QinQ

QinQ

QinQ also known as VLAN stacking or double VLAN, is a technology defined by IEEE 802.1ad that enhances VLAN space by adding an extra 802.1Q tag to 802.1Q-tagged packets. It is commonly used in carriers’ backbone networks.

QinQ allows packets with double VLAN tags to traverse a carrier’s backbone network (public network) by encapsulating the VLAN tag of a private network in the VLAN tag of a public network. This feature facilitates the expansion of VLAN space and enables precise user management.

IEEE 802.1Q is limited to identifying only 4096 VLANs due to its 12-bit VLAN ID field. To address this limitation and accommodate the growth of networks, IEEE 802.1ad (also known as QinQ) adds an additional VLAN tag to single-tagged 802.1Q packets, effectively expanding VLAN space to 4094 x 4094.

QinQ is not only used to expand VLAN space but also to enable refined service management. The inner and outer VLAN tags can differentiate packets based on users and services. For example, the inner tag can represent a user, and the outer tag can represent a service. Additionally, QinQ can facilitate simple VPNs because the inner tag of QinQ packets can be transparently transmitted over a carrier network.

In summary, QinQ is a technology that expands VLAN space and facilitates refined service management, making it useful for carriers and other network operators.

That’s correct. The outer VLAN tags are added to packets based on their service type to enable differentiated handling of traffic based on service requirements. This allows for more efficient use of network resources and better management of network traffic. The use of outer VLAN tags in this way is a common practice in enterprise networks to support multiple services over a single physical infrastructure.

A QinQ packet has a fixed format, in which a second 802.1Q tag is inserted in front of the first tag of the single-tagged 802.1Q packet. As such, a QinQ packet has 4 more bytes than a single-tagged 802.1Q packet. This additional 4-byte tag is used as the outer tag, that is, the public VLAN tag of a carrier network. The original 802.1Q tag is used as the inner tag, that is, the private VLAN tag

In selective QinQ, packets arriving at an interface are classified into different flows based on specific rules. The outer VLAN tags are then determined based on the packet type. Selective QinQ can classify packets in various ways:

1. Adding outer VLAN tags based on inner VLAN IDs In this method, the outer VLAN tag is added based on the inner VLAN ID of the packet. For example, packets with inner VLAN ID 101 to 200 can be added with outer tag VLAN ID 100, packets with inner VLAN ID 201 to 300 can be added with outer tag VLAN ID 200, and so on.
2. Adding outer VLAN tags based on 802.1p priorities in inner VLAN tags 802.1p is a protocol that defines the priority of traffic in a VLAN. In this method, the outer VLAN tag is added based on the 802.1p priority in the inner VLAN tag of the packet. For example, packets with inner VLAN ID 101 and 802.1p priority 1 can be added with outer tag VLAN ID 100 and 802.1p priority 1, packets with inner VLAN ID 101 and 802.1p priority 2 can be added with outer tag VLAN ID 100 and 802.1p priority 2, and so on.
3. Adding outer VLAN tags based on traffic policies In this method, traffic policies are used to classify packets based on their service type. The outer VLAN tag is then added based on the traffic policy. For example, packets with a specific source IP address, destination IP address, or application type can be classified and added with a specific outer VLAN tag. This method can be used to provide differentiated services based on the service type, such as prioritizing traffic from certain applications or users.

That is correct. Additionally, it’s worth noting that the PE devices are responsible for maintaining the mapping between the customer VLANs and the provider VLANs. This mapping is called the VLAN translation table or the VLAN forwarding table, and it’s used to ensure that packets are forwarded to the correct VLANs across the provider network.

In the example you provided, PE1 would have a mapping that associates VLAN 10 with VLAN 10010 (which is the VLAN ID used to represent VLAN 10 on the provider network), and PE2 would have a similar mapping that associates VLAN 10010 with VLAN 10. This mapping is essential for ensuring that packets are delivered to the correct destinations and that different customer VLANs don’t overlap or conflict with each other.

VLAN Mapping is a technology that allows different VLAN IDs on two directly connected Layer 2 networks to be mapped so that the two networks can be managed as a single Layer 2 network. This helps to achieve seamless interworking between the two networks and enables unified deployment of Layer 2 protocols.

In contrast, Virtual eXtensible Local Area Network (VXLAN) is a network virtualization technology that extends VLANs over Layer 3 networks. It is essentially a VPN technology that allows the creation of a Layer 2 virtual network over any networks with reachable routes. VXLAN uses VXLAN gateways to enable communication within a VXLAN network and between VXLAN and non-VXLAN networks. It uses a VXLAN Network Identifier (VNI) field to identify up to 16 million VXLAN segments, effectively isolating massive tenants in cloud computing scenarios.