Junos' Approach to Q-in-Q Tunneling

Back

In this blog post, we will delve into the concept of Q-in-Q tunneling, a key topic for students preparing for the JNCIS-ENT certification. Q-in-Q tunneling is a technique used in service provider networks for the purpose of multiplexing multiple Ethernet-based services on a single Ethernet connection.

What is Q-in-Q Tunneling?

Q-in-Q tunneling, also known as 802.1ad, is an extension of the original 802.1Q VLAN standard. It allows for the encapsulation of 802.1Q (dot1q) tagged frames within another 802.1Q frame. This is particularly useful in service provider networks where it is necessary to segregate customer traffic even when they use the same VLAN ID.

How Does Junos Implement Q-in-Q Tunneling?

Junos OS supports Q-in-Q tunneling on Ethernet interfaces. The outer VLAN ID (S-VLAN) is used to segregate traffic from different customers, while the inner VLAN ID (C-VLAN) is used by the customer to segregate their own traffic.

Here is a basic configuration example:

[edit interfaces]
ge-0/0/0 {
    unit 0 {
        family ethernet-switching {
            interface-mode trunk;
            vlan {
                members [ 100-200 ];
            }
            native-vlan-id 1;
        }
    }
}

In this example, the interface ge-0/0/0 is configured as a trunk port and allows VLANs 100 through 200. The native-vlan-id 1 command is used to specify the VLAN for untagged traffic.

To enable Q-in-Q tunneling, you need to configure the flexible-vlan-tagging and encapsulation flexible-ethernet-services options at the [edit interfaces] hierarchy level. Here is an example:

[edit interfaces]
ge-0/0/0 {
    flexible-vlan-tagging;
    encapsulation flexible-ethernet-services;
    unit 0 {
        encapsulation vlan-bridge;
        vlan-id 100;
        inner-vlan-id 10;
    }
}

In this example, the interface ge-0/0/0 is configured for Q-in-Q tunneling. The outer VLAN ID is 100 and the inner VLAN ID is 10.

Why Use Q-in-Q Tunneling?

Q-in-Q tunneling provides several benefits:

  1. Scalability: It allows service providers to use a single VLAN ID to segregate traffic from multiple customers, each of whom can use their own set of VLAN IDs.

  2. Simplicity: It simplifies the configuration on the customer equipment, as they do not need to coordinate their VLAN IDs with the service provider.

  3. Compatibility: It allows for the transport of customer VLANs over a service provider network, even if the customer and service provider use the same VLAN IDs.

In conclusion, Q-in-Q tunneling is a powerful tool for service providers to segregate and transport customer traffic. It is a key topic for the JNCIS-ENT certification and understanding it will be beneficial for anyone working in a service provider environment.

© Ben Jacobson.RSS