03-13-2024 01:00 AM
Goodmorning,
For multiple customers I have a Cisco 1117-4P where the ethernet0/2/0 interface is bridged with a VLAN interface so the custumer can connect their own router/firewall and let it handle the PPPoE session.
In the past we used the Cisco 887 for this with bridge groups. Now we use the Cisco 1117-4P with bridge domains. Till now, all our routers used IOS-XE 16 and the bridge-domain config we use works perfect. Last week I deplyed a new router at one of the customer sites and I cant get the VDSL bridge working. This new router used IOS-XE 17. After downgrading to IOS-XE 16 the same config works right from the start.
Below the configuration I use for configuring the bridge-domain (this works in IOS-XE 16 but not in IOS-XE 17):
vlan 1000
!
interface Vlan 1000
description BRIDGE-VLAN-INTERFACE
no ip address
no autostate
service instance 100 ethernet
encapsulation untagged
bridge-domain 100
!
interface Ethernet 0/2/0
description VDSL-BRIDGE
service instance 100 ethernet
encapsulation dot1q 6
rewrite ingress tag pop 1 symmetric
bridge-domain 100
!
interface GigabitEthernet 0/1/3
description Bridge
switchport mode access
switchport acces vlan 1000
!
After some testing I discoverd I could get it working in IOS-XE17 if I use the GI0/0/0 interface instead of the VLAN. Because we have many routers working with the config above I would like to get it working on the GI0/1/3 interface so when we need to upgrade the routers we don't need to change the cabling.
After some more testing I discoverd that the VLAN interface is not added to the bridge-domain unless I use encapsulation default under the VLAN interface, but the ethernet0/2/0 wont show up in the output of show bridge-domain.
Please help me solve or troubleshoot this issue.
03-13-2024 02:59 AM
interface Ethernet 0/2/0
description VDSL-BRIDGE
service instance 100 ethernet
encapsulation dot1q 6 <<--- what is 6 ? VLAN ?
rewrite ingress tag pop 1 symmetric
bridge-domain 100
Trying to understand the config, what is 6 ? are you referring VLAN here ?
reference :
03-13-2024 03:10 AM
Yes, 6 is the VLAN on the VDSL for internet.
The ISP offers multiple EVC's on the VDSL where each EVC has its own VLAN. For us it is always VLAN 6 for internet and VLAN 7 for VoIP services. VLAN 7 is handled by te router and VLAN 6 we need to pass trough to the customer router/firewall.
03-13-2024 03:05 AM - edited 03-13-2024 03:15 AM
-
(sorry, this needed to be a reply to balaji)
03-13-2024 01:28 PM
Hello @remon.braamse ,
>> I would like to get it working on the GI0/1/3 interface so when we need to upgrade the routers we don't need to change the cabling.
try the following:
int gi0/1/3
service instance 100 ethernet
encapsulation untagged
bridge-domain 100
Hope to help
Giuseppe
03-14-2024 01:07 AM - edited 03-14-2024 02:42 AM
Hi Giuseppe,
Thanks for your reply.
I tried your solution, but the sevice instance is not available under the gi0/1/3. I think because it is part of the switch.
I tried the "no switchport" command but this command is also not available. When I try the commands I get the % Incomplete command. error.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide