Posted on November 10, 2021 7:29 pm
 |  Asked by Radim Roska
 |  69 views
0
0
Print Friendly, PDF & Email

Hello,

I am trying to do lab for one potential customer..one of topics is QinQ.

I have very simple setup…

L2SW <=> LEAF (mlag pair)

 

LEAF access port:

interface Port-Channel4
switchport access vlan 103
switchport mode dot1q-tunnel
switchport
mlag 4

 

L2SW trunk port:
interface Ethernet2
description dot1q test
switchport trunk allowed vlan 1003
switchport mode trunk

I checked wireshark (EVE-NG PRO) and i see packet is arriving on LEAF with VLAN TAG 1003..but nothing gets into 103 MAC adress table…maybe its not supported on vEOS?

Thanks
Radim
 

0
Posted by Shawn Rogers
Answered on November 16, 2021 8:42 pm

Hi Radim,

I was able to get this working in the lab using the setup/configuration below.

Host1----et1---et1----vEOS1----et2---et2----vEOS2---et1---et1---Host2

The traffic that is ingressing from Host1 to Et1 on vEOS1 has  a 103 vlan tag, vEOS1 will add a 2nd tag of 1003 then send the packet out et2

inbound packet from Host1 to vEOS1

length 118: vlan 103, p 0, ethertype IPv4, 1.1.1.1 > 1.1.1.2: ICMP echo request

outbound packet from vEOS1 to vEOS2

length 122: vlan 1003, p 0, ethertype 802.1Q, vlan 103, p 0, ethertype IPv4, 1.1.1.1 > 1.1.1.2: ICMP echo request

Inbound on vEOS2

length 122: vlan 1003, p 0, ethertype 802.1Q, vlan 103, p 0, ethertype IPv4, 1.1.1.1 > 1.1.1.2: ICMP echo request

Outbound vEOS2

length 118: vlan 103, p 0, ethertype IPv4, 1.1.1.1 > 1.1.1.2: ICMP echo request

Host1 and Host2 will have each others MAC addresses in their local vlan (vlan 103)

vEOS1 and vEOS2 will have the hosts mac addresses in the tunneled vlan (VLAN 1003)

Host1 configuration 

host1#run show run int eth 1;show run int vlan 103
#show run int eth 1
interface Ethernet1
switchport trunk allowed vlan 103
switchport mode trunk
#show run int vlan 103
interface Vlan103
ip address 1.1.1.1/24

vEOS1

run show run int eth 1;show run int eth 2
#show run int eth 1
interface Ethernet1
switchport access vlan 1003
switchport mode dot1q-tunnel
#show run int eth 2
interface Ethernet2
switchport mode trunk

vEOS2

run show run int eth 1;show run int eth 2
#show run int eth 1
interface Ethernet1
switchport access vlan 1003
switchport mode dot1q-tunnel
#show run int eth 2
interface Ethernet2
switchport trunk allowed vlan 1003
switchport mode trunk

Host2

run show run int eth 1;show run int vlan 103
#show run int eth 1
interface Ethernet1
switchport mode trunk
#show run int vlan 103
interface Vlan103
ip address 1.1.1.2/24

Thank You

Shawn Rogers

0
Posted by Radim Roska
Answered on November 24, 2021 1:07 pm

Hi Shawn,

thanks a lot for testing that out. Configuration is similar. Only difference i see is that in my lab vEOS1 is VTEP and that it was mlag pair, therefore this packet in here: vEOS1----et2---et2----vEOS2

length 122: vlan 1003, p 0, ethertype 802.1Q, vlan 103, p 0, ethertype IPv4, 1.1.1.1 > 1.1.1.2: ICMP echo request

should be vxlan paket.

I have modified my lab to meet yours => single switch, no mlag..

still ping from host1 does not get to mac address table on "vEOS1" ..I have even deleted vxlan interface, bgp configuration and still nothing..interesting :)

I restarted the switches, cleaned the configuration...and it started working :). When i changed it back to vxlan/bgp evpn ..it learns the host MAC on "vEOS1" after some time...but it does not work over the vxlan

well - its not urgent now, I will try to get back to it later on to see whats the problem...already spent on it more than I could today :)..

 

0
Posted by Wei
Answered on November 30, 2021 5:40 pm

Hi Radim,

Your L2SW has outer tag 1003 and inner tag 103, then your dot1q tunnel configuration should have "switchport access vlan 1003".

The VTEP is for vlan 1003, while the actual mac address is learned behind vlan 103.
Below is the vxlan packet, outer tag is kept, it's similar to vlan-bundle service as the mac address needs to be unique after the outer tag.

12:28:11.994585 50:54:00:ca:b5:42 > 50:54:00:ed:49:eb, ethertype IPv4 (0x0800), length 172: (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto UDP (17), length 158)
172.16.1.1.62282 > 172.16.1.2.4789: VXLAN, flags [I] (0x08), vni 11003
52:54:00:41:a1:7f > 00:00:00:00:00:20, ethertype 802.1Q (0x8100), length 122: vlan 1003, p 0, ethertype 802.1Q (0x8100), vlan 103, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 64, id 2942, offset 0, flags [none], proto ICMP (1), length 100)

Following is the config,
Host/L2SW side:
interface Port-Channel1.1003
encapsulation dot1q vlan 1003 inner 103
ip address 192.168.100.1/24

Leaf side:
vlan 1003
interface Port-Channel1
switchport access vlan 1003
switchport mode dot1q-tunnel

Post your Answer

You must be logged in to post an answer.