diff --git a/src/PktSrc.cc b/src/PktSrc.cc
index 2e6953f7f8..fac2d11e98 100644
--- a/src/PktSrc.cc
+++ b/src/PktSrc.cc
@@ -231,6 +231,14 @@ void PktSrc::Process()
 				data += get_link_header_size(datalink);
 				data += 4; // Skip the vlan header
 				pkt_hdr_size = 0;
+
+				// Check for 802.1ah (Q-in-Q) containing IP.
+				// Only do a second layer of vlan tag 
+				// stripping because there is no 
+				// specification that allows for deeper nesting.
+				if ( ((data[2] << 8) + data[3]) == 0x0800 )
+					data += 4;
+
 				break;
 
 			// PPPoE carried over the ethernet frame.
diff --git a/testing/btest/Baseline/core.q-in-q/conn.log b/testing/btest/Baseline/core.q-in-q/conn.log
new file mode 100644
index 0000000000..00b1b9894f
--- /dev/null
+++ b/testing/btest/Baseline/core.q-in-q/conn.log
@@ -0,0 +1,11 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	conn
+#open	2013-03-22-16-36-54
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	missed_bytes	history	orig_pkts	orig_ip_bytes	resp_pkts	resp_ip_bytes	tunnel_parents
+#types	time	string	addr	port	addr	port	enum	string	interval	count	count	string	bool	count	string	count	count	count	count	table[string]
+1363900699.548138	UWkUyAuUGXf	172.19.51.37	47808	172.19.51.63	47808	udp	-	0.000100	36	0	S0	-	0	D	2	92	0	0	(empty)
+1363900699.549647	arKYeMETxOg	193.1.186.60	9875	224.2.127.254	9875	udp	-	0.000139	552	0	S0	-	0	D	2	608	0	0	(empty)
+#close	2013-03-22-16-36-54
diff --git a/testing/btest/Traces/q-in-q.trace b/testing/btest/Traces/q-in-q.trace
new file mode 100644
index 0000000000..39969c8063
Binary files /dev/null and b/testing/btest/Traces/q-in-q.trace differ
diff --git a/testing/btest/core/q-in-q.bro b/testing/btest/core/q-in-q.bro
new file mode 100644
index 0000000000..7444e7b458
--- /dev/null
+++ b/testing/btest/core/q-in-q.bro
@@ -0,0 +1,2 @@
+# @TEST-EXEC: bro -r $TRACES/q-in-q.trace
+# @TEST-EXEC: btest-diff conn.log