cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1481
Views
0
Helpful
10
Replies

Is this GNS3's Vlan specification ?

solemdoms5
Level 1
Level 1

I set up simple topology to confirm my understanding of vlan .

Please refer to Screenshot attached .

First , I set up like the screenshot .

but I couldnt ping a router from the other one .

Second , Please see R2 CLI on the screenshot .

I setted up native vlan .

R2(config-subif)#encapsulation dot1Q 2 native

after that , I could ping .

but I think I dont need to configure native vlan on R2 .

Is this GNS3's specification ?

OR

Is this that I have misunderstood Vlan function ?

1 Accepted Solution

Accepted Solutions

This is behaving as expected.

The traffic that is exiting R1 is not tagged, you have not configured the native VLAN on port fa1/1 on router 5 so untagged traffic is assumed to be in VLAN 1 (the default native VLAN) when it enters this port. Additionally traffic from R2 is being tagged and arriving at a port that is not configured as a trunk so the tag is not read and any traffic is assumed to be in VLAN 2. This configuration should not work and is not working so everything is working correctly.

Please note that if you swap the ports and connect R1 to port fa1/2 and connect R2 to port fa1/1, this should work. Traffic from R1 will not be tagged, enter an access port configured for VLAN 2 and be forwarded in VLAN 2. It will then leave fa1/1 as a tagged frame in VLAN 2, it will arrive at R2, the tag will be read and the frame received by sub-interface fa0/0.1.

View solution in original post

10 Replies 10

Gregory Snipes
Level 4
Level 4

Witch of the routers is the output from? Also, could you provide a full interface configuration from both of them?

thank you for your reply .

here you go.

The only way I was able to observe the same behavior you indicated was to reverse the ports on the switch, connecting 1 to 2 and 2 to 1. I do not know the technical details of how the standalone switches in GNS3 are programmed to operate, but assuming they match thier native VLAN to to the native VLAN of the incoming trunk, this would be correct behavior.

If the connections are indeed made in the way indicated this would be a bug.

I always avoid the use of the GNS3 dumb switches and just put an ESM into a router when I need a switch. This gives me much better control.

hm..

native vlan means no tag to send a packet .

so Native vlan can communicate  to every access port on a switch . is this correct  ?

In this case ,

Port 1 is trunk ( idont know why I have to set up vlan number on trunk port tho )

and Port 2 is vlan 2 access port .

thats why I think i can ping each router ..

Please check the new SS attached  to confirm the topology .

Native VLAN mean that no tag is applied to the packet. This does not mean it can comunicate with every port.

Whenever a port configured as a dot1q trunk recives a packet that does not have a tag it asumes that that packet is suposed to be in whatever VLAN has been configured as the port's native VLAN. This also means that if packets originating from a device that is not configured as a trunk arrive at a port that is configured as a dot1q trunk, those packets will also be placed in the configued native VLAN.

sorry for bothering you .

But that is still not clear for me .

so I want to clear one thing .

1.In this topology attached, If I dont set up native vlan on R2 , I couldnt ping a router from other router .

Is this correct ?

2.If so , How should I change the parameter on the Switch ?

I really would recommend swapping out the dumb GNS3 switch for a router with an Etherswitch module. I think a lot of the confusion around this will clear up if you have a device that is properly manageable.

Here is some guidance on etherswitch modules.  You can read about the GNS3 implementation of them here.

As to the overall concept of native VLANs, the native VLAN is a VLAN like any other. However rather then being tracked by the use of a tag, it is tracked by the lack of a tag. The whole concept was introduced to allow trunks to pass though unmanageable switches. The native VLAN is the VLAN that other devices that get plugged into unmanageable switch wind up in.

Unless you are doing some really crazy stuff like trying to pass a trunk though a network of dumb switches AND really understand how native VLANs function. The best practice is to set your native VLANs to a common unused VLAN on all trunks in your network. Doing otherwise introduces complexity and can create security vulnerabilities.

I see.

now I did change a dump switch to c3700

but I couldnt ping .

there may be wrong part in configuration .

Could you check this ?

This is behaving as expected.

The traffic that is exiting R1 is not tagged, you have not configured the native VLAN on port fa1/1 on router 5 so untagged traffic is assumed to be in VLAN 1 (the default native VLAN) when it enters this port. Additionally traffic from R2 is being tagged and arriving at a port that is not configured as a trunk so the tag is not read and any traffic is assumed to be in VLAN 2. This configuration should not work and is not working so everything is working correctly.

Please note that if you swap the ports and connect R1 to port fa1/2 and connect R2 to port fa1/1, this should work. Traffic from R1 will not be tagged, enter an access port configured for VLAN 2 and be forwarded in VLAN 2. It will then leave fa1/1 as a tagged frame in VLAN 2, it will arrive at R2, the tag will be read and the frame received by sub-interface fa0/0.1.

Finally I could understand .

Thank you very mush .

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: