Vlan: (Dis-)advantage Q-in-Q?

RouterOS General
1

3 routers, A-B-C.
A is internet gateway, B is some link, C is distributing router to many AP’s
B has its interfaces bridged
I want to separate several data streams depening on source AP (somewhere behind router D,E or even further away.)

I was setting up vlan100 (ID=100) on both the connected interface A and C
Then, ‘on top’ of these vlan100 interfaces I create sevaral vlan’s. Say vlan110, vlan120, vlan130 etc. (ID’s 110, 120, 130 etc)

vlan100 terminates on A and C
All other vlan start on vlan100-A (on A interface) and each vlan interface on vlan100-C is than bridged to its many peer vlans on the incoming interfaces of C


A ether1\ B /C ether1 “C”
vlan100\ B /vlan100
vlan110 B vlan110 vlan110-bridge/C ether2
vlan120 B vlan120 vlan120-bridge/C ether3
vlan130 B vlan130 vlan130-bridge/C ether4


Is this a good way of doing this?

Or should I just omit vlan100 in total and have only 110, 120 and 130 running over A-B-C?

Or should I remove 110, 120, 130 from the link interfaces “vlan100” and instead bridge the vlan110-ether2 etc. directly to the vlan100-ether1 on C?

vlan’s 110 etc inside the vlan100 does work, but maybe I am just creating extra overhead (extra vlan headers) on my data traffic?

Any help is appreciated.

2

q in q (actually all vlan) is quite funny to work with in routeros. To have it to work, you have to think a bit different, by adding to bridge, and bridge with something else etc. Most other HW/software, make the “bridge” themself. (If you dont use the switch chip in ROS)

q in q will always give you overhead, and bigger l2mtu. But is a ok way to distribute vlan, if VPLS is not possible to use. You also use the CPU when using brige.

I prefer VPLS to distribute vlan’s. (in fact, its possible to have q in q (in q) inside a vpls) This eliminate big l2 network and or manually tagging on every interface. In a A-B-C-D-E-F-G network, (with a H,I,J,K,L etc connected to the router’s (switches) in the middle, tagging 10’s of vlans is always funny.

To push packages from A to B, trough some HW, without doing some logic to the traffic, like a dumb “bridge”. Routeros is NOT the best equipment to use. a 50$ unmanaged switch will do the job better.