[c-nsp] bridging to second-dot1 vlan
Ross Halliday
ross.halliday at wtccommunications.ca
Wed Sep 5 11:28:36 EDT 2012
Hi Tony,
> My assumption that the inner tag is not being manipulated properly is
> based on sniffing traffic on the 3550 (sorry, it's a 3550, not 3750) by
> spanning the port (gig0/1) that is connected to gig7/7 on 7609. It has a
> number of other VLAN's on this trunk port that all appears to behave
> "normally".
>
> A packet capture shows ( tcpdump -nei rl1 -vv ether dst
> ff:ff:ff:ff:ff:ff):
>
> 10:53:54.962025 00:13:1a:bf:22:80 > ff:ff:ff:ff:ff:ff, ethertype ARP
> (0x0806), length 60: Ethernet (len 6), IPv4 (len 4), Request who-has
> 202.x.x.x tell 202.x.x.x, length 46
> 10:53:56.940678 00:13:1a:e9:a3:44 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q
> (0x8100), length 64: vlan 202, p 0, ethertype ARP, Ethernet (len 6), IPv4
> (len 4), Request who-has 192.168.2.10 tell 192.168.2.11, length 46
>
...
>
> Do you think if I can loop my packets through another switch/cable I will
> be able to strip the extra vlan 202 tag off ?
The 3550 has problems with stacked VLAN tags and ARP. I found this archived thread while trying to figure out how to deal with a service provider who wouldn't do their half of the Q-in-Q and made us double-tag all traffic before sending it to them: http://www.gossamer-threads.com/lists/cisco/nsp/143186
You'll either need to bump up at least to a 3560 or insert a second switch inline (not optimal)
Cheers
Ross
More information about the cisco-nsp
mailing list