cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1421
Views
5
Helpful
3
Replies

Non Native VLAN 1 Trunk IEEE/SSTP BPDU

jpl861
Level 4
Level 4

I tried to deep dive the STP BPDUs over a non native VLAN 1 trunk and this is somehow confusing me. I configured two switches but these are both Cisco switches connected by a single trunk. VLANs 1,50,100 were allowed and I used VLAN100 as native. I am trying to monitor the IEEE BPDUs instead of the SSTP. From what I understand, IEEE will always be sent over VLAN1 and the rest of the VLANs will use SSTP BPDUs.

 

So in any case, I am expecting that IEEE BPDUs will be sent with an 802.1q header tag of VLAN1 using destination MAC 01:80:c2:00:00:00. SSTP BPDUs will only be sent over VLAN100 with destination MAC of 01:00:0c:cc:cc:cd with PVID of 100, no 802.1q header.

 

However my packet capture is showing things differently.

 

IEEE BPDUs are being sent over VLAN100 with 802.1q header of 100. Even the SSTP BPDU that's being sent over VLAN100 have an 802.1q header of 100.

Here's the configuration (output cut)

 

interface Ethernet0/0
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 1,50,100
switchport mode trunk

 

show spanning-tree

VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 4097
Address aabb.cc00.0100
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

!

VLAN0100
Spanning tree enabled protocol ieee
Root ID Priority 32868
Address aabb.cc00.0100
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

 

Here are the packet captures.

 

ieee-bpdu.PNGsstp-bpdu.PNG

 

 

I found this snippet from another thread and it doesn't seem to match.

 

pvst.png

Not sure why native VLAN capture still shows 802.1q header. I created SVI 100 on both switches and did ping test and the result was as expected, no 802.1q header.

 

3 Replies 3

Rolf Fischer
Level 9
Level 9

Did you use a IOS-XE device's built-in wireshark for the packet capture? I've seen a lot of times wrong VLAN tags when using it.

The MAC addresses look anonymized - is this real hardware or a virtualized environment?

Virtual environment. I used GNS3 for this one and use the Wireshark capture feature of the software. The MAC addresses look correct but only the VLAN ID is wrong.

Hello,

 

are you using the IOSvL2 images by any chance ? If you do, keep in mind the ip routing is enabled by default. Not sure what difference it makes if you disable that 'no ip routing'...

Review Cisco Networking for a $25 gift card