Normally, Cisco switches intercept and process a number of layer two protocols, including CDP, STP, VTP, and others. This can present problems when attempting to make a switch appear completely transparent, as is a common goal of service providers. Full transparency can be achieved with layer 2 protocol tunneling (not to be confused with L2TP).
Switches can be configured to forward CDP, STP, and VTP frames instead of intercepting them. The command to enable basic L2 tunneling is l2protocol-tunnel at interface configuration. By default, this one command disables CDP on the interface and enables tunneling for CDP, STP, and VTP, as seen in the running configuration:
interface GigabitEthernet0/1
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
The switch will transparently forward incoming CDP/STP/VTP frames out other similarly configured interfaces in the same VLAN. We can inspect the traffic statistics with show l2protocol-tunnel:
Switch# show l2protocol-tunnel
COS for Encapsulated Packets: 5
Drop Threshold for Encapsulated Packets: 0
Port Protocol Shutdown Drop Encapsulation Decapsulation Drop
Threshold Threshold Counter Counter Counter
---------- -------- --------- --------- ------------- ------------- -------------
Gi0/1 cdp ---- ---- 4 0 0
stp ---- ---- 117 0 0
vtp ---- ---- 0 0 0
--- ---- ---- ---- ---- ----
--- ---- ---- ---- ---- ----
--- ---- ---- ---- ---- ----
Note the three seemingly useless lines at the end of the output. These lines present additional information when tunneling is expanded to include point-to-point protocols PAgP, LACP, and UDLD with the command l2protocol-tunnel point-to-point. Similar to the base command, the interface is automatically configured to include each of these protocols individually:
interface GigabitEthernet0/1
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
l2protocol-tunnel point-to-point pagp
l2protocol-tunnel point-to-point lacp
l2protocol-tunnel point-to-point udld
no cdp enable
The forwarding statistics now include all six protocols:
Switch# show l2protocol-tunnel
COS for Encapsulated Packets: 5
Drop Threshold for Encapsulated Packets: 0
Port Protocol Shutdown Drop Encapsulation Decapsulation Drop
Threshold Threshold Counter Counter Counter
---------- -------- --------- --------- ------------- ------------- -------------
Gi0/1 cdp ---- ---- 10 0 0
stp ---- ---- 292 0 0
vtp ---- ---- 0 0 0
pagp ---- ---- 0 0 0
lacp ---- ---- 0 0 0
udld ---- ---- 0 0 0
Thanks for insight article. So where would this employed in a typical Campus LAN environment?
@Benmoon l2pt is not really designed for campus networks. It's really useful when you have a layer 2 domain (like spanning-tree) splited in many parts due to a service provider network. Generally this feature is used within VPLS services.
Troubleshooting this feature could reside in modifying MTU/jumbo frames support depending the path length across you tunneled frames.