Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
639
Views
5
Helpful
2
Replies

Why does a VRF peer need to support 802.1q tagging?

hfakoor222
Spotlight
Spotlight

‎07-04-2022 04:57 PM

In the CVD campus guide 

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html

it mentions:

 

 

 

A fusion device can be either a true routing platform, a Layer 3 switching platform, or a firewall must meet several technological requirements.  It must support:

●     Multiple VRFs—Multiple VRFs are needed for the VRF-Aware peer model.  For each VN that is handed off on the border node, a corresponding VN and interface is configured on the peer device.  The selected platform should support the number of VNs used in the fabric site that will require access to shared services. 

●     Subinterfaces (Routers or Firewall)—A virtual Layer 3 interface that is associated with a VLAN ID on a routed physical interface.  It extends IP routing capabilities to support VLAN configurations using the IEEE 802.1Q encapsulation.

●     Switched Virtual Interfaces (Layer 3 switch)—Represents a logical Layer 3 interface on a switch.  This SVI is a Layer 3 interface forwarding for a Layer 3 IEEE 802.1Q VLAN.

 

 

   IEEE 802.1Q—An internal tagging mechanism which inserts a 4-byte tag field in the original Ethernet frame between the Source Address and Type/Length fields.  Devices that support SVIs and subinterfaces will also support 802.1Q tagging

 

I don't understand why it needs to support vlan tagging. Is it because some of the packets it receives could be already tagged? That is my best guess. Other than that the fusion device is essentially providing VRF mapping at layer 3, so I can't understand why it require support for layer 2 tagging.

 

Can someone help explain this to me?


Thank you

Labels:
0 Helpful
2 Replies 2

paul driver
VIP
VIP

‎07-04-2022 11:25 PM

Hello
On a L3 switch, Traffic that is associated to specific subnet/vlan is routed through a logical sub interface call a switched virtual interface (L3 SVI)
However routers dont support SVIs only routed physical ports but they can be sub-divided into logical sub-interfaces These sub-interfaces can be also associated to a specific of subnet/vlan which is done by encapsulating traffic into a dot1q tag.

Best to just think of a tagged sub interface as a SVI residing on a router


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-05-2022 03:48 AM - edited ‎07-05-2022 03:49 AM

Hello @hfakoor222 ,

in a VRF lite context the fusion router acts as a multi VRF CE that is a subset of a full MPLS L3 VPN PE node.

in the forwarding plane each VRF is mapped to an 802.1Q  VLAN this can be a routed subinterface or it can be an SVI mapped to the associated VRF.

 

There is no usage of MPLS in SD Access, so the fusion router to save on the number of links it needs to use 802.1Q based subinterfaces or SVIs and a L2 802.1Q trunk.

The fusion router is also out of the VxVLAN campus fabric.

 

Hope to help

Giuseppe

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card