Qinq; Pvlan - Zte ZXR10 5900 Product Description

ZXR10 5900 5200 Product Description
59/52 switches series support 802.1Q VLAN. For untagged packets, VLAN tags can be
added to them based on subnet, protocol or port, so that a great variety of VLAN
features can be supported.
In the 802.1Q VLAN protocol, a VLAN is represented by a 12-bit number, so the number
of VLANs is limited within 4096, limiting some practical applications. The 59/52 switches
series provide four kinds of extensions. The first three are QinQ, PVLAN and VLAN
Translation, and the last one is Layer-3 related Super VLAN feature.
3.3

QinQ

QinQ, also known as multi-layer VLAN tag stacking, is a visualized name for the
tunneling protocol based on 802.1Q encapsulation. Its basic idea is to encapsulate
private VLAN tag into public VLAN tag, so that packets pass through the backbone
network with two tags, offering users with a simple L2 VPN tunneling technology. The
QinQ protocol is a simple while easy-to-be-managed protocol, since it does not require
the support of particular control protocol but can be implemented via static configuration
only. It is particularly useful for the switches on the aggregation layer. By supporting
QinQ (double tags), the switches on the aggregation layer can effectively increase the
number of VLANs in the MAN.
At present, IEEE is developing a specification for VLAN stacking, that is, 802.1ad-
Provider Bridge. The external VLAN layer is defined as Service VLAN --- SVLAN, for
which the specification is still in draft.
In the software system of the 59/52, the QinQ software function module performs static
configuration of QinQ, and perform appropriate configuration for the chipsets. In QinQ,
there are two forms of VLANs:
SVLAN (Service VLAN):
CVLAN (Customers VLAN):
The QinQ software function module adds one parameter in the VLAN table, to order to
indicate whether the VLAN is a SVLAN or CVLAN, and the bottom-layer driver interface
function is used to set the QinQ function for the chipset.
3.4

PVLAN

For the scenario where all servers are located within a subnet but they can only
communicate with their default gateways, this new VLAN feature is called Private VLAN.
In the concept of Private VLAN, there are three types of ports of the switch: Isolated Port,
Community Port and Promiscuous Port. They correspond to different VLAN types
respectively: Isolated port belongs to Isolated PVLAN, Community port belongs to
Community PVLAN, while Promiscuous VLAN represents one complete Private VLAN.
Either of the first two types of VLANs must be bound within a Primary VLAN, which a
Promiscuous Port should also be included. For Isolated PVLAN, an Isolated Port can
only communicate with a Promiscuous Port, but it cannot exchange any traffic with
another Isolated Port. For Community PVLAN, a Community Port can communicate with
not only a Promiscuous port but also with another Community Port. The Promiscuous
Port is connected to an interface of another router or L3 switch. The traffic it receives
can then be forwarded to an isolated port or Community port.
14
VLAN defined on the backbone network
User-defined VLAN
© 2010 ZTE Corporation. All rights reserved. ZTE Confidential Proprietary