Ethernet Switching
Ethernet Switching

A QinQ problem with QFX5100

05.16.17   |  
‎05-16-2017 06:52 AM

Hello,

 

I have a mixed VC (QFX5100 and 3500) with 14.1X53-D40.8. There's an interface that incapsulates C-VLANs into S-VLAN:

set interfaces ae31 flexible-vlan-tagging 
set interfaces ae31 mtu 9216 
set interfaces ae31 encapsulation extended-vlan-bridge
set interfaces ae31 unit 3174 vlan-id-list 21-22
set interfaces ae31 unit 3174 input-vlan-map push
set interfaces ae31 unit 3174 input-vlan-map vlan-id 3174
set interfaces ae31 unit 3174 output-vlan-map pop

And on the other side the S-VLAN 3174 just goes out:

set interfaces ae0 flexible-vlan-tagging
set interfaces ae0 mtu 9216
set interfaces ae0 encapsulation extended-vlan-bridge
set interfaces ae0 unit 3174 vlan-id 3174

And S-VLAN configured like this:

set vlans sv3174-qinq interface ae0.3174
set vlans sv3174-qinq interface ae31.3174

At this point everything works fine, but if I create a VLAN with the same ID as a C-VLAN (21 or 22):

set vlans v21-user vlan-id 21

the traffic in the C-VLAN 21 stops.

 

What's wrong with it and how can I fix it?

 

Kind regards.

9 REPLIES
Ethernet Switching

Re: A QinQ problem with QFX5100

05.18.17   |  
‎05-18-2017 12:08 PM

Hello,

 

Are there any suggestions?

Am I the only one who experienced a problem like this?

 

Kind regards.

Ethernet Switching

Re: A QinQ problem with QFX5100

05.23.17   |  
‎05-23-2017 09:12 PM

Try this:

 

 

set interfaces ae31 flexible-vlan-tagging 
set interfaces ae31 mtu 9216 
set interfaces ae31 encapsulation extended-vlan-bridge
set interfaces ae31 unit 3174 vlan-tags outer 3174
set interfaces ae31 unit 3174 vlan-tags inner-range 21-22
set interfaces ae31 unit 3174 input-vlan-map push
set interfaces ae31 unit 3174 output-vlan-map pop

Question: Why do you need to create vlan 21? Either QinQ or single-tag in your case.

 

Ethernet Switching

Re: A QinQ problem with QFX5100

05.25.17   |  
‎05-25-2017 09:07 PM

Hi Anton,

 

Thank you for the answer.

Unfortunately that didin't work. During the commiting of your variant of configuration I've got the error:

A two tagged logical interface can not support push on input-vlan-map

And then I found out that according to https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/layer-2-services-vlans-a...:
"Note: You cannot configure VLAN mapping using the input-vlan-map and output-vlan-map statements if you configure a normalizing VLAN identifier for a VLAN or VPLS routing instance using the vlan-id or vlan-tags statements."

 

The answer to your question is obvious - I have a lot of VLANs in my network and I have to pass through it a bunch of customer's VLANs with the same IDs as mine. I encapsulated C-VLANs (21-22 in this case) into S-VLAN 3174:
     input-vlan-map {
       push;
       vlan-id 3174;
   }
and I supposed it'd be sufficient to solve this task, - but it doesn't.. If a C-VLAN ID coinsides with a single-tagged VLAN ID which I use in my network, the traffic in a C-VLAN (encapsulated into an S-VLAN already) stops to run.

 

Kind regards.

Ethernet Switching

Re: A QinQ problem with QFX5100

05.26.17   |  
‎05-26-2017 05:08 AM
I was little bit... wrong 🙂
That's must be right solution:
set interfaces ae31 flexible-vlan-tagging
set interfaces ae31 mtu 9216
set interfaces ae31 encapsulation extended-vlan-bridge
set interfaces ae31 unit 3174 vlan-id-list 21-22
set interfaces ae31 unit 3174 native-vlan-id 3174
set interfaces ae31 unit 3174 input-vlan-map push
set interfaces ae31 unit 3174 output-vlan-map pop
Ethernet Switching

Re: A QinQ problem with QFX5100

05.26.17   |  
‎05-26-2017 05:29 AM
And of course, you can use classical non-ELF dot1q-tunneling method:
set interfaces ae31 unit 0 family ethernet-switching port-mode access
set interfaces ae31 unit 0 family ethernet-switching vlan members vl3174
 
Core facing port:
set interfaces ae0 unit 0 family ethernet-switching port-mode trunk
set interfaces ae0 unit 0 family ethernet-switching vlan members vl3174
 
s-vlan:
set vlans vl3174 vlan-id 3174
set vlans vl3174 dot1q-tunneling customer-vlans 21-22
Ethernet Switching

Re: A QinQ problem with QFX5100

05.26.17   |  
‎05-26-2017 07:26 AM

You can't use native-vlan-id under the "unit XXX" stanza. And there're no untagged frames coming to us from the client's side.
Also, I can't use classical scheme cause there're other units with single-tagged frames that cross my network "as is".

I've got an answer at the other forum about this problem:
"VLANs configured with extended-vlan-bridge interfaces are forwarded
using a different daemon than VLANs forwarded using the
classic ethernet-switching daemon.

It's quite likely that you cannot share VLAN IDs between the two methods of forwarding."

Looks like this problem has no solution for now except keeping VLANs separately or making VLAN-mapping Smiley Sad

Ethernet Switching

Re: A QinQ problem with QFX5100

05.26.17   |  
‎05-26-2017 08:14 AM

OK. Just move native-vlan-id under parent interface config...

 

set interfaces ae31 flexible-vlan-tagging 
set interfaces ae31 mtu 9216 
set interfaces ae31 encapsulation extended-vlan-bridge
set interfaces ae31 native-vlan-id 3174
set interfaces ae31 unit 3174 vlan-id-list 21-22
set interfaces ae31 unit 3174 input-vlan-map push
set interfaces ae31 unit 3174 output-vlan-map pop 

 

 

Ethernet Switching

Re: A QinQ problem with QFX5100

05.27.17   |  
‎05-27-2017 01:07 PM

Actually, this solution differs from my original config with the only one line where the native-vlan-id is defined, but I've tried it anyway Smiley Happy Unfortunately it didn't correct the situation.

 

Thanks!

Ethernet Switching

Re: A QinQ problem with QFX5100

05.29.17   |  
‎05-29-2017 01:21 AM

Yeah Smiley Happy


It seems in your situation when you create vlan 21, your default bridge-domain begins to processing this vlan without double-tagging. Like if you just want to pass it through the switch or terminate it on irb.