30-13
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 30 Configuring 802.1Q Tunneling, VLAN Mapping, and Layer 2 Protocol Tunneling
About Layer 2 Protocol Tunneling
About Layer 2 Protocol Tunneling
Note IPsec VPN is supported for control plane traffic protection on the management port, and must be used
for management purposes only.
Customers at different sites connected across a service provider network need to use various Layer 2
protocols to scale their topologies to include all remote and local sites. STP must run properly, and every
VLAN should build a proper spanning tree that includes the local site and all remote sites across the
service provider network. Cisco Discovery Protocol (CDP) must discover neighboring Cisco devices
from local and remote sites. VLAN Trunking Protocol (VTP) must provide consistent VLAN
configuration throughout all sites in the customer network.
When protocol tunneling is enabled, edge switches on the inbound side of the service provider network
encapsulate Layer 2 protocol packets with a special MAC address and send them across the service
provider network. Core switches in the network do not process these packets but forward them as normal
packets. Layer 2 protocol data units (PDUs) for CDP, STP, or VTP cross the service provider network
and are delivered to customer switches on the outbound side of the service provider network. Identical
packets are received by all customer ports on the same VLANs with these results:
• Users on each of a customer’s sites can properly run STP, and every VLAN can build a correct
spanning tree, based on parameters from all sites and not just from the local site.
• CDP discovers and shows information about the other Cisco devices connected through the service
provider network.
• VTP provides consistent VLAN configuration throughout the customer network, propagating to all
switches through the service provider.
Layer 2 protocol tunneling can enabled on trunk, access and tunnel ports. If protocol tunneling is not
enabled, remote switches at the receiving end of the service provider network do not receive the PDUs
and cannot properly run STP, CDP, and VTP. When protocol tunneling is enabled, Layer 2 protocols
within each customer's network are totally separate from those running within the service provider
network.
As an example, Customer A in Figure 30-6 has four switches in the same VLAN that are connected
through the service provider network. If the network does not tunnel PDUs, switches on the far ends of
the network cannot properly run STP, CDP, and VTP. For example, STP for a VLAN on a switch in
Customer A’s Site 1 builds a spanning tree on the switches at that site without considering convergence
parameters based on Customer A’s switch in Site 2. Figure 30-6 shows one possible spanning tree
topology.
To Next Page
Loading...
Need help?
General
