Configuring 802.1Q VLAN Interfaces on Cisco IOS XR Software
This module describes the configuration and management of 802.1Q VLAN interfaces on the Cisco XR 12000 Series Routers.
The IEEE 802.1Q specification establishes a standard method for tagging Ethernet frames with VLAN membership information, and defines the operation of VLAN bridges that permit the definition, operation, and administration of VLAN topologies within a bridged LAN infrastructure.
The 802.1Q standard is intended to address the problem of how to divide large networks into smaller parts so broadcast and multicast traffic does not use more bandwidth than necessary. The standard also helps provide a higher level of security between segments of internal networks.
Feature History for Configuring 802.1Q VLAN Interfaces
|
|
Release 3.2 |
This feature was introduced on the Cisco XR 12000 Series Router. |
Release 3.3.0 |
•Support was added for VLAN commands on bundled Ethernet interfaces. • |
Release 3.4.0 |
•The Layer 2 Virtual Private Network (L2VPN) feature was first supported on Ethernet interfaces on the Cisco XR 12000 Series Router. •Support was added on for the 8-Port 1-Gigabit Ethernet SPA. |
on Cisco IOS XR Software
Contents
•Prerequisites for Configuring 802.1Q VLAN Interfaces
•Information About Configuring 802.1Q VLAN Interfaces
•How to Configure 802.1Q VLAN Interfaces
•Configuration Examples for VLAN Interfaces
•Additional References
Prerequisites for Configuring 802.1Q VLAN Interfaces
You must be in a user group associated with a task group that includes the proper task IDs. The command reference guides include the task IDs required for each command. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Before configuring 802.1Q VLAN interfaces, be sure that the following conditions are met:
•You must have configured a Gigabit Ethernet interface, a 10-Gigabit Ethernet interface, a Fast Ethernet interface, or an Ethernet Bundle.
Information About Configuring 802.1Q VLAN Interfaces
To configure 802.1Q VLAN interfaces, you must understand the following concepts:
•802.1Q VLAN Overview
•802.1Q Tagged Frames
•Subinterfaces
•Subinterface MTU
•Native VLAN
•Layer 2 VPN on VLANs
802.1Q VLAN Overview
A VLAN is a group of devices on one or more LANs that are configured so that they can communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are very flexible for user and host management, bandwidth allocation, and resource optimization.
The IEEE 802.1Q protocol standard addresses the problem of dividing large networks into smaller parts so broadcast and multicast traffic does not consume more bandwidth than necessary. The standard also helps provide a higher level of security between segments of internal networks.
The 802.1Q specification establishes a standard method for inserting VLAN membership information into Ethernet frames.
Cisco IOS XR software supports VLAN subinterface configuration on Gigabit Ethernet, 10-Gigabit Ethernet, and Fast Ethernet interfaces.
802.1Q Tagged Frames
The IEEE 802.1Q tag-based VLAN uses an extra tag in the MAC header to identify the VLAN membership of a frame across bridges. This tag is used for VLAN and quality of service (QoS) priority identification. The VLANs can be created statically by manual entry or dynamically through Generic Attribute Registration Protocol (GARP) VLAN Registration Protocol (GVRP). The VLAN ID associates a frame with a specific VLAN and provides the information that switches must process the frame across the network. A tagged frame is four bytes longer than an untagged frame and contains two bytes of Tag Protocol Identifier (TPID) residing within the type and length field of the Ethernet frame and two bytes of Tag Control Information (TCI) which starts after the source address field of the Ethernet frame.
Subinterfaces
Subinterfaces are logical interfaces created on a hardware interface. These software-defined interfaces allow for segregation of traffic into separate logical channels on a single hardware interface as well as allowing for better utilization of the available bandwidth on the physical interface.
Subinterfaces are distinguished from one another by adding an extension on the end of the interface name and designation. For instance, the Ethernet subinterface 23 on the physical interface designated TenGigE 0/1/0/0 would be indicated by TenGigE 0/1/0/0.23.
Before a subinterface is allowed to pass traffic it must have a valid tagging protocol encapsulation and VLAN identifier assigned. All Ethernet subinterfaces always default to the 802.1Q VLAN encapsulation. However, the VLAN identifier must be explicitly defined.
Subinterface MTU
The subinterface maximum transmission unit (MTU) is inherited from the physical interface with an additional four bytes allowed for the 802.1Q VLAN tag.
Native VLAN
The Cisco XR 12000 Series Router does not support a native VLAN.
Layer 2 VPN on VLANs
The Layer 2 Virtual Private Network (L2VPN) feature enables Service Providers (SPs) to provide layer 2 services to geographically disparate customer sites.
The configuration model for configuring VLAN attachment circuits (ACs) is similar to the model used for configuring basic VLANs, where the user first creates a VLAN subinterface, and then configures that VLAN in subinterface configuration mode. To create an AC, you need to include the l2transport keyword in the interface command string to specify that the interface is a Layer 2 interface.
VLAN ACs support three modes of L2VPN operation:
•Basic Dot1Q AC—The AC covers all frames that are received and sent with a specific VLAN tag.
•Q-in-Q AC—The AC covers all frames received and sent with a specific outer VLAN tag and a specific inner VLAN tag. Q-in-Q is an extension to Dot1Q that uses a stack of two tags.
•Q-in-Any AC—The AC covers all frames received and sent with a specific outer VLAN tag and any inner VLAN tag, as long as that inner VLAN tag is not L3 terminated. Q-in-Any is an extension to Q-in-Q that uses wildcarding to match any second tag.
Note The Q-in-Any mode is a variation of the basic Dot1Q mode. In Q-in-Any mode, the frames have a basic Q-in-Q encapsulation; however, in Q-in-Any mode the inner tag is not relevant, except for the fact that a few specific inner VLAN tags are siphoned for specific services. For example, a tag may be used to provide L3 services for general internet access.
Each VLAN on a CE-to-PE link can be configured as a separate L2VPN connection (using either VC type 4 or VC type 5). To configure L2VPN on VLANs, see the "Configuring an Attachment Circuit on a VLAN" section.
Keep the following in mind when configuring L2VPN on a VLAN:
•Cisco IOS XR software supports 4k ACs per LC.
•In a point-to-point connection, the two ACs do not have to be of the same type. For example, a port mode Ethernet AC can be connected to a Dot1Q Ethernet AC.
•Pseudo-wires can run in VLAN mode or in port mode. A pseudo-wire running in VLAN mode has a single Dot1Q tag, while a pseudo-wire running in port mode has no tags. Some interworking is required to connect these different types of circuits together. This interworking takes the form of popping, pushing and rewriting tags. The advantage of Layer 2 VPN is that is simplifies the interworking required to connect completely different media types together.
•The ACs on either side of an MPLS pseudo-wire can be different types. In this case, the appropriate conversion is carried out at one or both ends of the AC to pseudo-wire connection.
Use the show interfaces command to display AC and pseudo-wire information.
Note For detailed information about configuring an L2VPN network, see the Implementing MPLS Layer 2 VPNs module of the Cisco IOS XR Multiprotocol Label Switching Configuration Guide.
How to Configure 802.1Q VLAN Interfaces
This section contains the following procedures:
•Configuring 802.1Q VLAN Subinterfaces
•Configuring an Attachment Circuit on a VLAN
•Configuring an Attachment Circuit on a VLAN
•Removing an 802.1Q VLAN Subinterface
Configuring 802.1Q VLAN Subinterfaces
This task explains how to configure 802.1Q VLAN subinterfaces. To remove these subinterfaces, see the "Removing an 802.1Q VLAN Subinterface" section of this module.
SUMMARY STEPS
1. configure
2. interface {GigabitEthernet | TenGigE | fastethernet | Bundle-Ether} interface-path-id.subinterface
3. dot1q vlan vlan-id
4. ipv4 address ip-address mask
5. exit
6. Repeat Step 2 through Step 5 to define the rest of the VLAN subinterfaces.
7. end
or
commit
8. show vlan interface [{GigabitEthernet | TenGigE | Bundle-Ether | fastethernet} interface-path-id] [location instance]
9. show vlan trunks [brief] [location instance] [{GigabitEthernet | TenGigE | Bundle-Ether | fastethernet} interface-path-id] [summary]
DETAILED STEPS
|
|
|
Step 1 |
configure
RP/0/0/CPU0:router# configure |
Enters global configuration mode. |
Step 2 |
interface {GigabitEthernet | TenGigE | Bundle-Ether | fastethernet} interface-path-id.subinterface
RP/0/0/CPU0:router(config)# interface TenGigE 0/2/0/4.10 |
Enters subinterface configuration mode and specifies the interface type, location, and subinterface number. •Replace the interface-path-id argument with one of the following instances: –Physical Ethernet interface instance or Ethernet bundle instance. Naming notation is rack/slot/module/port, and a slash between values is required as part of the notation. –Ethernet bundle instance. Range is from 1 through 65535. •Replace the subinterface argument with the subinterface value. Range is from 0 through 4095. •Naming notation is instance.subinterface, and a period between arguments is required as part of the notation. |
Step 3 |
dot1q vlan vlan-id
RP/0/0/CPU0:router(config-subif)# dot1q vlan 100 |
Assigns a VLAN AC to the subinterface. •Replace the vlan-id argument with a subinterface identifier. Range is from 1 to 4094 inclusive (0 and 4095 are reserved). To configure a basic Dot1Q AC, use the following syntax:
•To configure a Q-in-Q AC, use the following syntax:
dot1q vlan vlan-id vlan vlan-id
|
Step 4 |
ipv4 address ip-address mask
RP/0/0/CPU0:router(config-subif)# ipv4 address 178.18.169.23/24 |
Assigns an IP address and subnet mask to the subinterface. •Replace ip-address with the primary IPv4 address for an interface. •Replace mask with the mask for the associated IP subnet. The network mask can be specified in either of two ways: –The network mask can be a four-part dotted decimal address. For example, 255.0.0.0 indicates that each bit equal to 1 means that the corresponding address bit belongs to the network address. –The network mask can be indicated as a slash (/) and number. For example, /8 indicates that the first 8 bits of the mask are ones, and the corresponding bits of the address are network address. |
Step 5 |
exit
RP/0/0/CPU0:router(config-subif)# exit |
(Optional) Exits the subinterface configuration mode. •The exit command is not explicitly required. |
Step 6 |
Repeat Step 2 through Step 5 to define the rest of the VLAN subinterfaces. |
— |
Step 7 |
end or commit
RP/0/0/CPU0:router(config)# end or RP/0/0/CPU0:router(config)# commit |
Saves configuration changes. •When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them before
exiting(yes/no/cancel)?
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. –Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. –Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. •Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. |
Step 8 |
show vlan interface [type interface-path-id][location instance]
RP/0/0/CPU0:router# show vlan interface 5 |
(Optional) Displays the interface configuration. •To display the configuration for a particular port, use the location keyword. •To display the configuration for the specified interface or subinterface, use the interface keyword. |
Step 9 |
show vlan trunks [brief] [location instance] [{GigabitEthernet | TenGigE | Bundle-Ether | fastethernet} interface-path-id] [summary]
RP/0/0/CPU0:router# show vlan trunk summary |
(Optional) Displays summary information about each of the VLAN trunk interfaces. •The keywords have the following meanings: –brief—Displays a brief summary. –summary—Displays a full summary. –location—Displays information about the VLAN trunk interface on the given port. –interface—Displays information about the specified interface or subinterface. |
Configuring an Attachment Circuit on a VLAN
Use the following procedure to configure an attachment circuit on a VLAN.
SUMMARY STEPS
1. configure
2. interface {GigabitEthernet | TenGigE | fastethernet | Bundle-Ether] interface-path-id.subinterface l2transport
3. dot1q vlan vlan-id
4. l2protocol {cdp | pvst | stp | vtp} {[forward | tunnel] [experimental bits] | drop}
5. end
or
commit
6. show interfaces [GigabitEthernet | TenGigE] interface-path-id
DETAILED STEPS
|
|
|
Step 1 |
configure
RP/0/0/CPU0:router# configure terminal |
Enters global configuration mode. |
Step 2 |
interface [GigabitEthernet | TenGigE | Bundle-Ether | TenGigE] interface-path] id.subinterface l2transport
RP/0/0/CPU0:router(config)# interface TenGigE 0/1/0/0.1 l2transport |
Enters subinterface configuration and specifies the interface type, location, and subinterface number. •Replace the interface-path-id argument with one of the following instances: –Physical Ethernet interface instance or Ethernet bundle instance. Naming notation is rack/slot/module/port, and a slash between values is required as part of the notation. –Ethernet bundle instance. Range is from 1 through 65535. •Replace the subinterface argument with the subinterface value. Range is from 0 through 4095. •Naming notation is instance.subinterface, and a period between arguments is required as part of the notation. Note You must include the l2transport keyword in the command string; otherwise, the configuration creates a Layer 3 subinterface rather that an AC. |
Step 3 |
dot1q vlan vlan-id
RP/0/0/CPU0:router(config-subif)# dot1q vlan 10 vlan any |
Assigns a VLAN AC to the subinterface. •Replace the vlan-id argument with a subinterface identifier. Range is from 1 to 4094 inclusive (0 and 4095 are reserved). To configure a basic Dot1Q AC, use the following syntax:
•To configure a Q-in-Q AC, use the following syntax:
dot1q vlan vlan-id vlan vlan-id
•To configure a Q-in-Any AC, use the following syntax:
dot1q vlan vlan-id vlan any
Note |
Step 4 |
l2protocol {cdp | pvst | stp | vtp}{[forward |
tunnel][experimental bits]|drop}
RP/0/0/CPU0:router(config-if-l2)# l2protocol stp tunnel
|
Configures Layer 2 protocol tunneling and protocol data unit (PDU) filtering on an interface. Possible protocols and options are: •cdp—Cisco Discovery Protocol (CDP) tunneling and data unit parameters. •pvst—Configures VLAN spanning tree protocol tunneling and data unit parameters. •stp—spanning tree protocol tunneling and data unit parameters. •vtp—VLAN trunk protocol tunneling and data unit parameters. •tunnel—(Optional) Tunnels the packets associated with the specified protocol. •experimental bits—(Optional) Modifies the MPLS experimental bits for the specified protocol. •drop—(Optional) Drop packets associated with the specified protocol. |
Step 5 |
end or commit
RP/0/0/CPU0:router(config-if-l2)# end or RP/0/0/CPU0:router(config-if-l2)# commit |
Saves configuration changes. •When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them before
exiting(yes/no/cancel)?
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. –Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. –Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. •Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. |
Step 6 |
show interfaces [GigabitEthernet | TenGigE] interface-path-id.subinterface
RP/0/0/CPU0:router# show interfaces TenGigE 0/3/0/0.1 |
(Optional) Displays statistics for interfaces on the router. |
What to Do Next
•To configure a Point-to-Point pseudo-wire cross connect on the AC, see the Implementing MPLS Layer 2 VPNs module of the Cisco IOS XR Multiprotocol Label Switching Configuration Guide.
•To attach Layer 3 service policies, such as Multiprotocol Label Switching (MPLS) or Quality of Service (QoS), to the VLAN, refer to the appropriate Cisco IOS XR software configuration guide.
Removing an 802.1Q VLAN Subinterface
This task explains how to remove 802.1Q VLAN subinterfaces that have been previously configured using the "Configuring 802.1Q VLAN Subinterfaces" section in this module.
SUMMARY STEPS
1. configure
2. no interface {GigabitEthernet | TenGigE | fastethernet | Bundle-Ether] interface-path-id.subinterface
3. Repeat Step 2 to remove other VLAN subinterfaces.
4. end
or
commit
5. show vlan interface [type interface-path-id] [location instance]
6. show vlan trunks [brief] [location instance] [{GigabitEthernet | TenGigE | Bundle-Ether | fastethernet} interface-path-id] [summary]
DETAILED STEPS
|
|
|
Step 1 |
configure
RP/0/0/CPU0:router# configure |
Enters global configuration mode. |
Step 2 |
no interface {GigabitEthernet | TenGigE | fastethernet | Bundle-Ether] interface-path-id.subinterface
RP/0/0/CPU0:router(config)# no interface TenGigE 0/2/0/4.10 |
Removes the subinterface, which also automatically deletes all the configuration applied to the subinterface. •Replace the interface-path-id argument with one of the following instances: –Physical Ethernet interface instance or Ethernet bundle instance. Naming notation is rack/slot/module/port, and a slash between values is required as part of the notation. –Ethernet bundle instance. Range is from 1 through 65535. •Replace the subinterface argument with the subinterface value. Range is from 0 through 4095. Naming notation is instance.subinterface, and a period between arguments is required as part of the notation. |
Step 3 |
Repeat Step 2 to remove other VLAN subinterfaces. |
— |
Step 4 |
end or commit
RP/0/0/CPU0:router(config)# end or RP/0/0/CPU0:router(config)# commit |
Saves configuration changes. •When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them before
exiting(yes/no/cancel)?
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. –Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. –Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. •Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. |
Step 5 |
show vlan interface [{GigabitEthernet | TenGigE | Bundle-Ether} interface-path-id | location instance]
RP/0/0/CPU0:router# show vlan trunk summary |
(Optional) Displays the interface configuration. •To display the configuration for a port, use the location keyword. •To display the configuration for the specified interface or subinterface, use the interface keyword. |
Step 6 |
show vlan trunks [brief] [location instance] [{GigabitEthernet | TenGigE | Bundle-Ether | fastethernet} interface-path-id] [summary]
RP/0/0/CPU0:router# show vlan trunk summary |
(Optional) Displays summary information about each of the VLAN trunk interfaces. •The keywords have the following meanings: –brief—Displays a brief summary. –summary—Displays a full summary. –location—Displays information about the VLAN trunk interface on the given port. –interface—Displays information about the specified interface or subinterface. |
Configuration Examples for VLAN Interfaces
This section contains the following example:
VLAN Subinterfaces: Example
VLAN Subinterfaces: Example
The following example shows how to create three VLAN subinterfaces at one time:
RP/0/0/CPU0:router# configure
RP/0/0/CPU0:router(config)# interface TenGigE 0/2/0/4.1
RP/0/0/CPU0:router(config-subif)# dot1q vlan 10
RP/0/0/CPU0:router(config-subif)# ipv4 address 10.0.10.1/24
RP/0/0/CPU0:router(config-subif)# interface TenGigE0/2/0/4.2
RP/0/0/CPU0:router(config-subif)# dot1q vlan 20
RP/0/0/CPU0:router(config-subif)# ipv4 address 10.0.20.1/24
RP/0/0/CPU0:router(config-subif)# interface TenGigE0/2/0/4.3
RP/0/0/CPU0:router(config-subif)# dot1q vlan 30
RP/0/0/CPU0:router(config-subif)# ipv4 address 10.0.30.1/24
RP/0/0/CPU0:router(config-subif)# commit
RP/0/0/CPU0:router(config-subif)# exit
RP/0/0/CPU0:router(config)# exit
RP/0/0/CPU0:router# show vlan trunks summary
RP/0/0/CPU0:router# show vlan interface
interface encapsulation vlan-id intf-state
RP/0/0/CPU0:router# show vlan trunks brief
interface encapsulations intf-state
Te0/2/0/4 802.1Q (Ether) up
The following example shows how to create two VLAN subinterfaces on an Ethernet bundle:
RP/0/0/CPU0:router# configure
RP/0/0/CPU0:router(config)# interface bundle-ether 2
RP/0/0/CPU0:router(config-if)# ipv4 address 192.168.2.1/24
RP/0/0/CPU0:router(config-if)# exit
RP/0/0/CPU0:router(config)# interface bundle-ether 2.1
RP/0/0/CPU0:router(config-subif)# dot1q vlan 10
RP/0/0/CPU0:router(config-subif)# ipv4 address 192.168.100.1/24
RP/0/0/CPU0:router(config-subif)# exit
RP/0/0/CPU0:router(config)# interface bundle-ether 2.2
RP/0/0/CPU0:router(config-subif)# dot1q vlan 20
RP/0/0/CPU0:router(config-subif)# ipv4 address 192.168.200.1/24
RP/0/0/CPU0:router(config-subif)# exit
RP/0/0/CPU0:router(config)# commit
The following example shows how to create a basic dot1Q AC:
RP/0/0/CPU0:router# configure
RP/0/0/CPU0:router(config)# interface GigabitEthernet 0/0/0/0.1
RP/0/0/CPU0:router(config-subif)# l2transport
RP/0/0/CPU0:router(config-subif)# dot1q vlan 20
RP/0/0/CPU0:router(config-subif)# commit
RP/0/0/CPU0:router(config-subif)# exit
RP/0/0/CPU0:router(config)# exit
The following example shows how to create a Q-in-Q AC:
RP/0/0/CPU0:router# configure
RP/0/0/CPU0:router(config)# interface GigabitEthernet 0/0/0/0.2
RP/0/0/CPU0:router(config-subif)# l2transport
RP/0/0/CPU0:router(config-subif)# dot1q vlan 20 vlan 10
RP/0/0/CPU0:router(config-subif)# commit
RP/0/0/CPU0:router(config-subif)# exit
RP/0/0/CPU0:router(config)# exit
The following example shows how to create a Q-in-Any AC:
RP/0/0/CPU0:router# configure
RP/0/0/CPU0:router(config)# interface GigabitEthernet 0/0/0/0.3
RP/0/0/CPU0:router(config-subif)# l2transport
RP/0/0/CPU0:router(config-subif)# dot1q vlan 30 vlan any
RP/0/0/CPU0:router(config-subif)# commit
RP/0/0/CPU0:router(config-subif)# exit
RP/0/0/CPU0:router(config)# exit
Additional References
These sections provide references related to VLAN interface configuration.
Related Documents
|
|
Cisco IOS XR master command reference |
Cisco IOS XR Master Commands List |
Cisco IOS XR interface configuration commands |
Cisco IOS XR Interface and Hardware Component Command Reference |
Initial system bootup and configuration information for a router using the Cisco IOS XR Software |
Cisco IOS XR Getting Started Guide |
Information about user groups and task IDs |
Cisco IOS XR Interface and Hardware Component Command Reference |
Standards
|
|
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature |
— |
MIBs
|
|
There are no applicable MIBs for this module. |
To locate and download MIBs for selected platforms using Cisco IOS XR Software, use the Cisco MIB Locator found at this URL: http://www.cisco.com/go/mibs |
RFCs
a
|
|
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature. |
— |
Technical Assistance
|
|
The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content. |
http://www.cisco.com/support |