Cisco Systems 3130 User Manual
C H A P T E R
16-1
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
16
Configuring IEEE 802.1Q and Layer 2 Protocol
Tunneling
Tunneling
Virtual private networks (VPNs) provide enterprise-scale connectivity on a shared infrastructure, often
Ethernet-based, with the same security, prioritization, reliability, and manageability requirements of
private networks. Tunneling is a feature designed for service providers who carry traffic of multiple
customers across their networks and are required to maintain the VLAN and Layer 2 protocol
configurations of each customer without impacting the traffic of other customers. The switch supports
IEEE 802.1Q tunneling and Layer 2 protocol tunneling. Unless otherwise noted, the term switch refers
to a standalone switch and to a switch stack.
Ethernet-based, with the same security, prioritization, reliability, and manageability requirements of
private networks. Tunneling is a feature designed for service providers who carry traffic of multiple
customers across their networks and are required to maintain the VLAN and Layer 2 protocol
configurations of each customer without impacting the traffic of other customers. The switch supports
IEEE 802.1Q tunneling and Layer 2 protocol tunneling. Unless otherwise noted, the term switch refers
to a standalone switch and to a switch stack.
Note
For complete syntax and usage information for the commands used in this chapter, see the command
reference for this release.
reference for this release.
This chapter contains these sections:
•
•
•
•
•
Understanding IEEE 802.1Q Tunneling
Business customers of service providers often have specific requirements for VLAN IDs and the number
of VLANs to be supported. The VLAN ranges required by different customers in the same
service-provider network might overlap, and traffic of customers through the infrastructure might be
mixed. Assigning a unique range of VLAN IDs to each customer would restrict customer configurations
and could easily exceed the VLAN limit (4096) of the IEEE 802.1Q specification.
of VLANs to be supported. The VLAN ranges required by different customers in the same
service-provider network might overlap, and traffic of customers through the infrastructure might be
mixed. Assigning a unique range of VLAN IDs to each customer would restrict customer configurations
and could easily exceed the VLAN limit (4096) of the IEEE 802.1Q specification.
Using the IEEE 802.1Q tunneling feature, service providers can use a single VLAN to support customers
who have multiple VLANs. Customer VLAN IDs are preserved, and traffic from different customers is
segregated within the service-provider network, even when they appear to be in the same VLAN. Using
IEEE 802.1Q tunneling expands VLAN space by using a VLAN-in-VLAN hierarchy and retagging the
tagged packets. A port configured to support IEEE 802.1Q tunneling is called a tunnel port. When you
configure tunneling, you assign a tunnel port to a VLAN ID that is dedicated to tunneling. Each customer
requires a separate service-provider VLAN ID, but that VLAN ID supports all of the customer’s VLANs.
who have multiple VLANs. Customer VLAN IDs are preserved, and traffic from different customers is
segregated within the service-provider network, even when they appear to be in the same VLAN. Using
IEEE 802.1Q tunneling expands VLAN space by using a VLAN-in-VLAN hierarchy and retagging the
tagged packets. A port configured to support IEEE 802.1Q tunneling is called a tunnel port. When you
configure tunneling, you assign a tunnel port to a VLAN ID that is dedicated to tunneling. Each customer
requires a separate service-provider VLAN ID, but that VLAN ID supports all of the customer’s VLANs.