[c-nsp] bridging to second-dot1 vlan

Brian Turnbow b.turnbow at twt.it
Tue Sep 4 10:13:39 EDT 2012 

Hi Tony,

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Tony
> Sent: martedì 4 settembre 2012 15:24
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] bridging to second-dot1 vlan
> 
> Hi all,
> 
> I have a situation where I would like to configure bridging on a 7609 from
> a normal VLAN interface to a double-tagged WAN interface.
> 
> Configuration is like this:
> 
> ===
> int gig7/7
> switchport trunk encap dot1g
> switchport trunk allowed vlan 202
> 
> int gig1/2/4.30570202
>  encapsulation dot1Q 3057 second-dot1q 202
>  bridge-domain 202 dot1q
> ===
> 
> Where gig7/7 is connected to a 3750 as a trunk and I then have a device
> connected to an access port on the 3750 that is in vlan 202.
> 
> The gig1/2/4 port is a SPA-5GE card in a SIP-400 and that port goes to a
> carrier that hands off services as tagged VLAN's (one outer VLAN for each
> service) and we then create a dot1q inner VLAN.
> 
> When I configure the bridging as above it would appear that the traffic
> works correctly in one direction, but that in the other direction (traffic
> inbound on the SPA to local LAN interface) only the OUTER dot1q tab is
> getting stripped off so that when the traffic gets to the end device is
> still has VLAN 202 on the frame instead of being a non-vlan frame. This
> shows up in a packet capture on the end device like this:
> 

Not sure I follow you here. Since port g7/7 is a trunk port the vlan stays on.
This is correct.
The 3750 would be the device "removing" the vlan tag
If you want the 6500 to remove the tag the port needs to be an access port, not a trunk port.


Brian




> 22:00:35 00:13:1a:e9:a3:44 > 00:17:c5:16:43:7a, ethertype 802.1Q (0x8100),
> length 64: vlan 202, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4),
> Request who-has 192.168.2.1 (00:17:c5:16:43:7a) tell 192.168.2.11, length
> 46
> 
> Where the critical part is "ethertype 802.1Q (0x8100), length 64: vlan 202"
> which shows that the packet coming in still has the vlan 202 tag on it and
> so the device ignores it, because it doesn't do VLAN sub-ints.
> 
> Software is 12.2(33)SRD4. Hardware is as described above, Gig7/7 is just a
> "plain" LAN port (WS-X6516-GE-TX).
> 
> 
> 
> Any suggestions on whether what I'm trying to achieve is possible and what
> I might do to achieve it with the hardware/software at hand ?
> 
> 
> 
> Thanks,
> Tony.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


---
This e-mail is intended only for the addressee named above. 
As this e-mail may contain confidential or privileged information, 
if you are not the named addressee, you are not authorized to retain, read, 
copy or disseminate this message or any part of it.   
 
Please consider your environmental responsibility before printing this e-mail.

More information about the cisco-nsp mailing list