Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
452
Views
0
Helpful
1
Replies

Azure QnQ tunnel qustion

vyas.nilay
Level 1
Level 1

‎04-08-2021 05:12 PM

I have a connection to Microsoft Azure via Megaport.

 

Megaport asked me a question if my device i.e. 3850 is capable of QnQ tunneling and I know it is capable of QnQ tunneling. 

 

My inner vlan 901

Outer Vlan 999

 

Switch : 3850

it holds the L3 configuration for vlan 901 and BGP peering with Azure.

 

How do I configure L2 port where Megaport link terminates to make sure switch rip off the outer tag and allow the inner tag to routing engine so I can get the connection. 

 

Their supoprt team only provide the L3 configuration which is not supported on 3850.

 

Their L3 configuration is as bleow

interface GigabitEthernet<Interface_Number>.<Number>
encapsulation dot1Q <s-tag> seconddot1Q <c-tag>
ip address <IPv4_Address><Subnet_Mask>
 
Please Help,..
 Thank you,
Nilay Vyas.
Labels:
0 Helpful
1 Reply 1

mark.cronin
Level 2
Level 2

‎12-20-2022 09:15 PM

Nilay

I am not sure if this answers your question but for my current project I am looking to use Megaport for not only Azure Express route public and private connectivity which needs to have QinQ outer and inner tags but also other cloud connectivity which only need a single dot1q tag.

I am looking to use a Cisco ASR 1002X which is going to be decommsioned and needs a new purpose for the next couple of years.

I have done some tests with the following Cisco ASR configuration which takes an input from my Cisco ACI Palo Alto firewall on one interface and connects to Megaport on the other interface. The ASR adds tags, translates tag as needed.

Does this help ?   Do you see any issues?

ASR-TEST#show ver

Cisco IOS XE Software, Version 17.08.01a

Cisco IOS Software [Cupertino], ASR1000 Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 17.8.1a, RELEASE SOFTWARE (fc3)

!

interface GigabitEthernet0/0/1

description ##### FACING PALO-ALTO #########

no ip address

negotiation auto

service instance 10 ethernet

  encapsulation dot1q 2400

  bridge-domain 10

!

service instance 20 ethernet

  encapsulation dot1q 2402

  bridge-domain 20

!

service instance 30 ethernet

  encapsulation dot1q 50

  bridge-domain 30

!

service instance 40 ethernet

  encapsulation dot1q 2410

  rewrite ingress tag translate 1-to-1 dot1q 2409 symmetric

  bridge-domain 40

!

!

interface GigabitEthernet0/0/2

description ##### FACING MEGAPORT #########

no ip address

negotiation auto

service instance 10 ethernet

  encapsulation dot1q 40 second-dot1q 2400

  rewrite ingress tag pop 1 symmetric

  bridge-domain 10

!

service instance 20 ethernet

  encapsulation dot1q 40 second-dot1q 2402

  rewrite ingress tag pop 1 symmetric

  bridge-domain 20

!

service instance 30 ethernet

  encapsulation dot1q 50

  bridge-domain 30

!

service instance 40 ethernet

  encapsulation dot1q 40 second-dot1q 2409

  rewrite ingress tag pop 1 symmetric

  bridge-domain 40

!

!

 

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card