Adding VMANs to an Existing VLAN network

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
We're running a network with a good deal of switches, we're L2/L3 pretty much all over the place, using basic vlans. But now we need to provide service to another provider and we're trying to figure out how to make it work, i've probably read through the vman docs 4-5 times but still keep getting lost maybe its the abreviations not sticking or something but i just keep getting lost.

We have 

Sites - Other Sites - Core via L2 vlans currently some sites have customers hooked up on the switches on untagged vlan ports, from site to site we're always tagging...

So now what we want to do is be able to dump a give a port on our core to the other provider, and a port at each of our sites, that way we only have to truck 1 vman/vlan across our network of 60+ switches instead of lugging hundreds of their vlans across 1 at a time which will be a logistical nightmare.

Can we do this easily if so how, to operate vlan and vman on same network of switches and transit these vlans between our sites+core to their hardware+core transparently to us.
Photo of Chris

Chris

  • 492 Points 250 badge 2x thumb
  • Confused

Posted 3 years ago

  • 0
  • 1
Photo of EtherMAN

EtherMAN, Embassador

  • 6,960 Points 5k badge 2x thumb
Need to have current switches and images that support vman's and vlans on same trunked interfaces so you can treat vmans and vlans the same.  Need to change vman ethertype to 0x8100 on any switches before you create a vman on it.  This ethertype seems to be more universal than the default Extreme uses of 0x88a8.  This is very important as if you change the either type on a switch that has an active vman created using another ethertype other than 0x8100 you will have major link problems on the interfaces that the vman is on.  Make sure jumbo is enabled on all ports that you will have a vman provisioned on.  Untag your vman toward your carrier on both sides and tag it across your network.  Easy as can be... Be very careful in verifying whither your switches can do vmans and vlans on same port if you are planning on combining vmans on you current transport ports... Good luck 
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,284 Points 10k badge 2x thumb
Hi,

just to clarify this sentence:

"Need to change vman ethertype to 0x8100 on any switches before you create a vman on it.  This ethertype seems to be more universal than the default Extreme uses of 0x88a8. "

0x8100 is the ethertype for 802.1Q VLAN.
0x88a8 is the ethertype for 802.1ad Provider Bridge (aka VMAN, aka Q-in-Q)

These are IEEE standards.
Changing the 802.1ad ethertype to 0x8100 is a trick to transport a VMAN across switches not aware of this standard encapsulation. Extreme EXOS allows you to do it, fortunately.
Photo of Chris

Chris

  • 492 Points 250 badge 2x thumb

We don't have any existing vmans so that's no issue with changing ethertypes

So enable jumbo, set the ethertype to 8100 (same as vlan I think)

then the vman and vlan id's will share the same numbering so if I have free vlan #100 I can use vman #100 tag the vman and vlans on the trunked ports

untag it on the port going to their equipment, and on their side it just looks like a bunch of clean vlans?

any risk I should worry about doing this on a live network, dont wanna crash out traffic or something

also how will this tie into our core which is mlag'd follow same process, and treat it like a normal vlan over the ISC?

Photo of andreas

andreas

  • 1,218 Points 1k badge 2x thumb
No risk in doing that at all. We have been doing it for at least 8 years. And you can do it in production.

Vmans and vlans is treated the same way over ISC if you are selling that function.
Photo of EtherMAN

EtherMAN, Embassador

  • 6,960 Points 5k badge 2x thumb
one more thing you said needs to be addressed ... No you can not have a vlan and a vman with tag id 100.. all tag id's must be unique in each switch for each vman or vlan.  For a bit of insight on why we run 0x8100 first is it seems to be the common ethertype for QnQ services for most carriers who are running carrier Ethernet services and if you ever need to have an NNI and hand off tagged Vmans to another vendor that is not Extreme then odds are they will request the 0x8100 as the ethertype.  Any way your network your decision and in the end it is you skin on the hook not ours :) ... Read up in the concepts guide ... drop this into your lab if you can..... and good luck on your endeavors  
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,284 Points 10k badge 2x thumb
Hi EtherMAN, this is really odd that you see Ethernet carriers using 0x8100 as the ethertype. This is not the IEEE standard. At the time Extreme introduced VMAN, and no standard existed, yes, several ethertype were around (0x9100 for Extreme if I remember correctly). Then IEEE made it a standard, and every vendor is using 0x88a8 for years.

You can have a VMAN and a VLAN with a similar ID, btw. The purpose of VMAN is to scale and become transparent to customers' VLAN configuration.
Photo of Chris

Chris

  • 492 Points 250 badge 2x thumb
Wait so technically, all we need to do if we're 100% extreme, and we're untagging the traffic to return it to standard vlans on the way out to the customer network, is leave it at 88a8? so basically all i'm doing is enabling jumbo frames, and typing "enable/config vman" instead of enable/config vlan" for this qinq vman? Seems ... too simple lol

crap just saw in the 15.3 manual that with x450's with PNP+tagged on same port i have to use 0x8100, from x450-x450 if i'm reading it right.

BTW best recommendation for figuring out of our switch types + version of fw supports vman+vlan on same ports?

Now just got to figure if my various wireless radios, have anywhere i need to enable jumbo support, or if its on by default for the backhauls :)
(Edited)
Photo of EtherMAN

EtherMAN, Embassador

  • 6,960 Points 5k badge 2x thumb
Stephane can't say everyone uses 0x8100 but I have 5 carriers where we have a ten gig NNI established and 4 of the 5 requested 0x8100... The one exception has 2 NNI's and we map specific cvids to our svids when we bundle the services over an NNI.  I like Chris have a few older switches that in order to do vlans and vmans on the same common trunk link you have to use 0x8100.  I have tested triple tags and am doing one triple tag service using 0x8100 I am not sure if we were using 88a8 triple tagging would work.  None of the switches support reusing one tag id for vlans and vmans... If you want to discuss this further look me up and call or email direct... I sure don't want to confuse Chris.  Chris just out of curiosity take time to ask the other carrier you are doing business with if they have a preferred ethertype for their QnQ service if they ever wanted to hand you a tagged vman....   Still good luck with your efforts... 
Photo of Chris

Chris

  • 492 Points 250 badge 2x thumb
Quick question, if we're passing off the vman to them via our core switches which are a MLAG group...

Do i need to run spanning tree or something on the untagged port facing them that's delivering all the vlans?  to prevent a loop between our MLAG1 and MLAG2 and their 2 switches, that they run stpd on? I know stp works via vlan, not vman so ... sorta lost, do i just not add the vman to the ISC port and send it to their port on each unit untagged
Photo of Chris

Chris

  • 492 Points 250 badge 2x thumb

Anyone around :)