Filter
Top Products
25-17
Software Configuration Guide—Release 15.0(2)SG
OL-23818-01
Chapter 25 Configuring 802.1Q Tunneling, VLAN Mapping, and Layer 2 Protocol Tunneling
Configuring Layer 2 Protocol Tunneling
• Because tunneled PDUs (especially STP BPDUs) must be delivered to all remote sites so that the
customer virtual network operates properly, you can give PDUs higher priority within the service
provider network than data packets received from the same tunnel port. By default, the PDUs use
the same CoS value as data packets.
• The following issue applies when you enable QoS on Layer 2 protocol tunneling packets (not
applicable to Supervisor Engine 6-E and 6L-E):
Because of a hardware limitation, supervisor engines cannot police control packets on ports enabled
for port security. Because the learning behavior for Layer 2 protocol tunneling source (src) MAC is
influenced by configuring protocol tunneling on any switch interface, this limitation for Layer 2
protocol tunneling packets translates into the following: When Layer 2 protocol tunneling is
configured on any port in the system, supervisor engines other than 6-E and 6L-E cannot police
Layer 2 protocol tunneling packets on a port enabled for port security. Layer 2 protocol tunneling
packets are treated as control packets (source MAC not learned) once Layer 2 protocol tunneling is
configured for any supported control protocol.
Note If Layer 2 protocol tunneling is not configured on a system, Layer 2 protocol tunneling packets
are handled as data packets and this situation does not apply.
Configuring Layer 2 Tunneling
To configure a port for Layer 2 protocol tunneling, perform this task:
Command Purpose
Step 1
Switch# configure terminal
Enters global configuration mode.
Step 2
Switch(config)# interface
interface-id
Enters interface configuration mode, and enter the interface to be
configured as a tunnel port. This should be the edge port in the service
provider network that connects to the customer switch. Valid interfaces can
be physical interfaces and port-channel logical interfaces (port channels 1
to 64).
Step 3
Switch(config-if)# switchport
mode access
or
Switch(config-if)# switchport
mode dot1q-tunnel
or
Switch(config-if)# switchport
mode trunk
Configures the interface as an access port, an 802.1Q tunnel port or a trunk
port.
Step 4
Switch(config-if)#
l2protocol-tunnel
[cdp | stp | vtp]
Enables protocol tunneling for the desired protocol. If no keyword is
entered, tunneling is enabled for all three Layer 2 protocols.
Step 5
Switch(config-if)#
l2protocol-tunnel
shutdown-threshold
[cdp | stp | vtp]
value
(Optional) Configures the threshold for packets-per-second accepted for
encapsulation. The interface is disabled if the configured threshold is
exceeded. If no protocol option is specified, the threshold applies to each of
the tunneled Layer 2 protocol types. The range is 1 to 4096. The default is
to have no threshold configured.
Note If you also set a drop threshold on this interface, the
shutdown-threshold value must be greater than or equal to the
drop-threshold value.