[c-nsp] VLAN subinterfaces on 7609 Router

Ian Cox icox at cisco.com
Wed Mar 2 14:03:32 EST 2005


You check the ARP entries and the MAC addresses you are sending the traffic 
to are correct in the Agilent. We are not going to forward traffic which is 
not addresses to the routers MAC address. That could be the reason why it 
works in one cirection and not the other.


Ian


At 12:56 AM 3/2/2005 -0600, Wes Decker wrote:
>Hi all,
>   It appears that the 7609 Router is somehow blocking
>VLAN frames in one direction. Here is my equipment config:
>
>                          g6/1.2                  swap VID  VLAN       VLAN
>Agilent    VLAN 4      CISCO   VLAN 2  GbE        (2 to 3)    3  GbE
>3  Agilent
>Router   <-----------> 7609    <-----> Port <---> [switch] <---> Port
><----> Router
>Tester     192.7.1.x   Router           0
>1         Tester
>Port 0               g6/3.4    |
>     |Port 1
>192.7.1.1                      |<--------------- 192.11.1.x
>--------------->|192.11
>VID
>4
>.1.1
>
>VID 3
>
>CISCO 7609 Router has Gigabit Interfaces configured as follows:
>
>interface GigabitEthernet6/1
>no ip address
>logging event link-status
>!
>interface GigabitEthernet6/1.2
>encapsulation dot1Q 2
>ip address 192.11.1.254 255.255.255.0
>!
>interface GigabitEthernet6/3
>no ip address
>logging event link-status
>!
>interface GigabitEthernet6/3.4
>encapsulation dot1Q 4
>ip address 192.7.1.254 255.255.255.0
>!
>
>Other 7609 config info:
>
>Current configuration : 4752 bytes
>!
>version 12.2
>service timestamps debug uptime
>service timestamps log uptime
>no service password-encryption
>service counters max age 10
>!
>hostname FW-7600
>!
>no aaa new-model
>vtp mode transparent
>ip subnet-zero
>!
>mls ip multicast flow-stat-timer 9
>no mls flow ip
>no mls flow ipv6
>mls cef error action freeze
>spanning-tree mode pvst
>no spanning-tree optimize bpdu transmission
>spanning-tree extend system-id
>diagnostic cns publish cisco.cns.device.diag_results
>diagnostic cns subscribe cisco.cns.device.diag_commands
>!        redundancy
>mode sso
>main-cpu
>  auto-sync running-config
>!        vlan internal allocation policy ascending
>vlan access-log ratelimit 2000
>!
>interface Vlan1
>no ip address
>shutdown
>!
>ip classless
>no ip route static inter-vrf
>no ip http server
>!
>access-list compiled
>no cdp run
>!
>control-plane
>!
>line con 0
>exec-timeout 60 0
>line vty 0 4
>no login
>!
>end
>----------------------------------------
>
>The [switch] is inhouse equipemnt but basically
>all it is doing in this case is swapping the
>VLAN ID from 2 to 3 (and recalc of FCS) on frames.
>
>So the basic connection under test is:
>192.7.1.1 VID 4 <------> 192.11.1.1 VID 3
>where 192.7.1.1  VID 4 is Agilent Router Tester(RT) Port 0
>and   192.11.1.1 VID 3 is Agilent Router Tester(RT) Port 1
>
>With everyting configured as indicated above,
>test traffic passes cleanly from RT port 0 to RT port 1.
>
>However, traffic from RT port 1 to RT port 0 is being lost
>at the 7609 Gigbit 6/1 port (actually g6/1.2 subinterface).
>
>IT seems strange that the 7609 can handle the traffic from
>VLAN 4 to VLAN 2 without a problem but cannot handle the
>packets from VLAN 2 to VLAN 4.
>
>The frames are being sent from the GbE 0 port towards
>port 7609 G6/1(.2) port....but G6/1(.2) port never increments
>its INput frame counter.
>
>Any ideas or suggestions as to why this is happening or
>possible things to try would be greatly appreciated!
>
>Another bit of info:  I can generate PINGs and get replies
>in both directions and ARP requests to the &609 from both
>RT #0 and RT #1 work ok.
>
>
>Also please note, if I just connect the RT Port 0 as it is
>but connect RT Port 1 directly to the 7609 g6/1.2 port and
>set RT #1 to use VLAN 2 then traffic passes in both
>direction cleanly between the two RTs.
>            g6/3.4
>RT #0 <------> 7609 <-------> RT #1
>VID 4             g6/1.2      VID 2
>192.7.1.1                     192.11.1.1
>
>Similarly, if I take the 7609 out of the path
>and just have RT #0 connected to RT #1 through
>our GbE ports and inhouse [switch],  again traffic
>passes cleanly in both directions between RT# 0 and RT #1.
>
>RT #0 <------>  GbE Port 0 <---> [switch] <----> GbE Port 1  <-----> RT #1
>192.7.1.1     VID 2                                        VID 3
>192.11.1.1
>VID 2                          swap VID 2 & 3                        VID 3
>
>
>I captured the packets flowing in each direction for the
>previous two configurations and I see no difference in the
>IPv4 packets/frames other than the VID as expected.
>I will put a LAN monitor/sniffer on the GbE Port 0 to 7609 G6/1(.2)
>interface for the 1st config above to see if there is anything
>unique with these VLAN 2 packets between these ports (todays task!).
>
>I have not created any static routes....the 7609 is just using
>the "connected" subnetworks.
>
>I have tried to use the CISCO configuration documentation but
>it is kinda sparse on the configuring of "subinterfaces".
>
>If there is additional info from the 7609 that I can provide,
>please just let me know CLI commands to enter.
>
>Thanks ahead of time for any replies!
>
>Wes Decker
>(wdecker at tellabs.com)
>============================================================
>The information contained in this message may be privileged
>and confidential and protected from disclosure. If the reader
>of this message is not the intended recipient, or an employee
>or agent responsible for delivering this message to the
>intended recipient, you are hereby notified that any reproduction,
>dissemination or distribution of this communication is strictly
>prohibited. If you have received this communication in error,
>please notify us immediately by replying to the message and
>deleting it from your computer. Thank you. Tellabs
>============================================================
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list