Overview of QinQ
Definition
QinQ expands VLAN space by adding an additional 802.1Q tag to 802.1Q tagged packets. A packet carries two 802.1Q tags: a public VLAN tag and a private VLAN tag.
Purpose
Ethernet is widely used on ISP networks, but 802.1Q VLANs are unable to identify and isolate large numbers of users on metro Ethernet networks because the 12-bit VLAN tag field defined in IEEE 802.1Q only identifies a maximum of 4096 VLANs. QinQ was developed to expand VLAN space beyond 4096 VLANs so that a larger number of users can be identified on a metro Ethernet network.
QinQ was originally developed to expand VLAN space by adding an additional 802.1Q tag to an 802.1Q-tagged packet. In this way, the number of VLANs can increase to 4094 x 4094 (values 0 and 4095 are reserved). Packets are forwarded based on outer VLAN tags on the public network, and devices on the public network add outer VLAN IDs to MAC address tables of the corresponding VLANs. Inner VLAN tags of packets are transmitted as data on the public network.
In addition to expanding VLAN space, QinQ is applied in other scenarios with the development of metro Ethernet networks and carriers' requirements on refined service operation. The outer and inner VLAN tags can be used to differentiate packets based on users and services. For example, the inner tag represents a user, while the outer tag represents a service. Moreover, QinQ is used as a simple and practical virtual private network (VPN) technology because inner tags of QinQ packets are transparently transmitted over a public network. It extends core multiprotocol label switching (MPLS) VPN services to metro Ethernet networks to establish an end-to-end VPN.
Benefits
- Extends VLANs to isolate and identify more users.
- Facilitates service deployment by allowing the inner and outer tags to represent different information. For example, use the inner tag to identify a user and the outer tag to identify a service.