Licensing Requirements For Q-In-Q Tunnels; Guidelines And Limitations; Configuring Q-In-Q Tunnels And Layer 2 Protocol Tunneling - Cisco 7604-RSP720C-R Configuration Manual

Chapter 9 Configuring Q-in-Q VLAN Tunnels
S e n d d o c u m e n t c o m m e n t s t o n e x u s 7 k - d o c f e e d b a c k @ c i s c o . c o m

Licensing Requirements for Q-in-Q Tunnels

The following table shows the licensing requirements for this feature:
Product
Cisco NX-OS

Guidelines and Limitations

Q-in-Q tunnels and Layer 2 tunneling have the following configuration guidelines and limitations:
•
•
•
•
•
•
•
•
•
•
•
•
•

Configuring Q-in-Q Tunnels and Layer 2 Protocol Tunneling

This section describes how to configure Q-in-Q tunnels and Layer 2 protocol tunneling on Cisco Nexus
7000 Series devices.
This section includes the following topics:
•
OL-23435-03
License Requirement
802.1Q-in-Q VLAN tunneling and L2 protocol tunneling require no license. Any
feature not included in a license package is bundled with the Cisco NX-OS system
images and is provided at no extra charge to you. For a complete explanation of the
Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide.
Switches in the service-provider network must be configured to handle the increase in MTU size due
to Q-in-Q tagging.
MAC address learning for Q-in-Q tagged packets is based on the outer VLAN (Service Provider
VLAN) tag. Packet forwarding issues may occur in deployments where a single MAC address is
used across multiple inner (customer) VLANs.
Layer 3 and higher parameters cannot be identified in tunnel traffic (for example, Layer 3
destination and source addresses). Tunneled traffic cannot be routed.
Cisco Nexus 7000 Series devices can provide only MAC-layer ACL/QoS for tunnel traffic (VLAN
IDs and src/dest MAC addresses).
You should use MAC address-based frame distribution.
Asymmetrical links do not support the Dynamic Trunking Protocol (DTP) because only one port on
the link is a trunk. You must configure the 802.1Q trunk port on an asymmetrical link to trunk
unconditionally.
You cannot configure the 802.1Q tunneling feature on ports that are configured to support private
VLANs. Private VLAN are not required in these deployments.
You must disable IGMP snooping on the tunnel VLANs.
Control Plane Policing (CoPP) is not supported.
You should run the vlan dot1Q tag native command to maintain the tagging on the native VLAN
and drop untagged traffic. This will prevent native VLAN misconfigurations,
You must manually configure the 802.1Q interfaces to be edge ports.
Dot1x tunneling is not supported.
You should perform an EPLD upgrade to newer versions in order for EtherType configuration to take
effect on some Cisco Nexus devices.
Creating a 802.1Q Tunnel Port, page 9-8
Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x
Licensing Requirements for Q-in-Q Tunnels
9-7