Layer 2 Tunneling for EtherChannels

Toconfigure Layer 2 point-to-point tunneling to facilitate the automatic creation of EtherChannels, you need
toconfigure both the SP (service-provider)edge switch and the customer switch.
Related Topics
ConfiguringLayer 2 ProtocolTunneling, on page 135
Example:Configuring Layer 2 Protocol Tunneling, on page 144
Information about Tunneling

IEEE 802.1Q and Layer 2 Protocol Overview

Virtualprivate networks (VPNs) provide enterprise-scale connectivity on a shared infrastructure, often
Ethernet-based,with the same security, prioritization, reliability, and manageability requirements of private
networks.Tunneling is a feature designed for service providers who carry traffic of multiple customers across
theirnetworks and are required to maintain the VLAN and Layer 2 protocol configurations of each customer
withoutimpacting the traffic of other customers.
Forcomplete syntax and usage information for the commands used in this chapter, see the command
referencefor this release.
Note

IEEE 802.1Q Tunneling

Businesscustomers of service providers often have specific requirements for VLAN IDs and the number of
VLANsto besupported. The VLAN rangesrequired by differentcustomers in the same service-provider
networkmight overlap, and traffic of customers through the infrastructure might be mixed. Assigning a unique
rangeof VLANIDs toeach customer would restrictcustomer configurations and could easily exceed the
VLANlimit (4096) ofthe IEEE802.1Q specification.
Usingthe IEEE 802.1Q tunneling feature, service providers can use a single VLAN to support customers who
havemultiple VLANs. Customer VLAN IDs are preserved, and traffic from different customers is segregated
withinthe service-provider network, even when they appear to be in the same VLAN. Using IEEE 802.1Q
tunnelingexpands VLAN space by using a VLAN-in-VLAN hierarchy and retagging the tagged packets. A
portconfigured to support IEEE 802.1Q tunneling is called a tunnel port. When you configure tunneling, you
assigna tunnel port to a VLAN ID that is dedicated to tunneling. Each customer requires a separate
service-providerVLAN ID, but that VLAN IDsupports allof the customersVLANs.
Customertraffic tagged in the normal way with appropriate VLAN IDs comesfrom an IEEE802.1Q trunk
porton the customer device and into a tunnel port on the service-provider edge switch. The link between the
customerdevice and the edge switch is asymmetric because one end is configured as an IEEE 802.1Q trunk
Catalyst 2960-XR Switch VLAN Configuration Guide, Cisco IOS Release 15.0(2)EX1
124 OL-29440-01
Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
Layer 2 Tunneling for EtherChannels