Hot!FortiOS 6.4.0: How to use Q-in-Q vlan interface?

Author
kliew
Bronze Member
  • Total Posts : 43
  • Scores: 0
  • Reward points: 0
  • Joined: 2004/07/01 05:52:13
  • Status: offline
2020/05/28 09:56:08 (permalink)
0

FortiOS 6.4.0: How to use Q-in-Q vlan interface?

on a FortiGate101E with 6.4.0, I can see that under config system interface the option for 802.1AD is there
# set vlan-protocol
8021q     IEEE 802.1Q.
8021ad    802.1AD.
 
but unfortunately could not figure out how to set the second-dot1q vlan tag ID?
 
Is this feature actually completed or still under wraps?
 
Thanks in advance,
Kenneth
 
#1

2 Replies Related Threads

    josh
    Bronze Member
    • Total Posts : 23
    • Scores: 2
    • Reward points: 0
    • Joined: 2015/09/01 18:57:13
    • Location: Auckland, New Zealand
    • Status: offline
    Re: FortiOS 6.4.0: How to use Q-in-Q vlan interface? 2020/11/01 19:55:40 (permalink)
    0
    Also interested in this. Does the sub-interface you're creating in this step just get attached to an already tagged parent-interface in which case the one you're creating becomes the inner-tag?
    #2
    DTS
    New Member
    • Total Posts : 1
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/01/20 11:12:54
    • Status: offline
    Re: FortiOS 6.4.0: How to use Q-in-Q vlan interface? 2021/01/20 11:18:18 (permalink)
    0
    Have you made any progress with this? I have 2x200F HA units that I am trying to get working with QinQ tagging. Our ISP is handing off VLAN tagged frames to the FG, where we need to strip the outer tag to then allow the tagged (Nested) VLANS to reach their corresponding FG interface/vlan. We then send out "double tagged" frame with the outer matching the client/customer site. THe provider then strips outer VLAN when frames arrive at site and before hitting switch interface, so we are left with layer 2 destination VLANS. Provider then accepts single tagged packets on the return and tags them on the 'outside' with the 'site' vlan with the single tagged frames encapsulated inside before they reach the FG. 
     
    I've been waiting on answers from FG support for a few days. I've been told several times that it is an 'advanced' feature that is "rarely" used which is interesting because the features/options are there are were added to firmware recently and for good reason, you would think? 
    #3
    Jump to:
    © 2021 APG vNext Commercial Version 5.5