Chapter 14
Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling
Understanding How Layer 2 Protocol Tunneling Works
Layer 2 protocol tunneling allows Layer 2 protocol data units (PDUs) (CDP, STP, and VTP) to be
tunneled through a network. This section uses the following terminology:
•
•
•
Without Layer 2 protocol tunneling, tunnel ports drop STP and VTP packets and process CDP packets. This
handling of the PDUs creates different spanning tree domains (different spanning tree roots) for the
customer switches. For example, STP for a VLAN on switch 1 (see
topology on switches 1, 2, and 3 without considering convergence parameters based on switches 4 and 5. To
provide a single spanning tree domain for the customer, a generic scheme to tunnel BPDUs was created
for control protocol PDUs (CDP, STP, and VTP). This process is referred to as Generic Bridge PDU
Tunneling (GBPT).
Figure 14-3 Layer 2 Protocol Tunneling Network Configuration
Switch 2
GBPT provides a scalable approach to PDU tunneling by software encapsulating the PDUs in the ingress
edge switches and then multicasting them in hardware. All switches inside the service provider network
treat these encapsulated frames as data packets and forward them to the other end. The egress edge
switch listens for these special encapsulated frames and deencapsulates them; they are then forwarded
out of the tunnel.
The encapsulation involves rewriting the destination media access control (MAC) address in the PDU.
An ingress edge switch rewrites the destination MAC address of the PDUs received on a Layer 2 tunnel
port with the Cisco proprietary multicast address (01-00-0c-cd-cd-d0). The PDU is then flooded to the
native VLAN of the Layer 2 tunnel port. If you enable Layer 2 protocol tunneling on a port, PDUs of an
enabled protocol are not sent out. If you disable Layer 2 protocol tunneling on a port, the disabled
protocols behave the same way they were behaving before Layer 2 protocol tunneling was disabled on
the port.
78-14064-04
Edge switch—The switch connected to the customer switch and placed on the boundary of the
service provider network (see
Layer 2 protocol tunnel port—A port on the edge switch on which a specific tunneled protocol can
be encapsulated or deencapsulated. The Layer 2 protocol tunnel port is configured through CLI
commands.
Tunneled PDU—A CDP, STP, or VTP PDU.
Customer switches
Switch 1
Switch 3
Figure
14-3).
Service provider
network
Edge
Switch A
Switch B
switches
Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E
Understanding How Layer 2 Protocol Tunneling Works
Figure
14-3) builds a spanning tree
Customer switches
Switch 4
Switch 5
14-7