Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1205
Views
4
Helpful
6
Replies

SVLAN ID didn't shown in trunk with Selective Q-in-Q

codenamexe
Level 1
Level 1

‎07-05-2023 06:14 PM - edited ‎07-05-2023 06:25 PM

Greetings.

 

I'm testing Selective Q-in-Q with subinterface to consolidate some dot1Q  interfaces into one trunk.

So, I've set up lab and did configuration according to Cisco documentation.

Layer 2 Configuration Guide, Cisco IOS XE Bengaluru 17.6.x (Catalyst 9500 Switches) - Configuring VLAN Mapping [Support] - Cisco

PE#1 and #2 is C9606 with SUP-1 and IOS-XE 17.6.4, L2#1 and #2 is C9500-48Y4C with IOS-XE 17.6.4.

Test lab diagram and configuration is like below.

codenamexe_0-1688605375693.png

 

After set up lab, I've performed ping test between PE#1 and PE#2 for each VRFs, and all works.

But when I set port mirroring on L2 and capture packets going through trunk between L2#1 and L2#2, only VLAN ID that I can see is CVLAN ID. At first, I've doubted that Selective Q-in-Q is problem, but traditional dot1Q tunnel config also doesn't show any SVLAN ID in packet that goes through trunk.

-Session Monitor config : Source Twe1/0/9(Both), Destination Twe1/0/48(using GLC-T), Encapsulation Relicate

It seems like Selective Q-in-Q is working because when I remove certain SVLAN on trunk between L2, CVLAN mapped with that SVLAN cannot communicate. But I'm not sure why I cannot see double VLAN ID with SVLAN and CVLAN.

Is there I did something wrong, or is this expected behavior?

 

Labels:
6 Replies 6

M02@rt37
VIP
VIP

‎07-05-2023 10:07 PM

Hello @codenamexe,

In my comprehention, Selective Q-in-Q deployments, the outer VLAN (SVLAN) and inner VLAN (CVLAN) tags are used to differentiate and isolate traffic from different VLANs. It is expected behavior that when capturing packets on the trunk interface, you only see the CVLAN ID and not the SVLAN ID.

The reason for this is that the SVLAN tag is added and removed within the S-QinQ-capable switches. It is not transmitted over the trunk link between the switches. Only the CVLAN tag is carried over the trunk interface.

When a frame enters a switch configured for S-QinQ, the outer SVLAN tag is added based on the mapping configuration, and the frame is forwarded with both the SVLAN and CVLAN tags within the switch. However, when the frame leaves the switch and traverses the trunk interface, only the CVLAN tag remains.

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

codenamexe
Level 1
Level 1
In response to M02@rt37

‎07-05-2023 11:30 PM - edited ‎07-06-2023 12:23 AM

Could you tell me more detailed about "trunk" in this sentence that you said?

"The reason for this is that the SVLAN tag is added and removed within the S-QinQ-capable switches. It is not transmitted over the trunk link between the switches. Only the CVLAN tag is carried over the trunk interface."

As I understand, SVLAN ID should added/removed over CVLAN ID when packet goes through trunk between PE and L2, but SVLAN ID should be intact while goes through trunk between QinQ L2 since it needs SVLAN ID to be allowed by trunk's allowed vlan config.

One more thing.
Besides Selective QinQ, I cannot understand why traditional dot1Q tunnel's packet doesn't show any SVLAN ID also. I have one pair of C9500-40X with IOS-XE 16.9.4, and it shows SVLAN and CVLAN.

0 Helpful

MHM Cisco World
VIP
VIP
In response to codenamexe

‎07-06-2023 01:28 AM

this not complete config, can I see complete config of both Q-in-Q

0 Helpful

codenamexe
Level 1
Level 1
In response to MHM Cisco World

‎07-06-2023 01:34 AM

Do I need to post "show all"?

MHM Cisco World
VIP
VIP
In response to codenamexe

‎07-06-2023 01:41 AM

Yes please 

0 Helpful
Customers Also Viewed These Support Documents