QinQ Configuration

introduction introduction qinq, short for "802 1q in 802 1q," is a simple layer 2 vpn (virtual private network) protocol based on ieee 802 1q technology qinq adds an additional vlan tag to private network packets, enabling them to carry two layers of vlan tags this allows packets to traverse the carrier's core network (also known as the public network), enabling the carrier to provide services for user networks containing multiple vlans when packets traverse the carrier network and reach the private network device on the other side of the carrier network, flooding or fdb lookup occurs within the outer vlan when qinq packets are output from the downstream port, the outer vlan is stripped, and data forwarding occurs within the inner vlan initially, qinq was primarily developed to expand the vlan space it achieves this by adding an additional layer of 802 1q tags on top of existing 802 1q packets, increasing the vlan count to 4094 4094 with the development of metropolitan ethernet and the demand for refined operations by carriers, qinq's dual layer tagging has found further applications its inner and outer tags can represent different information, such as the inner tag representing users and the outer tag representing services due to its ease of use, qinq has been widely adopted by various carriers particularly, the emergence of flexible qinq has made qinq services more favored and endorsed by carriers, offering features such as effective separation between vlans of different users and public network vlans, and maximizing savings on carrier network vlan resources explanation of principles explanation of principles basic qinq basic qinq basic qinq, also known as qinq layer 2 tunneling, is configured through interfaces once the basic qinq feature is enabled on an interface, when the device receives a data packet on that interface, it attaches the vlan tag of the default vlan for that interface to the packet if the received data packet already carries a vlan tag, it becomes a double tagged packet if the incoming data packet lacks a vlan tag, it will be tagged with the vlan tag of the interface's default vlan when there is a need to utilize multiple vlans, the basic qinq feature can be configured by adding an outer tag to the vlan, thereby expanding the numerical range of available vlans and addressing the issue of limited vlan quantity resources flexible qinq flexible qinq flexible qinq is a more versatile implementation of qinq, combining the characteristics of interfaces and vlans in the case of data packets received on the same interface with different inner vlan ids, flexible qinq adds distinct outer vlan tags to them compared to basic qinq, flexible qinq extends its functionality, providing greater flexibility and diversity the key differences between the two are basic qinq all frames entering the layer 2 qinq interface receive the same outer tag flexible qinq frames entering the layer 2 qinq interface can have different outer tags added based on their different inner tags, allowing for a more detailed segmentation of user vlans qinq configuration qinq configuration configure tasks instructions modify interface tpid optional configure interface based basic qinq rules optional configure vlan based flexible qinq functionality optional modifying interface tpid modifying interface tpid the tag protocol identifier (tpid) is a field within vlan tags used to indicate the protocol type of the vlan tag by inspecting the corresponding tpid value, devices can determine whether the frame carries a service provider vlan tag or a user vlan tag different service providers may set the tpid of the outer vlan tag of qinq frames to different values to ensure compatibility with these systems, the tpid value can be modified so that qinq frames sent to the public network carry the same tpid value as a specific service provider, enabling interoperability with devices from that service provider operation command description enter the interface configuration view interface ethernet interface id modify interface tpid qinq protocol tpid default value 0x8100 configuring interface based basic qinq rules configuring interface based basic qinq rules when the port enables basic qinq, all traffic entering the device from this port will be tagged with the default vlan tag of this port if the received packet is untagged, a vlan tag of the default vlan of this port will be added to the packet if the received packet is tagged, another layer of the default vlan tag of this port will be added outside the existing vlan tag of the packet, making it a double tagged packet operation command description enter the interface configuration view interface ethernet interface id configuring interface based basic qinq rules qinq enable configuring vlan based flexible qinq functionality configuring vlan based flexible qinq functionality building upon basic qinq, it supports matching the vlan carried by incoming packets and encapsulating them with a specified vlan if the packet does not carry a vlan, an additional layer of the vlan corresponding to the port vlan id (pvid) will be added to it if the packet carries a vlan, it will attempt to match the configured rules if a match is found, an additional layer of the vlan specified in the rule will be added to the packet operation command description enter the interface configuration view interface ethernet interface id configuring interface based basic qinq rules vlan stack tagged vlan id stack id \[remark tc value ] stack id specifies the outer vlan tag after stacking remark tc modifies the packet priority display and maintenance display and maintenance operation command view the qinq protocol configuration on an interface show interface qinq protocol \[interface name] view the vlan stack functionality configuration on an interface show interface vlan stack tagged configuration example configuration example network requirements network requirements two branches of a company communicate through the operator's network, and the company's internal services use vlan 100 and 200 to interoperate the operator's network provides vlan 101 and tpid 8200 procedure procedure the configuration of switch a and switch b is the same, here is the example of switch a create vlan 100, 200 and add the corresponding physical interfaces to the vlan sonic(config)# vlan 100 sonic(config)# interface ethernet 1 sonic(config if 1)# switchport trunk vlan 100 sonic(config)# interface ethernet 2 sonic(config if 2)# switchport trunk vlan 100 sonic(config)# vlan 200 sonic(config)# interface ethernet 3 sonic(config if 3)# switchport trunk vlan 200 sonic(config)# interface ethernet 4 sonic(config if 4)# switchport trunk vlan 200 add the user side interface to the operator provided vlan in access mode sonic(config)# vlan 101 sonic(config)# port group ethernet 1 4 sonic(config port group 1 4)# switchport access vlan 101 configure the operator side interface to allow access to the vlan provided by the operator sonic(config)# vlan 101 sonic(config)# interface ethernet 49 sonic(config if 49) switchport trunk vlan 101 enable qinq on the user side interface and configure the vlan tag to be added sonic(config)# interface ethernet 1 sonic(config if 1)# qinq enable sonic(config)# interface ethernet 2 sonic(config if 2)# qinq enable sonic(config)# interface ethernet 3 sonic(config if 3)# qinq enable sonic(config)# interface ethernet 4 sonic(config if 4)# qinq enable configure the tpid of the operator's network for the operator side interface sonic(config)# interface ethernet 49 sonic(config if 49)# qinq protocol 0x8200 verify configuration verify configuration the pcs in the same vlan under switch a and switch b can communicate with each other