Hello,
Swapping Cisco core with Huawei gear is not an easy task. Usually, a swap starts with core and you later go for the branch. You still need to ensure communication for private protocols or private instance of STP while you come with new network elements into the backbone. It will be a challenge to keep LANs STP domains connected and necessary pass private PVST+ packets over the new backbone.
I would like to share an easy way to pass private packets over multi-vendor backbone: QinQ-based Layer2 Protocol Transparent Transmission.
Layer 2 Protocol Transparent Transmission can transparently transmit Layer 2 protocol packets from the user network for the ISP network. This addresses the network identity issue. The procedure is as follows:
- After receiving Layer 2 protocol packets sent from CE1, PE1 replaces the destination MAC address with a specified multicast MAC address. Then PE1 forwards the packets on the ISP network.
- The Layer 2 protocol packets are forwarded to PE2. PE2 restores the original destination MAC address of the packets, and sends the packets to CE2.
To make LAN communicate private we will use 802.1Q-in-802.1Q (QinQ) technology. In this case, frames from private VLAN tags can be transparently transmitted on the public network. A frame transmitted on the backbone network has double 802.1Q tags (one for the public network and the other for the private network), that is, 802.1Q-in-802.1Q (QinQ).
Topology:
![[Insider Sharing] QinQ-based Layer2 Protocol Transparent Transmission-1238427-1](data/attachment/forum/dm/ecommunity/uploads/2014/0428/01/535d3b79edabc.PNG)
Configuration:
PE1(S7706):
#
vlan batch 10 100
#
stp disable
#
l2protocol-tunnel pvst+ group-mac 0100-0ccd-cdd0
#
interface GigabitEthernet2/0/0
port link-type dot1q-tunnel
port default vlan 100
l2protocol-tunnel pvst+ vlan 100
l2protocol-tunnel stp vlan 100
#
interface GigabitEthernet2/0/1
port hybrid tagged vlan 100
#
PE2(ME3400):
!
vlan 10 100
!
interface FastEthernet0/15
port-type nni
switchport trunk allowed vlan 100
switchport mode trunk
duplex full
!
interface FastEthernet0/16
port-type nni
switchport access vlan 100
switchport mode dot1q-tunnel
duplex full
l2protocol-tunnel stp
!
P(S7706):
#
vlan batch 100
#
stp disable
#
interface GigabitEthernet1/0/2
port hybrid tagged vlan 100
#
interface GigabitEthernet1/0/4
port hybrid tagged vlan 100
#
CE1(ME3600X):
!
spanning-tree mode pvst
spanning-tree loopguard default
spanning-tree extend system-id
!
vlan 10
!
interface GigabitEthernet0/21
port-type nni
switchport trunk allowed vlan 10
switchport mode trunk
duplex full
!
CE2 SWITCH(C2960G):
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan 10
!
interface GigabitEthernet0/6
switchport trunk allowed vlan 10
switchport mode trunk
!
Results:
1. CE2 is the Root bridge when CE1 and CE2 are configured with the same Priority;
![[Insider Sharing] QinQ-based Layer2 Protocol Transparent Transmission-1238427-2](data/attachment/forum/dm/ecommunity/uploads/2014/0428/01/535d3f1512ff4.PNG)
1. 2. The Designated port of CE2 send BPDU packet and the Root Port of CE1 received the BPDU packets as normal;
![[Insider Sharing] QinQ-based Layer2 Protocol Transparent Transmission-1238427-3](data/attachment/forum/dm/ecommunity/uploads/2014/0428/01/535d3d284f124.PNG)
![[Insider Sharing] QinQ-based Layer2 Protocol Transparent Transmission-1238427-4](data/attachment/forum/dm/ecommunity/uploads/2014/0428/01/535d3d4fa9779.PNG)
3. Let’s change the priority of CE1 to 0, and see if it will become the root bridge, proving that BPDUs are passing transparently over the network.
![[Insider Sharing] QinQ-based Layer2 Protocol Transparent Transmission-1238427-5](data/attachment/forum/dm/ecommunity/uploads/2014/0428/01/535d3d9a87aa6.PNG)
4. The Designated port of CE1 sends BPDU packets and the Root Port of CE2 receiving BPDU packets as normal;
![[Insider Sharing] QinQ-based Layer2 Protocol Transparent Transmission-1238427-6](data/attachment/forum/dm/ecommunity/uploads/2014/0428/01/535d3e316a795.PNG)
![[Insider Sharing] QinQ-based Layer2 Protocol Transparent Transmission-1238427-7](data/attachment/forum/dm/ecommunity/uploads/2014/0428/01/535d3e6fc682f.PNG)
