Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX] Understanding and configuring 802.1Q (Q-in-Q) dot1q tunneling

0

0

Article ID: KB12259 KB Last Updated: 21 Jan 2020Version: 2.0
Summary:

Q-in-Q was introduced for the EX-series Switch starting with Junos OS Release 9.3. This article provides a summary of how it functions and a configuration example.

Note: Additional examples and information can be found in Understanding Q-in-Q Tunneling on EX-series Switches.

 

Solution:

Q-in-Q tunneling allows service providers on Ethernet access networks to extend a Layer 2 Ethernet connection between two customer sites. Using Q-in-Q tunneling, providers can also segregate or bundle customer traffic into fewer VLANs or different VLANs by adding another layer of 802.1Q tags. Q-in-Q tunneling is useful when customers have overlapping VLAN IDs, because the customer’s 802.1Q (dot1Q) VLAN tags are prepended by the service VLAN (S-VLAN) tag. The Junos OS software implementation of Q-in-Q tunneling supports the IEEE 802.1ad standard.

The following example outlines a Q-in-Q topology and configuration.

  • Customer tagged traffic comes in on ge-0/0/1 and ge-0/0/3, and is sent across ge-0/0/4 (cloud) preserved, and ge-0/0/15 gets the tagged traffic.

  • SW1 and SW2 are provider edge switches in the cloud, interfacing the customer at location 1 (SW1) and location 2 (SW2). These 2 switches do not need the MTU setting because the EX switch takes care of that. However, the intermediate switches in the cloud need Layer 2 MTU increased by 4 for the outer tag.

  • Note that ge-0/0/1, 3, and 15 are access ports, and ge-0/0/4 carries only customer VLAN 4001.

Note: Later Junos OS software releases for the EX-series switch will have complete L2TP support, where a customer’s untagged traffic and control packets can also be transported. Then customer switches can also run MSTP load-balancing if they interface into redundant SP clouds.



SW1
=========

  • ge-0/0/1 and ge-0/0/3 are access ports.
  • ge-0/04 is the trunk port.
root# show ethernet-switching-options
dot1q-tunneling {
    ether-type 0x8100;
}

root# show vlans
qinqvlan {
    vlan-id 4001;
    interface {
        ge-0/0/1.0;
        ge-0/0/3.0
    }
    dot1q-tunneling {
        customer-vlans 1-4094;
    }
}

root# show interfaces ge-0/0/4
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members 4001;
        }
    }
}

root# show interfaces ge-0/0/1
unit 0 {
    family ethernet-switching;
}

root# show interfaces ge-0/0/3
unit 0 {
    family ethernet-switching;
}

SW2
=======

  • ge-0/0/15 is an access port.
  • ge-0/0/4 is a trunk port.
root# show ethernet-switching-options
dot1q-tunneling {
    ether-type 0x8100;
}

root# show vlans
qinqvlan {
    vlan-id 4001;
    interface {
        ge-0/0/15.0;
    }
    dot1q-tunneling {
        customer-vlans 1-4094;
    }
}

root# show interfaces ge-0/0/4
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members 4001;
        }
    }
}

root# show interfaces ge-0/0/15
unit 0 {
    family ethernet-switching;
} 

 

Modification History:

2020-01-21: Article checked for accuracy and validity and found up-to-date; topology diagram changed along with minor name changes

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search