C H A P T E R 18

Configuring Layer 2 Protocol Tunneling

This chapter describes how to configure Layer 2 protocol tunneling on the Catalyst 6500 series switches.

Note • For complete syntax and usage information for the commands used in this chapter, refer to the Cisco
IOS Master Command List, Release 12.2SX at this URL:
http://www.cisco.com/en/US/docs/ios/mcl/122sxmcl/12_2sx_mcl_book.html
• The WS-X6548-GE-TX, WS-X6548V-GE-TX, WS-X6148-GE-TX, and WS-X6148V-GE-TX
switching modules do not support Layer 2 protocol tunneling.

This chapter consists of these sections:

• Understanding How Layer 2 Protocol Tunneling Works, page 18-1
• Configuring Support for Layer 2 Protocol Tunneling, page 18-2

Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples
and troubleshooting information), see the documents listed on this page:
http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html

Understanding How Layer 2 Protocol Tunneling Works

Layer 2 protocol tunneling allows Layer 2 protocol data units (PDUs) (CDP, STP, and VTP) to be
tunneled through a network. This section uses the following terminology:
• Edge switch—The switch connected to the customer switch and placed on the boundary of the
service provider network (see Figure 18-1).
• Layer 2 protocol tunnel port—A port on the edge switch on which a specific tunneled protocol can
be encapsulated or deencapsulated. The Layer 2 protocol tunnel port is configured through CLI
commands.
• Tunneled PDU—A CDP, STP, or VTP PDU.
Without Layer 2 protocol tunneling, tunnel ports drop STP and VTP packets and process CDP packets. This
handling of the PDUs creates different spanning tree domains (different spanning tree roots) for the
customer switches. For example, STP for a VLAN on switch 1 (see Figure 18-1) builds a spanning tree

Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF
OL-3999-08 18-1
 Chapter 18 Configuring Layer 2 Protocol Tunneling
Configuring Support for Layer 2 Protocol Tunneling

topology on switches 1, 2, and 3 without considering convergence parameters based on switches 4 and 5. To
provide a single spanning tree domain for the customer, a generic scheme to tunnel BPDUs was created
for control protocol PDUs (CDP, STP, and VTP). This process is referred to as Generic Bridge PDU
Tunneling (GBPT).

Figure 18-1 Layer 2 Protocol Tunneling Network Configuration

Customer switches Customer switches

Switch 1 Switch 4
Service provider
network

Edge
Switch 2 Switch A
switches Switch B

77066
Switch 3 Switch 5

GBPT provides a scalable approach to PDU tunneling by software encapsulating the PDUs in the ingress
edge switches and then multicasting them in hardware. All switches inside the service provider network
treat these encapsulated frames as data packets and forward them to the other end. The egress edge
switch listens for these special encapsulated frames and deencapsulates them; they are then forwarded
out of the tunnel.
The encapsulation involves rewriting the destination media access control (MAC) address in the PDU.
An ingress edge switch rewrites the destination MAC address of the PDUs received on a Layer 2 tunnel
port with the Cisco proprietary multicast address (01-00-0c-cd-cd-d0). The PDU is then flooded to the
native VLAN of the Layer 2 tunnel port. If you enable Layer 2 protocol tunneling on a port, PDUs of an
enabled protocol are not sent out. If you disable Layer 2 protocol tunneling on a port, the disabled
protocols function the same way they were functioning before Layer 2 protocol tunneling was disabled
on the port.

Configuring Support for Layer 2 Protocol Tunneling

Note • Encapsulated PDUs received by an 802.1Q tunnel port are transmitted from other tunnel ports in the
same VLAN on the switch.
• Configure jumbo frame support on Layer 2 protocol tunneling ports:
– See the “Configuring Jumbo Frame Support” section on page 9-10.
– Take note of the modules listed in the “Configuring Jumbo Frame Support” section that do not
support jumbo frames.

Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF
18-2 OL-3999-08
 Chapter 18 Configuring Layer 2 Protocol Tunneling
Configuring Support for Layer 2 Protocol Tunneling

To configure Layer 2 protocol tunneling on a port, perform this task:

Command Purpose
Step 1 Router(config)# interface type1 slot/port Selects the LAN port to configure.
Step 2 Router(config-if)# switchport Configures the LAN port for Layer 2 switching:
• You must enter the switchport command once
without any keywords to configure the LAN port as a
Layer 2 interface before you can enter additional
switchport commands with keywords.
• Required only if you have not entered the switchport
command already for the interface.
Step 3 Router(config-if)# l2protocol-tunnel Configures the Layer 2 port as a Layer 2 protocol tunnel
[cdp|drop-threshold port for the protocols specified.
[packets|shutdown-threshold [packets]|stp|vtp]
Router(config-if)# no l2protocol-tunnel [cdp| Clears the configuration.
drop-threshold|shutdown-threshold|stp|vtp]
Step 4 Router(config)# end Exits configuration mode.
Step 5 Router# show l2protocol-tunnel [interface Verifies the configuration.
type1 slot/port|summary]
1. type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet

When you configure a Layer 2 port as a Layer 2 protocol tunnel port, note the following information:
• Optionally, you may specify a drop threshold for the port. The drop threshold value, from 1 to 4096,
determines the number of packets to be processed for that protocol on that interface in one second.
When the drop threshold is exceeded, PDUs for the specified protocol are dropped for the remainder
of the 1-second period. If a shutdown threshold is not specified, the value is 0 (shutdown threshold
disabled).
• Optionally, you may specify a shutdown threshold for the port. The shutdown threshold value, from
1 to 4096, determines the number of packets to be processed for that protocol on that interface in
one second. When the shutdown threshold is exceeded, the port is put in errdisable state. If a
shutdown threshold is not specified, the value is 0 (shutdown threshold disabled).

Note Refer to the Cisco IOS Master Command List, Release 12.2SX for more information about the l2ptguard
keyword for the following commands:
• errdisable detect cause
• errdisable recovery cause

This example shows how to configure Layer 2 protocol tunneling and shutdown thresholds on port 5/1
for CDP, STP, and VTP, and verify the configuration:
Router# configure terminal
Router(config)# interface fastethernet 5/1
Router(config-if)# switchport
Router(config-if)# l2protocol-tunnel shutdown-threshold cdp 10
Router(config-if)# l2protocol-tunnel shutdown-threshold stp 10
Router(config-if)# l2protocol-tunnel shutdown-threshold vtp 10
Router(config-if)# end

Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF
OL-3999-08 18-3
 Chapter 18 Configuring Layer 2 Protocol Tunneling
Configuring Support for Layer 2 Protocol Tunneling

Router# show l2protocol-tunnel summary

Port Protocol Threshold
(cos/cdp/stp/vtp)
----------------------------------------
Fa5/1 cdp stp vtp 0/10 /10 /10 down trunk
Router#

This example shows how to display counter information for port 5/1:
Router# show l2protocol-tunnel interface fastethernet 5/1
Port Protocol Threshold Counters
(cos/cdp/stp/vtp) (cdp/stp/vtp/decap)
--------------------------------------------------------------
Router#

This example shows how to clear the Layer 2 protocol tunneling configuration from port 5/1:
Router(config-if)# no l2protocol-tunnel shutdown-threshold cdp 10
Router(config-if)# no l2protocol-tunnel shutdown-threshold stp 10
Router(config-if)# no l2protocol-tunnel shutdown-threshold vtp 10
Router(config-if)# no l2protocol-tunnel cdp
Router(config-if)# no l2protocol-tunnel stp
Router(config-if)# no l2protocol-tunnel vtp
Router(config-if)# end
Router# show l2protocol-tunnel summary
Port Protocol Threshold
(cos/cdp/stp/vtp)
----------------------------------------
Router#

This example shows how to clear Layer 2 protocol tunneling port counters:
Router# clear l2protocol-tunnel counters
Router#

Tip For additional information about Cisco Catalyst 6500 Series Switches (including configuration examples
and troubleshooting information), see the documents listed on this page:
http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html

Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide, Release 12.2SXF
18-4 OL-3999-08