Send document comments to nexus7k-docfeedback@cisco.com
9-3
Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x
OL-23435-03
Chapter 9 Configuring Q-in-Q VLAN Tunnels
Information About Q-in-Q Tunnels
The outer tag contains the customer’s access VLAN ID (as assigned by the service provider), and the
inner VLAN ID is the VLAN of the incoming traffic (as assigned by the customer). This double tagging
is called tag stacking, Double-Q, or Q-in-Q as shown in Figure 9-2.
Figure 9-2 Untagged, 802.1Q-Tagged, and Double-Tagged Ethernet Frames
By using this method, the VLAN ID space of the outer tag is independent of the VLAN ID space of the
inner tag. A single outer VLAN ID can represent the entire VLAN ID space for an individual customer.
This technique allows the customer’s Layer 2 network to extend across the service provider network,
potentially creating a virtual LAN infrastructure over multiple sites.
Note Hierarchical tagging, that is multi-level dot1q tagging Q-in-Q, is not supported.
Native VLAN Hazard
When configuring 802.1Q tunneling on an edge switch, you must use 802.1Q trunk ports for sending out
packets into the service-provider network. However, packets that go through the core of the
service-provider network might be carried through 802.1Q trunks, ISL trunks, or non-trunking links.
When 802.1Q trunks are used in these core switches, the native VLANs of the 802.1Q trunks must not
match any native VLAN of the dot1q-tunnel port on the same switch because traffic on the native VLAN
is not tagged on the 802.1Q transmitting trunk port.
In Figure 9-3, VLAN 40 is configured as the native VLAN for the 802.1Q trunk port from Customer X
at the ingress edge switch in the service-provider network (Switch B). Switch A of Customer X sends a
tagged packet on VLAN 30 to the ingress tunnel port of Switch B in the service-provider network
belonging to access VLAN 40. Because the access VLAN of the tunnel port (VLAN 40) is the same as
the native VLAN of the edge-switch trunk port (VLAN 40), the 802.1Q tag is not added to tagged packets
Double-tagged
frame on trunk
links between
service provider
network devices
802.1Q frame from
customer network
Original Ethernet frame
Destination
address
Length/
EtherType
Frame Check
Sequence
Source
address
SADA Len/Etype Data FCS
SADA Len/Etype DataEtype Ta g FCS
SADA Len/Etype DataEtype Ta g Etype Ta g FCS
79831
To Next Page
Loading...
Need help?
General
