Ethernet:
802.1q tunneling mainly used in Core
Layer2 Security:
port security, PVLANS, VACLS, DHCP Snooping, etc.
Layer 2 QoS.
Classification, Marking, Policing, Queueing, etc
Ethernet Interface Types.
Layer 2 Switch ports
- Access ie one vlan
interface f 0/1
switchport mode access
switchport access vlan 10
- Trunk == multiple VLANS
ISL is cisco propriety
All traffic encapsulated with ISL
802.1q
open standard
native vlan sent untagged.
DTP (dynamic trunking protocol)
Used to automatically negotiate what are trunk links supposed to be.
verified with ..
show interface trunk
show interface switchport
show spanning-tree [vlan | interface]
desirable mode == initiates trunking negotiation
auto mode = passively listen for trunking negotiation
Disabling DTP negotiation
Switch port non-negotiate
Switch port mode access
Switch port mode dot1q-tunnel
- Tunnel = transparent Layer 2 VPN
- Dynamic = DTP negotiation
Layer 3 Ports
- Switched Virtual Interface (SVI)
- Native Routed Interface
802.1q Tunneling
==================
1. Layer 2 VPN over switched ethernet network
Lightweight version of MPLS L2VPN
2. SP's PE adds additional 802.1q tag to all frames received from CE
called "metro tag" or "QinQ"
3. PE assigns all CE facing ports to the same VLAN
One vlan per customer in P network.
Configuration
-switchport mode dot1q-tunnel
tell switch to double tag frames
-switchport access vlan {vlan}
metro vlan assignment
Verification
-show dot1q-tunnel
Cannot be dynamically negotiated.
802.1q Tunneling Design Issues:
================================
Assumes L2 network end to end
- PE - P - PE links must all run layer 2 trunking
- Implies scalability issues.
Additional tags increase payload size
- 4 bytes per tag
- potential to exceed MTU of the transit path
- Ethernet doesn't support fragmentation
Loass of control plane signaling for CE devices
- CDP, VTP, STP etc dropped by PE.
Layer 2 Protocol tunneling
==========================
used to tunnel layer 2 control plane protocols between ports
-used with 802.1 q tunnel
Support for .. -cdp, vtp, stp, PAgP, LACP, and UDLD.
EtherChannel over 802.1q Tunnels
===================================
CE can suppport aggregation of CE-PE links
eg 2*GigE per customer site
EtherChannel must be point to point
- Implies one metro tag per PE-CE link
PE can tunnel negotiation as well
-l2protocol-tunnel point-to-point [lacp | pagp]
No comments:
Post a Comment