This document describes how to bridge a Layer 2 (L2) network across a Layer 3 (L3) network.
Cisco recommends that you have knowledge of these topics:
This document is not restricted to specific software and hardware versions.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
In many situations, you require a solution in order to aggregate WiFi traffic from hotspots to a central location. In such cases, the solution needs to allow customer premise equipment (CPE) devices to bridge the Ethernet traffic from the end host, and encapsulate the packages through the Ethernet traffic to an endpoint.
If you use Aggregation Services Routers (ASRs), the easy way to do this is to use Ethernet over soft GRE. However, for Integrated Service Routers (ISRs) and all other CPE devices, this is not an option. In older Cisco IOS® versions, it was possible to tunnel L2 over GRE by bridging the physical interface with a GRE tunnel interface. Although regular bridging strips the VLAN header from incoming packets, the use of Integrated Routing and Bridging (IRB) on the router can route and bridge the same network layer protocol on the same interface and still allow the router to maintain the VLAN header from one interface to another.
The previous solution is not supported by Cisco. The supported solution for bridging an L2 network is to use L2TPv3 as described in this document. L2TPv3 provides support for the transport of various L2 protocols like Ethernet, 802.1q (VLAN), Frame Relay, High-Level Data Link Control (HDLC), and Point-to-Point Protocol (PPP). The focus of this document is Ethernet extension.
This setup is very basic. Routers r101 and r201 serve as hosts on the same network, while r100 and r202 have one L3 interface and one L2 interface. The objective is to set up the L2TPv3 connection such that r101 and r201 are able to ping each other without the requirement of any routes.
The L2TP tunnel configuration involves three steps:
l2tp-class test
hostname stanford
password 7 082E5C4B071F091805
pseudowire-class test
encapsulation l2tpv3
ip local interface Loopback0
ip pmtu
Points to note:
interface Ethernet0/0
ip address 172.16.1.100 255.255.255.0
pseudowire-class test
encapsulation l2tpv3
protocol none
ip local interface fast 0/0
!
interface FastEthernet0/0
description WAN
ip address 198.51.100.100 255.255.255.0
!
interface FastEthernet0/1
description LAN
no ip address
speed 100
full-duplex
xconnect 203.0.113.102 1 encapsulation l2tpv3 manual pw-class test
l2tp id 1 2
!
ip route 0.0.0.0 0.0.0.0 198.51.100.1
pseudowire-class test
encapsulation l2tpv3
protocol none
ip local interface fast 0/0
!
interface FastEthernet0/0
description WAN
ip address 203.0.113.102 255.255.255.255
interface FastEthernet0/1
no ip address
duplex auto
speed auto
xconnect 198.51.100.100 1 encapsulation l2tpv3 manual pw-class test
l2tp id 2 1
interface Ethernet0/0
ip address 172.16.1.201 255.255.255.0
In order to display detailed information about the L2TP control channels that are set up to other L2TP-enabled devices for all L2TP sessions on the router, use the show l2tun tunnel all command.
In order to verify that the L2TPv3 encapsulation works properly, ping a host at the remote site that is supposed to be on the same VLAN. If the ping is succesful, you can use this command in order to confirm that your configuration works properly. The Output Interpreter Tool (registered customers only) supports certain show commands. Use the Output Interpreter Tool in order to view an analysis of show command output.
There is currently no specific troubleshooting information available for this configuration.