08-01-2012 09:41 AM - edited 03-07-2019 08:06 AM
I have 2821 router configured with two subinterfaces. This router is connected on cisco 2960 switch. The trunk on 2960 is configured without any prunning of vlans. I noticed that udp broadcast traffic is being forwarded through my router on native vlan 1 (this interaface do not have ip address configured). Below is configuration:
Router:
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.200
encapsulation dot1Q 200
ip address 10.1.1.1 255.255.255.248
no ip redirects
no ip proxy-arp
ip virtual-reassembly
shutdown
!
interface GigabitEthernet0/0.501
encapsulation dot1Q 501
ip address 192.168.15.1 255.255.255.252
ip access-group company-IN in
no ip redirects
no ip proxy-arp
ip nat outside
ip inspect company-FWALL out
ip virtual-reassembly
crypto map something
Switch:
interface FastEthernet0/13
switchport mode trunk
Does anybody have a clue what might be a problem? Why udp broadcast passes through int gi0/0?
Thanks in advance.
08-01-2012 02:22 PM
Hi Nikola,
The description of the problem is not entirely clear. Can you please answer the following questions in as much detail as possible?
Thank you!
Best regards,
Peter
08-02-2012 12:00 AM
I do sniffing betwen 2960 switch and 2821 router with wireshark. Source address is 192.168.153.x/137,138,17500 ... (it is not just one port and one source ip address but all of them is from same vlan 1) and destination is 192.168.153.255/137,138,17500... This is public segment. Than I sniff packets on private (Lan) segment and find that these packets still exist. Interface gi0/0 is by default in native vlan1. I have access list configured on subinterfaces which deny these traffic. Packets are forwarded on int gi0/1 which is in vlan 2. I do not have ip directed broadcast turnd on on any interface. When I put command switcport trunk allowed on switch interface to the router everything is ok (I do not have udp broadcast traffic anymore). My question is why traffic on interface without ip address forward traffic.
08-02-2012 03:20 AM
Nikola
I am not sure that I understand this post. Are you saying that packets sent on the trunk on VLAN 1 are being forwarded by the router to the other interface Gig0/1? I would not think that this would happen. In your original post you tell us that the switch was configured to trunk with no pruning of VLANs. So the native VLAN (VLAN 1) is included in the trunk. And frames in VLAN 1 would be sent over the tunk as untagged frames. I would expect to see these frames in Wireshark. The frames would be received by the router interface Gig0/0. Since the interface has no IP address I would not expect that the router would do anything with those frames on interface Gig0/0. Are you telling us that the router is forwarding them?
Any clarification would be appreciated.
HTH
Rick
08-02-2012 03:29 AM
Yes, the router forwarding them. I see this traffic on my interface gig0/1.2.
08-02-2012 04:50 AM
Nikola
Thanks for the clarification. Your post has shown us information about interface Gig0/0 and VLANs 200 and 501 and the switch port FastEth0/13 to which they connect. But we do not have any information about router interface Gig0/1 or the switch port to which it connects. Perhaps you can post information about these?
HTH
Rick
08-02-2012 05:06 AM
The interface Gig 0/1 is connected on other switch. Below is configuration. I think that main point for troubleshooting is GiG 0/0.
Switch:
interface FastEthernet0/24
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2
switchport mode trunk
spanning-tree portfast
end
Router:
interface GigabitEthernet0/1
no ip address
load-interval 30
duplex auto
speed auto
!
interface GigabitEthernet0/1.2
encapsulation dot1Q 2
ip address 192.168.1.1 255.255.255.128
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide