[c-nsp] Processing one VLAN received on a Q-in-Q port

Adam Vitkovsky adam.vitkovsky at swan.sk
Mon Mar 25 04:41:59 EDT 2013 

Hi Robert,

I believe you should be able to use the following config for the VLAN 10. 

interface Gi1/1 
 service instance 10 
 ethernet  encapsulation dot1q 10  
 rewrite ingress tag pop 1 symmetric  
 bridge-domain 40

interface Vlan 40  
 ip address 1.1.1.1 255.255.255.0

check out the following series:
 http://ccie-in-3-months.blogspot.com/2009/09/evc-flexible-service-mapping.html
 http://ccie-in-3-months.blogspot.com/2009/06/evc-flexible-frame-matching.html
 http://ccie-in-3-months.blogspot.com/2009/06/evc-flexible-vlan-tag-rewrite.html


adam
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Robert Williams
Sent: Sunday, March 24, 2013 10:24 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Processing one VLAN received on a Q-in-Q port

Hi Guys,

Hopefully someone here can assist with this, I need to process locally a VLAN which is received into our network from another service provider via one of our Q-in-Q ports.

Currently we use a Q-in-Q port to double-tag all traffic we receive from the other provider, then transport it across our network and give it back to them where they then break it out on their own switch at one of our other facilities. We do this across a series of 6500/720XL chassis.

This works fine, however, we now need to bring up an additional BGP session with the other provider, but the session has to be over the same physical port as we use for the Q-in-Q transport. To put it into a logical sentence, we need the port facing the other provider at the edge of our network to:

“Double-tag VLANs 1-9 and 11-4094 with SPvLAN ID 500 - but switch VLAN 10 locally without double-tagging it”

We will then bring up the BGP session on VLAN 10, but allow all the others to pass across our network with the additional double-tag.

All packets we receive from the other SP are single-tagged, including the VLAN on which we need to inject our BGP session.

I’m not sure what other information may be relevant so please just ask me anything. If this is not possible on the 720 platform, then we will consider deploying either a 2T or ASR9k at this location to meet the requirement (both are currently being looked at as options for upgrading our 720 units anyway). However, it would be nice if the 2T can do it as the ASR may be overkill considering the other requirements of the site.

Thanks in advance!



Robert Williams
Custodian Data Centre
Email: Robert at CustodianDC.com
http://www.CustodianDC.com
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list