I currently have a Metro E setup using ME3800 switches. Since I can't dictate customer networks, i.e. ip addressing and vlans, there may be some of these that overlap between customers. To accommodate for this we q in q with l2protocol tunnel cdp stp vtp dtp lldp on each customer port/service instance. I need to try an use an ASR1002 at one of my locations and provide this same functionality. However, the ASR1002 does not allow for the l2protocol command, only peer and forward.

Support has told me that l2protocol forward should work the same way, since I am in fact putting each customer in its own bridge-domain.  Does anyone know this to be true. If thats the case why have the 2 different commands. To me l2 protocol tunneling is the only way to achieve what I am looking for as it is the only way to truly separate customer traffic. I have having a hard time understanding the exact difference between forward and tunnel when I am reading about them.

Any body have any thoughts, experience, or knowledge on this? Or if in fact forward can be used for what I am trying to accomplish?