Hi, on a multi-site installation, I've got some additional requirements to implement. Currently, two site (CPE) have a tagged ethernet service to a central site (PE). Now, apart from the L3 traffic, I need to bridge an additional VLAN from site 2 to site 1 in order to provide a guest WLAN which is terminated through a firewall at site 1. Our PE currently is an ASR1000 series router, the CPEs are 1941 routers with Security IOS licenses and additional 4-port switching card. configuring the QinQ as such works fine, e.g. with CPE configure with this:
|interface GigabitEthernet0/1.61400 encapsulation dot1Q 614 second-dot1q 201 ip address 10.99.98.2 255.255.255.0 bridge-group 201| and PE with |interface GigabitEthernet0/1.61400 encapsulation dot1Q 614 second-dot1q 201 ip address 10.99.98.1 255.255.255.0 bridge-group 201| doing a ping works fine, therefore I'd expect the actual QinQ stuff working. On the CPE, I have also configured (for testing purposes) one of the switch interfaces on each site router as "switchport access vlan201" , then added the "int vlan 201" also into bridge-group 201. IRB is active, bridge-group 201 is set to protocol IEEE. On the PE I have configured the two QinQ subinterfaces also into the same bridge-group. Anyway, none of the broadcasts or other L2 stuff seems to be transported between the sites over the QinQ bridge broup. I assume I'm just missing some minor thing here, but after checking docs and examples, I'm sort of out of ideas ... none of the docs I found use the combination of QinQ and bridge groups, so I'm not even sure if this doesn't work by design ... Any hints or ideas appreciated ... -garry _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/