802.1q Tunnels
Here are two favorites of mine that you're going to want to learn. The official names of these configurations are an 802.1q Tunnel and an EtherChannel over an 802.1q Tunnel. I call them the Tube and the Rainbow. It's just a mnemonic that I use to help me remember the diagrams and how to configure them.
Let's start with the basic 802.1q Tunnel (aka The Tube or more commonly QinQ tunneling).
The first item of note is that in order for this to work, you will need to change the system mtu to 1504 to accomodate the additional header. This is going to require a reboot. Reboots take time. Do that first and while the switches are rebooting, configure the routers.
On R1, create two subinterfaces (fa0/0.22 and fa0/0.24) using two "user" VLANs (22 and 24) with appropriate subnets (10.22.0.0/24 and 10.24.0.0/24). On R4, create two similar subinterfaces (fa0/1.22 and fa0/1.24) with the same VLANs and subnets that you used on R1.
When the switches return from their reboot, start off with creating 802.1q trunk links between SW1 and SW2, SW2 and SW3, and SW3 and SW4. Also create VLAN 124 for the tunnel VLAN or metro tag.
Note the two green dots - your tunnel endpoints. This is the tricky part for the tunnel config.
On SW1 - interface fa0/1 (connecting to R1) and on SW4 - interface fa0/4 (connecting to R4) configure:
switchport access vlan 124
switchport mode dot1q tunnel
l2protocol-tunnel cdp
no cdp enable
Not so tricky at all, is it? You're configuring the port as a dot1q tunnel (mode) port in the metro VLAN. You want to run cdp in the tunnel - so that the routers see each other in "show cdp neighbor" - and you want to disable cdp from the switch to the tunnel. So now go to R1 and R4 and make sure they see each other (and not the switches) in the cdp neighbor output.
Now let's move on to the EtherChannel over 802.1q Tunnel. I call this The Rainbow because you have each distinct stripe in this config - and it's an easy way to remember to keep each port separate. What you're trying to accomplish in this configuration is an EtherChannel between two switches that are not directly connected.
I start with the end switches. On SW1 take the three ports and put them in the shutdown state. Configure whatever kind of EtherChannel is required. Leave them shut until the end. Go to SW4 and put those three ports in the shutdown state. Again, configure whatever EtherChannel is required. Again, leave them shut until the end.
Go to SW2 and configure the 802.1q trunk on fa 0/16. Create your three tunnel VLANs - 100, 200 and 300. Put each port from the other side of the port channel into a separate VLAN. Fa0/13 would be an access port in VLAN100, Fa0/14 would be an access port in VLAN200, and Fa0/15 would be an access port in VLAN300. These are your tunnel endpoints - which traverse the Fa0/16 trunk to the matching tunnel endpoints on SW3.
Go to SW3 and create the other side of the 802.1q trunk. Then create your three tunnel VLANs and assign each port from the other side of the port channel into separate VLANs. Fa0/19 would be in VLAN100, Fa0/20 would be in VLAN200, and Fa0/21 would be in VLAN300.
For all six access ports above, you will also need to add:
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel point-to-point pagp
The switchport mode makes it a tunnel and the l2protocol-tunnel cdp and stp are the protocols that are being tunneled in the example. You can tunnel cdp, stp and vtp. If no keyword (specific protocol) is entered, tunneling is enabled for all three protocols. Does this look familiar? It's the same commands that were used in the first example. The last command is specifically for the EtherChannel. It connects the colors together. The command is l2protocol-tunnel point-to-point [pagp | lacp | udld] and again, if no keyword is entered, tunneling is enabled for all three protocols.
Now that you have the tricky part done, go back to SW1 and SW4 and no shut your EtherChannel ports. Use show ether sum to check your Port Channel and member ports. You should see the members listed with a bright, happy (P) next to them. Then check the cdp neighbors on SW1 and SW4. They should see each other as neighbors.
For more information - always see the documentation.
Configuring Layer 2 Protocol Tunneling
Configuring Layer 2 Tunneling for EtherChannels