configuration procedure
Configuring PE 1
1. Configure GigabitEthernet 4/0/1:
# Configure the port as a trunk port, and assign it to VLAN 100.
<PE1> system-view
[PE1] interface gigabitethernet 4/0/1
[PE1-GigabitEthernet4/0/1] port link-type trunk
[PE1-GigabitEthernet4/0/1] port trunk permit vlan 100
# Configure VLAN 100 as the PVID for the port.
[PE1-GigabitEthernet4/0/1] port trunk pvid vlan 100
# Enable QinQ on the port.
[PE1-GigabitEthernet4/0/1] qinq enable
[PE1-GigabitEthernet4/0/1] quit
2. Configure GigabitEthernet 4/0/2 as a trunk port, and assign it to VLANs 100 and 200.
[PE1] interface gigabitethernet 4/0/2
[PE1-GigabitEthernet4/0/2] port link-type trunk
[PE1-GigabitEthernet4/0/2] port trunk permit vlan 100 200
3. Configure GigabitEthernet 4/0/3:
# Configure the port as a trunk port, and assign it to VLAN 200.
[PE1] interface gigabitethernet 4/0/3
[PE1-GigabitEthernet4/0/3] port link-type trunk
[PE1-GigabitEthernet4/0/3] port trunk permit vlan 200
# Configure VLAN 200 as the PVID for the port.
[PE1-GigabitEthernet4/0/3] port trunk pvid vlan 200
# Enable QinQ on the port.
[PE1-GigabitEthernet4/0/3] qinq enable
[PE1-GigabitEthernet4/0/3] quit
Configuring PE 2
1. Configure GigabitEthernet 4/0/1:
# Configure the port as a trunk port, and assign it to VLAN 200.
<PE2> system-view
[PE2] interface gigabitethernet 4/0/1
[PE2-GigabitEthernet4/0/1] port link-type trunk
[PE2-GigabitEthernet4/0/1] port trunk permit vlan 200
# Configure VLAN 200 as the PVID for the port.
[PE2-GigabitEthernet4/0/1] port trunk pvid vlan 200
# Enable QinQ on the port.
[PE2-GigabitEthernet4/0/1] qinq enable
[PE2-GigabitEthernet4/0/1] quit
2. Configure GigabitEthernet 4/0/2 as a trunk port, and assign it to VLANs 100 and 200.
[PE2] interface gigabitethernet 4/0/2
[PE2-GigabitEthernet4/0/2] port link-type trunk
[PE2-GigabitEthernet4/0/2] port trunk permit vlan 100 200
3. Configure GigabitEthernet 4/0/3:
# Configure the port as a trunk port, and assign it to VLAN 100.
[PE2] interface gigabitethernet 4/0/3
[PE2-GigabitEthernet4/0/3] port link-type trunk
[PE2-GigabitEthernet4/0/3] port trunk permit vlan 100
# Configure VLAN 100 as the PVID for the port.
[PE2-GigabitEthernet4/0/3] port trunk pvid vlan 100
# Enable QinQ on the port.
[PE2-GigabitEthernet4/0/3] qinq enable
[PE2-GigabitEthernet4/0/3] quit
Configuring the devices between PE 1 and PE 2
# Set the MTU to a minimum of 1504 bytes for each port on the path of QinQ frames. (Details not shown.)
# Configure all ports on the forwarding path to allow tagged frames from VLANs 100 and 200 to pass through without removing the VLAN tag. (Details not shown.)
