Got it

[Insider Sharing] Do you want to pass PVST+ over Huawei-enable network? Check th Highlighted

Latest reply: Jan 18, 2021 02:40:23 6897 6 2 0 0

Hi guys,

I had a case couple of months ago about this tunneling technology, and I would like to share with you. If you recently upgrade your LAN SWITCH network to version V200R003 you should take some minutes and check the case.

We have a QinQ L2TP basic scenario, with 2xS5700 V200R003C00SPC300 working as tunnel end-points. Customer wanted to pass transparently PVST+ packets over Huawei Enabled network. For some reason, it failed.

Topology is like below:


Related configuration:

Software Version V200R003C00SPC300
sysname Quidway
vlan batch 166
l2protocol-tunnel eoam3ah group-mac 0100-0ccd-
l2protocol-tunnel gmrp group-mac 0180-e500-0001
l2protocol-tunnel gvrp group-mac 0180-e500-0002
l2protocol-tunnel cdp group-mac 0100-0ccd-cdd0
l2protocol-tunnel dtp group-mac 0100-0ccd-cdd0
l2protocol-tunnel pvst+ group-mac 0100-0ccd-cdd0

interface Vlanif1
ip address
interface GigabitEthernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 166
stp disable
interface GigabitEthernet0/0/3
port link-type dot1q-tunnel
port default vlan 166
stp disable
l2protocol-tunnel stp cdp pvst+ enable

jumboframe enable 9712


Second switch configuration follows the same pattern. With this setup PVST+ packets cannot pass through the tunnel and PVST domain cannot be integrated over Huawei network. As statistics show PVST+ packets cannot be send through the tunnel.


<Quidway>display l2protocol-tunnel statistics GigabitEthernet 0/0/3
Port            Protocol            Drop         Input          Output         Drop
                                       Threshold     Packets     Packets     Packets
GE0/0/3         stp                   0                 6                 0               0        
                       cdp                  0                 6                 0               0        
                      pvst+               0                 0                 0               0        


So we decided to capture packets on ge0/0/3. This relieved that packets are send through the interface without changing the destination address.


 Since in the switch configuration we insert “l2protocol-tunnel pvst+ group-mac 0100-0ccd-cdd0" command for l2protocol-tunnel group-mac definition, frames entering to the tunnel should have destination address, changed from "0100-0ccc-cccd" (default value) to "0100-0ccd-cdd0". 

The explanation for these phenomena is that, on V200R003 version, by default, frames with destination MAC address 0100-0ccc-cccc are processed as BPDUs, and frames with destination MAC address 0100-0ccc-cccd are forwarded by the hardware as data.  Because of this, frames it will not be transmitted over layer 2 protocol tunnel. In this situation we need to enforce the switch to process DA 0100-0ccc-frames as bpdu and not as data frames.   

We need to adjust configuration like below:

<HUAWEI> system-view
[HUAWEI] bpdu mac-address 0100-0ccc-cccd

That’s all; if you have any question, please post them here. Thanks!


  • x
  • convention:

Created Jan 8, 2014 01:14:57

very useful !!!! :)
View more
  • x
  • convention:

Created Sep 22, 2014 14:27:05


I have a similar scenario but slightly different, I have to pass DLDP messages over L2-tunnel, how to do this.

Tried with:
l2protocol-tunnel user-defined-protocol DLDP protocol-mac 010f-e200-0001 group-mac 0100-5e00-0012

unsuccessful !

Please help me.

Thank you !

View more
  • x
  • convention:

Created Sep 22, 2014 14:33:54

can you send the software version from the switch?

if is V200R003 or later, please configure BPDU mac-address like into above example, according to your requirement

View more
  • x
  • convention:

Created Jan 6, 2014 09:52:35

thank you for your sharing !
View more
  • x
  • convention:

Created Jan 5, 2021 13:51:36

Thanks for sharing
View more
  • x
  • convention:

Created Jan 18, 2021 02:40:23

Thanks for sharing
View more
  • x
  • convention:


You need to log in to comment to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits


Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Please bind your phone number to obtain invitation bonus.