Switch User Manual
14-4
Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide—Release 12.1 E
78-14099-04
Chapter 14 Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling
802.1Q Tunneling Configuration Guidelines and Restrictions
802.1Q Tunneling Configuration Guidelines and Restrictions
Follow these guidelines and restrictions when configuring 802.1Q tunneling in your network:
Restrictions
 • Because tunnel traffic has the added ethertype and length field and retains the 802.1Q tag within the 
switch, the following restrictions exist:
 –
The Layer 3 packet within the Layer 2 frame cannot be identified in tunnel traffic.
 –
Layer 3 and higher parameters cannot be identified in tunnel traffic (for example, Layer 3 
destination and source addresses).
 –
Because the Layer 3 addresses cannot be identified within the packet, tunnel traffic cannot be 
routed.
 –
The switch can provide only MAC-layer filtering for tunnel traffic (VLAN IDs and source and 
destination MAC addresses).
 –
The switch can provide only MAC-layer access control and QoS for tunnel traffic.
 –
QoS cannot detect the received CoS value in the 802.1Q 2-byte Tag Control Information field.
 • Tunnel ports learn customer MAC addresses.
 • On an asymmetrical link, the Cisco Discovery Protocol (CDP) reports a native VLAN mismatch if 
the VLAN of the tunnel port does not match the native VLAN of the 802.1Q trunk. The 802.1Q 
tunnel feature does not require that the VLANs match. Ignore the messages if your configuration 
requires nonmatching VLANs.
 • Asymmetrical links do not support the Dynamic Trunking Protocol (DTP), because only one port on 
the link is a trunk. Configure the 802.1Q trunk port on an asymmetrical link to trunk unconditionally.
 • Jumbo frames can be tunneled as long as the jumbo frame length combined with the 802.1Q tag does 
not exceed the maximum frame size.
 • The 802.1Q tunneling feature cannot be configured on ports configured to support private VLANs
 • VLAN Trunk Protocol (VTP) does not work between the following devices:
 –
Devices connected by an asymmetrical link
 –
Devices communicating through a tunnel
Note VTP works between tunneled devices if Layer 2 protocol tunneling is enabled. See the 
“Configuring Support for Layer 2 Protocol Tunneling” section on page 14-8 for 
configuration details.
Guidelines
 • Use asymmetrical links to put traffic into a tunnel or to remove traffic from a tunnel.
 • Configure tunnel ports only to form an asymmetrical link.
 • Dedicate one VLAN for each tunnel.
 • Assign only tunnel ports to VLANs used for tunneling.










