Chapter 2 bpdu tunnel configuration, 1 bpdu tunnel overview, 1 introduction to the bpdu tunnel function – H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – VLAN VPN

H3C S3100-52P Ethernet Switch

Chapter 1 VLAN-VPN Configuration

2-1

Chapter 2 BPDU Tunnel Configuration

2.1 BPDU Tunnel Overview

2.1.1 Introduction to the BPDU Tunnel Function

In MAN networking solutions, the requirements may arise that the branches of an
enterprise be interconnected through the operator’s network. This can be achieved
through VPN (virtual private network), which can integrate geographically dispersed
networks to form a logical LAN. The tunnel function is required when you implement
VPN. It enables packets of private networks to travel through operator’s network and
reach another private network securely. To make networks of this kind essentially
comparable with an actual LAN, Layer 2 protocol packets used to maintain the network
are also required to travel across the tunnels.

2.1.2 BPDU Tunnel Fundamental

I. Layer 2 packet identification

Different from the processing of data packets, a Layer 2 protocol packet is classified
first when it reaches a network device. A Layer 2 protocol packet conforming with IEEE
standards carries a special destination MAC address and contains a type field. Some
proprietary protocols adopt the same packet structure, where a private MAC address is
used to identify the corresponding proprietary protocol, and the type field is used to
identify the specific protocol type.

II. Transmitting BPDU packets transparently

As shown in Figure 2-1, the network on the top is the operator’s network, and the one
on the bottom is a user network. The operator’s network contains devices that
receive/transmit packets. The user network contains Network A and Network B. You
can make the BPDU packets to be transmitted in the operator’s network transparently
by enabling the BPDU Tunnel function on the devices with user networks connected to
in the operator’s network.

z

When a BPDU packet coming from a user network reaches a device in the
operator’s network, the device changes the destination MAC address carried in
the packet from a protocol-specific MAC address to a normal MAC address, which
can be identified by both the local device and the peer device. In such a way, the
BPDU packet is converted to a normal data packet and is forwarded in the
operator’s network.

z

Before the device in the operator’s network forwards the packet to the destination
user network, the device restores the original protocol-specific MAC address. This