Cisco Systems 3560 사용자 설명서
16-12
Catalyst 3560 Switch Software Configuration Guide
OL-8553-06
Chapter 16 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
Configuring Layer 2 Protocol Tunneling
•
For interoperability with third-party vendor switches, the switch supports a Layer 2 protocol-tunnel
bypass feature. Bypass mode transparently forwards control PDUs to vendor switches that have
different ways of controlling protocol tunneling.When Layer 2 protocol tunneling is enabled on
ingress ports on a switch, egress trunk ports forward the tunneled packets with a special
encapsulation. If you also enable Layer 2 protocol tunneling on the egress trunk port, this behavior
is bypassed, and the switch forwards control PDUs without any processing or modification.
bypass feature. Bypass mode transparently forwards control PDUs to vendor switches that have
different ways of controlling protocol tunneling.When Layer 2 protocol tunneling is enabled on
ingress ports on a switch, egress trunk ports forward the tunneled packets with a special
encapsulation. If you also enable Layer 2 protocol tunneling on the egress trunk port, this behavior
is bypassed, and the switch forwards control PDUs without any processing or modification.
•
The switch supports PAgP, LACP, and UDLD tunneling for emulated point-to-point network
topologies. Protocol tunneling is disabled by default but can be enabled for the individual protocols
on IEEE 802.1Q tunnel ports or on access ports.
topologies. Protocol tunneling is disabled by default but can be enabled for the individual protocols
on IEEE 802.1Q tunnel ports or on access ports.
•
If you enable PAgP or LACP tunneling, we recommend that you also enable UDLD on the interface
for faster link-failure detection.
for faster link-failure detection.
•
Loopback detection is not supported on Layer 2 protocol tunneling of PAgP, LACP, or UDLD
packets.
packets.
•
EtherChannel port groups are compatible with tunnel ports when the IEEE 802.1Q configuration is
consistent within an EtherChannel port group.
consistent within an EtherChannel port group.
•
If an encapsulated PDU (with the proprietary destination MAC address) is received from a tunnel
port or an access port with Layer 2 tunneling enabled, the tunnel port is shut down to prevent loops.
The port also shuts down when a configured shutdown threshold for the protocol is reached. You can
manually re-enable the port (by entering a shutdown and a no shutdown command sequence). If
errdisable recovery is enabled, the operation is retried after a specified time interval.
port or an access port with Layer 2 tunneling enabled, the tunnel port is shut down to prevent loops.
The port also shuts down when a configured shutdown threshold for the protocol is reached. You can
manually re-enable the port (by entering a shutdown and a no shutdown command sequence). If
errdisable recovery is enabled, the operation is retried after a specified time interval.
•
Only decapsulated PDUs are forwarded to the customer network. The spanning-tree instance
running on the service-provider network does not forward BPDUs to tunnel ports. CDP packets are
not forwarded from tunnel ports.
running on the service-provider network does not forward BPDUs to tunnel ports. CDP packets are
not forwarded from tunnel ports.
•
When protocol tunneling is enabled on an interface, you can set a per-protocol, per-port, shutdown
threshold for the PDUs generated by the customer network. If the limit is exceeded, the port shuts
down. You can also limit BPDU rate by using QoS ACLs and policy maps on a tunnel port.
threshold for the PDUs generated by the customer network. If the limit is exceeded, the port shuts
down. You can also limit BPDU rate by using QoS ACLs and policy maps on a tunnel port.
•
When protocol tunneling is enabled on an interface, you can set a per-protocol, per-port, drop
threshold for the PDUs generated by the customer network. If the limit is exceeded, the port drops
PDUs until the rate at which it receives them is below the drop threshold.
threshold for the PDUs generated by the customer network. If the limit is exceeded, the port drops
PDUs until the rate at which it receives them is below the drop threshold.
•
Because tunneled PDUs (especially STP BPDUs) must be delivered to all remote sites so that the
customer virtual network operates properly, you can give PDUs higher priority within the
service-provider network than data packets received from the same tunnel port. By default, the
PDUs use the same CoS value as data packets.
customer virtual network operates properly, you can give PDUs higher priority within the
service-provider network than data packets received from the same tunnel port. By default, the
PDUs use the same CoS value as data packets.
Configuring Layer 2 Protocol Tunneling
Beginning in privileged EXEC mode, follow these steps to configure a port for Layer 2 protocol
tunneling:
tunneling:
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
interface interface-id
Enter interface configuration mode, and enter the interface to be configured
as a tunnel port. This should be the edge port in the service-provider
network that connects to the customer switch. Valid interfaces can be
physical interfaces and port-channel logical interfaces (port channels 1 to
48).
as a tunnel port. This should be the edge port in the service-provider
network that connects to the customer switch. Valid interfaces can be
physical interfaces and port-channel logical interfaces (port channels 1 to
48).