56 vlan-vpn configuration, Vlan-vpn overview, Introduction to vlan-vpn – H3C Technologies H3C WX3000 Series Unified Switches User Manual
Page 567: Vlan-vpn configuration
56-1
56
VLAN-VPN Configuration
z
The term switch used throughout this chapter refers to a switching device in a generic sense or the
switching engine of a unified switch in the WX3000 series.
z
The sample output information in this manual was created on the WX3024. The output information
on your device may vary.
VLAN-VPN Overview
Introduction to VLAN-VPN
Virtual private network (VPN) is a new technology that emerges with the expansion of the Internet. It can
be used for establishing private networks over the public network. With VPN, you can specify to process
packets on the client or the access end of the service provider in specific ways, establish dedicated
tunnels for user traffic on public network devices, and thus improve data security.
VLAN-VPN feature is a simple yet flexible Layer 2 tunneling technology. It tags private network packets
with outer VLAN tags, thus enabling the packets to be transmitted through the service providers’
backbone networks with both inner and outer VLAN tags. In public networks, packets of this type are
transmitted by their outer VLAN tags (that is, the VLAN tags of public networks), and the inner VLAN
tags are treated as part of the payload.
describes the structure of the packets with single-layer VLAN tags.
Figure 56-1
Structure of packets with single-layer VLAN tags
Destination MAC address
0
31
Data
Source MAC address
15
VLAN Tag
describes the structure of the packets with double-layer VLAN tags.