[c-nsp] 802.1q tunneling & same mac address on different inner vlans
Tassos Chatzithomaoglou
achatz at forthnet.gr
Mon Jul 16 13:52:18 EDT 2007
I know it's quite common to have a mac address appear on different ports of a switch more than once, as long as each appearance
belongs to a different vlan.
But this can lead to problems when these frames get double tagged (802.1q tunneling) by the same outer vlan, because any
intermediate switch that receives such double tagged frames on different ports will start complaining about the same mac address
on the same (outer) vlan.
So you have 2 frames which started with the same mac address on different vlans (no problem) and somewhere in the middle they
ended with the same mac address on the same vlan (problem).
One solution i could think of is to disable mac-address learning for the outer vlan. If i'm thinking right this will cause all
frames belonging to this vlan to be broadcasted, but as long as there are only 2 ports (one in, one out) on each intermediate
switch, that shouldn't be a major problem. Am i right?
Any other ideas or comments?
--
Tassos
More information about the cisco-nsp
mailing list