Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
931
Views
15
Helpful
5
Replies

Layer3 Subinterface With Tagging

ehayric1320
Level 1
Level 1

‎03-20-2019 11:56 AM - edited ‎03-20-2019 11:57 AM

I am looking at a 6880 with port-channel interface with a layer 3 subinterface. This subinterface is an EIGRP interface with one neighbor. This port-channel connects into our site core 4500X through two physical tengig interfaces. The physical interfaces are routed but do not have an IP address so I am confused how all this works. I only included one interface of the port-channel below for the sake of brevity.

1) If the port-channel subinterfaces are routed interfaces how are they able to do 802.1Q tagging which is strictly a layer 2 construct?

2) Would I be correct in saying that these subinterfaces are acting as the SVI for these particular VLANs and then the traffic is being tagged as it egresses and heads to the site core?

3) How does this tagged traffic cross an interface that is routed?
-----------------------------------------

MPLS#sh ip eigrp vrf xxx interfaces
Po11.3111 1 0/0 0/0 1 0/0 50 0

MPLS#sh ip eigrp vrf xxx neighbors
172.18.xx.xx Po11.3111 14 34w3d 1 100 0 7365

MPLS#sh ip int br
Port-channel11 unassigned YES unset up up
Port-channel11.3111 172.18.XX.XX YES NVRAM up up

interface Port-channel11.3111
description Site Core L3VPN RdtLnk
encapsulation dot1Q 3111
ip vrf forwarding xxx
ip address 172.18.xx.xx 255.255.255.254
ip pim sparse-mode

interface TenGigabitEthernet2/5/5
description Site Core L3VPN RdtLnk
no switchport
mtu 9170
no ip address
no keepalive
channel-group 11 mode active
service-policy type lan-queuing output EGRESS-1P7Q4T

Labels:
0 Helpful
5 Replies 5

Jaderson Pessoa
VIP Alumni
VIP Alumni

‎03-20-2019 12:00 PM

Hello,


check this link, i hope that it can help you; https://community.cisco.com/t5/switching/subinterfaces-and-vlans/td-p/2057667
Jaderson Pessoa
*** Rate All Helpful Responses ***

Jon Marshall
Hall of Fame
Hall of Fame

‎03-20-2019 12:02 PM - edited ‎03-20-2019 12:02 PM

 

1)  Because it is a trunk connection to your switch, so it can send and receive tagged packets. 

 

2) They are the L3 interfaces for the vlans so yes in a way they are like SVIs but see 3) 

 

3) It doesn't, the vlan terminates there. 

 

Think of it in simpler terms ie. you have a L2 switch which has vlan 10 and it connects to a router interface and the port connecting to the router is in vlan 10. Any clients connected to the switch in vlan 10 can communicate with each other but the vlan terminates on the router ie. you cannot extend vlan 10 beyond the router interface which is in effect what you have. 

 

Jon

 

ehayric1320
Level 1
Level 1
In response to Jon Marshall

‎03-21-2019 09:41 AM

"1)  Because it is a trunk connection to your switch, so it can send and receive tagged packets."

Thank you for the replies. If is a trunk as well as a layer 3 interface then how come it is not configured as a trunk at either the port-channel or subinterface level? Are you saying that the 801q tagging is essentially the same as the switchport mode trunk command?

0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni
In response to ehayric1320

‎03-21-2019 10:45 AM

Hi,

interface Port-channel11.3111
encapsulation dot1Q 3111

Check above configuration. 

encapsulation dot1Q 3111 ----> Here VLAN ID 3111 will be tagged in the packet header.

 

Let's try to understand with my lab:

My lab's router configuration as

 

interface FastEthernet1/0.3111
encapsulation dot1Q 3111
ip address 192.168.100.2 255.255.255.0
end

 

And Here is the packet capture:
icmp.png

 

 

 

 

 

 

I hope it will easy to understand for you.

 

Regards,

Deepak Kumar

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Jon Marshall
Hall of Fame
Hall of Fame
In response to ehayric1320

‎03-22-2019 01:09 AM

 

Yes, the tagging across the link in effect makes it a trunk link which really is just a link that transports traffic for multiple vlans. 

 

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card