Which tag does the TPID configured by the qinq protocol command match

1

The TPID configured by the qinq protocol command matches only the outer tag.

Other related questions:
QinQ protocol
QinQ is a visual name of the tunnel protocol based on 802.1Q encapsulation. The QinQ protocol aims at encapsulating the VLAN tags of user private networks into VLAN tags of a public network. Packets carrying two tags traverse the backbone networks of service providers, therefore providing simple Layer 2 VPN tunnels for users. The QinQ protocol is simple and easy to manage. It does not require signaling support and can be implemented only through static configurations. It is especially applicable to small-scale enterprise networks that use Layer 3 switches at the backbone or small-scale metro networks. The QinQ protocol provides each user with a unique public VLAN ID and encapsulates the private network VLAN tag of the user into the public VLAN ID. The user private network VLAN tag is shielded on the public network during transmission, therefore greatly saving VLAN ID resources for service providers.

Which Protocols Does a Security Group Support?

The protocol used by a security group can be set to TCP, UDP, ICMP, or ANY. ANY indicates that the security group takes effect for all protocols. If the TCP or UDP protocol is selected, configure ports 1 to 65535 for the protocols to access the security group. If the ICMP protocol is selected, you can set the ICMP protocol type. The default value is ANY.


How does a QinQ-enabled interface process a received packet that carries the non-C-VLAN tag
If the VLAN ID of the packet is within the configured QinQ C-VLAN range, the VLAN tag is added to the packet according to the configuration. If the VLAN ID of the packet is not within the configured QinQ C-VLAN range or the packet does not carry any tag, the packet is processed as follows: If the qinq vlan-translation miss-drop command is used, the packet is directly discarded. If the qinq vlan-translation miss-drop command is not used on the interface but the default VLAN ID is used, packets are tagged with the default VLAN ID before being forwarded.

Which encryption protocols does the AR support
The AR supports Authentication Header (AH) and Encapsulating Security Payload (ESP) protocols. Their differences are as follows: -AH: provides data origin authentication, data integrity check, and anti-replay. The sender performs the hash algorithm on the IP payload and all header fields of an IP packet except for variable fields to generate a message digest. The receiver recalculates the message digest according to the received IP packet and compares the two message digests to determine whether the IP packet has been modified during transmission. AH does not encrypt the IP payload. AH applies to non-confidential data transmission. -ESP: provides data encryption in addition to the functions provided by the AH protocol. ESP can encrypt and authenticate the IP payload but does not protect the IP packet header. ESP applies to confidential data transmission. AH and ESP can be used independently or together. When AH and ESP are used together, ESP and AH headers are encapsulated in sequence, enhancing security.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top