Layer 2 Protocol Tunneling

Layer 2 protocol tunneling (L2PT) is achieved by encapsulating the PDUs at the ingress PE device before transmitting them over the service provider network. The encapsulation prevents the PDUs from being processed by the switches in the SP network. At the egress PE device, the encapsulated packets are de-encapsulated, and transmitted to the CE device.

The encapsulation used for different types of networks is as follows:
Tunneling is configured on a service by specifying a tunneling action for each interface of the service. The possible actions are:
An operator can specify a CoS value for the tunneled PDUs. This can be useful since some L2 protocols may have a higher priority than others (for example, STP may be considered higher priority than LLDP). If a CoS value is specified for a protocol for which tunneling is enabled, the switch will transmit the encapsulated PDUs for that protocol with the operator specified CoS towards the network. The CoS value specified by the operator is transmitted on the SP network as follows:

As VXLAN tunneled packets cross L3 boundaries in the underlay network, the CoS can get lost when traversing L3 boundaries. An operator may choose to configure a Differentiated Services Code Point (DSCP) that needs to be set in the outer IP header of the encapsulated packets. If the packet encapsulated into the VXLAN tunnel is an IP packet, the DSCP from inner IP header is typically copied to DSCP of the outer IP header. A configuration option is provided to overwrite this outer DSCP value. In case of L2 protocols (which do not have an inner DSCP), the configured DSCP value is set in the outer IP header.

Table 1. L2 PDU Actions
Ingress Action Egress Action Switch Action
None or Encap/Decap NA Process locally
Tunnel None Discard PDU at egress
Tunnel Tunnel Tx PDU natively
Tunnel Encap/Decap Tx PDU encapsulated

The action taken by the switch for encapsulated PDUs for a protocol is as described in the following table.

Table 2. L2 Encapsulated PDU Actions
Service has at least one I/F with tunnel action Ingress Action Egress Action Switch Action
No None or Encap/Decap None or Encap/Decap Forward
Yes None or Tunnel NA Discard packet at ingress
Yes Encap/Decap None Discard packet at egress
Yes Encap/Decap Tunnel Tx PDU natively
Yes Encap/Decap Encap/Decap Tx PDU encapsulated