Operation Manual – VLAN-VPN
H3C S3100 Series Ethernet Switches
Chapter 1 VLAN-VPN Configuration
When configuring VLAN-VPN, go to these sections for information you are interested
in:
VLAN-VPN Overview
VLAN-VPN Configuration
Displaying and Maintaining VLAN-VPN Configuration
VLAN-VPN Configuration Example
1.1 VLAN-VPN Overview
1.1.1 Introduction to VLAN-VPN
Virtual private network (VPN) is a new technology that emerges with the expansion of
the Internet. It can be used for establishing private networks over the public network.
With VPN, you can specify to process packets on the client or the access end of the
service provider in specific ways, establish dedicated tunnels for user traffic on public
network devices, and thus improve data security.
VLAN-VPN feature is a simple yet flexible Layer 2 tunneling technology. It tags private
network packets with outer VLAN tags, thus enabling the packets to be transmitted
through the service providers' backbone networks with both inner and outer VLAN tags.
In public networks, packets of this type are transmitted by their outer VLAN tags (that is,
the VLAN tags of public networks), and the inner VLAN tags are treated as part of the
payload.
Figure 1-1
Figure 1-1 Structure of packets with single-layer VLAN tags
Figure 1-2
Figure 1-2 Structure of packets with double-layer VLAN tags
Compared with MPLS-based Layer 2 VPN, VLAN-VPN has the following features:
It provides Layer 2 VPN tunnels that are simpler.
VLAN-VPN can be implemented through manual configuration. That is, signaling
protocol-related configuration is not needed.
describes the structure of the packets with single-layer VLAN tags.
describes the structure of the packets with double-layer VLAN tags.
Chapter 1 VLAN-VPN Configuration
1-1