User's Manual
Table Of Contents
- 1. INTRODUCTION
- 2. INSTALLATION
- 3. SWITCH MANAGEMENT
- 4. WEB CONFIGURATION
- 4.1 Main Web Page
- 4.2 System
- 4.3 PoE Configuration
- 4.4 Basic Configuration
- 4.5 VLAN Configuration
- 4.6 QoS Configuration
- 4.7 ACL Configuration
- 4.8 Security
- 4.9 Advanced Features
- 4.10 Monitoring
- 5. COMMAND LINE INTERFACE
- 6. Command Line Mode
- 7. SWITCH OPERATION
- 8. Power over Ethernet Overview
- 9. TROUBLESHOOTING
- APPENDEX A: Networking Connection
- APPENDIX B: GLOSSARY
User’s Manual of FGSW-Series
96
4.5.9 Q-in-Q Index Config
This page is used for configuring the Managed PoE+ Switch Q-in-Q port VLAN function; the Q-in-Q port VLAN function
configuration page contains fields for managing ports that are part of Q-in-Q VLAN.
Understanding Nomenclature of the Switch
■ IEEE 802.1Q Tunneling (Q-in-Q)
IEEE 802.1Q Tunneling (Q-in-Q) is designed for service providers carrying traffic for multiple customers across their networks.
Q-in-Q tunneling is used to maintain customer-specific VLAN and Layer 2 protocol configurations even when different
customers use the same internal VLAN IDs. This is accomplished by inserting Service Provider VLAN (SPVLAN) tags into the
customer’s frames when they enter the service provider’s network, and then stripping the tags when the frames leave the
network.
A service provider’s customers may have specific requirements for their internal VLAN IDs and number of VLANs supported.
VLAN ranges required by different customers in the same service-provider network might easily overlap, and traffic passing
through the infrastructure might be mixed. Assigning a unique range of VLAN IDs to each customer would restrict customer
configurations, require intensive processing of VLAN mapping tables, and could easily exceed the maximum VLAN limit of
4096.
The Managed PoE+ Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge,
aggregating traffic from numerous independent customer LANs into the MAN (Metro Access Network) space. One of the
purposes of the provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used
independent of the customers’ VLANs. This is accomplished by adding a VLAN tag with a MAN-related VID for frames entering
the MAN. When leaving the MAN, the tag is stripped and the original VLAN tag with the customer-related VID is again available.
This provides a tunneling mechanism to connect remote costumer VLANs through a common MAN space without interfering
with the VLAN tags. All tags use EtherType 0x8100 or 0x88A8, where 0x8100 is used for customer tags and 0x88A8 are used
for service provider tags.
In cases where a given service VLAN only has two member ports on the switch, the learning can be disabled for the particular
VLAN and can therefore rely on flooding as the forwarding mechanism between the two ports. This way, the MAC table
requirements is reduced.