Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
404
Views
5
Helpful
3
Replies

Need help with a strange/customized test network

christopher-pickens
Level 1
Level 1

‎11-06-2017 01:18 PM - edited ‎03-08-2019 12:38 PM

Hello everyone I have a rather unorthodox networking question. And bear with me I know this is crazy.....

So we are developing a customized application that needs to be able to talk between two laptops.

Each laptop has a virtual NIC that is tagging VLANs 7 with a /24 networking & 8 with a /26 network.

 

And below is the network topology:

 

Router (top)
Switch (middle)
- Port f1/0/45 connecting the switches and configured as an access port passing only vlan 7

Switch (bottom/access)
-client A (port f1/0/5 configured with a trunk port to the switch passing vlan 7 & 8)
-client B (port f1/0/6 configured with a trunk port to the switch passing vlan 7 & 8)

 

Other notes, we do not have control of the distribution switch or the router. And when I do the show mac address-table command client A is showing the same MAC address from vlan 7 & 8. And traffic between 7 & 8 cannot be allowed.

 

The current problem is that traffic between 7 & 7 is not working. And I apologize in advance I cannot post the configurations. I suspect that the software doing the tagging is causing an issue. When I look at the mac table on client A I see that it shows vlan 7 & 8 with two identical MAC's. But I need help from the experts here.

 

Thank you

Labels:
0 Helpful
3 Replies 3

BradEast1
Level 3
Level 3

‎11-06-2017 01:41 PM

I don't see any issue with both addresses resolving to a singular MAC address. Both frames are sourced from the same NIC. I have a switch connected to a router with multiple addresses, and see the same behavior:

 

          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    0462.734e.0d48    DYNAMIC     Gi1/0/2
   2    0462.734e.0d48    DYNAMIC     Gi1/0/2

 

What do you mean by "And traffic between 7 & 8 cannot be allowed"?

christopher-pickens
Level 1
Level 1
In response to BradEast1

‎11-06-2017 07:45 PM - edited ‎11-06-2017 07:48 PM

Interesting. 

 

And what I mean by traffic needs to be separated is. VLAN 7 is going out to a router and can get to an intranet of sorts. But traffic on VLAN 8 needs to only talk to devices that are also on VLAN 8 hanging off the same switch. 

0 Helpful

BradEast1
Level 3
Level 3
In response to christopher-pickens

‎11-07-2017 06:12 AM

Then you should be able to use a L3 ACL at their default gateway or you can use a L2 VACL on the switch they're connected to.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card