From: Connary, Julie Ann (jconnary@xxxxxxxxx)
Date: Sat Jan 20 2001 - 12:05:16 GMT-3
Hi All - CDP is running amuck and won't stop even with a reboot.
I did a set cdp disable all on my catalyst and I still have these snap
packets:
17:54:30: CSM: smac 0006.f418.e71d, dmac 8000.3033.3333, ssap AA, dsap AA
17:54:30: BR0 DDR: ip (s=170.100.3.1, d=170.100.25.2), 170 bytes, outgoing
inter
esting (ip PERMIT)
17:54:30: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 112
17:54:30: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 112 from DLSw Port0
17:54:30: CSM: smac 0006.f418.e71d, dmac 8000.3000.0000, ssap AA, dsap AA
17:54:30: BR0 DDR: ip (s=170.100.3.1, d=170.100.25.2), 212 bytes, outgoing inte
So I disabled spantree on my catalyst - still have the packets.
So I translated the address back to ethernet format:
8--->1 and 3--->c
0100.0ccc.cccc
0100.0c00.0000
did a search on CCO and found:
so CDP can run on all
media that support SNAP, such as LAN media, Frame Relay, and ATM.
The SNAP format is as follows:
LLC--0xAAAA03
Org ID--0x00000C
HDLC protocol type--0x2000
CDP sends packets on LANs using the multicast address 0100.0CCC.CCCC.
Because CDP does not run on top of any network layer, but rather runs only
over the data link layer, two systems that support different network layer
protocols can
use CDP to learn about each other.
For more information about the format of CDP frames, see the "Frame
Formats" appendix.
I then went to the catalyst and did a show cdp and it knows about the
routers on the other side of the DLSW link. So I disabled CDP all
and rebooted the catalyst this time.
And still those stupid snap packets:
cat (enable)
cat (enable)
cat (enable) show cdp neighbor
No entry found.
cat (enable) show cdp port 3/1
Port CDP Status Message-Interval
-------- ---------- ----------------
3/1 disabled 60
cat (enable)
Well - they are definitely cdp and I have disabled CDP on every router and
the catalyst.
So I looked up the other address - it appears to be isl. So I checked the
catalyst again and removed
all my vlans from the isl trunk that is on port 2/1 on my ATM card.
Then I did a show cam system:
cat (enable) show cam system
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = P
ort Security Entry
VLAN Dest MAC/Route Des Destination Ports or VCs / [Protocol Type]
---- ------------------ ----------------------------------------------------
1 00-10-1f-8a-b7-ff# 1/3
1 01-00-0c-cc-cc-cc# 1/3
1 01-00-0c-ee-ee-ee# 1/3
2 01-00-0c-cc-cc-cc# 1/3
2 01-00-0c-dd-dd-dd# 1/3
3 01-00-0c-cc-cc-cc# 1/3
3 01-00-0c-dd-dd-dd# 1/3
6 01-00-0c-cc-cc-cc# 1/3
6 01-00-0c-dd-dd-dd# 1/3
Total Matching CAM Entries Displayed = 9
And I notice that that bloody MAC address is still there. Still trying to
figure out how to read this table.
yuck -
Julie Ann
At 02:57 PM 1/19/2001 -0800, you wrote:
>I think CDP uses snap ?
>
>
>Philip G. Virnoche CCNA
>Network Engineer - AT&T Wireless
>phone: 425.580.5239
>cell: 206.601.3134
>
>"HAM AND EGGS - A day's work for a chicken; A lifetime commitment for a
>pig."
>
>
>-----Original Message-----
>From: Connary, Julie Ann [mailto:jconnary@cisco.com]
>Sent: Friday, January 19, 2001 2:38 PM
>To: ccielab@groupstudy.com
>Subject: unidentified snap frame from catalyst keeping up isdn between
>dlsw peers
>
>
>Hi,
>
>can anyone tell me what these snap frames originating from a catalyst and
>going between my DLSW peers are:
>
>
>01:58:53: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 70 from DLSw Port0
>01:58:53: CSM: smac 0006.f418.e71d, dmac 8000.3033.3333, ssap AA, dsap AA
>01:58:53: BR0 DDR: ip (s=170.100.3.1, d=170.100.25.2), 170 bytes, outgoing
>inter
>esting (ip PERMIT)
>01:58:53: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 112
>
>
>They are definitely SNAP frames and the are being sourced from the Catalyst
>I am using
>to setup ethernet vlans in my test networks.
>
>Are these Bridge BPDU's?
>
>Can they be safely filtered?
>
>I am doing some ddr testing for dlsw and I have determined that:
>
>1. you need to do dlsw netbios-keepalive-filter on both peers on either
>side of the isdn link
>2. you need to set the keepalive to 0 and the timeout to 90 on your remote
>peers.
>
>This will keep your link quiet, your netbios connection up and when other
>interesting traffic between the DLSW peers
>comes along, correctly invoke the isdn line.
>
>However these pesky snap packets are in the way. I notice that all my
>peers see the catalysts in their reachability
>cache's.
>
>Julie Ann
>------------------------------------------------------------------------
> Julie Ann Connary
> | | Network Consulting Engineer
> ||| ||| Federal Support Program
> .|||||. .|||||. 13635 Dulles Technology Drive,
>Herndon VA 20171
> .:|||||||||:.:|||||||||:. Pager: 1-888-642-0551
> c i s c o S y s t e m s Email: jconnary@cisco.com
>
>------------------------------------------------------------------------
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:36 GMT-3