Dell PowerConnect 5524 QinQ

Question

Hi thereCould someone please guide me on how to configure QinQ on dell powerconnect 5524. According to the User Guide it does support QinQ but whatever I tried, I couldn't make it work. What does switchport mode customer command do to interface?There is no explanation on how to configure QinQ in the user guide, it only says it supports it. In my case I have 2 routers R1 and R2 which are connected to trunk ports of the switch. Both of them run VLANs 444 and 445 (inner tags) which are wrapped inside VLAN17 (outer tag). From R1 interface vlan 444 or 445 I can ping the relevant interface on R2. What I would like to accomplish is to have one of the switch ports to strip the tags and say have vlan 444 untagged on a port so I could connect an end device to it, say a PC. Any input is appreciated. Teymur

DELL-Erman O · Answer

Hello Teymur, I found some things and hope they may useful followings: QinQ tagging allows network managers to add an additional tag to previously tagged packets. Customer VLANs are configured using QinQ. Adding additional tags to the packets helps create more VLAN space. The added tag provides VLAN ID to each customer, this ensures private and segregated network traffic. The VLAN ID tag is assigned to a customer port in the service providers network. The designated port then provides additional services to the packets with the double-tags. This allows administrators to expand service to VLAN users. VLAN Port Settings Using CLI Commands The following table summarizes the equivalent CLI commands for viewing fields displayed in the VLAN Port Settings page. QinQ CLI Commands CLI Command Console>enable Console#config Console (config)# Console (config)# vlan database Console (config-vlan)# vlan 100 Console (config-vlan)# exit Console (config)# interface ethernet e5 Console (config-if)# switchport mode customer Console (config-if)# switchport customer vlan 100 Console (config-if)# exit Console (config)# interface ethernet e10 Console (config-if)# switchport mode trunk Console (config-if)# switchport trunk allowed vlan add 100 Console (config-if)# exit The following is an example of the QinQ show commands. Console# show interfaces switchport ethernet 1/e5 Port: 1/e5 Port Mode: Customer Gvrp Status: disabled Ingress Filtering: true Acceptable Frame Type: admitAll Ingress UnTagged VLAN ( NATIVE 100 Protected: Disabled Port is member in: Vla Name n --- ----------------- - ------ 100 100 Forbidden VLANS: Vlan Name ---- ----------------------- Classification rules: Protocol based VLANs: Group ID Vlan ID -------- ------------------ Mac based VLANs: Group ID Vlan ID -------- ------------------ Subnet based VLANs: Group ID Vlan ID -------- ------------------ console# Hope this will helps!

teymur88 · Answer

Hi Erman,

Thanks for your answer,

I'm not a copy-paste person, so for me it's important to understand something before I do it. Please bear with me.

In your post it looks like vlan100 is wrapped into vlan100, so one of them is the outer tag of another.

Please Correct me if I'm wrong:

Port E5 - is the one facing the customer..?

Port E10 - faces the Service Provider..?

Port E10 in trunk receives vlan100(outer tag), and Port E5 in customer mode strips that vlan100(outer tag), leaving vlan100(inner tag) to be stripped on the customer equipment? Is that right?

DiegoLopez · Answer

Hello @teymur88,

Erman is not available this week. But maybe I can clarify some information. I think this is the manual where Erman got this information from: https://dell.to/3Bxjt20 Please, check page 63. It shows some screenshoots that may help you and provide you some extra information.

Regards.

teymur88 · Answer

Hi Diego,Thanks for your answer. I would like to clarify a few points here:I'd like to understand how the QinQ logic works in the dell switches. So in this configConsoleenable Console#config Console (config)# Console (config)# vlan database Console (config-vlan)# vlan 100 Console (config-vlan)# exit Console (config)# interface ethernet e5 Console (config-if)# switchport mode customer Console (config-if)# switchport customer vlan 100 Console (config-if)# exit Console (config)# interface ethernet e10 Console (config-if)# switchport mode trunk Console (config-if)# switchport trunk allowed vlan add 100 Console (config-if)# exit This config looks crystal clear to me, however what confuses me is:1) Port e5 connects to customer equipment? Is that right? Can customer equipment be a NON-VLAN aware device say a laptop? 2) Port e5 carries a tagged vlan100 traffic and that vlan100 should be stripped by the customer equipment? Say a router or a managed switch?Which one of the above is true?I'll try to once again clarify my particular case:I'm not an ISP, I don't work for ISP, what I'm having is a home lab, where I'm trying to learn how stuff works.I have 2 routers (R1 and R2), a dell powerconnect 5524 switch and 2 Laptops.R1 and R2 are connected to the trunk ports of the switch. R1 and R2 run vlans 444 and 445 (inner tags) which are wrapped around vlan17 (outer tag). Routers can ping each other on vlans 444 and 445 already. I want to be able to assign 2 switchports in access mode to access vlans 444 and 445 and be able to connect laptops to them. Is that possible with my setup? If yes, would you mind guiding me on how to make switch understand that vlans 444 and 445 live 'inside' of vlan 17. Thanks in advance.RegardsTeymur

teymur88 · Answer

Hi there,I finally was able to figure it out myself. Posting my config here in case somebody else needs it. Basically the trick is to make a physical loop (ports 11 and 12) on the switch and disable spanning tree on of the interfaces in the loop so that STP doesn't block the port when it comes up. So port 11 strips the outer tag (vlan17), port 12 in trunk mode accepts only vlans 444-445 which were inside of vlan17 now stripped off, then ports 13 and 14 in access mode give clients access to vlans 444 and 445.dellsw# sh run int gigabitethernet1/0/11-14 interface gigabitethernet1/0/11 description QinQ-Loop spanning-tree portfast switchport mode customer switchport customer vlan 17 ! interface gigabitethernet1/0/12 description QinQ-Loop spanning-tree disable switchport mode trunk switchport trunk allowed vlan remove 1-443,446-4094 ! interface gigabitethernet1/0/13 description Subscriber-Port spanning-tree portfast switchport access vlan 444 ! interface gigabitethernet1/0/14 description Subscriber-Port spanning-tree portfast switchport access vlan 445 ! dellsw# Teymur

DELL-Erman O · Answer

Hi Teymur,

Glad to hear you figure it out and thanks for sharing your experience on the thread. This will very helpful in future for others.

And in the two questions, you asked before, I guess I can say this.

1) It should be the laptop access port. The laptop doesn't know anything about the VLANs and should only be aware of the MAC address and IP address

2) Yes, before the packet arrives at the laptop, the switch strips the vlan100 information, and only the frame is sent back to the edge device

Networking General

Was this post helpful?