Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Example: Setting Up Q-in-Q Tunneling

    Service providers can use Q-in-Q tunneling to transparently pass Layer 2 VLAN traffic between customer sites without removing or changing the customer VLAN tags or class-of-service (CoS) settings. Data centers can use Q-in-Q tunneling to isolate customer traffic within a single site or when customer traffic flows between cloud data centers in different geographic locations.

    This example describes how to set up Q-in-Q tunneling:

    Requirements

    This example requires one QFX Series device with Junos OS Release 12.1 or later.

    Before you begin setting up Q-in-Q tunneling, make sure you have created and configured the necessary customer VLANs on the neighboring switches. See Configuring VLANs.

    Overview and Topology

    In this service provider network, there are multiple customer VLANs mapped to one service VLAN.

    Table 1 lists the settings for the sample topology.

    Table 1: Components of the Topology for Setting Up Q-in-Q Tunneling

    InterfaceDescription

    xe-0/0/11.0

    Tagged S-VLAN trunk port

    xe-0/0/12.0

    Untagged customer-facing access port

    xe-0/0/13.0

    Untagged customer-facing access port

    xe-0/0/14.0

    Tagged S-VLAN trunk port

    Configuration

    CLI Quick Configuration

    To quickly create and configure Q-in-Q tunneling, copy the following commands and paste them into the switch terminal window:

    [edit]
    set vlans service-vlan vlan-id 1000
    set vlans service-vlan dot1q-tunneling customer-vlans 1-100
    set vlans service-vlan dot1q-tunneling customer-vlans 201-300
    set interfaces xe-0/0/11 unit 0 family ethernet-switching port-mode trunk
    set interfaces xe-0/0/11 unit 0 family ethernet-switching vlan members 1000
    set interfaces xe-0/0/12 unit 0 family ethernet-switching port-mode access
    set interfaces xe-0/0/12 unit 0 family ethernet-switching vlan members 1000
    set interfaces xe-0/0/13 unit 0 family ethernet-switching port-mode access
    set interfaces xe-0/0/13 unit 0 family ethernet-switching vlan members 1000
    set interfaces xe-0/0/14 unit 0 family ethernet-switching port-mode trunk
    set interfaces xe-0/0/14 unit 0 family ethernet-switching vlan members 1000
    set ethernet-switching-options dot1q-tunneling ether-type 0x9100

    Step-by-Step Procedure

    To configure Q-in-Q tunneling:

    1. Set the VLAN ID for the S-VLAN:
      [edit vlans]
      user@switch# set service-vlan vlan-id 1000
    2. Enable Q-in-Q tunneling and specify the customer VLAN ranges:
      [edit vlans]
      user@switch# set service-vlan dot1q-tunneling customer-vlans 1-100
      user@switch# set service-vlan dot1q-tunneling customer-vlans 201-300
    3. Set the port mode and VLAN information for the interfaces:
      [edit interfaces]
      user@switch# set xe-0/0/11 unit 0 family ethernet-switching port-mode trunk
      user@switch# set xe-0/0/11 unit 0 family ethernet-switching vlan members 1000
      user@switch# set xe-0/0/12 unit 0 family ethernet-switching port-mode access
      user@switch# set xe-0/0/12 unit 0 family ethernet-switching vlan members 1000
      user@switch# set xe-0/0/13 unit 0 family ethernet-switching port-mode access
      user@switch# set xe-0/0/13 unit 0 family ethernet-switching vlan members 1000
      user@switch# set xe-0/0/14 unit 0 family ethernet-switching port-mode trunk
      user@switch# set xe-0/0/14 unit 0 family ethernet-switching vlan members 1000
    4. Set the Q-in-Q Ethertype value (optional):
      [edit]
      user@switch# set ethernet-switching-options dot1q-tunneling ether-type 0x9100

    Results

    Check the results of the configuration:

    user@switch> show configuration vlans service-vlan
    vlan-id 1000 {dot1q-tunneling { customer-vlans [ 1-100 201-300 ];}
    user@switch> show configuration interfaces
    xe-0/0/11 {unit 0 {family ethernet-switching {port-mode trunk;vlan members 1000;}}}
    xe-0/0/12 {unit 0 {family ethernet-switching {port-mode access;vlan members 1000;}}}
    xe-0/0/13 {unit 0 {family ethernet-switching {port-mode access;vlan members 1000;}}}
    xe-0/0/14 {unit 0 {family ethernet-switching {port-mode trunk;vlan members 1000;}}}
    user@switch> show ethernet-switching-options
    dot1q-tunneling {ether-type 0x9100;}

    Verification

    Confirm that the configuration is working properly.

    Verifying That Q-in-Q Tunneling Was Enabled

    Purpose

    Verify that Q-in-Q tunneling was properly enabled.

    Action

    Use the show vlans command:

    user@switch> show vlans service-vlan extensive
    VLAN: service-vlan, Created at: Wed Mar 14 07:17:53 2012
802.1Q Tag: 1000, Internal index: 18, Admin State: Enabled, Origin: Static
Dot1q Tunneling Status: Enabled
Customer VLAN ranges:
                     1-100
                     201-300
Protocol: Port Mode
Number of interfaces: Tagged 2 (Active = 0), Untagged  2 (Active = 0)
      xe-0/0/11.0, tagged, trunk
      xe-0/0/14.0, tagged, trunk
      xe-0/0/12.0, untagged, access
      xe-0/0/13.0, untagged, access

    Meaning

    The output indicates that Q-in-Q tunneling is enabled and that the VLAN is tagged and shows the associated customer VLANs.

     

    Related Documentation

     

    Published: 2013-11-19

    Previous Page Next Page