bridge-domain through instance (VLAN)

扫地僧 313 0

Defaults

Bridging is disabled.

Command Modes

Subinterface configuration (config-subif)

Command History

< >

Release
Modification

12.2(33)SRA

This command was introduced.

Usage Guidelines

This command has the following restrictions in Cisco IOS Release 12.2(33)SRA:

The command is available on the Cisco 7600 SIP-400 with a 2-Port Gigabit Ethernet SPA only.

You can place up to 120 subinterfaces in the same bridge domain on a single Cisco 7600 SIP-400.

To enable service providers to use a single VLAN to support customers who have multiple VLANs, while preserving customer VLAN IDs and keeping traffic in different customer VLANs segregated, use the dot1q-tunnel option on the service provider router. Then use the dot1q option on the customer routers.

Examples

The following example shows configuration of IEEE 802.1Q encapsulation for VLANs on Gigabit Ethernet subinterfaces with configuration of multipoint bridging (MPB). The MPB feature requires configuration of 802.1Q encapsulation on the subinterface.

The first subinterface bridges traffic on VLAN 100 and preserves CoS information in the packets by specifying the dot1q keyword.

Router(config)# interface GigabitEthernet 1/0/1.1
Router(config-subif)# encapsulation dot1q 10
Router(config-subif)# bridge-domain 100 dot1q

The second subinterface shows bridging of traffic on VLAN 200 in tunneling mode using the 
dot1q-tunnel keyword, which preserves the VLAN IDs of the bridged traffic.

Router(config)# interface GigabitEthernet 2/0/2.2
Router(config-subif)# encapsulation dot1q 20
Router(config-subif)# bridge-domain 200 dot1q-tunnel

The following example shows bridging of traffic from different VLANs on two separate Gigabit Ethernet subinterfaces into the same VLAN. First, the bridging VLAN 100 is created using the vlan command. Then, the Gigabit Ethernet subinterfaces implement IEEE 802.1Q encapsulation on VLAN 10 and VLAN 20 and bridge the traffic from those VLANs onto VLAN 100 using the bridge-domain command:

Router(config)# vlan 100
Router(config-vlan)# exit
!
Router(config)# interface GigabitEthernet 1/0/1.1
Router(config-subif)# encapsulation dot1q 10
Router(config-subif)# bridge-domain 100 dot1q
Router(config-subif)# exit
!
Router(config)# interface GigabitEthernet 1/0/2.1
Router(config-subif)# encapsulation dot1q 20
Router(config-subif)# bridge-domain 100 dot1q

Related Commands

< >

Command
Description

encapsulation dot1q

Enables IEEE 802.1Q encapsulation of traffic on a specified subinterface in a VLAN.

vlan

Adds the specified VLAN IDs to the VLAN database and enters VLAN configuration mode.

bridge-vlan

To map a subinterface to specific inner customer-edge and outer provider-edge VLAN tags using 802.1Q-in-802.1Q (QinQ) translation, use the bridge-vlan command in subinterface configuration mode. To remove the QinQ VLAN mapping, use the no form of this command.

bridge-vlan vlan-id {dot1q | dot1q-tunnel} {inner-vlan-id | out-range}

no bridge-vlan vlan-id {dot1q | dot1q-tunnel} {inner-vlan-id | out-range}

Syntax Description

< >

vlan-id

Outer provider-edge VLAN ID to be mapped; valid values are from 1 to 4094, except for the reserved IDs from 1002 through 1005.

dot1q

Specifies that the inner customer-edge and outer provider-edge VLAN tags on incoming packets are replaced with a single trunk VLAN tag on the outgoing Ethernet frames.

dot1q-tunnel

Specifies that the outer provider-edge VLAN tag on incoming packets is replaced with a trunk VLAN tag on the outgoing Ethernet frames.

inner-vlan-id

Inner customer-edge VLAN ID to be mapped; valid values are from 1 to 4094, except for the reserved IDs from 1002 through 1005.

out-range

Specifies that all customer-edge VLAN IDs that are outside of the range of 32 VLAN IDs are mapped for this provider-edge VLAN ID. See the "Usage Guidelines" section for additional information.

Defaults

No bridged VLANs are configured.

Packets with out-of-range or missing customer-edge VLANs are dropped.

Command Modes

Subinterface configuration (config-subif)

Command History

< >

Release
Modification

12.2(18)SXD

Support for this command was introduced on the Supervisor Engine 720.

12.2(18)SXE

This command was replaced by the bridge-domain (subinterface) command. See the "Usage Guidelines" section for more information.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

Usage Guidelines

The bridge-vlan command is supported only on subinterfaces of the Gigabit Ethernet WAN (GE-WAN) interfaces that are on the OSM-2+4GE-WAN+ OSM. The command cannot be used on other modules or on Gigabit Ethernet (GE) LAN interfaces.

You must have previously enabled QinQ translation on the main interface using the mode dot1q-in-dot1q access-gateway command before you can use the bridge-vlan command on a subinterface.

You must also use the encapsulation dot1q command on the subinterface to specify the trunk VLAN to use on outgoing packets.

Cisco IOS Release 12.2(18)SXE automatically replaces any use of the bridge-vlan command in previous QinQ configurations to the bridge-domain command.


Note When upgrading from Cisco IOS Release 12.2(18)SXD to Cisco IOS Release 12.2(18)SXE, be sure to save your running configuration to NVRAM using the write memory or copy running-config startup-config command so that you will save the QinQ configurations when you enter the bridge-domain command.


Each provider-edge VLAN supports a maximum of 32 customer-edge VLANs, which must be in a contiguous block that starts on a number isible by 32 (for example: 0, 32, 64, and so forth). When you specify the first customer-edge VLAN ID for a provider-edge VLAN, the Cisco IOS software automatically associates the corresponding block of 32 IDs with that provider-edge VLAN.

VLAN 4095 is reserved and cannot be used as a customer-edge VLAN. Packets that contain a customer-edge VLAN ID of 4095 are automatically dropped by subinterfaces that are configured for QinQ translation. However, VLAN 4095 can continue to be used as a native (non-QinQ) VLAN.

A provider-edge VLAN cannot have the same ID as a native (non-QinQ) VLAN that is also being used on the router.

Entering the dot1q keyword results in QinQ translation, which is also known as a double-tag to single-tag translation.

When you enter the dot1q-tunnel keyword, the inner customer-edge tag is left unchanged. This results in transparent tunneling, which is also known as a double-tag to double-tag translation.

The out-range keyword is allowed only if you enter the dot1q-tunnel keyword.

You can use the out-range keyword to match the packets that do not have a customer-edge VLAN tag.

802.1Q provides for a trunking option that tags packets with two VLAN tags to allow multiple VLANs to be trunked together across an intermediate network. This use of a double-tagged tunnel is called QinQ tunneling.

For additional information, refer to the Optical Services Module Installation and Configuration Note.

Examples

This example shows how to configure a double-tag-to-single-tag translation of packets that are tagged with both an inner customer-edge VLAN of 41 and an outer provider-edge VLAN of 33. The translated outgoing packets have a single trunk VLAN tag of 100.

Router# configure terminal
Router(config)# interface GE-WAN 4/1.100
Router(config-subif)# encapsulation dot1q 100
Router(config-subif)# bridge-vlan 33 dot1q 41
Router(config-subif)#


Note The above configuration also associates the block of 32 customer-edge VLANs ranging from 32 to 63 with provider-edge VLAN 33. All other customer-edge VLAN IDs are considered out of range.


This example shows how to configure a double-tag-to-double-tag translation of packets that are tagged with both an inner customer-edge VLAN of 109 and an outer provider-edge VLAN of 41. The translated outgoing packets have an inner customer-edge VLAN tag of 109 and an outer trunk VLAN tag of 203.

Router# configure terminal
Router(config)# interface GE-WAN 4/1.203
Router(config-subif)# encapsulation dot1q 203
Router(config-subif)# bridge-vlan 41 dot1q-tunnel 109
Router(config-subif)#


Note The above configuration also associates the block of 32 customer-edge VLANs ranging from 96 to 127 with provider-edge VLAN 41. All other customer-edge VLAN IDs are considered out of range.


This example shows how to configure a double-tag-to-double-tag translation of out-of-range packets. If this configuration is given together with the configuration shown above, this subinterface matches packets with an outer provider-edge VLAN of 41 and an inner customer-edge VLAN that is either missing, or that is in the range from 0 to 95 or from 128 to 4094. The translated outgoing packets keep the original out-of-range customer-edge VLAN as the inner VLAN and an outer trunk VLAN tag of 981.

Router# configure terminal
Router(config)# interface GE-WAN 4/1.1001
Router(config-subif)# encapsulation dot1q 981
Router(config-subif)# bridge-vlan 41 dot1q-tunnel out-range
Router(config-subif)#

This example shows the error message that appears when you attempt to specify the out-range keyword for a provider-edge VLAN before configuring at least one subinterface with a specific customer-edge VLAN ID for that same provider-edge VLAN:

Router# configure terminal
Router(config)# interface GE-WAN 4/1.1001
Router(config-subif)# bridge-vlan 2 dot1q-tunnel out-range

% bridge-vlan 2 does not have any inner-vlan configured.
out-of-range configuration needs at least one inner-vlan
defined to determine the range.

Router(config-subif)#

This example shows the system message that appears when you attempt to specify a VLAN ID that is already being used. In most cases, this message means that you have previously used this VLAN ID in another configuration or that the router has assigned this ID to an internal VLAN:

Router# configure terminal
Router(config)# interface GE-WAN 4/1.234
Router(config-subif)# bridge-vlan 123 dot1q 234

Command rejected: VLAN 123 not available

Router(config-subif)#


  • 评论列表

留言评论