L2tunneling CDP and QinQ

This is a pretty simple topology, I will try to keep it simple  , this is my first experience with L2tunneling.  Ive never read about it in any books.  My first encounter with it was in INE labs.  I worked for a service provider who mainly ran L2 Metro Ethernet circuits and we generally QinQ for internal VLANs but turned CDP off.  From the looks of the interface possibilities you can tunnel CDP,VTP and STP.

This configuration is pretty simple, On CE1 and CE2 this is an access port for VLAN 2.  This vlan is simply trunked across the PE switches. For l2tunnel to work from what I am reading this has to be an access port.

S1

interface FastEthernet0/1
switchport access vlan 2
switchport mode access
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
end

S2

interface FastEthernet0/1
switchport access vlan 2
switchport mode access
end
!
interface FastEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
end

S3

interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable

S4

interface FastEthernet0/1
switchport access vlan 2
switchport mode access
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
end

#Show CDP neighbor on CE1 shows CE2 as CDP is tunneled across
CE1#sh cdp neighbors
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
CE2              Fas 0/1           156          R S I     WS-C3560- Fas 0/1

#Show CDP neighbor on CE2

CE2#sh cdp neighbors
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
CE1              Fas 0/1           147          R S I     WS-C3560- Fas 0/1

If I want to QinQ tunnel which makes more sense for a service provider to run I have to change my PE switches to run Dot1q tunnels.  Which is something in the real world that is used often.  Now in our small topology we are using vlan 2… not everyone can use vlan 2 within the service provider.  If I want to use vlan 2 since everything on my site is in vlan 2 as well as my remote site I have to QinQ tunnel the link between both PE switches.  So I run vlan 2, my service provider puts me within VLAN 200.  So across my PE1 and PE2 switchs it encapsulates one tag in another.  My only changes are on both PE switches.

PE1
#
interface FastEthernet0/1
description to CE1
switchport access vlan 200
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
end
!
interface FastEthernet0/2
Description trunk to PE2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200
switchport mode trunk
end

PE2

interface FastEthernet0/1
description trunk to PE1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200
switchport mode trunk
!

interface FastEthernet0/2
description to CE2
switchport access vlan 200
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
end

By danielhertzberg, on January 23, 2012 at 2:05 pm, under CCIE studies. No Comments
Post a comment or leave a trackback: Trackback URL.

Leave a comment