Consider the following topology:
EtherChannel over 802.1q Tunneling Topology

We have one Customer with two distributed locations (SW1, R1 and SW2, R2) connected over Provider backbone. What we want to create is something like this:

EtherChannel over Provider L2 cloud

If Provider support 802.1q and L2 tunneling we can achieve a nice Etherchannel between our 2 remote locations with direct CDP visibility. Also STP and VTP is supported, just like when these SW1 and SW2 switches are directly connected.

First, lets configure SW1 and SW2 Customer devices.

On the three interfaces connected to provider devices we want to configure LACP Etherchannel:

SW1 / SW2 Customer

Next we will configure the SW1 and SW2 ports connected to R1 and R2 devices:

SW1 / SW2 Customer

Of course another approach can be taken in terms of VTP, like having Server / Client configuration, but this was the simplest one to illustrate here.

Let’s add some IP addresses on the two routers R1 and R2:

R1 Customer

R2 Customer

Our job, as Customer, is done. What about the Provider configuration? Here is where “the magic” happens.

To provide our Customer with three end to end 802.1q tunnels, we need to create three VLANs, assign them to the interfaces pointing to Customer SW1 and SW2 and enable the 802.1q tunnels.

SW1 / SW2 Provider

Of course SW1 and SW2 from Provider should have 802.1q trunk enable and allow the tranport of VLANs 10, 20 and 30:

SW1 / SW2 Provider

OK, we have the dot1q tunneling enabled now:

SW1 / SW2 Provider

Still, the Customer wants Etherchannel functionality, CDP visibility and the ability to transport own VLAN information (remember we did configure Vlan 100 on the interface of SW1 / SW2 Customer pointing to R1 / R2). Let’s enable also these ones:

SW1 / SW2 Provider

Perfect, now let’s do some “show” commands to see that everything is working.

SW1 / SW2 Customer

OK, the Etherchannel is UP and the STP is showing correct values. Let’s see if we can do a simple “ping” from R1 to R2

The Customer is happy, but what about the Provider, what does it see on the L2 infrastructure?

SW1 / SW2 Provider

So, the Provider has no idea about Vlan 100 used by the Customer. This is because STP BPDUs from SW1 / SW2 Customer are tunneled inside dot1q-tunnel and hidden by the metro tags 10, 20 and 30.

One note for real life example, the Provider needs to support at least MTU 1504 so that Customer does not deal with packet fragmentation.

EtherChannel over 802.1q Tunneling

One thought on “EtherChannel over 802.1q Tunneling

  • February 6, 2018 at 09:01

    What if all service VLANs are the same. What happens?


Leave a Reply

%d bloggers like this: