3com 8807 User Guide
VLAN-VPN Tunnel Configuration
855
Because Switch B is produced by other vendor, related commands may differ from
those available to Switch 8800 Family switches. So only the operation is listed, as
shown below:
those available to Switch 8800 Family switches. So only the operation is listed, as
shown below:
■
Configure GigabitEthernet3/1/1 and GigabitEthernet3/1/3 ports of Switch B to
be trunk ports.
be trunk ports.
■
Add the two ports to VLAN 10.
n
The following describes how a packet is forwarded from Switch A to Switch C.
■
As the GigabitEthernet2/1/1 port of Switch A is a VLAN VPN port, when a
packet reaches GigabitEthernet2/1/1 port of Switch A, it is tagged with the
default VLAN tag (VLAN 10, the outer tag) and is then forwarded to
GigabitEthernet2/1/2 port.
packet reaches GigabitEthernet2/1/1 port of Switch A, it is tagged with the
default VLAN tag (VLAN 10, the outer tag) and is then forwarded to
GigabitEthernet2/1/2 port.
■
Because GigabitEthernet2/1/2 port is a VLAN-VPN uplink port with a TPID of
0x9100, Switch A changes the TPID value in the outer VLAN Tag of the packet
to 0x9100, and forwards the packet to the public network.
0x9100, Switch A changes the TPID value in the outer VLAN Tag of the packet
to 0x9100, and forwards the packet to the public network.
■
The packet reaches GigabitEthernet3/1/2 port of Switch B. Switch B sends the
packet to its GigabitEthernet3/1/1 port by forwarding the packet in VLAN 10.
packet to its GigabitEthernet3/1/1 port by forwarding the packet in VLAN 10.
■
The packet is forward from GigabitEthernet3/1/1 port of Switch B to the
network on the other side and enters GigabitEthernet2/1/2 port of Switch C,
Switch C sends the packet to its GigabitEthernet2/1/1 port by forwarding the
packet in VLAN 10. As GigabitEthernet2/1/1 port is an access port, Switch C
strip off the outer VLAN tag of the packet and restores the original packet.
network on the other side and enters GigabitEthernet2/1/2 port of Switch C,
Switch C sends the packet to its GigabitEthernet2/1/1 port by forwarding the
packet in VLAN 10. As GigabitEthernet2/1/1 port is an access port, Switch C
strip off the outer VLAN tag of the packet and restores the original packet.
It is the same case when a packet travel from Switch C to Switch A.
Verification
The configuration is successful if packets sourced from the networks connected to
Switch A can reach those connected to Switch C, or packets sourced from the
networks connected to Switch C can reach those connected to Switch A.
Switch A can reach those connected to Switch C, or packets sourced from the
networks connected to Switch C can reach those connected to Switch A.
VLAN-VPN Tunnel
Configuration
Configuration
Introduction to
VLAN-VPN Tunnel
The function of VLAN-VPN tunnel is that user networks in different regions can
transmit BPDU packets transparently through VLAN VPN designated in the
operator’s network.
transmit BPDU packets transparently through VLAN VPN designated in the
operator’s network.
Figure 201 shows the hierarchy diagram of VLAN-VPN tunnel: operator’s network
and user network. The operator’s network involves packet input and output
devices. The user network includes network A and network B. Through the
configuration on the devices at both ends of the operator’s network, the
destination MAC address of the BPDU packet is replaced with a MAC address in a
special format at one end, and the MAC address is converted back to the original
destination MAC address at the other end. In this way the packet is transmitted
transparently over the operator’s network.
and user network. The operator’s network involves packet input and output
devices. The user network includes network A and network B. Through the
configuration on the devices at both ends of the operator’s network, the
destination MAC address of the BPDU packet is replaced with a MAC address in a
special format at one end, and the MAC address is converted back to the original
destination MAC address at the other end. In this way the packet is transmitted
transparently over the operator’s network.