前言:
当前兄弟们对“description 交换机”大约比较重视,朋友们都需要剖析一些“description 交换机”的相关资讯。那么小编在网上收集了一些有关“description 交换机””的相关内容,希望同学们能喜欢,你们快快来了解一下吧!QinQ技术出现的原因
我们都知道VLAN资源最大支持4096个(VLAN(802.1Q)标签在以太网帧中占4个字节,只有12bit用于VLAN ID)。作为运营商网络,VLAN资源已经远远不够用了,解决方案是进行QinQ配置,进一步扩充VLAN资源(扩充至4096*4096),有效缓解VLAN ID资源紧张的问题。
QinQ(802.1Q in 802.1Q)
QinQ技术是一种基于802.1q封装的二层隧道协议,它将用户私网VLAN(CVLAN)标签封装在公网VLAN(SVLAN)标签中,从而为用户提供二层VPN隧道。
华为的QinQ配置:
拓扑如下:
华为S5720 QinQ配置
//华为S5720交换机QinQ配置//(聚合组里配置,将该端口上来的vlan 1001到2999数据包打上外层标签3838;vlan101 to 700及3101 to 3500的内层标签加上外层标签3932)interface Eth-Trunk10 description To sw-name x.x.x.x Bri1 port link-type hybrid qinq vlan-translation enable port hybrid tagged vlan 2 to 500 3599 //其他不需要做QinQ的打tag进行vlan透传 port hybrid untagged vlan 3851 3932 //下行剥去外层标签 port vlan-stacking vlan 1001 to 2999 stack-vlan 3838 //内层标签1001 to 2999,外层标签3838 port vlan-stacking vlan 101 to 700 stack-vlan 3932 //内层标签101 to 700,外层标签3932 port vlan-stacking vlan 3101 to 3500 stack-vlan 3932需要注意:华为S5720 接口trunk模式无法配置vlan-stacking,只有hybrid接口模式才可以配置。华三交换机QinQ配置
vlan-mapping方式做QinQ:interface Bridge-Aggregation23 description To xxxx port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 3 44 72 118 152 176 247 316 to 317 320 to 321 325 tagged //透传内层及外层VLAN port hybrid vlan 328 347 352 354 359 445 527 532 to 537 539 563 tagged port hybrid vlan 574 583 to 584 637 to 638 641 643 to 644 656 662 898 901 998 to 999 tagged port hybrid vlan 1001 to 1003 1434 1444 3169 3197 3461 tagged port hybrid vlan 3828 3926 untagged //下行剥去外层VLAN vlan mapping nest range 1001 to 2999 nested-vlan 3828 //vlan 1001-2999的内层vlan,打上3838的外层vlan vlan mapping nest range 101 to 700 3101 to 3500 nested-vlan 3926 //同上PON设备QinQ配置(以华三76系列PON及瑞思康达5800E为例)
拓扑如下:
1、华三S76系列PON QinQ的配置如下(通过QOS策略的方式进行):
//华三S76系列PON配置QinQ,通过QOS策略的方式如下://display current-configuration interface Onu1/0/1:1interface Onu1/0/1:1 description x.x.x.x bind onuid xxxx.xxxx.xxxx upstream-sla maximum-bandwidth 3200 uni 1 port-isolate uni 1 vlan-mode translation pvid 2701 963 to 701 //业务A pvid内层vlan2701 ,业务B:将vlan963转为701,内层pvid 701 uni 2 port-isolate uni 2 vlan-mode translation pvid 2701 963 to 701 uni 3 port-isolate uni 3 vlan-mode translation pvid 2701 963 to 701 uni 4 port-isolate uni 4 vlan-mode translation pvid 2701 963 to 701 port link-type trunk//display current-configuration interface Olt 1/0/1interface Olt1/0/1 description XXXX using onu 1 to 32 port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 963 970 to 976 tagged //不做QinQ的VLAN直接透传 port hybrid vlan 801 955 untagged //外层VLAN untag也即下行得剥离外层标签 port hybrid pvid vlan 801 broadcast-suppression pps 1000 qinq enable //使能qinq qinq transparent-vlan 963 970 to 976 //不做QinQ的VLAN qos apply policy QINQ inbound //olt接口入方向应用qos QINQ策略 port-isolate enable //OLT口隔离//display current-configuration configuration qospolicy qos policy QINQ classifier CVLAN behavior SVLAN //对应的流匹配对应的行为 classifier HD_CVLAN behavior IPTV_SVLAN//display current-configuration configuration classifier traffic classifier CVLAN operator or //配置数据流,vlan是2000 to 4000的数据流 if-match customer-vlan-id 2000 to 4000 traffic classifier HD_CVLAN operator or //配置数据流,vlan是xx(如下vlan-id)的数据流 if-match customer-vlan-id 100 to 962 if-match customer-vlan-id 964 to 969 if-match customer-vlan-id 977 to 1900//display current-configuration configuration behavior //配置行为traffic behavior SVLAN nest top-most vlan-id 801 //SVLAN 也即外层是801traffic behavior HD_SVLAN nest top-most vlan-id 955 //HD_SVLAN外层是955策略的作用是将onu上行至olt的数据包,若数据包vlan是2000-4000的,给打上外层标签801。//OLT再上层设备就只认外层VLAN(也即801),这样就隐藏了内层vlan,进而也同时缩小了广播域。//华三S76系列PON配置QinQ,通过vlan-mapping方式如下:interface Olt2/0/16 description 1528Z-DX port-isolate enable group 1 using onu 1 to 32 broadcast-suppression pps 1000 port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 8 tagged //内层vlan不需要tag透传 port hybrid vlan 3816 3902 untagged vlan mapping nest single 217 nested-vlan 3816 #特意挑出来做了qinq,因为是vpn业务。。 vlan mapping nest range 1001 to 2999 nested-vlan 3816 vlan mapping nest range 101 to 700 3101 to 3500 nested-vlan 3902
2、瑞思康达5800E系列PON的QinQ配置如下:
HZPON-5800E#show running-config onu 3/2/1 //有vlan translation-rule 2 都是混合业务 做QINQinterface onu 3/2/1sla pir 204800uni ethernet 1vlan mode translationnative vlan 1001 //拨号做QINQ,点播机顶盒接数专的混合模式!vlan translation-rule 2quituni ethernet 2vlan mode translationnative vlan 1001vlan translation-rule 2quituni ethernet 3vlan mode translationnative vlan 1001vlan translation-rule 2quit uni ethernet 4vlan mode translationnative vlan 1001vlan translation-rule 2HZGYX-A-PersonalPON-5800E-02#show running-config interface port 10System current configuration in port mode:interface port 10 switchport trunk allowed vlan 804,963,970-976 //trunk(tag)模式的,点播接数专!!!特别注意!!!switchport trunk untagged vlan remove 1 switchport trunk untagged vlan add 804switchport mode trunkswitchport protect switchport vlan-mapping acl 3 add-outer 804 HZGYX-A-PersonalPON-5800E-02#HZGYX-A-PersonalPON-5800E-02#show running-config fttx FTTX current configuration:!ROAP Version ISCOM5800E-SMCB_1.44.6_20160701 !command in fttx_modevlan translation-rule 1 old 963 0 new 963 0 //vlan 转换,963转为963 & 970-976 8个vlanvlan translation-rule 2 old 963 0 new 970 0vlan translation-rule 3 old 963 0 new 971 0vlan translation-rule 4 old 963 0 new 972 0vlan translation-rule 5 old 963 0 new 973 0vlan translation-rule 6 old 963 0 new 974 0vlan translation-rule 7 old 963 0 new 975 0vlan translation-rule 8 old 963 0 new 976 0换了:HZGYX-A-PersonalPON-5800E-02#show running-config interface port 10interface port 10 description 2427E-CCswitchport trunk allowed vlan 804,956,963,970-976switchport trunk untagged vlan remove 1 switchport trunk untagged vlan add 804,956 //804是拨号的外层vlan,956是点播的外层vlan switchport mode trunkswitchport protect switchport vlan-mapping ingress outer 2100-3700 add-outer 956 //内层是2000以上就走的SRswitchport vlan-mapping ingress outer 100-960,990-1700 add-outer 8041F-HZGYX-A-PersonalPON-5800E-02#show running-config fttx FTTX current configuration:!ROAP Version ISCOM5800E-SMCB_1.44.6_20160701 !command in fttx_modevlan translation-rule 1 old 963 0 new 963 0vlan translation-rule 2 old 963 0 new 970 0vlan translation-rule 3 old 963 0 new 971 0vlan translation-rule 4 old 963 0 new 972 0vlan translation-rule 5 old 963 0 new 973 0vlan translation-rule 6 old 963 0 new 974 0vlan translation-rule 7 old 963 0 new 975 0vlan translation-rule 8 old 963 0 new 976 0vlan translation-rule 101 old 963 0 new 2101 0 //前面是拨号的内层vlan,后面是点播的转换的内层vlan-yes 同时做了VLAN转换。vlan translation-rule 102 old 963 0 new 2102 0vlan translation-rule 103 old 963 0 new 2103 0vlan translation-rule 104 old 963 0 new 2104 0vlan translation-rule 105 old 963 0 new 2105 0vlan translation-rule 106 old 963 0 new 2106 0........vlan translation-rule 1001 old 963 0 new 3001 0...... //点播接数专的配置:是否可以理解为--拨号1001QINQ转为804 ,点播是先963转为3001 然后3001QINQ转为956?? onu内层配置拨号都是1001??点播都是2101对的!!区别于:interface onu 1/4/2description jianguonanyuansla pir 204800uni ethernet 1vlan mode taggednative vlan 402quituni ethernet 2vlan mode taggednative vlan 2402 //这种就直接转为956 这种不接数专quituni ethernet 3vlan mode taggednative vlan 402quituni ethernet 4vlan mode taggednative vlan 402
故而:做了QinQ,上行只需要透传外层VLAN(内层VLAN被隐藏 ),配置简单,在不适用VxLAN的情况下进一步扩充了VLAN资源,缓解了VLAN资源不足的现状。
最后附上一张总图:(以VPN业务做QinQ为例)
画的够简单明了哈
对网络技术或者Python开发感兴趣的可加下关注,本人会不定期发布相关技术文章。
版权声明:
本站文章均来自互联网搜集,如有侵犯您的权益,请联系我们删除,谢谢。
标签: #description 交换机
