Re: Help Needed for VLAN Tagging and untagging (802.1q)

lawwm · ‎08-03-2006

Hi All,

I need some help with a problem I am facing.

I am trying to integrate a solution for a clients network. My platform consist of proxies and an NP card.

My platform is supposed to receive input traffic from the client network process it and forward it out. This is done via the NP card (point of entry and exit on my system).

However the clients connection coming into my platform is a trunk carrying multiple VLANS (802.1Q). The NP card does not recognize 802.1Q. And we need only data from one of the VLANS.

So we have a solution to use 2 cisco 3750 swithes on for input traffic from client then to our NP card and back out via another Cisco3750 switch.

The idea is to get the first C3750 to untag the required VLAN and forward it to the NP card and another C3750 to retag it back on the trunk on the way out to the client network.

I have attached a diagram of the propsed solution, for a clearer understanding. However can someone help me with the config as im not too sure how to configure the C3750 to untag and retag as required. Any help is deeply appreciated and urgently required :D

lawwm · ‎08-03-2006

Hi again. Here is the diagram again in a different format.

grant.maynard · ‎08-04-2006

So you want VLAN 10 to be the native VLAN for those ports:

interface ....

switchport mode trunk

switchport trunk native vlan 10

switchport trunk encap dot1q

switchport trunk allowed vlans ....

lawwm · ‎08-04-2006

Hi Grant,

Thanks for the reply. Just be sure that you understood my problem correctly I've prepared another diagram with the related ports vlans etc.

Please comment ;) Thanks loads again.

Based on this new diagram and according to your explanation :

Switch 1 & 2

--------

Interface Gi 23

Switchport mode trunk

switchport trunk encap dot1q

no ip address

exit

Interface Gi 7

switchport access Vlan 10

switchport mode acces

no ip address

Exit

Interface Gi 5

Switchport mode trunk

switchporttrunk native VLAN 10

switchport trunk encap dot1q

Switchport trunk allowed vlans vlan 20 vlan 30

ip address

exit

I wasnt very sure of the native Vlan on the Int Gi5 and also the rest of my configs :

Please advice ;)

Best regards,

Law

m-haddad · ‎08-04-2006

The above config should work! Just for clarification when you say VLAN10 this means the packet is tagged with VLAN10. Untagged packets are those packets in the native vlan. The default native VLAN on cisco is VLAN1. When you sent the native VLAN on a trunk port the all Untagged packets (Packets on VLAN1 passing on the trunk) will be set or tagged to VLAN 10.

Hope this helps,

Regards,

lawwm · ‎08-04-2006

So does this mean that with the configuration I have I will be able to separate the traffic from VLAN 10 from the Trunk between both swithces and put it back on the trunk before sending it out again like in my diagram?

Thanks guys..

Best Regards,

Law

m-haddad · ‎08-04-2006

Yep, should work this way as long as I understood your diagram!

lawwm · ‎08-08-2006

Hi Guys,

I havent received the switches yet.. so I wasnt able to try. Should be receiving them today.

Anyways I also noticed that when I we use the 'native vlan vlan 10' command on the trunk (Gi 5) it makes all vlan 10 packets untagged.

But does this mean that VLAN 10 traffic will pass the GI 5 link untagged or will it take the GI 7 VLAN 10 acccess port instead like in the diagram (as required).

Thanks again, and appreciate any help provided..

Best reagrds

m-haddad · ‎08-08-2006

Well, native VLAN 10 should tag all packets in VLAN1 with VLAN 10. THis how it should work.

Let me know when u recieve the switches and how does the scenario works,