IEEE801.2ad 802.1ah 802.11
How QinQ technology used in real life, why is referred to as Layer VPN
QinQ is the only kind of technology used in MAN ---- Layer 2 VPN technology, also known as 802.1Q tunnel
802.1Q tunnel: two tags will be marked with the outer tag used to distinguish clients, through the operator switches the middle, inner label vlan client to play tag, corresponds to the client and switch operators connected between the switch and then directly hit a tunnel tunnel client
A, QinQ technique based overview
QinQ technique by stacking two 802.1Q in an Ethernet frame header, effectively extends the number of VLAN, so that the number of the VLAN number up to 4094x4094. Meanwhile, more than one VLAN can be multiplexed into a single core VLAN.
MSP VLAN usually establish a model for each customer, with the Generic Attribute Registration Protocol / Generic VLAN Registration Protocol (GARP / GVRP) automatically monitors the entire VLAN trunk network, and to accelerate network convergence rate by extending the Spanning Tree Protocol (STP), thereby provide flexibility for the network.
SVLAN technology as the initial solution is good, but as the number of users, SVLAN model can also cause problems scalability. Because some users may wish to transfer data between the branches can bring their own VLAN ID, the QinQ technique which makes use of the MSP faces two problems:
First, the first customer VLAN identifier may conflict with other customers;
second, service providers will severely limit the number of customers using the logo.
If the user is allowed to use their own VLAN ID space according to their own way, then there is still the core network VLAN limit of 4096.
Second, the principle of QinQ packets form the
Tag field defined in the 802.1Q, only 12 bits are used for VLAN ID, so the device can support up to 4094 VLAN.
In practical applications, especially in the metropolitan area, it is necessary to isolate a large number of user VLAN, VLAN 4094 can not meet the demand. Thus was born QinQ technology.
QinQ basic principle
is before the packets from a service provider network VLAN Tag operator network on a package, and the user of the packet data as the original VLAN Tag in the packet with two operators across VLAN Tag The internet.
How QinQ propagating
in the service provider network, packets are broadcast by their outer VLAN Tag (VLAN Tag i.e. carrier networks), when the user packets leaving the network operator, service provider network VLAN Tag stripped of newspaper text in the customer network, propagating according to the private VLAN Tag.
QinQ packet has a fixed format
is one call on 802.1Q 802.1Q tag label 802.1Q packet plurality normal four bytes than QinQ packets. 4 bytes for the outer layer label, i.e., a public service provider network VLAN Tag.
The original 802.1Q tag Tag as an inner layer, i.e. private VLAN Tag.
QinQ is an extension of 802.1Q, the core idea is to package the private network to the public network VLAN tag VLAN tag, the packet with two tag through the service provider's backbone network, providing users with a more simple two layer 2 VPN tunnel. Its characteristics are based on the concept of a port in 802.1Q Trunk, requiring equipment on the tunnel must support 802.1Q protocol, signaling support is not required, it can be realized only through static configuration, especially for small to three switches as the backbone of enterprise networks or small-scale metropolitan area.
QinQ the double-frame format
in the QinQ encapsulation, each device manufacturer inner TPID (Tag Protocol Identifier, Tag Protocol ID) (i.e., the inner Etype) a value of 0x8100, but for the TPID layer (i.e. outer layer EType) of value, the value of various manufacturers can be used is not the same.
How to implement VLAN QinQ technique bis
QinQ technique can be used such carriers as a VLAN comprising a plurality of network service VLAN of the user. As shown below, a user private VLAN A network is VLAN 1 ~ 10, a user private VLAN network B is VLAN 1 ~ 20. A network operators to provide users assigned VLAN of VLAN 3, the VLAN assigned to the user network B VLAN 4. When the packet with the VLAN Tag into the user's network operator network B; when a network with VLAN Tag A user packets into the service provider network, packets are encapsulated on the outside layer VLAN ID of the VLAN Tag. 3 , message packets are encapsulated on the outside layer of VLAN ID is the VLAN Tag 4. Thus, packets of different users of the network is completely separated at the public network, even if the range of overlapping two user VLAN networks.
QinQ packet format is shown:
QinQ technology is divided into two kinds of basic QinQ and QinQ
Basic QinQ
implement port-based. After enable basic QinQ port, when the port receives a packet, the device is marked with VLAN Tag packet the port's default VLAN. If the received packet already with VLAN Tag, the packet becomes a packet bis Tag; if the received packets do not carry a VLAN Tag of the packet becomes the default VLAN Tag with message.
Selective QinQ
Selective QinQ is a more flexible implementation of the QinQ, which is based on the combination, VLAN implementation, the following functions:
different outer VLAN Tag packets with different VLAN ID of inner .
User Priority specified outer label
specifies the TPID outer label (i.e., an outer layer EType)
Third, the relevant agreement QinQ technology
QinQ, also known as Stacked VLAN or Double VLAN. Standard from IEEE802.1ad, the current standard is still in draft stage. Implemented as a package label before 802.1q protocol 802.1q protocol label again, one of which identifies the user system network (customer network), the network layer identifies the network operator (service provider network), to achieve its expanded subscriber line identification. The current portion of the switch can support QinQ function.
QinQ allows each user is assigned to the second largest 4K VLAN ID for the operator. Operators VLAN tag IPDSLAM network side insert, delete user side. BAS subscriber line is determined through a second VLAN identifier identifying a user. QinQ also solved the VLAN (maximum 4k) insufficient number of problems.
Predetermined TPID (Tag Protocol Identifier) of EType is 0x8100 in the 802.1Q. In QinQ encapsulation, each device manufacturer EType inner TPID value of 0x8100, but for the outer TPID EType, using the values of the respective manufacturers are not the same.
Definition provided in IEEE 802.1ad outer TPID field is in EType 0x88a8.
Fourth, the characteristics of the QinQ technology
No protocol procedure does not require any configuration;
not associated with the business, no effect on the DSLAM;
extended 4k VLAN;
L2 VLAN unified planning, while requiring Layer 2 network operators must support two-story VLAN tag, the equipment requirements are relatively high .
Packet payload reduced while the fragmentation may cause, recombinant;
protocol extension is not strong, the user does not support other control attributes.
Layer opposite MPLS-based VPN, QinQ has the following features:
It provides the user with a more simple Layer 2 VPN tunnels;
without the support of a signaling protocol, may be achieved by purely static configuration;
due QinQ implementation is based on the concept Trunk Port 802.1Q protocol, tunneling equipment required We must support 802.1Q protocol.
QinQ you with the following questions:
Saves public network VLAN ID resource;
users can plan their own private network VLAN ID, not with public network VLAN ID conflict;
to provide a relatively simple Layer 2 VPN solution for small-sized MANs or intranets
QinQ function application scenarios:
applications: Internet service, VOD / VoIP, large customer access and VPN, FMC full service
Five, QinQ technique switch configuration
client configuration: the ISP interface trunk interface
SW1 (config) #int F0 / 1
SW1 (config-IF) #switchport Access vlan 100
SW1 (config-IF) #switchport the MODE-dot1q the Tunnel
SW1 (config-IF) # cdp the Tunnel Protocol-
six QinQ technology development direction
flexible QinQ QinQ implementation of QinQ implementations one is based on QinQ port, one is based on a flexible QinQ traffic classification.
A port mechanism implemented based on QinQ follows:
When the device interface receives a packet, regardless of whether the packet with VLAN Tag, packet switches are marked as default VLAN VLAN Tag is present. Thus, if the received packet already with VLAN Tag, the packet becomes a packet bis Tag; if the received packet is untagged, the packet carry the default VLAN Tag of message. Because relatively easy to implement port-based QinQ, so the industry's leading manufacturers of three switches are supported. Based on QinQ disadvantage is the outer port Vlan Tag rigid packages, the package can not select the outer Vlan Tag manner according to the type of business, making it difficult to effectively support the flexible multi-service operations.
Flow classification is based on the selective QinQ implementation mechanism: on QinQ flow characteristics (Selective QinQ), the flexibility to choose whether the results of stream classification outer VLAN tag hit, which marked the outer VLAN tag: The user Vlan tag, MAC address, IP protocol, source address, destination address, priority, or the port number of the application embodiment QinQ feature. With the above flow classification, the actual implementation of different users, different services, different priorities of other packets according to the external VLAN tag package, a variety of different bearer services embodiments.
Creator: Eric · Charles
----------------
Disclaimer: This article is CSDN blogger "Eric · Charles' original article, follow the CC 4.0 BY-SA copyright agreement, reproduced attach the original source link and this statement.
Original link: https: //blog.csdn.net/qq_42197548/article/details/87971048
