Pages

network cisco ccna gns3 certification arteq

network cisco ccna gns3 certification arteq
a network runs through it

Search insearchofthecert

Monday, February 4, 2013

native vlan and control traffic...

i got involved in a thread on cln here:

https://learningnetwork.cisco.com/message/279101#279101

on that link you can download a packet capture that i attached...

i've read recently some conflicting ideas about the tagging of control traffic when vlan 1 is not present... my original thought sided with marko that l2 control traffic belonged to the switch.. here is marko's post:

http://blog.ipexpert.com/2011/01/19/old-ccie-myths-vlan-1/

he explores this idea at length, but this idea is incorrect...

this idea is refuted here:

http://www.fragmentationneeded.net/2011/01/revisiting-vlan-1-myth-again.html

and from the horse's mouth here:

(from Cisco Lan Switching Fundamentals)

It is important to understand the significance of VLAN 1. By default, all switch ports are part of VLAN 1. VLAN 1 contains control plane traffic and can contain user traffic. It is recommended that user traffic be configured on VLANs other than VLAN 1, primarily to prevent unnecessary user broadcast and multicast traffic from being processed by the Network Management Processor (NMP) of the supervisor. Although VLAN 1 user traffic can be pruned from a trunk, it is not the case with control plane traffic. In fact, in older Cisco Catalyst Software versions (5.4 or earlier), VLAN 1 could not be removed at all from a trunk. Control plane traffic such as VTP, CDP, and PAgP protocols are tagged with VLAN 1 information and are forwarded on a trunk regardless if the trunk has pruned VLAN 1.


naturally, i wanted to do my own testing, but my caps never showed tagging... i was using a dhcp windows client for monitoring and in the back of my mind my thought was that i'd never see dot1q tags because my windows nic simply didn't support tagging, therefore wouldn't show in the cap...  well, breaking my current working topology was an annoying idea simply to prove that so i moved on with what i was currently working at the time...

this morning, of course, it was nagging me so i had to be sure... turns out that is correct... dot1q tags don't show up in my windows box caps, but they do with the linux caps...

note on dsw1 in the below output that vlan 1 is not included in trunking...

dsw1#sh int trunk                                                              
                                                                               
Port        Mode             Encapsulation  Status        Native vlan          
Po1         on               802.1q         trunking      200                  
Po2         on               802.1q         trunking      200                  
                                                                               
Port        Vlans allowed on trunk                                             
Po1         10,20,200                                                          
Po2         10,20,200                                                          
                                                                               
Port        Vlans allowed and active in management domain                      
Po1         10,20,200                                                          
Po2         10,20,200                                                          
                                                                               
Port        Vlans in spanning tree forwarding state and not pruned             
Po1         10,20,200                                                          
Po2         10,20,200               

in the cap below note that the control traffic is tagged with vlan 1...


in fact all of the control traffic in the cap is tagged 1... but see for yourself, download the cap from the link and draw your own conclusions... also note that the cap is from the tshoot topology, which means that all supported protocols are represented as they would appear in cisco's topology...  naturally it is my representation of that topology; it is not gospel...

have fun...

note about topology: vlan's 4 and 8 support the gns3 environment onto the switched network... so don't let those qinq's confuse you...

Posted by arteq at Monday, February 04, 2013
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)