Configuring S-VLANs
As described in Configuring VLANs, VLANs permit multiplexing multiple IP interfaces and PPPoE interfaces over a single physical Ethernet port by creating VLAN subinterfaces. As specified in IEEE Standard 802.1q, the 12-bit VLAN identifier's tagged frames enables the construction of a maximum of 4096 distinct VLANs. In an Ethernet B-RAS application environment, however, this VLAN limit is inadequate. A stacked VLAN (S-VLAN) provides a two-level VLAN tag structure, which extends the VLAN ID space to more than 16 million VLANs.
Creating an S-VLAN requires the use of a second encapsulation tag. The router performs decapsulation twice, once to get the S-VLAN tag and once to get the VLAN tag. This double tagging approach enables more than 16 million address possibilities, which more than satisfies the scaling requirement for Ethernet B-RAS applications.
VLAN and S-VLAN subinterfaces can coexist over the same VLAN major interface. You configure S-VLANs in the same way that you configure VLANs, with the addition of certain commands.
 |
NOTE: See JUNOSe Release Notes, Appendix A, System Maximums for S-VLAN limitations. |
Like VLANs, all S-VLAN subinterfaces use the MAC address of the Ethernet interface over which they are configured. For more information about assigning unique MAC address to the S-VLAN subinterface when assigning VLAN or S-VLAN IDs, see Configuring VLANs.
Configuring PPPoE over S-VLAN
To configure PPPoE over an S-VLAN over an Ethernet interface:
- Specify a Fast Ethernet, Gigabit Ethernet, or 10-Gigabit Ethernet port.
- Specify VLAN as the encapsulation method.
host1(config)#interface fastEthernet 4/0
host1(config-if)#encapsulation vlan
The VLAN major interface is added.
- Create a VLAN subinterface by adding a subinterface number to the interface identification command.
- Assign an S-VLAN ID and a VLAN ID for the subinterface.
- Assign an S-VLAN Ethertype.
- Specify PPPoE as the encapsulation method on the interface.
- Create a PPPoE subinterface.
- Specify PPP as the encapsulation method on the interface.
- Assign an IP address and mask.
- (Optional) Configure additional PPPoE subinterfaces by completing Steps 7 through 9 using unique numbering.
host1(config-if)#interface fastEthernet 4/1.1
host1(config-if)#svlan id 4 255
host1(config-if)#svlan ethertype 88a8
host1(config-if)#pppoe
host1(config-if)#pppoe subinterface fastEthernet 4/1.1.1
host1(config-if)#encapsulation ppp
host1(config-if)#ip address 164.10.6.61 255.255.255.0
Figure 18 shows one S-VLAN subinterface with multiple PPPoE subinterface stacks.
|
NOTE: Before you can remove an S-VLAN/VLAN subinterface, you must remove the upper-layer interface stack. |
encapsulation ppp
- Use to configure PPP as the encapsulation method for the interface.
- Use the no version to remove PPP as the encapsulation method on the interface.
encapsulation vlan
- Use to configure VLAN as the encapsulation method for the interface.
- Use the no version to remove VLAN as the encapsulation method on the interface.
ip address
- Use to set a primary or secondary IP address for an interface or subinterface.
- Specify the layer 2 encapsulation before you set the IP address.
- Use the no version to remove an IP address or disable IP processing.
pppoe
- Use to configure PPPoE as the encapsulation method on the interface.
- Use the no version to disable PPPoE on the interface.
pppoe subinterface fastEthernet
- Use to create a PPPoE subinterface on a Fast Ethernet interface.
- Use the no version to remove a PPPoE subinterface on a Fast Ethernet interface.
pppoe subinterface gigabitEthernet
pppoe subinterface tenGigabitEthernet
- Use to create a PPPoE subinterface on a Gigabit Ethernet interface or on a 10-Gigabit Ethernet interface.
- Use the no version to remove a PPPoE subinterface on a Gigabit Ethernet interface or on a 10-Gigabit Ethernet interface.
svlan ethertype
- Use to assign an Ethertype value for the S-VLAN subinterface.
- Choose one of the following Ethertype values:
- 8100—Specifies Ethertype value 0x8100, as defined in IEEE Standard 802.1q
- 88a8—Specifies Ethertype value 0x88a8, as defined in draft IEEE Standard 802.1ad
- 9100—Specifies Ethertype value 0x9100, which is the default
- Use an Ethertype value that matches the Ethertype value set on the customer premises equipment (CPE) to which your router connects.
- Example
host1(config-if)#svlan ethertype 8100
svlan id
- Use to assign S-VLAN IDs and VLAN IDs to VLAN subinterfaces.
- Use S-VLAN ID and VLAN ID numbers that are in the range 0–4095 and that are unique within the Ethernet interface.
- Use the mac-address keyword to specify a unique MAC address for the VLAN subinterface. When you do not specify a unique MAC address, the VLAN uses the MAC address of the Ethernet interface.
- Examples
host1(config-if)#svlan id 4 255
host1(config-if)#svlan id 4 255 mac-address 0090.1a01.1234
Configuring S-VLAN Tunnels for Layer 2 Services over MPLS
When you configure Ethernet layer 2 services over MPLS, you can create a special type of S-VLAN called an S-VLAN tunnel that uses a single interface to tunnel traffic from multiple VLANs across an MPLS network. The S-VLAN tunnel enables multiple VLANs, each configured with a unique VLAN ID tag, to share a common S-VLAN ID tag when they traverse an MPLS network.
Advantages
Using S-VLAN tunnels provides an easier and faster way to configure Ethernet layer 2 services over MPLS than using standard S-VLANs. For example, consider the network configuration shown in Figure 19.
In this example, traffic from three VLAN subinterfaces must traverse the MPLS network. To accomplish this using standard S-VLANs, you issue the following commands to configure three separate S-VLANs with the same S-VLAN ID value and different VLAN IDs, as follows:
host1(config-if)#svlan id 33 10
host1(config-if)#svlan id 33 20
host1(config-if)#svlan id 33 30
By contrast, using an S-VLAN tunnel achieves the same result, but requires you to issue only a single svlan id command with the keyword any in place of the VLAN ID value. For example, the following command creates a single interface that tunnels traffic from VLANs configured with an S-VLAN ID of 33 and any VLAN ID to the same destination across the MPLS network. In effect, this command tunnels traffic from all three VLANs shown in Figure 19.
host1(config-if)#svlan id 33 any
Interface Stacking
When you configure Ethernet layer 2 services over MPLS using S-VLAN tunnels, the only interface that you can stack over an S-VLAN tunnel is an MPLS tunnel, which you configure using the MPLS tunneling command (mpls-relay or route interface) that is appropriate for your configuration. Attempting to configure any other interface type—such as IP, MPLS (nontunnel), or PPPoE—over the S-VLAN tunnel causes the router to generate an error and reject the configuration as invalid.
For details about configuring MPLS and layer 2 services over MPLS, see:
- JUNOSe BGP and MPLS Configuration Guide, Chapter 2, Configuring MPLS
- JUNOSe BGP and MPLS Configuration Guide, Chapter 5, Configuring Layer 2 Services over MPLS
Configuration Example
This section uses the sample network topology shown in Figure 19 to illustrate the steps for configuring S-VLAN tunnels for Ethernet layer 2 services over MPLS.
To configure S-VLAN tunnels for Ethernet layer 2 services over MPLS:
- Specify a Fast Ethernet, Gigabit Ethernet, or 10-Gigabit Ethernet port.
- Specify VLAN as the encapsulation method to create the VLAN major interface.
- Create a VLAN subinterface.
- Create the S-VLAN tunnel. This interface tunnels traffic from VLANs configured with an S-VLAN ID of 33 and any VLAN ID to the same destination across the MPLS network.
- Assign an S-VLAN Ethertype.
- Create the MPLS tunnel interface using the appropriate MPLS tunneling command for your configuration. For example:
host1(config)#interface fastEthernet 4/0
host1(config-if)#encapsulation vlan
host1(config-if)#interface fastEthernet 8/1.1
host1(config-if)#svlan id 33 any
host1(config-if)#svlan ethertype 8100
host1(config-if)#route interface tunnel mpls:tunnel3 45
For complete instructions on configuring the MPLS tunnel, see JUNOSe BGP and MPLS Configuration Guide, Chapter 5, Configuring Layer 2 Services over MPLS.
- Repeat Steps 1 through 6 using unique values to configure the S-VLAN tunnel and MPLS tunnel interfaces on the remote E-series router. For example:
host2(config)#interface fastEthernet 3/1
host2(config-if)#encapsulation vlan
host2(config-if)#interface fastEthernet 3/1.1
host2(config-if)#svlan id 83 any
host2(config-if)#svlan ethertype 88a8
host2(config-if)#route interface tunnel mpls:tunnel2 45
encapsulation vlan
- Use to configure VLAN as the encapsulation method for the interface.
- Use the no version to disable VLAN on an interface.
interface fastEthernet
host1(config)#interface fastEthernet 3/1
route interface
- Use to route layer 2 traffic on a specific tunnel interface.
- Use the no version to negate this command.
NOTE: For details on the use of this command, see JUNOSe BGP and MPLS Configuration Guide, Chapter 5, Configuring Layer 2 Services over MPLS.
svlan ethertype
- Use to assign an Ethertype value for the S-VLAN tunnel interface.
- Choose one of the following Ethertype values:
- 8100—Specifies Ethertype value 0x8100, as defined in IEEE Standard 802.1q
- 88a8—Specifies Ethertype value 0x88a8, as defined in draft IEEE Standard 802.1ad
- 9100—Specifies Ethertype value 0x9100, which is the default
- Use an Ethertype value that matches the Ethertype value set on the customer premises equipment (CPE) to which your router connects.
- Example
host1(config-if)#svlan ethertype 8100
svlan id
- Use to create an S-VLAN tunnel interface for configuring Ethernet layer 2 services over MPLS.
- Assign an S-VLAN ID value in the range 0–4095 that is unique within the Ethernet interface.
- Use the any keyword to tunnel traffic from VLANs configured with the specified S-VLAN ID and any VLAN ID to the same destination across an MPLS network.
- Issue the svlan id command with the any keyword before you configure the upper binding, which must be an MPLS tunnel interface. Attempting to configure any other interface type over the S-VLAN tunnel causes an error.
- Example
host1(config-if)#svlan id 1000 any
S-VLAN Oversubscription
When you configure S-VLAN subinterfaces over Ethernet interfaces to support dynamic PPPoE subinterfaces, you can take advantage of S-VLAN oversubscription.
The following module combinations support S-VLAN oversubscription:
- GE/FE line module and all of its associated I/O modules
- GE-2 line module and the GE-2 SFP I/O module
- GE-HDE line module and its associated I/O modules
- OC3/STM1 GE/FE line module and the OC3-2 GE APS I/O module
- ES2 4G LM and its associated Gigabit Ethernet and 10-Gigabit Ethernet IOAs
- ES2 10G LM and its associated Gigabit Ethernet and 10-Gigabit Ethernet IOAs
The maximum number of S-VLANs that you can create per I/O module with PPPoE major interfaces stacked over them is greater than the maximum number of dynamic PPPoE subinterfaces. The maximum number of PPP interfaces supported per line module is directly proportional to the maximum number of PPPoE subinterfaces.
As a result, you can oversubscribe S-VLANs by configuring up to the maximum number of S-VLANs supported on these I/O modules, knowing that no more than the maximum number of supported PPP sessions can be connected to the router at any one time.
For configuration instructions, see Configuring Dynamic PPPoE over Static PPPoE with Ethernet and S-VLAN Interface Columns in JUNOSe Link Layer Configuration Guide, Chapter 12, Configuring Dynamic Interfaces.
For specific information about the maximum number of S-VLANs supported per I/O module and the maximum number of PPP interfaces and PPPoE subinterfaces supported per line module, see JUNOSe Release Notes, Appendix A, System Maximums.
|
NOTE: The E120 and E320 routers can support up to two IOAs per line module. This maximum number of S-VLANs per line module does not change if one or two IOAs are installed. |