Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
901
Views
3
Helpful
7
Replies

Selective Q-in-Q based on MAC address

ez9
Level 1
Level 1

‎03-05-2023 12:04 PM

Hello,

I am wondering if it is possible to map a vlan (C-VLAN) to an outer VLAN (S-VLAN) based on source MAC address. e.g if the traffic is coming on VLAN 1234 and the source MAC is the 1111.2222.3333, map this traffic to S-VLAN 5. If the traffic is coming again on VLAN 1234 and the source MAC is the 4444.5555.6666 map this traffic to S-VLAN 6.

Labels:
7 Replies 7

M02@rt37
VIP
VIP

‎03-07-2023 04:00 AM

Hello @ez9 

what is your switch's model ?

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

ez9
Level 1
Level 1

‎03-07-2023 04:34 AM

Hello, 

Cisco catalyst 4500E (eg 4948E) or Cisco Nexus 9000 (9396, 93180). If this configuration is supported by any other platform/model I would be happy to test it.

0 Helpful

M02@rt37
VIP
VIP
In response to ez9

‎03-07-2023 06:20 AM - edited ‎03-07-2023 06:20 AM

@ez9 

On the Cisco Nexus 9000, you can achieve this by using the VLAN translation feature, which allows you to map one VLAN to another VLAN based on various criteria, including the source MAC address.

Here is an example configuration for mapping VLAN 1234 to S-VLAN 5 for the source MAC address 1111.2222.3333 on the Cisco Nexus 9000:


vlan access-map mac-map 10
match mac address 1111.2222.3333
action translate vlan 5
vlan access-map mac-map 20
action forward
vlan filter mac-map vlan-list 1234

Similarly, you can map VLAN 1234 to S-VLAN 6 for the source MAC address 4444.5555.6666 as follows:

vlan access-map mac-map 30
match mac address 4444.5555.6666
action translate vlan 6
vlan access-map mac-map 40
action forward
vlan filter mac-map vlan-list 1234

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

M02@rt37
VIP
VIP
In response to ez9

‎03-07-2023 06:21 AM

@ez9 

On the Cisco Catalyst 4500E, you can achieve this by using the VLAN mapping feature, which allows you to map one VLAN to another VLAN. You can use the MAC address table on the switch to identify the source MAC address of the traffic and then map it to the desired S-VLAN.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

ez9
Level 1
Level 1

‎03-07-2023 09:34 AM - edited ‎03-07-2023 09:34 AM

Hello,

Thank you very much for the detailed info and also for the examples. Do you know if these solutions have any performance hit? The frames are translating through the hardware of the frames are processing on the CPU? I am going to give this a try and I will let you know if this is working as expected.
Also, it there a similar solution for ASR1k and ASR9k platforms?
0 Helpful

M02@rt37
VIP
VIP
In response to ez9

‎03-08-2023 04:33 AM

Hello @ez9 

you're welcome!

MAC-based VLAN mapping is usually implemented in hardware on modern network switches and routers, so there should not be a significant performance hit. The mapping is performed by the switch's ASIC, which is designed specifically for high-speed packet processing. Therefore, the switch's hardware should be able to process the mapping efficiently and with minimal impact on performance.

For ASR1k and ASR9k, I don't known. 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

ez9
Level 1
Level 1

‎03-08-2023 06:08 AM

Thank you, I just tried the vlan access-map on Nexus 9396 and on Nexus 9364 but there is no option for "action translate vlan 'id'". The only options are drop, forward, redirect. Also 'match mac address' is getting as varial a MAC address access list and not directly the mac address. Maybe you can share the documentation about the commads that you sent to check if these commands are supported on my platform?

0 Helpful
Customers Also Viewed These Support Documents