QinQ headache

User avatar
rebelwireless
Experienced Member
 
Posts: 607
Joined: Mon Sep 01, 2014 1:46 pm
Has thanked: 31 times
Been thanked: 136 times

QinQ headache

Mon Oct 08, 2018 9:26 pm

I'm trying to setup router on a stick with a ws-12-150-ac on 1.5 and need QinQ. Thought this would be simple.

What I'm doing that isn't working

port 1 is trunk, management vlan is 1.

vlan15 needs to come out port 12 untagged but allow QinQ inner tags.

I added vlan15
set port 1 to vlan1=U, vlan15=T
set port 12 to vlan15=Q

this doesn't work. It doesn't even let the outer tag through.

If I set port 1 to vlan1=U,valn15=T and port 12 to vlan15=U, this works fine but no QinQ.


What am I doing wrong here?

User avatar
rebelwireless
Experienced Member
 
Posts: 607
Joined: Mon Sep 01, 2014 1:46 pm
Has thanked: 31 times
Been thanked: 136 times

Re: QinQ headache

Mon Oct 08, 2018 9:55 pm

I need to clarify a bit.

I want untagged traffic coming in port 12 to be tagged going out port 1 as vlan 15 which works with port1 vlan15=T and port12 vlan15=U. But I also want any tags that come in port 12 to be encapsulated QinQ so they come out port 1 as an outer vlan15 and inner vlan 77 for example.

User avatar
mike99
Associate
Associate
 
Posts: 603
Joined: Tue Nov 25, 2014 10:53 am
Location: Quebec, Canada
Has thanked: 84 times
Been thanked: 191 times

Re: QinQ headache

Tue Oct 09, 2018 8:21 pm

Netonix currently only support any to 1on UNI port. That mean that all vlan are encasulated in a single outer tag without control on inner tag so private line only.

User avatar
rebelwireless
Experienced Member
 
Posts: 607
Joined: Mon Sep 01, 2014 1:46 pm
Has thanked: 31 times
Been thanked: 136 times

Re: QinQ headache

Sun Oct 14, 2018 3:25 pm

@mike99, unclear what you're saying.


I just want to do router-on-a-stick with the netonix having the access ports as U and a trunk port with that vlan as T

then, if I want to pass a different VLAN across that it would just be transparent.

ie,

switch port 5 is U on vlan 5, MTU ~1530
switch port 1 is T on vlan 5, MTU ~1530
router port 1 to switch port 1
so, router on a stick is that router-p1v5 is switch-p5

then, on the router I add v20 under v5:
router port1v5v20 passes through and pops out switch port5 as a tagged v20 and the switch simply doesn't care.


I don't want to have to configure switch port 5 U vlan 5 AND port 5 T vlan 20 plus port 1 T vlan 20.

clear as mud?

User avatar
rebelwireless
Experienced Member
 
Posts: 607
Joined: Mon Sep 01, 2014 1:46 pm
Has thanked: 31 times
Been thanked: 136 times

Re: QinQ headache

Sun Oct 14, 2018 6:46 pm

Ok, I'm not sure *why* this works and I'd love to.



ok, so if I put a 'D' in the port I want to have a native vlan on AND encapsulate other vlans it works.

trunk is U on vlan1, T on the port-vlan.
port is set to D

If I do this, I can stack vlans on this interface at least 4 deep.

Why is 'D' aka 'dual' the solution here? Why isn't Q the appropriate option? I'm litterally doing QinQ on the mikrotiks.

User avatar
mike99
Associate
Associate
 
Posts: 603
Joined: Tue Nov 25, 2014 10:53 am
Location: Quebec, Canada
Has thanked: 84 times
Been thanked: 191 times

Re: QinQ headache

Sun Oct 14, 2018 8:53 pm

D is same (or suppose to be the same) as QinQ but with a TPID 9100 instead of 88A8.

It's simply not suppose to work. Netonix only officialy support all innver vlan encapsuled to a single outer vlan, any to 1 EVC if using MEF language.

User avatar
rebelwireless
Experienced Member
 
Posts: 607
Joined: Mon Sep 01, 2014 1:46 pm
Has thanked: 31 times
Been thanked: 136 times

Re: QinQ headache

Mon Oct 15, 2018 11:29 am

"It's simply not suppose to work. Netonix only officialy support all innver vlan encapsuled to a single outer vlan, any to 1 EVC if using MEF language."

so where does that put me. For router on a stick and I supposed to use 'D' on the access ports and set the Trunk port to 'U'+'T' on the access vlans? Is this going to break in a firmware update?

User avatar
mike99
Associate
Associate
 
Posts: 603
Joined: Tue Nov 25, 2014 10:53 am
Location: Quebec, Canada
Has thanked: 84 times
Been thanked: 191 times

Re: QinQ headache

Tue Oct 16, 2018 8:18 am

From what I know, Q or D are for layer 2 VPN option between 2 sites. I never saw an officiial explaination from Eric about this feature.

The possibility to use both T and Q or D on same port break the 1:any logic so we can probably do more complex config but this feature probably have few testing. I think T have precedence over Q or D and those VID will be exclude from dual encapsulation. If so, why untag frame ? Why not use only tagged vlan for your router on a stick ?

User avatar
rebelwireless
Experienced Member
 
Posts: 607
Joined: Mon Sep 01, 2014 1:46 pm
Has thanked: 31 times
Been thanked: 136 times

Re: QinQ headache

Tue Oct 16, 2018 10:14 am

Because I don’t want to be configuring vlans on radio interfaces.

User avatar
mike99
Associate
Associate
 
Posts: 603
Joined: Tue Nov 25, 2014 10:53 am
Location: Quebec, Canada
Has thanked: 84 times
Been thanked: 191 times

Re: QinQ headache

Wed Oct 17, 2018 10:16 pm

Some router support encapsulation type Q-in-Q. If the router already encapsulate the vlan, no need to configure the inner VLAN. You could just T 5 on port 1 and Q 5 on port 5.

Router:
subinterface 1: outer vid 5 inner untag
subinterface 2: outer vid 5 inner vid 20
Netonix
port facing router: T5
port facing radio: Q5

Next
Return to General Discussion

Who is online

Users browsing this forum: No registered users and 12 guests