[c-nsp] Management VLAN and Bridge Domain on ME3600 Switch
Waris Sagheer (waris)
waris at cisco.com
Sun Mar 16 18:32:04 EDT 2014
Sikandar,
Adam is right. Reason being IP needs untagged frame for processing.
Best Regards,
[http://www.cisco.com/web/europe/images/email/signature/horizontal06.jpg]
Waris Sagheer
Technical Marketing Manager
Service Provider Access Group (SPAG)
waris at cisco.com<mailto:waris at cisco.com>
Phone: +1 408 853 6682
Mobile: +1 408 835 1389
CCIE - 19901
<http://www.cisco.com/>
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message.
For corporate legal information go to:http://www.cisco.com/web/about/doing_business/legal/cri/index.html
From: Sikandar Ali <sikandar at hotmail.co.uk<mailto:sikandar at hotmail.co.uk>>
Date: Sunday, March 16, 2014 at 12:03 PM
To: adam vitkovsky <adam.vitkovsky at swan.sk<mailto:adam.vitkovsky at swan.sk>>
Cc: "cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>" <cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>>
Subject: Re: [c-nsp] Management VLAN and Bridge Domain on ME3600 Switch
Hi Adam
Thanks for the reply. It's much appreciated.
Just few questions:
1. As you can see from my config I am doing double tagging as well but difference is you are doing pop2 instead of pop1.I just would like to ask what would be the benefit of doing pop2 on the port facing service provider?
2. I tried configuring exactly the same configuration for management VLAN as well but again the difference was I didn't do pop2. I am bit puzzled why it didn't work with pop1 which is essentially taking the outer tag off and IP address is configured on the second VLAN so in theory it should work
I will give it a go to your config and get back to you.
Many Thanks
Sikandar
Sent from my iPhone
On 16 Mar 2014, at 17:20, "Vitkovský Adam" <adam.vitkovsky at swan.sk<mailto:adam.vitkovsky at swan.sk>> wrote:
Hi Ali,
First of all I'd try to get a L2 transparent circuit from the provider not just a single VLAN -might be available at the same price.
If that's not an option than I'd try to double tag the frames on the uplink to the provider as follows:
(Please check whether there's enough MTU on the uplink)
interface GigabitEthernet0/13
mtu 1512
service instance 25 ethernet
descript transport customer1
encapsulation dot1q 100 second-dot1q 10
rewrite ingress tag pop 2 symmetric
bridge-domain 25
!
service instance 20 ethernet
descript management
encapsulation dot1q 100 second-dot1q 20
rewrite ingress tag pop 2 symmetric
bridge-domain 20
interface vlan 20
descript switch management interface
vrf for mgmt
ip add 10.0.0.1 255.255.255.252
Interface GigabitEthernet0/19
port-type nni
switchport trunk allowed vlan none
switchport mode trunk
mtu 1504
service instance 26 ethernet
descript to customer1
encapsulation dot1q 200,433,472
bridge-domain 25
adam
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net<mailto:cisco-nsp at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list