< Home

QinQ Fundamentals

QinQ adds an additional 802.1Q VLAN tag to an 802.1Q-tagged packet to expand VLAN space. The switch forwards packets over a public network according to the outer VLAN tag carried in the packets, and learns MAC addresses from the outer VLAN tag. The private VLAN tag in the packets is forwarded as payload of the packets.

Figure 1 Typical QinQ application

As shown in Figure 1, customer network A is divided into private VLANs 1 to 10, and customer network B is divided into private VLANs 1 to 20. The carrier allocates public VLANs 3 and 4 to customer networks A and B respectively. When tagged packets from customer networks A and B arrive at the carrier network, the packets are tagged with outer VLANs 3 and 4. Therefore, the packets from different customer networks are separated on the carrier network, even though the customer networks use overlapping VLAN ranges. After traversing the carrier network, packets at the receiving PE are stripped of their public VLAN tags and then forwarded to the CE device of the respective customer network.

QinQ Packet Encapsulation Format

A QinQ packet has a fixed format, in which an 802.1Q tag is added outside the existing 802.1Q tag of the packet. A QinQ packet has 4 more bytes than an 802.1Q packet.

The maximum frame length allowed by each interface on a carrier network should be at least 1504 bytes to accommodate the additional length of QinQ packets. By default, the frame length allowed on the switch is larger than 1504 bytes and so does not require modification. For details about how to configure the allowed frame length, see Setting the Jumbo Frame Length Allowed on an Interface in "Ethernet Interface Configuration" in the S2720, S5700, and S6700 V200R019C10 Configuration Guide - Interface Management.

Figure 2 802.1Q encapsulation

QinQ Implementation

QinQ can be implemented in either of the following ways:

  1. Basic QinQ
    Basic QinQ is implemented based on interfaces. After basic QinQ is configured on an interface, the switch adds the default VLAN tag of this interface to all packets regardless of whether they carry VLAN tags.
    • Upon receipt of a single-tagged packet, the switch adds the receiving interface's default VLAN tag to the packet, creating a double-tagged packet.
    • Upon receipt of an untagged packet, the switch adds the receiving interface's default VLAN tag to the packet, creating a single-tagged packet.
  2. Selective QinQ
    Selective QinQ is implemented based on interfaces and VLAN IDs. That is, an interface can forward packets according to a single VLAN tag or double VLAN tags. Upon receipt of packets on an interface, the switch processes them as follows depending on their VLAN IDs:
    • Adds different outer VLAN tags to packets carrying different inner VLAN IDs.
    • Marks outer 802.1p fields and adds different outer VLAN tags to packets according to the 802.1p fields in inner VLAN tags.

    In addition to separating carrier and customer networks, selective QinQ provides extensive service features and allows flexible networking.

QinQ Encapsulation

QinQ encapsulation changes a single-tagged packet into a double-tagged packet and is usually performed on underlayer provider edge (UPE) interfaces on metropolitan area networks (MANs) connected to customer networks.

Depending on the data encapsulated, QinQ encapsulation is applied as interface-based or flow-based QinQ encapsulation. Additionally, QinQ encapsulation can be performed on routed sub-interfaces.

  • Interface-based QinQ encapsulation

    This encapsulation mode is also called QinQ tunneling. It encapsulates packets arriving at the same interface with the same outer VLAN tag, and therefore cannot distinguish users and services at the same time.

  • Flow-based QinQ encapsulation

    This encapsulation mode is also called selective QinQ. It classifies packets arriving at an interface into different flows, and then determines whether to add outer VLAN tags and which outer VLAN tags to add on a per-flow basis.

    Traffic can be classified based on VLAN ID ranges when different VLAN IDs are allocated to different services of the same user. For example, VLANs 101 to 200 are allocated for PC users accessing the Internet, VLANs 201 to 300 for IPTV users, and VLANs 301 to 400 for VIP users. When receiving service data, the UPE adds outer tag 100 to packets from PC users, outer tag 300 to packets from IPTV users, and outer tag 500 to packets from VIP users.

  • QinQ encapsulation on routed sub-interfaces

    QinQ encapsulation can be performed on both Layer 2 interfaces and routed sub-interfaces.

    When service data is transparently transmitted over an MPLS/IP core network using PWE3/VLL/VPLS, a routed sub-interface on a network-end provider edge (NPE) adds an outer VLAN tag to a packet based on the user VLAN ID. The packet is then transmitted on the PWE3/VLL/VPLS network using the outer VLAN tag. Packets from multiple user VLANs can be transparently transmitted through a sub-interface, which is called a QinQ stacking sub-interface.

    QinQ encapsulation on routed sub-interfaces is also a form of flow-based QinQ encapsulation. A QinQ stacking sub-interface must be used with the L2VPN service (PWE3/VLL/VPLS); it cannot be used for Layer 3 forwarding.

Parent Topic: Understanding QinQ
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >