Configuring Double Tag Translation on Cumulus Linux

Few weeks back, Cumulus Networks announced new release of Cumulus Linux 3.3.1 which includes some early access features as following.

  • SNMP enabled for routing protocols: Monitor BGP and OSPF using SNMP.
  • VXLAN routing: An early access feature for configuring IP routing between VXLAN VNIs in an overlay network.
  • QinQ: An early access feature for implementing hybrid cloud connectivity.
  • Fixes for running 1G speeds on Trident II+ platforms.

This is another big step to have QinQ available. So in this article, I am going to share an example of working configuration about double tag translation on Cumulus Linux.

Introduction

There are two different ways to configure QinQ on Cumulus Linux, Single Tag Translation and Double Tag Translation. For more information about the two different flavors, check out with this Cumulus document.
This article will focus on double tag translation without involving VxLAN. Double tag translation only works with bridges in traditional mode (not VLAN-aware).

First thing first, we at least have Cumulus Linux 3.3.1 running. Then we need to install the QinQ metapackage on a switch. The steps are as follow.

1. Open the /etc/apt/sources.list file
2. Uncomment the early access repo lines and save the file
deb      http://repo3.cumulusnetworks.com/repo CumulusLinux-3-early-access cumulus
deb-src  http://repo3.cumulusnetworks.com/repo CumulusLinuz-3-early-access cumulus
3. Run the following commands to install the QinQ metapackage in Cumulus Linux
[email protected]:~$ sudo apt-get update
[email protected]:~$ sudo apt-get install cumulus-vxlan-routing
[email protected]:~$ sudo apt-get install cumulus-qinq
[email protected]:~$ sudo apt-get upgrade

Note: Installing one of the two packages pulls in the other package, but both packages are listed here for sake of completeness.

Network Connectivity

Based on above network connectivity, we have C-tag VLAN 10, 20 and 30 which needs to talk to each other between iNET9-EX2200 and iNET9-Cisco Switch across provider’s network with S-tag 100.

Configuration

1. iNET9-CL01
auto swp1
iface swp1
link-speed 1000

auto swp2
iface swp2
link-speed 10000

auto swp2.100
iface swp2.100
vlan_protocol 802.1ad

auto swp2.100.10
iface swp2.100.10

auto swp2.100.20
iface swp2.100.20

auto swp2.100.30
iface swp2.100.30

auto br10
iface br10
bridge-ports swp1.10 swp2.100.10
bridge-vlan-aware no

auto br20
iface br20
bridge-ports swp1.20 swp2.100.20
bridge-vlan-aware no

auto br30
iface br30
bridge-ports swp1.30 swp2.100.30
bridge-vlan-aware no

2. iNET9-CL02
auto swp1
iface swp1
link-speed 1000

auto swp2
iface swp2
link-speed 10000

auto swp2.100
iface swp2.100
vlan_protocol 802.1ad

auto swp2.100.10
iface swp2.100.10

auto swp2.100.20
iface swp2.100.20

auto swp2.100.30
iface swp2.100.30

auto br10
iface br10
bridge-ports swp1.10 swp2.100.10
bridge-vlan-aware no

auto br20
iface br20
bridge-ports swp1.20 swp2.100.20
bridge-vlan-aware no

auto br30
iface br30
bridge-ports swp1.30 swp2.100.30
bridge-vlan-aware no

3. iNET9-EX2200
set vlans VLAN10 vlan-id 10
set vlans VLAN10 l3-interface vlan.10
set vlans VLAN20 vlan-id 20
set vlans VLAN20 l3-interface vlan.20
set vlans VLAN30 vlan-id 30
set vlans VLAN30 l3-interface vlan.30

set interfaces vlan unit 10 family inet address 10.10.10.1/24
set interfaces vlan unit 20 family inet address 20.20.20.1/24
set interfaces vlan unit 30 family inet address 30.30.30.1/24

set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members VLAN10
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members VLAN20
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members VLAN30

4. iNET9-Cisco Switch
vlan 10
name VLAN10
!
vlan 20
name VLAN20
!
vlan 30
name VLAN30
!
interface VLAN10
ip address 10.10.10.2 255.255.255.0
!
interface VLAN20
ip address 20.20.20.2 255.255.255.0
!
interface VLAN30
ip address 30.30.30.2 255.255.255.0
!
interface GigabitEthernet0/1
description UPLINK TO DELL
switchport trunk encapsulation dot1q
switchport mode trunk
swiport trunk allowed vlan all

And that’s it! Now you have a working configuration of double tag QinQ on Cumulus Linux without having VxLAN enabled.

Verification

You can use some commands like net show bridge vlansudo brctl showip -d link show bridge to see if vlan_protocol 802.1ad in the output. Last but not least, we can use PING command to verify reachability between both ends.

[email protected]> ping 10.10.10.2
PING 10.10.10.2 (10.10.10.2): 56 data bytes
64 bytes from 10.10.10.2: icmp_seq=0 ttl=255 time=4.431 ms
64 bytes from 10.10.10.2: icmp_seq=1 ttl=255 time=3.840 ms
64 bytes from 10.10.10.2: icmp_seq=2 ttl=255 time=4.174 ms
64 bytes from 10.10.10.2: icmp_seq=3 ttl=255 time=5.127 ms
64 bytes from 10.10.10.2: icmp_seq=4 ttl=255 time=5.657 ms
^C
— 10.10.10.2 ping statistics —
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.840/4.646/5.657/0.659 ms

Let us know in the comment below and thanks for reading!

3 Replies to “Configuring Double Tag Translation on Cumulus Linux”

Leave a Reply

Your email address will not be published. Required fields are marked *