11-23-2011 04:45 PM - edited 03-07-2019 03:34 AM
Hi All,
I have ran into an interesting issue. Consider the following simple topology-
R1 ------ Switch ------- R2
R1 is configured to send dual-tagged packets to R2. The configurations of R1 and R2 are as follows-
R1-
interface fa 1/0.100
encapsulation dot1q 10 second-dot1q 100
ip address 10.1.100.1 255.255.255.0
!
R2-
interface fa 1/0.100
encapsulation dot1q 10 second-dot1q 100
ip address 10.1.100.2 255.255.255.0
!
Now, I can ping between R1 and R2. But when I check the mac address-table on the switch, all the traffic is classified to VLAN 1 (native vlan). So, if I want to separate traffic on this switch based on the outer-tag, I am not able to do it. In other words, this switch considers all the traffic as untagged. So the question is - how does a switch process dual-tagged frames?
If I remove VLAN 1 or force the switch to tag native vlan frames, the communication between R1 and R2 stops.
Any information would be appreciated.
Thanks.
Amit.
12-21-2011 11:49 AM
Hi Amit,
I have a few questions.
- Can you provide me the switch config and show version?
- what interfaces are conneting the routers?
Unless it is configured to create a tunnel or is a metro switch with service instances the switch will only look at the outer tag.
12-21-2011 05:50 PM
Hi James,
I just fixed this issue a minute ago. There were 2 things that were overlooked-
1. We did not create any VLANs on the switch (Cisco 6504, IOS s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(33)SXJ). In the example above, the outer VLAN 10.
2. The Ethertype value. By default, Cisco switch has ethertype 0x8100 for both tags (weird!!!). However, the routers were using 0x88a8 for the outer-tag.
The issue I was seeing earlier was that the switch was considering all traffic as un-tagged and did not look at the outer tag due to the ethertype value. So, for all "trunk" ports, it required VLAN 1. In a way, flooding all ports for unknown MAC address.
So, I configured the VLAN natively on the switch. I also changed the ethertype value to 0x88a8 using the command "switchport dot1q ethertype 88a8" (mentioning here for others' reference).
Somehow, your comment helped me. Thanks for replying.
Best regards,
Amit.
03-23-2012 02:59 PM
Hi Amit,
I hit the same issue. Could you pl share me the exact configuration you done on both ports of cisco
R1----(port1)Cisco(port2)----R2
I am sending packet from R1 to R2 with vlan say 1700:29 (outer tag tpid 88a8 and innter it is 8100. I am just using cisco as a switch based on the vlans.
Thanks,
Janardhan
03-25-2012 03:05 PM
Hi Janardhan,
I did exactly what I have mentioned in my comment above. Create the vlan locally (enable/disable STP as required) and configured appropriate ethertype. Here's the sample config-
interface GigabitEthernet4/1
switchport
switchport trunk encapsulation dot1q
switchport dot1q ethertype 88A8
switchport trunk allowed vlan 1-100,300-1000,1233-1235
switchport mode trunk
mtu 9216
mls qos trust cos
end
Hope this helps.
Best Regards,
Amit.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide