Cisco Systems 3560X, 3750-X, WSC3750X48TS

19-3

Catalyst 3750-X and 3560-X Switch Software Configuration Guide

OL-21521-01

Chapter 19 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling Understanding IEEE 802.1Q Tunneling

Figure 19-2 Original (Normal), IEEE 802.1Q, and Double-Tagged Ethernet Packet Formats

When the packet enters the trunk port of the service-provider egress switch, the outer tag is again

stripped as the switch internally processes the packet. However, the metro tag is not added when the

packet is sent out the tunnel port on the edge switch into the customer network. The packet is sent as a

normal IEEE 802.1Q-tagged frame to preserve the original VLAN numbers in the customer network.

In Figure 19-1, Customer A was assigned VLAN 30, and Customer B was assigned VLAN 40. Packets

entering the edge switch tunnel ports with IEEE 802.1Q tags are double-tagged when they enter the

service-provider network, with the outer tag containing VLAN ID 30 or 40, appropriately, and the inner

tag containing the original VLAN number, for example, VLAN 100. Even if both Customers A and B

have VLAN 100 in their networks, the traffic remains segregated within the service-provider network

because the outer tag is different. Each customer controls its own VLAN numbering space, which is

independent of the VLAN numbering space used by other customers and the VLAN numbering space

used by the service-provider network.

At the outbound tunnel port, the original VLAN numbers on the customer’s network are recovered. It is

possible to have multiple levels of tunneling and tagging, but the switch supports only one level in this

release.

If traffic coming from a customer network is not tagged (native VLAN frames), these packets are bridged

or routed as normal packets. All packets entering the service-provider network through a tunnel port on

an edge switch are treated as untagged packets, whether they are untagged or already tagged with IEEE

802.1Q headers. The packets are encapsulated with the metro tag VLAN ID (set to the access VLAN of

the tunnel port) when they are sent through the service-provider network on an IEEE 802.1Q trunk port.

The priority field on the metro tag is set to the interface class of service (CoS) priority configured on the

tunnel port. (The default is zero if none is configured.)

On Catalyst 3750-X switches, because 802.1Q tunneling is configured on a per-port basis, it does not

matter whether the switch is a standalone switch or a stack member. All configuration is done on the

stack master.

Double-tagged

frame in service

provider

infrastructure

IEE 802.1Q frame from

customer network

Original Ethernet frame

Destination

address Length/

EtherType Frame Check

Sequence

Source

address

SADA Len/Etype Data FCS

SADA Len/Etype DataEtype Ta g FCS

SADA Len/Etype DataEtype Tag Etype Tag FCS

74072