13-12
Cisco ME 3400 EthernetAccess Switch SoftwareConfiguration Guide
78-17058-01
Chapter13 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
Configuring Layer 2 Protocol Tunneling
The switch supports PAgP, LACP, and UDLD tunneling for emulated point-to-point network
topologies. Protocol tunneling is disabled by default but can be enab led for the individual protocols
on IEEE 802.1Q tunnel ports or on access ports.
If you enable PAgP or LACP tunneling, we recommend that you also enable UDLD on the interface
for faster link-failure detection.
Loopback detection is not supported on Layer 2 protocol tunneling of PAgP, LACP, or UDLD
packets.
EtherChannel port groups are compatible with tunnel ports when the IEEE 802.1Q configuration is
consistent within an EtherChannel port group.
If an encapsulated PDU (with the proprietary destination MAC address) is received from a tunnel
port or an access port with Layer 2 tunneling enabled, the tu nnel port is shut down to prevent loops.
The port also shuts down when a configured shutdown threshold for the protocol is reache d. You can
manually re-enable the port (by entering a shutdown and a no shutdown command sequence). If
errdisable recovery is enabled, the operation is retried after a specified time interval.
Only decapsulated PDUs are forwarded to the customer network. The spanning-tree instance
running on the service-provider network does not forward BPDUs to tunnel ports. CD P packets are
not forwarded from tunnel ports.
When protocol tunneling is enabled on an interface, you can set a per-protocol, per-port, shutdown
threshold for the PDUs generated by the customer network. If the limit is exceeded, the port shuts
down. You can also limit BPDU rate by using QoS ACLs and policy maps on a tunnel port.
When protocol tunneling is enabled on an interface, you can set a per-protocol, per-port, drop
threshold for the PDUs generated by the customer network. If the limit is exceeded, the port drops
PDUs until the rate at which it receives them is below the drop threshold.
Because tunneled PDUs (especially STP BPDUs) must be delivered to all remote sites so that the
customer virtual network operates properly, you can give PDUs higher priority within th e
service-provider network than data packets received from the same tunnel port . By de fau lt, t he
PDUs use the same CoS value as data packets.
Configuring Layer 2 Protocol Tunneling
Beginning in privileged EXEC mode, follow these steps to configure a port for Layer 2 protocol
tunneling:
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Enter interface configuration mode, and enter th e interf ace to be conf igured
as a tunnel port. This should be the edge port in the service-provider
network that connects to the customer switch. Valid interfaces can be
physical interfaces and port-channel logical interfaces (port channels 1 to
48).
Step3 no shutdown Enable the port, if necessary. By default, UNIs are disabled, and NNIs are
enabled.
Step4 switchport mode access
or
switchport mode dot1q-tunnel
Configure the interface as an access port or an IEEE 802.1Q tunnel port.
The default switchport mode is access.