[c-nsp] VLAN 1 troubles?

Nick Cutting ncutting at edgetg.com
Tue Aug 28 09:06:49 EDT 2018 

Well the big change that I seemed to care about was they added local routes to the route table, the /32 of configured interfaces.
I can't say I've ever seen anything different with the way tagged and untagged traffic was treated.
We have a Vmware lab environment on 3560G's, running both 12.2 and 15.x - but as other said we avoid vlan1 , not for "best practice, or security" but because of voodoo on the vlan, weirdness.

BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)
C       10.180.6.6/31 is directly connected, GigabitEthernet0/21

v.s.

Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 15.0(2)SE4, RELEASE SOFTWARE (fc1)
C        10.180.6.0/31 is directly connected, GigabitEthernet0/21
L        10.180.6.1/32 is directly connected, GigabitEthernet0/21

It is more likely you ran into a bug on 12.2 that allowed you to pass tagged traffic on Vlan1 than a problem with 15.x
If you change the native Vlan on the port to another vlan - does it then pass traffic tagged on vlan1?

Compare the output of show int gi0/15 switchport on both versions. The command should be exactly the same between versions.

Nick

-----Original Message-----
From: cisco-nsp <cisco-nsp-bounces at puck.nether.net> On Behalf Of John Osmon
Sent: Sunday, August 26, 2018 12:48 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] VLAN 1 troubles?

This message originates from outside of your organisation.

I've got a 3560 switch in a lab situation that I'm looking for insight.

I have a virtualization host hung off of a trunking port.  VMs on this platform are able to communicate over any VLAN if I'm running a 12.2 image.

As soon as I change to a 15.0 image, packets for VLAN1 no longer pass the switch port -- but all other VLANs do.  This is true whether the packets are explicitly tagged as VLAN 1, or if I leave them "native."

I have means to work around the issue, but it's bugging me...

Is there some esoteric change between IOS 12 and IOS 15?
Is there something I've been doing wrong for years with IOS switches?
Am I hitting a bug?
Do I just need to get rid of this test switch and get something more modern for a lab switch?


Switch details:
 model:         WS-C3560G-24TS
 working image: c3560-advipservicesk9-mz.122-25.SEE2.bin
 failing image: c3560-ipservicesk9-mz.150-2.SE10.bin
 port config:
   interface GigabitEthernet0/15
    switchport trunk encapsulation dot1q
    switchport mode trunk


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list