1-2
Figure 1-2 Structure of packets with double-layer VLAN tags
Destination MAC address
031
Data
Source MAC address
15
Inner VLAN Tag
Outer VLAN Tag
Compared with MPLS-based Layer 2 VPN, VLAN-VPN has the following features:
z It provides Layer 2 VPN tunnels that are simpler.
z VLAN-VPN can be implemented through manual configuration. That is, signaling protocol-related
configuration is not needed.
The VLAN-VPN feature provides you with the following benefits:
z Saves public network VLAN ID resource.
z You can have VLAN IDs of your own, which is independent of public network VLAN IDs.
z Provides simple Layer 2 VPN solutions for small-sized MANs or intranets.
Implementation of VLAN-VPN With the VLAN-VPN feature enabled, no matter whether or not a received packet already carries a
VLAN tag, the switch will tag the received packet with the default VLAN tag of the receiving port and add
the source MAC address to the MAC address table of the default VLAN. When a packet reaches a
VLAN-VPN-enabled port:
z If the packet already carries a VLAN tag, the packet becomes a dual-tagged packet.
z Otherwise, the packet becomes a packet carrying the default VLAN tag of the port.
Configuring the TPID for VLAN-VPN Packets A VLAN tag uses the tag protocol identifier (TPID) field to identify the protocol type of the tag. The value
of this field is 0x8100 for IEEE 802.1Q.
Figure 1-3 illustrates the structure of the IEEE 802.1Q VLAN tag in an Ethernet frame.
Figure 1-3 The structure of the VLAN tag in an Ethernet frame
A Switch 4500 switch determines whether a received frame is VLAN tagged by comparing its own
TPID with the TPID field in the received frame. If they match, the frame is considered as a VLAN tagged
frame. If not, the switch tags the frame with the default VLAN tag of the receiving port.
By default, Switch 4500 series switches adopt the IEEE 802.1Q TPID value 0x8100. Some vendors,
however, use other TPID values such as 0x9100. For compatibility with these systems, the Switch 4500
series switches allow you to change the TPID that a port uses when tagging a received VLAN-VPN