- Table of Contents
-
- 02-Layer 2—LAN Switching Configuration Examples
- 01-MAC Address Table Configuration Examples
- 02-Ethernet Link Aggregation Configuration Examples
- 03-Port Isolation Configuration Examples
- 04-VLAN Configuration Examples
- 05-VLAN Tagging Configuration Examples
- 06-S-MLAG Configuration Examples
- 07-Spanning Tree Configuration Examples
- Related Documents
-
Title | Size | Download |
---|---|---|
05-VLAN Tagging Configuration Examples | 304.05 KB |
General configuration restrictions and guidelines
Example: Configuring QoS policies for SVLAN tagging
Applicable hardware and software versions
Configuring devices between PE A and PE B
Introduction
This document provides examples for using VLAN tagging features to extend customer VLANs (CVLANs) across an Ethernet service provider network.
VLAN tagging features enable service providers to separate or aggregate customer traffic in the service provider network. The following are available VLAN tagging operations:
· Adding a layer of service provider VLAN (SVLAN) tag.
· Modifying the SVLAN tag, CVLAN tag, or both.
To add an SVLAN tag, use one of the following VLAN tagging features:
· QinQ—Tags all incoming frames (tagged or untagged) on the customer-side port with the PVID of the port.
· One-to-two VLAN mapping—Adds different SVLANs for traffic with different CVLAN tags.
· Zero-to-two VLAN mapping—Adds double VLAN tags to untagged packets.
· Two-to-three VLAN mapping—Adds an outermost VLAN tag to double-tagged packets.
· Policy-based VLAN manipulation—Uses QoS nest actions in a QoS policy to tag different classes of frames with different SVLAN tags. Traffic classifiers include CVLAN ID, IP address, and MAC address. In addition, you can use QoS priority marking to set the 802.1p priority in SVLAN tags.
To modify VLAN tags, use one of the following VLAN tagging features:
· VLAN mapping—Includes the following features:
¡ One-to-one VLAN mapping—Replaces one VLAN tag with another.
¡ Many-to-one VLAN mapping—Replaces multiple VLAN tags with the same VLAN tag.
¡ Two-to-two VLAN mapping—Replaces the SVLAN ID, CVLAN ID, or both IDs for an incoming double-tagged frame.
· Policy-based VLAN manipulation—Uses a QoS policy to modify the CVLAN or SVLAN ID by using the remark customer-vlan-id or remark service-vlan-id action.
The devices in the service provider network learn MAC addresses of CVLANs into the MAC address table of the SVLAN.
Prerequisites
The configuration examples in this document were created and verified in a lab environment, and all the devices were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.
This document assumes that you have basic knowledge of QinQ, VLAN mapping, QoS nesting, and QoS priority and CVLAN marking.
General configuration restrictions and guidelines
EVB and the VLAN tagging features are mutually exclusive. Do not use EVB with any VLAN tagging features on a port.
Example: Configuring QoS policies for SVLAN tagging
Network configuration
As shown in Figure 1:
· Customer A and Customer B each have two branches that require Layer 2 connectivity over the service provider network.
· The three types of traffic require separate transmission through three VLANs provided by the service provider. The service provider network configures different transmission policies for each type of traffic.
Apply a QoS policy to each customer-side port on PE A and PE B to separate the traffic by customer and traffic type.
Table 1 shows the VLAN assignment. For each customer, the service provider assigns one SVLAN by traffic type. Figure 2 shows the expected traffic transmission pattern after the QoS policies are applied to customer-side ports.
Traffic type |
CVLANs |
SVLAN |
Customer A: |
|
|
Video |
31 to 40 |
1003 |
Voice |
21 to 30 |
1002 |
Data |
10 to 20 |
1001 |
Customer B: |
|
|
Storage |
36 to 40 |
2003 |
Voice |
26 to 35 |
2002 |
Data |
15 to 25 |
2001 |
Figure 2 Expected traffic pattern in the service provider network
Analysis
For the customer-side ports to support multiple SVLANs and send traffic to the customer site with the SVLAN tag removed, you must perform the following tasks:
1. Configure the link type as hybrid on the customer-side ports.
2. Assign the ports to the SVLANs as untagged VLAN members.
By default, the 802.1p priority in the SVLAN tag added by a port depends on the priority trust mode on the port.
· If the 802.1p priority in frames is trusted, the device copies the 802.1p priority in the CVLAN tag to the SVLAN tag.
· If port priority is trusted, the port priority is used as the 802.1p priority in the SVLAN tag. For untagged incoming frames, the port encapsulates the port priority as the 802.1p priority in the SVLAN tag.
To add SVLAN tags for traffic of different types, you can perform one of the following tasks on the customer-side ports:
· Configure an SVLAN tagging QoS policy.
· Configure one-to-two VLAN mapping.
Applicable hardware and software versions
The following matrix shows the hardware and software versions to which this configuration example is applicable:
Hardware |
Software version |
S6550X-HI switch series |
Release 1116 and later |
S6880 switch series |
Release 1116 and later |
S9820-8M switch |
Release 1116 and later |
S9855 switch series |
Not supported |
S9825 switch series |
Not supported |
Restrictions and guidelines
For frames to travel across the service provider network, follow these restrictions and guidelines:
· Set the MTU to a minimum of 1504 bytes for each port on the path of frames. This value is the sum of the default Ethernet interface MTU (1500 bytes) and the length (4 bytes) of a CVLAN tag. The CVLAN tag of frames is treated as part of the payload during transmission.
· Configure all the ports on the forwarding path to allow frames from VLANs 1001 through 1003 and VLANs 2001 through 2003 to pass through without modifying or removing the VLAN tag.
Procedures
Configuring PE A
1. Create SVLANs 1001 through 1003 and SVLANs 2001 through 2003.
<PE_A> system-view
[PE_A] vlan 1001 to 1003
[PE_A] vlan 2001 to 2003
2. Configure the customer-side port Twenty-FiveGigE 1/0/1:
# Configure the port as a hybrid port.
[PE_A] interface twenty-fivegige 1/0/1
[PE_A-Twenty-FiveGigE1/0/1] port link-type hybrid
# Remove the port from VLAN 1.
[PE_A-Twenty-FiveGigE1/0/1] undo port hybrid vlan 1
# Assign the port to SVLANs 1001 through 1003 as an untagged VLAN member.
[PE_A-Twenty-FiveGigE1/0/1] port hybrid vlan 1001 to 1003 untagged
# Configure the port to trust the 802.1p priority of frames.
[PE_A-Twenty-FiveGigE1/0/1] qos trust dot1p
[PE_A-Twenty-FiveGigE1/0/1] quit
3. Configure the customer-side port Twenty-FiveGigE 1/0/2:
# Configure the port as a hybrid port.
[PE_A] interface twenty-fivegige 1/0/2
[PE_A-Twenty-FiveGigE1/0/2] port link-type hybrid
# Remove the port from VLAN 1.
[PE_A-Twenty-FiveGigE1/0/2] undo port hybrid vlan 1
# Assign the port to SVLANs 2001 through 2003 as an untagged VLAN member.
[PE_A-Twenty-FiveGigE1/0/2] port hybrid vlan 2001 to 2003 untagged
# Configure the port to trust the 802.1p priority of frames.
[PE_A-Twenty-FiveGigE1/0/2] qos trust dot1p
[PE_A-Twenty-FiveGigE1/0/2] quit
3. Configure the service provider-side port Twenty-FiveGigE 1/0/3:
# Configure the port as a trunk port.
[PE_A] interface twenty-fivegige 1/0/3
[PE_A-Twenty-FiveGigE1/0/3] port link-type trunk
# Remove the port from VLAN 1.
[PE_A-Twenty-FiveGigE1/0/3] undo port trunk permit vlan 1
# Assign the port to SVLANs 1001 through 1003 and SVLANs 2001 through 2003.
[PE_A-Twenty-FiveGigE1/0/3] port trunk permit vlan 1001 to 1003 2001 to 2003
[PE_A-Twenty-FiveGigE1/0/3] quit
4. Configure QoS policies for SVLAN tagging and 802.1p priority marking:
# Create the class customer_A_pc to match traffic from CVLANs 10 through 20 (data traffic) for Customer A.
[PE_A] traffic classifier customer_A_pc
[PE_A-classifier-customer_A_pc] if-match customer-vlan-id 10 to 20
[PE_A-classifier-customer_A_pc] quit
# Create the classes customer_A_voice and customer_A_video to match Customer A's voice traffic and video traffic, respectively.
[PE_A] traffic classifier customer_A_voice
[PE_A-classifier-customer_A_voice] if-match customer-vlan-id 21 to 30
[PE_A-classifier-customer_A_voice] quit
[PE_A] traffic classifier customer_A_video
[PE_A-classifier-customer_A_video] if-match customer-vlan-id 31 to 40
[PE_A-classifier-customer_A_video] quit
# Configure SVLAN tagging actions for Customer A's three traffic types.
[PE_A] traffic behavior customer_A_pc
[PE_A-behavior-customer_A_pc] nest top-most vlan 1001
[PE_A-behavior-customer_A_pc] quit
[PE_A] traffic behavior customer_A_voice
[PE_A-behavior-customer_A_voice] nest top-most vlan 1002
[PE_A-behavior-customer_A_voice] quit
[PE_A] traffic behavior customer_A_video
[PE_A-behavior-customer_A_video] nest top-most vlan 1003
[PE_A-behavior-customer_A_video] quit
# Create the QoS policy customer_A for Customer A, and associate the classes with their respective behaviors in the QoS policy.
[PE_A] qos policy customer_A
[PE_A-qospolicy-customer_A] classifier customer_A_pc behavior customer_A_pc
[PE_A-qospolicy-customer_A] classifier customer_A_voice behavior customer_A_voice
[PE_A-qospolicy-customer_A] classifier customer_A_video behavior customer_A_video
[PE_A-qospolicy-customer_A] quit
# Apply the QoS policy customer_A to the inbound direction of Twenty-FiveGigE 1/0/1.
[PE_A] interface twenty-fivegige 1/0/1
[PE_A-Twenty-FiveGigE1/0/1] qos apply policy customer_A inbound
[PE_A-Twenty-FiveGigE1/0/1] quit
# Create traffic classes for matching Customer B's three traffic types.
[PE_A] traffic classifier customer_B_pc
[PE_A-classifier-customer_B_pc] if-match customer-vlan-id 15 to 25
[PE_A-classifier-customer_B_pc] quit
[PE_A] traffic classifier customer_B_voice
[PE_A-classifier-customer_B_voice] if-match customer-vlan-id 26 to 35
[PE_A-classifier-customer_B_voice] quit
[PE_A] traffic classifier customer_B_storage
[PE_A-classifier-customer_B_storage] if-match customer-vlan-id 36 to 40
[PE_A-classifier-customer_B_storage] quit
# Configure SVLAN tagging behaviors for Customer B's traffic types.
[PE_A] traffic behavior customer_B_pc
[PE_A-behavior-customer_B_pc] nest top-most vlan 2001
[PE_A-behavior-customer_B_pc] quit
[PE_A] traffic behavior customer_B_voice
[PE_A-behavior-customer_B_voice] nest top-most vlan 2002
[PE_A-behavior-customer_B_voice] quit
[PE_A] traffic behavior customer_B_storage
[PE_A-behavior-customer_B_storage] nest top-most vlan 2003
[PE_A-behavior-customer_B_storage] quit
# Create the QoS policy customer_B for Customer B, and associate the classes with their respective behaviors in the QoS policy.
[PE_A] qos policy customer_B
[PE_A-qospolicy-customer_B] classifier customer_B_pc behavior customer_B_pc
[PE_A-qospolicy-customer_B] classifier customer_B_voice behavior customer_B_voice
[PE_A-qospolicy-customer_B] classifier customer_B_storage behavior customer_B_storage
[PE_A-qospolicy-customer_B] quit
# Apply the QoS policy customer_B to the inbound direction of Twenty-FiveGigE 1/0/2.
[PE_A] interface twenty-fivegige 1/0/2
[PE_A-Twenty-FiveGigE1/0/2] qos apply policy customer_B inbound
[PE_A-Twenty-FiveGigE1/0/2] quit
Configuring PE B
1. Create SVLANs 1001 through 1003 and SVLANs 2001 through 2003.
<PE_B> system-view
[PE_B] vlan 1001 to 1003
[PE_B] vlan 2001 to 2003
2. Configure the customer-side port Twenty-FiveGigE 1/0/1:
# Configure the port as a hybrid port.
[PE_B] interface twenty-fivegige 1/0/1
[PE_B-Twenty-FiveGigE1/0/1] port link-type hybrid
# Remove the port from VLAN 1.
[PE_B-Twenty-FiveGigE1/0/1] undo port hybrid vlan 1
# Assign the port to SVLANs 2001 through 2003 as an untagged VLAN member.
[PE_B-Twenty-FiveGigE1/0/1] port hybrid vlan 2001 to 2003 untagged
# Configure the port to trust the 802.1p priority of frames.
[PE_B-Twenty-FiveGigE1/0/1] qos trust dot1p
[PE_B-Twenty-FiveGigE1/0/1] quit
3. Configure the customer-side port Twenty-FiveGigE 1/0/2:
# Configure the port as a hybrid port.
[PE_B] interface twenty-fivegige 1/0/2
[PE_B-Twenty-FiveGigE1/0/2] port link-type hybrid
# Remove the port from VLAN 1.
[PE_B-Twenty-FiveGigE1/0/2] undo port hybrid vlan 1
# Assign the port to SVLANs 1001 through 1003 as an untagged VLAN member.
[PE_B-Twenty-FiveGigE1/0/2] port hybrid vlan 1001 to 1003 untagged
# Configure the port to trust the 802.1p priority of frames.
[PE_B-Twenty-FiveGigE1/0/2] qos trust dot1p
[PE_B-Twenty-FiveGigE1/0/2] quit
4. Configure the service provider-side port Twenty-FiveGigE 1/0/3:
# Configure the port as a trunk port.
[PE_B] interface twenty-fivegige 1/0/3
[PE_B-Twenty-FiveGigE1/0/3] port link-type trunk
# Remove the port from VLAN 1.
[PE_B-Twenty-FiveGigE1/0/3] undo port trunk permit vlan 1
# Assign the port to SVLANs 1001 through 1003 and SVLANs 2001 through 2003.
[PE_B-Twenty-FiveGigE1/0/3] port trunk permit vlan 1001 to 1003 2001 to 2003
[PE_B-Twenty-FiveGigE1/0/3] quit
5. Configure QoS policies for SVLAN tagging and 802.1p priority marking:
# Create traffic classes for matching Customer A's traffic types.
[PE_B] traffic classifier customer_A_pc
[PE_B-classifier-customer_A_pc] if-match customer-vlan-id 10 to 20
[PE_B-classifier-customer_A_pc] quit
[PE_B] traffic classifier customer_A_voice
[PE_B-classifier-customer_A_voice] if-match customer-vlan-id 21 to 30
[PE_B-classifier-customer_A_voice] quit
[PE_B] traffic classifier customer_A_video
[PE_B-classifier-customer_A_video] if-match customer-vlan-id 31 to 40
[PE_B-classifier-customer_A_video] quit
# Configure SVLAN tagging behaviors for Customer A's three traffic types.
[PE_B] traffic behavior customer_A_pc
[PE_B-behavior-customer_A_pc] nest top-most vlan 1001
[PE_B-behavior-customer_A_pc] quit
[PE_B] traffic behavior customer_A_voice
[PE_B-behavior-customer_A_voice] nest top-most vlan 1002
[PE_B-behavior-customer_A_voice] quit
[PE_B] traffic behavior customer_A_video
[PE_B-behavior-customer_A_video] nest top-most vlan 1003
[PE_B-behavior-customer_A_video] quit
# Create the QoS policy customer_A for Customer A, and associate the classes with their respective behaviors in the QoS policy.
[PE_B] qos policy customer_A
[PE_B-qospolicy-customer_A] classifier customer_A_pc behavior customer_A_pc
[PE_B-qospolicy-customer_A] classifier customer_A_voice behavior customer_A_voice
[PE_B-qospolicy-customer_A] classifier customer_A_video behavior customer_A_video
[PE_B-qospolicy-customer_A] quit
# Apply the QoS policy customer_A to the inbound direction of Twenty-FiveGigE 1/0/2.
[PE_B] interface twenty-fivegige 1/0/2
[PE_B-Twenty-FiveGigE1/0/2] qos apply policy customer_A inbound
[PE_B-Twenty-FiveGigE1/0/2] quit
# Create traffic classes for matching Customer B's three traffic types.
[PE_B] traffic classifier customer_B_pc
[PE_B-classifier-customer_B_pc] if-match customer-vlan-id 15 to 25
[PE_B-classifier-customer_B_pc] quit
[PE_B] traffic classifier customer_B_voice
[PE_B-classifier-customer_B_voice] if-match customer-vlan-id 26 to 35
[PE_B-classifier-customer_B_voice] quit
[PE_B] traffic classifier customer_B_storage
[PE_B-classifier-customer_B_storage] if-match customer-vlan-id 36 to 40
[PE_B-classifier-customer_B_storage] quit
# Configure SVLAN tagging behaviors for Customer B's three traffic types.
[PE_B] traffic behavior customer_B_pc
[PE_B-behavior-customer_B_pc] nest top-most vlan 2001
[PE_B-behavior-customer_B_pc] quit
[PE_B] traffic behavior customer_B_voice
[PE_B-behavior-customer_B_voice] nest top-most vlan 2002
[PE_B-behavior-customer_B_voice] quit
[PE_B] traffic behavior customer_B_storage
[PE_B-behavior-customer_B_storage] nest top-most vlan 2003
[PE_B-behavior-customer_B_storage] quit
# Create the QoS policy customer_B for Customer B, and associate the classes with their respective behaviors in the QoS policy.
[PE_B] qos policy customer_B
[PE_B-qospolicy-customer_B] classifier customer_B_pc behavior customer_B_pc
[PE_B-qospolicy-customer_B] classifier customer_B_voice behavior customer_B_voice
[PE_B-qospolicy-customer_B] classifier customer_B_storage behavior customer_B_storage
[PE_B-qospolicy-customer_B] quit
# Apply the QoS policy customer_B to the inbound direction of Twenty-FiveGigE 1/0/1.
[PE_B] interface twenty-fivegige 1/0/1
[PE_B-Twenty-FiveGigE1/0/1] qos apply policy customer_B inbound
[PE_B-Twenty-FiveGigE1/0/1] quit
Configuring devices between PE A and PE B
# Set the MTU to a minimum of 1504 bytes for each port on the path of frames. (Details not shown.)
# Configure all ports on the path between PE A and PE B allow frames from VLANs 1001 through 1003 and VLANs 2001 through 2003 to pass through without modifying or removing the VLAN tag. (Details not shown.)
Verifying the configuration
# Verify the configuration on each port. This example uses Twenty-FiveGigE 1/0/1 of PE A.
[PE_A] interface twenty-fivegige 1/0/1
[PE_A-Twenty-FiveGigE1/0/1] display this
#
interface Twenty-FiveGigE1/0/1
port link-mode bridge
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 1001 to 1003 untagged
qos trust dot1p
qos apply policy customer_A inbound
#
Return
[PE_A-Twenty-FiveGigE1/0/1] quit
# Verify the QoS configuration on each port. This example uses Twenty-FiveGigE 1/0/1 of PE A.
[PE_A] display qos policy interface twenty-fivegige 1/0/1
Interface: Twenty-FiveGigE1/0/1
Direction: Inbound
Policy: customer_A
Classifier: customer_A_pc
Operator: AND
Rule(s) :
If-match customer-vlan-id 10 to 20
Behavior: customer_A_pc
Nesting:
Nest top-most vlan-id 1001
Classifier: customer_A_voice
Operator: AND
Rule(s) :
If-match customer-vlan-id 21 to 30
Behavior: customer_A_voice
Nesting:
Nest top-most vlan-id 1002
Classifier: customer_A_video
Operator: AND
Rule(s) :
If-match customer-vlan-id 31 to 40
Behavior: customer_A_video
Nesting:
Nest top-most vlan-id 1003
Configuration files
· PE A:
#
vlan 1001 to 1003
#
vlan 2001 to 2003
#
traffic classifier customer_A_pc operator and
if-match customer-vlan-id 10 to 20
#
traffic classifier customer_A_voice operator and
if-match customer-vlan-id 21 to 30
#
traffic classifier customer_A_video operator and
if-match customer-vlan-id 31 to 40
#
traffic classifier customer_B_pc operator and
if-match customer-vlan-id 15 to 25
#
traffic classifier customer_B_voice operator and
if-match customer-vlan-id 26 to 35
#
traffic classifier customer_B_storage operator and
if-match customer-vlan-id 36 to 40
#
traffic behavior customer_A_pc
nest top-most vlan 1001
#
traffic behavior customer_A_voice
nest top-most vlan 1002
#
traffic behavior customer_A_video
nest top-most vlan 1003
#
traffic behavior customer_B_pc
nest top-most vlan 2001
#
traffic behavior customer_B_voice
nest top-most vlan 2002
#
traffic behavior customer_B_storage
nest top-most vlan 2003
#
qos policy customer_A
classifier customer_A_pc behavior customer_A_pc
classifier customer_A_voice behavior customer_A_voice
classifier customer_A_video behavior customer_A_video
#
qos policy customer_B
classifier customer_B_pc behavior customer_B_pc
classifier customer_B_voice behavior customer_B_voice
classifier customer_B_storage behavior customer_B_storage
#
interface Twenty-FiveGigE1/0/1
port link-mode bridge
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 1001 to 1003 untagged
qos trust dot1p
qos apply policy customer_A inbound
#
interface Twenty-FiveGigE1/0/2
port link-mode bridge
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 2001 to 2003 untagged
qos trust dot1p
qos apply policy customer_B inbound
#
interface Twenty-FiveGigE1/0/3
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 1001 to 1003 2001 to 2003
#
· PE B:
#
vlan 1001 to 1003
#
vlan 2001 to 2003
#
traffic classifier customer_A_pc operator and
if-match customer-vlan-id 10 to 20
#
traffic classifier customer_A_voice operator and
if-match customer-vlan-id 21 to 30
#
traffic classifier customer_A_video operator and
if-match customer-vlan-id 31 to 40
#
traffic classifier customer_B_pc operator and
if-match customer-vlan-id 15 to 25
#
traffic classifier customer_B_voice operator and
if-match customer-vlan-id 26 to 35
#
traffic classifier customer_B_storage operator and
if-match customer-vlan-id 36 to 40
#
traffic behavior customer_A_pc
nest top-most vlan 1001
#
traffic behavior customer_A_voice
nest top-most vlan 1002
#
traffic behavior customer_A_video
nest top-most vlan 1003
#
traffic behavior customer_B_pc
nest top-most vlan 2001
#
traffic behavior customer_B_voice
nest top-most vlan 2002
#
traffic behavior customer_B_storage
nest top-most vlan 2003
#
qos policy customer_A
classifier customer_A_pc behavior customer_A_pc
classifier customer_A_voice behavior customer_A_voice
classifier customer_A_video behavior customer_A_video
#
qos policy customer_B
classifier customer_B_pc behavior customer_B_pc
classifier customer_B_voice behavior customer_B_voice
classifier customer_B_storage behavior customer_B_storage
#
interface Twenty-FiveGigE1/0/1
port link-mode bridge
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 2001 to 2003 untagged
qos trust dot1p
qos apply policy customer_B inbound
#
interface Twenty-FiveGigE1/0/2
port link-mode bridge
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 1001 to 1003 untagged
qos trust dot1p
qos apply policy customer_A inbound
#
interface Twenty-FiveGigE1/0/3
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 1001 to 1003 2001 to 2003
#