4.4.7.3 Introduction to Q-in-Q (DOT1Q-Tunnel)
The IEEE 802.1Q double tagging VLAN is also referred to as Q-in-Q or VLAN stacking (IEEE
802.1ad). Its purpose is to expand the 802.1q VLAN space by tagging the inner tagged packets. In
this way, a “double-tagged” frame is created so as to separate customer traffic within a service
provider network. As shown below in “Double-Tagged Frame” illustration, an outer tag is added
between source destination and inner tag at the provider network’s edge. This can support C-
VLAN (Customer VLAN) over Metro Area Networks and ensure complete separation between
traffic from different user groups. Moreover, the addition of double-tagged space increases the
number of available VLAN tags which allow service providers to use a single SP-VLAN (Service
Provider VLAN) tag per customer over the Metro Ethernet network.
Inner Tag
or C-Tag
TCI/P/C/VID
Double-Tagged Frame Format
As shown below in “Q-in-Q Example” illustration, Headquarter A wants to communicate with
Branch 1 that is 1000 miles away. One common thing about these two locations is that they have
the same VLAN ID of 20, called C-VLAN (Customer VLAN). Since customer traffic will be routed to
service provider’s backbone, there is a possibility that traffic might be forwarded insecurely, for
example due to the same VLAN ID used. Therefore, in order to get the information from
Headquarter to Branch 1, the easiest way for the carrier to ensure security to customers is to
encapsulate the original VLAN with a second VLAN ID of 100. This second VLAN ID is known as
SP-VLAN (Service Provider VLAN) that is added as data enters the service provider’s network and
then removed as data exits. Eventually, with the help of SP-Tag, the information sent from
Headquarter to Branch 1 can be delivered with customers’ VLANs intactly and securely.
Q-in-Q Example
To Next Page
Loading...
Need help?
General
