Configuring Layer 2 Tunneling - Cisco Catalyst 3550 series Software Configuration Manual

Chapter 15 Configuring 802.1Q and Layer 2 Protocol Tunneling
•
•
•
•
•
•
•
•

Configuring Layer 2 Tunneling

Beginning in privileged EXEC mode, follow these steps to configure a port for Layer 2 protocol
tunneling:
Command
Step 1
configure terminal
Step 2 interface interface-id
Step 3
switchport mode access
or
switchport mode dot1q-tunnel
Step 4
l2protocol-tunnel [cdp | stp | vtp]
78-11194-09
Dynamic Trunking Protocol (DTP) is not compatible with Layer 2 protocol tunneling because you
must manually configure asymmetric links with tunnel ports and trunk ports.
Tunneling is not supported on trunk ports. If you enter the l2protocol-tunnel interface configuration
command on a trunk port, the command is accepted, but Layer 2 tunneling does not take affect
unless you change the port to a tunnel port or an access port.
EtherChannel port groups are compatible with tunnel ports when the 802.1Q configuration is
consistent within an EtherChannel port group.
If an encapsulated PDU (with the proprietary destination MAC address) is received from a tunnel
port or an access port with Layer 2 tunneling enabled, the tunnel port is shut down to prevent loops.
The port also shuts down when a configured shutdown threshold for the protocol is reached. You
can manually re-enable the port (by entering a shutdown and a no shutdown command sequence).
If errdisable recovery is enabled, the operation is retried after a specified time interval.
Only decapsulated PDUs are forwarded to the customer network. The spanning-tree instance
running on the SP network does not forward BPDUs to tunnel ports. CDP packets are not forwarded
from tunnel ports.
When protocol tunneling is enabled on an interface, you can set a per-protocol, per-port, shutdown
threshold for the PDUs generated by the customer network. If the limit is exceeded, the port shuts
down. You can also limit the BPDU rate by using QoS ACLs and policy maps on a tunnel port.
When protocol tunneling is enabled on an interface, you can set a per-protocol, per-port, drop
threshold for the PDUs generated by the customer network. If the limit is exceeded, the port drops
PDUs until the rate at which it receives them is below the drop threshold.
Because tunneled PDUs (especially STP BPDUs) must be delivered to all remote sites so that the
customer virtual network operates properly, you can give PDUs higher priority within the SP
network than data packets received from the same tunnel port. By default, the PDUs use the same
CoS value as data packets.
Purpose
Enter global configuration mode.
Enter interface configuration mode, and enter the interface to be configured
as a tunnel port. This should be the edge port in the SP network that
connects to the customer switch. Valid interfaces can be physical interfaces
and port-channel logical interfaces (port channels 1 to 64).
Configure the interface as an access port or as an 802.1Q tunnel port.
Enable protocol tunneling for the desired protocol. If no keyword is entered,
tunneling is enabled for all three Layer 2 protocols.
Catalyst 3550 Multilayer Switch Software Configuration Guide
Configuring Layer 2 Protocol Tunneling
15-11