You have to know that layer 2 protocol tunneling is something completely different than Q-in-Q :-) When you want to use l2protocol-tunnel without Q-in-Q both ends of the SP network, in your case SW1 and SW2, they should only have switchport mode access configured. The customer end (SW3 and SW4) also needs to be a routed or access port in one VLAN, so you only have untagged traffic.
Tagged traffic will not work as you have seen :-) Therefore we invented Q-in-Q to double tag packets. -- Regards, Rick Mur CCIE2 #21946 (R&S / Service Provider) Sr. Support Engineer – IPexpert, Inc. URL: http://www.IPexpert.com On 5 sep 2009, at 19:02, Kim Pedersen wrote: > Hi, > > You are very right about the Q-in-Q.. I dug a bit deeper into the > issue, just because it bothered me actually. I have attached the > topology just for clarity. > > Basically, as I see it, even though you are transfering STP,CDP and > other L2 goodies, doesnt mean you will actually be able to have a > working topology. To explain this, you can have the following > configuration on SW1: > interface FastEthernet0/1 > switchport access vlan 900 > switchport trunk encapsulation dot1q > switchport mode trunk > l2protocol-tunnel cdp > l2protocol-tunnel stp > l2protocol-tunnel vtp > > and the same on SW2. I had a vlan 4 defined on both SW3 and SW4, and > i was wondering why they both assumed they were root bridge of that > particular vlan. Turns out that even though you are tunneling your > STP messages through the "provider cloud", in this case SW1 and SW2, > you need to have those vlans defined in the "cloud" to work! that > means that if you dont have them defined in your cloud, SW3 can send > a packet to SW1, as you said, tagged, SW1 then looks at it and imo > discards it, because it does not have this vlan defined. > > If you instead used a different configuration like this: > > interface FastEthernet0/1 > switchport access vlan 900 > switchport trunk encapsulation dot1q > switchport mode access > l2protocol-tunnel cdp > l2protocol-tunnel stp > l2protocol-tunnel vtp > > SW1 would always receive the data on what it thinks is vlan 900, > pass it onto SW2, which would send it out un-tagged to SW4. In this > case, only things in the native vlan would work, because SW4 would > receive un-tagged packets over what it thinks is a trunk, and > believe it is native traffic. > > So I guess where im heading with all of this is, even though you can > pass STP,CDP and other good stuff, unless your provider has the > vlans defined, you will only be able to use the native vlan. This is > where Q-in-Q comes into play. It preserves the tags + only uses 1 > vlan in the cloud for ALL the customer vlans. > > I hope im right about this and that it makes sense :) > > Sincerely, > Kim Pedersen > > Rick Mur wrote: >> The Q-in-Q is for tunneling 802.1Q tagged packets throughout a >> 'service provider' network. >> If you don't have the need for Q-in-Q but want to do like ether- >> channeling across a 3rd party network, you need the l2protocol >> tunnel. Like the Cisco Documentation you linked specified it does >> some magic with MAC addresses. To me the only use for it, without Q- >> in-Q, is etherchannel. CDP and STP is nice, but would you ever want >> a huge STP domain across multiple sites in real life? >> >> -- >> Regards, >> >> Rick Mur >> CCIE2 #21946 (R&S / Service Provider) >> Sr. Support Engineer – IPexpert, Inc. >> URL: http://www.IPexpert.com >> >> On 5 sep 2009, at 15:36, prakash patel wrote: >> >>> Basically >>> First create tunnel..Q in Q Then Layer 2 protocol like CDP, STP >>> etc will be going thru tunnel..that is called layer 2 protocl >>> tunnel :-).this featuer needs tunnel. WHich protocol will be >>> allowed through the tunnel ?. >>> > Date: Sat, 5 Sep 2009 15:25:01 +0200 >>> > From: [email protected] <mailto:[email protected]> >>> > To: [email protected] <mailto:[email protected]> >>> > CC: [email protected] <mailto:[email protected] >>> > >>> > Subject: Re: [OSL | CCIE_RS] QinQ Vs. l2protocol-tunnel >>> > > Hi Rick, >>> > > Thanks for taking the time to help out! im pulling out the >>> remaining > hairs on my head! :) >>> > > I found the missing piece by going over the configuration i >>> was going > to send :) >>> > (I even pulled out a 2950 i was using as SW3, and replaced it >>> with a > 3550... just to make sure...) >>> > > But if you dont mind, how is the l2protocol-tunnel different >>> from QinQ > (other than the packets are double tagged). From my >>> now working > topology, all my vlans run STP, CDP just fine... I >>> think im missing the > point somewhere along the path.. >>> > > Thanks again! >>> > > Kim >>> > > Rick Mur wrote: >>> > > Hi Kim, >>> > > >>> > > Please see my attached drawing. I configured about the same >>> topology > > as you did. Trunk between SW3 and SW4 and access >>> ports to SW1 and SW2. > > On those access ports I enabled l2- >>> protocol-tunnel cdp and now SW1 and > > SW2 see each other as CDP >>> neighbor over those interfaces. >>> > > >>> > > Please show me your entire configuration if this doesn't work >>> for you. >>> > > Again see attached drawing for more clarification on my >>> topology :-) >>> > > >>> > > >>> > > -- >>> > > >>> > > Regards, >>> > > >>> > > Rick Mur >>> > > CCIE2 #21946 (R&S / Service Provider) >>> > > Sr. Support Engineer – IPexpert, Inc. >>> > > URL: http://www.IPexpert.com >>> > > >>> > > >>> > > On Sat, Sep 5, 2009 at 1:39 PM, Kim Pedersen >>> <[email protected] <mailto:[email protected]> > > >>> <mailto:[email protected] >>> >> wrote: >>> > > >>> > > Hi all, >>> > > >>> > > I have been reading over >>> > >http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/ >>> software/release/12.2_44_se/configuration/guide/ >>> swtunnel.html#wp1014851 >>> > > 10 times by now, and I am still unsure of the difference. >>> > > >>> > > I have tried to set up a lab to test some stuff out, it >>> consists of 4 >>> > > switches: >>> > > >>> > > SW3 is connected to SW1 and SW4. >>> > > SW4 is connected to SW3 and SW2 >>> > > and SW1 and SW2 are connected. >>> > > >>> > > I want SW3 to see SW4 through SW1 and SW2. To accomplish this, >>> i have >>> > > set up a vlan (13) on both SW1 and SW2, then an access port on >>> > > each with >>> > > vlan 13 is connected to SW3 and SW4 respectively. On top of >>> this, >>> > > i use >>> > > l2protocol-tunnel on each of these interfaces. I was expecting >>> CDP >>> > > traffic to flow from SW3 to SW1, through the trunk between SW1 >>> and >>> > > SW2, >>> > > and from SW2 to SW4. But this does not happen. >>> > > >>> > > I think generally im confused between the difference between >>> QinQ >>> > > and l2 >>> > > protocol tunneling. Can someone shed some light on this or >>> maybe point >>> > > me in the correct direction through some documentation apart >>> from the >>> > > above Cisco Doc... >>> > > >>> > > Thanks! >>> > > >>> > > Sincerely, >>> > > Kim Pedersen >>> > > >>> > > -- >>> > > >>> > > // Freedom Matters >>> > > // Follow my progress on: http://kpjungle.wordpress.com >>> > > >>> > > _______________________________________________ >>> > > For more information regarding industry leading CCIE Lab >>> training, >>> > > please visit www.ipexpert.com <http://www.ipexpert.com> >>> > > <http://www.ipexpert.com >>> > >>> > > >>> > > >>> > > >>> > > >>> ------------------------------------------------------------------------ >>> > > >>> > > -- > > // Freedom Matters >>> > // Follow my progress on: http://kpjungle.wordpress.com >>> > > _______________________________________________ >>> > For more information regarding industry leading CCIE Lab >>> training, please visit www.ipexpert.com <http://www.ipexpert.com> >>> >>> ------------------------------------------------------------------------ >>> Windows Live: Keep your friends up to date with what you do >>> online. Find out more. >>> <http://windowslive.com/Campaign/SocialNetworking?ocid=PID23285::T:WLMTAGL:ON:WL:en-US:SI_SB_online:082009 >>> >>> >_______________________________________________ >>> For more information regarding industry leading CCIE Lab training, >>> please visit www.ipexpert.com <http://www.ipexpert.com> >> > > -- > > // Freedom Matters > // Follow my progress on: http://kpjungle.wordpress.com > > <l2-topology.jpg> _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
