CHAPTER
18-1
Software Configuration Guide—Release 12.2(25)SG
OL-7659-03
18
Configuring 802.1Q and Layer 2 Protocol Tunneling
Virtual private networks (VPNs) provide enterprise-scale connectivity on a shared infrastructure, often
Ethernet-based, with the same security, prioritization, reliability, and manageability requirements of
private networks. Tunneling is a feature designed for service providers who carry traffic of multiple
customers across their networks and who are required to maintai n the VLAN and Layer 2 protocol
configurations of each customer without impacting the traffic of other customers. The Catalyst 4500
series switch supports IEEE 802.1Q tunneling and Layer 2 protocol tunneling.
Note 802.1Q requires Supervisor Engine V; Layer 2 protocol tunneling is supported on all supervisor engines.
Note For complete syntax and usage information for the switch commands used in this chapter, refer to the
Catalyst 4500 Series Switch Cisco IOS Command Reference and related publications at
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/index.htm.
This chapter contains these sections:
Understanding 802.1Q Tunneling, page 18-1
Configuring 802.1Q Tunneling, page 18-4
Understanding Layer 2 Protocol Tunneling, page 18-7
Configuring Layer 2 Protocol Tunneling, page 18-9
Monitoring and Maintaining Tunneling Status, page 18-12

Understanding 802.1Q Tunneling

The VLAN ranges required by different customers in the same Service Provider network might overlap,
and customer traffic through the infrastructure might be mixed. Assigning a unique range of VLAN IDs
to each customer would restrict customer configurations and could easily exceed the VLAN limi t (4096)
of the 802.1Q specification.
802.1Q tunneling enables Service Providers to use a single VLAN to support customers who have
multiple VLANs, while preserving customer VLAN IDs and keeping traffic in different customer
VLANs segregated.