Table of Contents

Chapter 1 BPDU Tunneling Configuration. 1-1

1.1 Introduction to BPDU Tunneling. 1-1

1.1.1 Why BPDU Tunneling. 1-1

1.1.2 How BPDU Tunneling Works. 1-1

1.2 Configuring BPDU Isolation. 1-3

1.3 Configuring BPDU Transparent Transmission. 1-3

1.4 BPDU Tunneling Configuration Example. 1-4

 

Chapter 1  BPDU Tunneling Configuration

1.1  Introduction to BPDU Tunneling

1.1.1  Why BPDU Tunneling

To avoid loops in your network, you can enable the spanning tree protocol (STP) on your device. However, STP gets aware of the topological structure of a network by means of bridge protocol data units (BPDUs) exchanged between different devices and the BPDUs are Layer 2 multicast packets, which can be received and processed by all STP-enabled devices on the network. This prevents each network from correctly calculating its spanning tree. As a result, when redundant links exist in a network, data loops will unavoidably occur.

By allowing each network has its own spanning tree while running STP, BPDU tunneling can resolve this problem. It has the following functions:

l           It can isolate BPDUs of different customer networks, so that one network is not affected by others while calculating the topological structure.

l           It enables BPDUs of the same customer network to be multicast over specific VLAN VPNs in the service provider network, so that the same, geographically dispersed customer network can implement consistent spanning tree calculation across the service provider network.

 

 

1.1.2  How BPDU Tunneling Works

The BPDU tunneling works implements the following two functions:

l           BPDU isolation

l           BPDU transparent transmission

The work process of IGMP is as follows:

I. BPDU isolation

When a port receives BPDUs of other networks, the port will discard the BPDUs, so that they will not take part in spanning tree calculation. Refer to Configuring BPDU Isolation.

II. BPDU transparent transmission

As shown in Figure 1-1, the upper part is the service provider network, and the lower part represents the customer networks. The customer networks include network A and network B. Enabling the BPDU tunneling function on the edge devices across the service provider network allows BPDUs of the customer networks to be transparently transmitted in the service provider network, and allows each customer network to implement independent spanning tree calculation, without interfering each other. Refer to Configuring BPDU Transparent Transmission.

Figure 1-1 Network hierarchy of BPDU tunneling

The BPDU packet is processed in the service provider network as follows:

l           At the input side of the service provider network, the edge device changes the destination MAC address of a BPDU from a customer network from 0x0180-C200-0000 to a special multicast MAC address, 0x0100-0CCD-CDD0. In the service provider’s network, the modified BPDUs are forwarded as data packets in the user VLAN.

l           At the output side of the service provider network, the edge device recognizes the BPDU with the destination MAC address of 0x0100-0CCD-CDD0 and restores its original destination MAC address 0x0180-C200-0000. Then, the device removes the out-layer VLAN tag, and sends the BPDU to the destination customer network.

 

 

1.2  Configuring BPDU Isolation

Perform the following tasks to configure BPDU isolation:

To do...		Use the command...	Remarks
Enter system view		system-view	—
Enable BPDU tunneling globally		bpdu-tunnel dot1q enable	Optional Enabled by default The configured BPDU tunneling on a port cannot take effect unless BPDU tunneling is enabled globally.
Enter Ethernet interface view or port group view	Enter Ethernet interface view	interface interface-type interface-number	Use either command Configured in Ethernet interface view, the setting is effective on the current port only; configured in port group view, the setting is effective on all ports in the port group
	Enter port group view	port-group { manual port-group-name | aggregation agg-id }
Enable BPDU tunneling for the Ethernet port		bpdu-tunnel dot1q enable	Required Disabled by default

 

 

1.3  Configuring BPDU Transparent Transmission

Perform the following tasks to configure BPDU transparent transmission:

To do...		Use the command...	Remarks
Enter system view		system-view	—
Enable BPDU tunneling globally		bpdu-tunnel dot1q enable	Optional Enabled by default
Enter Ethernet interface view or port group view	Enter Ethernet interface view	interface interface-type interface-number	Use either command Configured in Ethernet interface view, the setting is effective on the current port only; configured in port group view, the setting is effective on all ports in the port group
	Enter port group view	port-group { manual port-group-name | aggregation agg-id }
Enable BPDU tunneling for the port		bpdu-tunnel dot1q enable	Required Disabled by default
Disable STP for the port		stp disable	Required
Enable STP BPDU tunneling for the port		bpdu-tunnel dot1q stp	Required Disabled by default

 

 

1.4  BPDU Tunneling Configuration Example

I. Network requirements

l           Customer A, Customer B, Customer C, and Customer D are customer network edge devices.

l           Provider A, Provider B, and Provider C are service provider network edge devices, which are interconnected through configured trunk ports.

The configuration is required to satisfy the following requirements:

l           Geographically dispersed customer networks Customer A, Customer C and Customer D can implement consistent spanning tree calculation across the service provider network.

l           BPDU packets are isolated for the customer network Customer B, so it does not take part in the spanning tree calculation.

II. Network diagram

Figure 1-2 Network diagram for BPDU tunneling configuration

III. Configuration procedure

1)         Configuration on Provider A

# Configure BPDU transparent transmission on Ethernet 1/1/1.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] quit

[Sysname] interface ethernet 1/1/1

[Sysname-Ethernet1/1/1] port access vlan 2

[Sysname-Ethernet1/1/1] stp disable

[Sysname-Ethernet1/1/1] bpdu-tunnel dot1q enable

[Sysname-Ethernet1/1/1] bpdu-tunnel dot1q stp

2)         Configuration on Provider B

# Configure BPDU isolation on Ethernet 1/1/2.

<Sysname> system-view

[Sysname] vlan 4

[Sysname-vlan4] quit

[Sysname] interface ethernet 1/1/2

[Sysname-Ethernet1/2] port access vlan 4

[Sysname-Ethernet1/1/2] undo ntdp enable

[Sysname-Ethernet1/1/2] bpdu-tunnel dot1q enable

3)         Configuration on Provider C

# Configure BPDU transparent transmission on Ethernet 1/1/3.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] quit

[Sysname] interface ethernet 1/1/3

[Sysname-Ethernet1/1/3] port access vlan 2

[Sysname-Ethernet1/1/3] stp disable

[Sysname-Ethernet1/1/3] bpdu-tunnel dot1q enable

[Sysname-Ethernet1/1/3] bpdu-tunnel dot1q stp

# Configure BPDU transparent transmission on Ethernet 1/4.

[Sysname-Ethernet1/1/3] quit

[Sysname] interface ethernet 1/1/4

[Sysname-Ethernet1/1/4] port access vlan 2

[Sysname-Ethernet1/1/4] stp disable

[Sysname-Ethernet1/1/4] undo ntdp enable

[Sysname-Ethernet1/1/4] bpdu-tunnel dot1q enable

[Sysname-Ethernet1/1/4] bpdu-tunnel dot1q stp