SOLVED
Hi Michal,
thanks for your reply.
The situation you describe, uses also a customer switch, connected to your 5800. In that particular situation, it is not that hard to create QinQ because the port on the 5800 connected to a customer switch, add's the S-tag (qinq).
My question, is how can I do it, without a customer switch. The 5800 has de Customer VLAN's and has to add a QinQ S-VLAN tag before sending it on the fiber, connected to the other side.. And this without creating a fysical link attached to 2 port's on the same 5800...
I attached a new Visio drawing to explain it better... Hope someone can answer.
Michal,
thanks for your reply.
I understand that a typical scenario prescribes that the provider add's the S-TAG con the Customer-Edge device. In this case (Equinix datacenters and their Cloud-Exchange service) they don't do that.
They create a L2 link with Microsoft (Express route) and I define the S-TAG in the Equinix portal. So eventuallly I send my S-VLAN1000 into their CE-Switch. and Microsoft also has VLAN1000 defined on the Expres-route Circuit. At the end of the circuit I can create in MS Azure Virtual networks, / BGP connection points for diffrent netwerk types (one for the private Azure environment, one for the public (saas) environment and one for Office 365 as an environment) so there are a maximum of 3 VLAN's (C-VLAN's) transfering over the express route connection, embedded in S-VLAN 1000.
The downsite is, that Equinix expects me to send de S-VLAN (and thus do the QinQ config myself).
I Can solve this by adding 2 switches wich connect to the Equinix fiber (cloud exchange) and call them the Provider-Customer-edge switches. But why should I add 2 extra switches in the rack, while being able to do this all on the same coreswitches...
I think it aint possible to do the tunneling on the same switch without using an physical patch cable to do the trick. (illustrated below)
Did you try to simulate in HCL Comware simulator ?
As I'm facing a similar demand from one of my customers, I have quickly tried to simulate it.
I intended to do this with HP 5510 HI switches which I have at my customer as edge switch
See below the setup I created in HCL. I patched gi1/0/2 and gi1/0/3 on each of the switches.
Configurations of both Cust edge and MSAzure edge switches
===========================================================================================
<Cust>dis cur
#
version 7.1.059, Alpha 7159
#
sysname Cust
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
lldp global enable
#
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
#
vlan 1
#
vlan 200 to 201
#
vlan 1000
#
stp global enable
#
interface NULL0
#
interface Vlan-interface200
ip address 192.168.0.1 255.255.255.252
#
interface Vlan-interface201
ip address 192.168.1.1 255.255.255.252
#
interface FortyGigE1/0/53
port link-mode bridge
#
interface FortyGigE1/0/54
port link-mode bridge
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
combo enable fiber
#
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 200 to 201
combo enable fiber
#
interface GigabitEthernet1/0/3
port link-mode bridge
port access vlan 1000
qinq enable
combo enable fiber
undo stp enable
#
=========================================================================================
sysname MSAzure
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 1
#
lldp global enable
#
system-working-mode standard
xbar load-single
password-recovery enable
lpu-type f-series
#
vlan 1
#
vlan 200 to 201
#
vlan 1000
#
stp global enable
#
interface NULL0
#
interface Vlan-interface200
ip address 192.168.0.2 255.255.255.252
#
interface Vlan-interface201
ip address 192.168.1.2 255.255.255.252
#
interface FortyGigE1/0/53
port link-mode bridge
#
interface FortyGigE1/0/54
port link-mode bridge
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 1000
combo enable fiber
#
interface GigabitEthernet1/0/2
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 200 to 201
combo enable fiber
#
interface GigabitEthernet1/0/3
port link-mode bridge
port access vlan 1000
combo enable fiber
undo stp enable
UNFORTUNATELY I CAN'T PING FROM ONE VLAN INT 200 or 201 to the other side ...yet.
Anyone suggestions or comments ?
Hi Tdesserrano
First of all, thanks for trying!
I tried it myselfe too, struggeling arround with the simulator, and also hoping / guessing this is an simulator issue and not a real deal :) Just can't get QinQ to work.
I tried several things, also with a 'provider switch in between. But no luck to get it to work. So I will test it on the hardware itselfe.
I also notices that the command
display mac-address
doesn't show any entry's. Also an simulator issue? And maybe causing QinQ to fail.
Anyway, below a screenshot of the HCL layout.
I setup the following test with two HP 5500 HI switches
Ping from VLAN 200 at one side to VLAN 200 at the other side worked. Between the two sites, VLAN 200 was QinQ'ed over SVLAN 1000.
Configuration and pings+display commands attached.