- Overview
- Configuring VLAN Trunking Protocol
- Configuring VLANs
- Configuring VLAN Trunks
- Configuring Asymmetric VLAN Mapping
- Configuring VMPS
- Configuring Private VLANs
- Configuring IEEE 802.1Q Tunneling
- Configuring VLAN Mapping
- Configuring Layer 2 Protocol Tunneling
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Resilient Ethernet Protocol
- Configuring UDLD
- Configuring Voice VLAN
Configuring VLAN Mapping
The Cisco 2520 Connected Grid Switch (CGS 2520) supports VLAN mapping (or VLAN ID translation) on trunk ports.
Note
VLAN Mapping is not supported on the Cisco Industrial Ethernet 2000U Series (IE 2000U) switch or the Ethernet Switch Module (ESM) for CGR 2010.
This chapter includes the following sections:
- Information About VLAN Mapping
- Prerequisites
- Guidelines and Limitations
- Default Settings
- Configuring VLAN Mapping
- Verifying Configuration
- Configuration Example
- Related Documents
- Feature History
Note For complete syntax and usage information for the commands used in this chapter, see the documents listed in the “Related Documents” section.
Information About VLAN Mapping
Another way to establish service provider VLANs is to configure VLAN mapping (or VLAN ID translation) on trunk ports connected to a customer network to map customer VLANs to service-provider VLANs. Packets entering the port are mapped to a service provider VLAN (S-VLAN) based on the port number and the original customer VLAN-ID (C-VLAN) of the packet.
In a typical metro deployment, VLAN mapping takes place on user network interfaces (UNIs) or enhanced network interfaces (ENIs) that face the customer network. However, you are not prevented from configuring VLAN mapping on network node interfaces (NNIs).
Because the VLAN ID is mapped to the S-VLAN on ingress, on the switch all forwarding operations are performed by using S-VLAN information and not C-VLAN information.
Note When you configure features on a port that has VLAN mapping configured, you always use the S-VLAN (translated VLAN) ID, not the customer VLAN-ID (C-VLAN).
On an interface configured for VLAN mapping, the specified C-VLAN packets are mapped to the specified S-VLAN when they enter the port. Symmetrical mapping back to the customer C-VLAN occurs when packets exit the port.
The switch supports these types of VLAN mapping on UNI trunk ports:
- One-to-one VLAN mapping occurs at the ingress and egress of the port and maps the customer C-VLAN ID in the 802.1Q tag to the service-provider S-VLAN ID. You can also specify that packets with all other VLAN IDs are dropped.
- Selective QinQ maps the specified customer VLANs entering the UNI to the specified S-VLAN ID. The S-VLAN is added to the incoming unmodified C-VLAN. You can also specify that traffic carrying all other customer VLAN IDs is dropped.
- Traditional 802.1Q tunneling (QinQ) performs all-to-one bundling of C-VLAN IDs to a single S-VLAN ID for the port. The S-VLAN is added to the incoming unmodified C-VLAN. You can configure the UNI as an 802.1Q tunnel port for traditional QinQ, or you can configure selective QinQ on trunk ports for a more flexible implementation. Mapping takes place at ingress and egress of the port. All packets on the port are bundled into the specified S-VLAN.
Note Untagged packets enter the switch on the trunk native VLAN and are not mapped.
For quality of service (QoS), the switch has flexible mapping between C-CoS or C-DSCP and S-CoS and maps the inner CoS to the outer CoS for traffic with traditional QinQ or selective QinQ VLAN mapping. For more information, see the “802.1Q Tunneling CoS Mapping” section in the QoS Software Configuration Guide for Cisco IE 2000U and Connected Grid Switches.
Mapping Customer VLANs to Service-Provider VLANs
Figure 9-1 shows a topology where a customer uses the same VLANs in multiple sites on different sides of a service-provider network. You map the customer VLAN IDs to service-provider VLAN IDs for packet travel across the service-provider backbone. The customer VLAN IDs are retrieved at the other side of the service-provider backbone for use in the other customer site. Configure the same set of VLAN mappings at a customer-connected port on each side of the service-provider network.
See the examples following the configuration steps for using one-to-one mapping, traditional QinQ, or selective QinQ to map customer VLANs 1 to 5 to service-provider VLANs.
Figure 9-1 Mapping Customer VLANs
Prerequisites
- Be familiar with the information in the “Information About VLAN Mapping” section and “Guidelines and Limitations” section.
- Ensure that your network strategy and planning for your network are complete. For example, you must decide what type of VLAN mapping your network requires.
Guidelines and Limitations
- Traditional QinQ uses 802.1Q tunnel ports; you configure one-to-one VLAN mapping and selective QinQ on 802.1Q trunk ports.
- To avoid mixing customer traffic, when you configure traditional Q-in-Q on a trunk port, you should configure the service provider S-VLAN ID as an allowed VLAN on the trunk port.
- On a switch interface configured for VLAN mapping, mapping to the S-VLAN occurs on traffic entering the switch. Therefore, when you configure other features on an interface configured for VLAN mapping, you should use the S-VLAN ID, except when configuring VLAN mapping and Ethernet E-LMI. When configuring E-LMI on an interface, use the C-VLAN when entering the ethernet lmi ce-vlan map vlan-id service instance configuration mode command.
- When you configure VLAN mapping on an EtherChannel, the mapping applies to all ports in the port channel.
- You cannot configure encapsulation replicate on a SPAN destination port if the source port is configured as a tunnel port or has a 1-to-2 mapping configured. Encapsulation replicate is supported with 1-to-1 VLAN mapping.
- To determine switch resources used for VLAN mapping, enter the show vlan mapping usage or show platform vlan mapping privileged EXEC command.
Default Settings
Configuring VLAN Mapping
These procedures show how to configure each type of VLAN mapping on trunk ports. To verify your configuration, enter the show interfaces interface-id vlan mapping or show vlan mapping privileged EXEC commands. See the “Verifying Configuration” section for the syntax of these commands.
One-to-One Mapping
Follow this procedure to configure one-to-one VLAN mapping to map a customer VLAN ID to a service-provider VLAN ID. You can use the default drop keywords to specify that traffic is dropped unless both the specified C-VLAN ID and S-VLAN ID combination is explicitly mapped.
BEFORE YOU BEGIN
Review the “Guidelines and Limitations” section.
DETAILED STEPS
Use the no switchport vlan mapping vlan-id translated-id command to remove the VLAN mapping information. Entering no switchport vlan mapping all deletes all mapping configurations.
EXAMPLE
This example shows how to map VLAN IDs 1 to 5 in the customer network to VLANs 101 to 105 in the service-provider network as shown in Figure 9-1. You configure these same VLAN mapping commands for a port in Switch A and Switch B. The traffic on any other VLAN IDs is dropped.
In the previous example, at the ingress of the service-provider network, VLAN IDs 1 to 5 in the customer network are mapped to VLANs 101 to 105, respectively, inside of the service-provider network. At the egress of the service-provider network, VLANs 101 to 105 in the service-provider network are mapped to VLAN IDs 1 to 5, respectively, in the customer network.
Traditional QinQ on a Trunk Port
Follow this procedure to configure VLAN mapping for traditional QinQ on a trunk port or tunneling by default. Configuring tunneling by default bundles all packets on the port into the configured S-VLAN.
BEFORE YOU BEGIN
Review the “Guidelines and Limitations” section.
DETAILED STEPS
Use the no switchport vlan mapping tunnel default outer vlan-id command to remove the VLAN mapping configuration. Entering no switchport vlan mapping all deletes all mapping configurations.
EXAMPLE
This example shows how to bundle all traffic on the port to leave the switch with the S-VLAN ID of 100:
Selective QinQ on a Trunk Port
Follow this procedure to configure VLAN mapping for selective QinQ on a trunk port. Note that you can configure one-to-one mapping and selective QinQ on the same interface, but you cannot use the same C-VLAN IDs in both configurations. You can use the default drop keywords to specify that traffic is dropped unless the specified C-VLAN ID and S-VLAN ID combination is explicitly mapped.
BEFORE YOU BEGIN
Review the “Guidelines and Limitations” section.
DETAILED STEPS
Use the no switchport vlan mapping vlan-id dot1q-tunnel outer vlan-id command to remove the VLAN mapping configuration. Entering no switchport vlan mapping all deletes all mapping configurations.
EXAMPLE
This example shows how to configure selective QinQ mapping on the port so that traffic with a C-VLAN ID of 1 to 5 enters the switch with an S-VLAN ID of 100. The traffic of any other VLAN IDs is dropped.
Verifying Configuration
Configuration Example
This example shows how to map VLAN IDs 1 to 5 in the customer network to VLANs 101 to 105 in the service-provider network as shown in Figure 9-1. You configure these same VLAN mapping commands for a port in Switch A and Switch B. The traffic on any other VLAN IDs is dropped.
This example shows how to bundle all traffic on the port to leave the switch with the S-VLAN ID of 100:
This example shows how to configure selective QinQ mapping on the port so that traffic with a C-VLAN ID of 1 to 5 enters the switch with an S-VLAN ID of 100. The traffic of any other VLAN IDs is dropped.
Related Documents
Feature History
|
|
|
|---|---|
Feedback