IEEE 802.1q

From Internetworkpro

(Redirected from 802.1q)
Jump to: navigation, search

IEEE 802.1q is a mechanism of carrying multiple VLANs between switches. In Cisco this is called trunking.

802.1q can be compared to the Cisco proprietary trunking method ISL. Both methods allow you to carry multiple VLANs across a single physical link. Unlike ISL, 802.1q is an open standard and is thus compatible between most vendors' equipment. In addition, 802.1q has less overhead than ISL with an additional 4-bytes per frame via a tag vs ISL's 30-bytes per frame which encapsulates the original frame. Finally 802.1q supports native vlans which allow devices that do not understand 802.1q to still work using the native vlan.

Contents

[edit] Frame Format

802.1q works by appending a 16-bit tag within the original Ethernet frame. The rest of the fields are left alone except for the FCS which is recalculated to include the new tag.

802.1q Frame Format


802.1q Tag Fields
Field Description
TPID Tag Protocol Identifier

This is set to a value of 0x8100 to identify the frame as an IEEE 802.1Q tagged frame

Priority This is a 3-bit field to display the 802.1p priority or CoS of the frame. 3-bit allows for 8 levels of classification
CFI Canonical Format Indicator

This is set to 1 if the MAC address is in a non-canonical format or 0 if it is in a canonical format

VID VLAN Identifier

This is a 12-bit field that uniquely identifies the VLAN of the tagged frame. The value is from 0 to 4095 (not the switch may limit what vlans can be used)

[edit] Native VLAN

802.1q has a concept called the 'native vlan', where any frame without a .1q tag will be given the native vlan as the assumed VLAN. For example, if a switch had VLAN 10 as the native vlan and received a regular (i.e. untagged) Ethernet frame, this would be then assumed to be in VLAN 10.

[edit] Double-Tagging

802.1q can also be double-tagged, allowing multiple encapsulations to run across networks (e.g. Service Providers). In this case, the outer tag is processed first followed by the inner tag. This is called QinQ.

[edit] Configuring

Configuration.png This page or section provides device configuration instructions
Please note that the information on this page has not been checked for accuracy and is not intended as a replacement to documentation. Please ensure you understand your desired objectives before attempting to apply any examples listed.
See more examples at Category:Configuration

[edit] Cisco IOS Router

Use the encapsulation dot1q command underneath a sub-interface to specify dot1q. The sub-interface number and vlan number do not have to match, but it does make the readability of the config much better. This should be a standard when you number your sub-interfaces.

The use of the native command after the vlan number can be use to mark the native vlan. Alternately you can place an IP address directly on the physical interface and this will be untagged (like your native vlan)

Note that you will need either IP Plus to support dot1q encapsulation. IP Base (new IOS naming) also supports it in 12.3 and above 

!
! No ip address on the primary interface cause we defined our native vlan using a subinterface below
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
! Vlan marked at native
!
interface FastEthernet0/1.2
 encapsulation dot1Q 2 native
 ip address 10.1.2.1 255.255.255.0
!
! Vlan not marked as the native vlan
!
interface FastEthernet0/1.100
 encapsulation dot1Q 100
 ip address 10.1.100.1 255.255.255.0

[edit] Cisco IOS Switch

To enable 802.1Q on a Cisco IOS switch use the switchport trunk encapsulation dot1q. The port also must be in either dynamic or trunk mode for the trunk to come up. In the switches default dynamic mode ISL will be negotiated before 802.1q. Make sure to set the encapsulation method to dot1q to ensure 802.1Q

To set the 802.1Q native VLAN use the switchport trunk native vlan command. The default native VLAN is 1 

!
! Here the trunk is turned to on.  Native VLAN is default of 1
!
interface FastEthernet0/13
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
! Here the trunk is set to dynamic desirable.  Native VLAN has been changed to vlan 2
!
interface FastEthernet0/14
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 2
 switchport mode dynamic desirable
!

By default all VLANs in the switched vlan database will be carried by the trunk. To limit the VLANs use the switchport trunk allowed VLAN command. 

!
! Only VLANs 1,2 and 45 are allowed on the VLAN.  VLAN 1 will be untagged as it is the native vlan (default)
!
interface FastEthernet0/13
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,2,45
 switchport mode trunk
!

To show the current trunk settings use show interface trunk command 

!
! Show vlan output truncated 
!
Sw2#show vlan
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/7, Fa0/8, Fa0/9, Fa0/10
4017 as                               active    Fa0/1, Fa0/2, Fa0/3, Fa0/4



Sw2#show int trunk 

Port        Mode         Encapsulation  Status        Native vlan
Fa0/13      on           802.1q         trunking      1
Fa0/14      desirable    802.1q         trunking      2

Port        Vlans allowed on trunk
Fa0/13      1-2,45
Fa0/14      1-4094

Port        Vlans allowed and active in management domain
Fa0/13      1
Fa0/14      1,4017

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/13      1
Fa0/14      1,4017

In the output above you can see both Fa0/13 and Fa0/14 are trunking. Fa0/13 has been set to mode 'on' while Fa0/14 is desirable. From here you will also see the native VLAN and the VLANs allowed on the trunk. Since VLANs 2 and 45 do are not in the local VLAN database they are not being trunked.

[edit] Cisco CatOS Switch

To setup 802.1Q trunking on CatOS use the set trunk command. You can specify all trunking parameters on this one line. 

 
!
! Native vlan set to 1.  Switch set to dynamic desirable mode, dot1q encapsulation, and all vlans allowed
!
set vlan 1 5/1
set trunk 5/1 desirable dot1q 1-4094

Verify the trunk:

show port status module/port: 

cat4000> (enable) show port status 5/1
Port  Name               Status     Vlan       Level  Duplex Speed Type
----- ------------------ ---------- ---------- ------ ------ ----- ------------
 5/1                     connected  trunk      normal a-full a-100 10/100BaseTX
cat4000> (enable)

show trunk: 

cat4000> (enable) show trunk
* - indicates vtp domain mismatch
# - indicates dot1q-all-tagged enabled on the port
Port      Mode         Encapsulation  Status        Native vlan
--------  -----------  -------------  ------------  -----------
 5/1      desirable    dot1q          trunking      1

Port      Vlans allowed on trunk
--------  ---------------------------------------------------------------------
 5/1      1-1005,1025-4094

Port      Vlans allowed and active in management domain
--------  ---------------------------------------------------------------------
 5/1      1-2

Port      Vlans in spanning tree forwarding state and not pruned
--------  ---------------------------------------------------------------------
 5/1      1-2
cat4000> (enable)

[edit] See Also

Retrieved from "http://www.inetpro.org/wiki/IEEE_802.1q"
Personal tools
Namespaces
Variants
Actions
Navigation
Categories
Toolbox