From: Dhanaseker Kandhasamy (dkandhas@xxxxxxxxx)
Date: Sun Jan 21 2001 - 01:57:03 GMT-3
Did you try setting vtp to transparent mode ?
Dhans
At 10:05 AM 1/20/01 -0500, Connary, Julie Ann wrote:
>Hi All - CDP is running amuck and won't stop even with a reboot.
>
>
>I did a set cdp disable all on my catalyst and I still have these snap
>packets:
>
>17:54:30: CSM: smac 0006.f418.e71d, dmac 8000.3033.3333, ssap AA, dsap AA
>17:54:30: BR0 DDR: ip (s=170.100.3.1, d=170.100.25.2), 170 bytes, outgoing
>inter
>esting (ip PERMIT)
>17:54:30: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 112
>17:54:30: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 112 from DLSw Port0
>17:54:30: CSM: smac 0006.f418.e71d, dmac 8000.3000.0000, ssap AA, dsap AA
>17:54:30: BR0 DDR: ip (s=170.100.3.1, d=170.100.25.2), 212 bytes, outgoing
>inte
>
>So I disabled spantree on my catalyst - still have the packets.
>
>So I translated the address back to ethernet format:
>
>8--->1 and 3--->c
>
>0100.0ccc.cccc
>0100.0c00.0000
>
>did a search on CCO and found:
>
>so CDP can run on all
>media that support SNAP, such as LAN media, Frame Relay, and ATM.
>
>The SNAP format is as follows:
>
> LLC--0xAAAA03
>
> Org ID--0x00000C
>
> HDLC protocol type--0x2000
>
>CDP sends packets on LANs using the multicast address 0100.0CCC.CCCC.
>
>Because CDP does not run on top of any network layer, but rather runs only
>over the data link layer, two systems that support different network layer
>protocols can
>use CDP to learn about each other.
>
>For more information about the format of CDP frames, see the "Frame
>Formats" appendix.
>
>I then went to the catalyst and did a show cdp and it knows about the
>routers on the other side of the DLSW link. So I disabled CDP all
>and rebooted the catalyst this time.
>
>And still those stupid snap packets:
>
>cat (enable)
>cat (enable)
>cat (enable) show cdp neighbor
>No entry found.
>cat (enable) show cdp port 3/1
>Port CDP Status Message-Interval
>-------- ---------- ----------------
> 3/1 disabled 60
>cat (enable)
>
>Well - they are definitely cdp and I have disabled CDP on every router and
>the catalyst.
>
>So I looked up the other address - it appears to be isl. So I checked the
>catalyst again and removed
>all my vlans from the isl trunk that is on port 2/1 on my ATM card.
>
>Then I did a show cam system:
>
>cat (enable) show cam system
>* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
>X = P
>ort Security Entry
>
>VLAN Dest MAC/Route Des Destination Ports or VCs / [Protocol Type]
>---- ------------------ ----------------------------------------------------
>1 00-10-1f-8a-b7-ff# 1/3
>1 01-00-0c-cc-cc-cc# 1/3
>1 01-00-0c-ee-ee-ee# 1/3
>2 01-00-0c-cc-cc-cc# 1/3
>2 01-00-0c-dd-dd-dd# 1/3
>3 01-00-0c-cc-cc-cc# 1/3
>3 01-00-0c-dd-dd-dd# 1/3
>6 01-00-0c-cc-cc-cc# 1/3
>6 01-00-0c-dd-dd-dd# 1/3
>Total Matching CAM Entries Displayed = 9
>
>And I notice that that bloody MAC address is still there. Still trying to
>figure out how to read this table.
>
>yuck -
>
>Julie Ann
>
>
>
>
>At 02:57 PM 1/19/2001 -0800, you wrote:
> >I think CDP uses snap ?
> >
> >
> >Philip G. Virnoche CCNA
> >Network Engineer - AT&T Wireless
> >phone: 425.580.5239
> >cell: 206.601.3134
> >
> >"HAM AND EGGS - A day's work for a chicken; A lifetime commitment for a
> >pig."
> >
> >
> >-----Original Message-----
> >From: Connary, Julie Ann [mailto:jconnary@cisco.com]
> >Sent: Friday, January 19, 2001 2:38 PM
> >To: ccielab@groupstudy.com
> >Subject: unidentified snap frame from catalyst keeping up isdn between
> >dlsw peers
> >
> >
> >Hi,
> >
> >can anyone tell me what these snap frames originating from a catalyst and
> >going between my DLSW peers are:
> >
> >
> >01:58:53: CSM: Received CLSI Msg : UDATA_STN.Ind dlen: 70 from DLSw Port0
> >01:58:53: CSM: smac 0006.f418.e71d, dmac 8000.3033.3333, ssap AA, dsap AA
> >01:58:53: BR0 DDR: ip (s=170.100.3.1, d=170.100.25.2), 170 bytes, outgoing
> >inter
> >esting (ip PERMIT)
> >01:58:53: DLSW Received-ctlQ : CLSI Msg : UDATA_STN.Ind dlen: 112
> >
> >
> >They are definitely SNAP frames and the are being sourced from the Catalyst
> >I am using
> >to setup ethernet vlans in my test networks.
> >
> >Are these Bridge BPDU's?
> >
> >Can they be safely filtered?
> >
> >I am doing some ddr testing for dlsw and I have determined that:
> >
> >1. you need to do dlsw netbios-keepalive-filter on both peers on either
> >side of the isdn link
> >2. you need to set the keepalive to 0 and the timeout to 90 on your remote
> >peers.
> >
> >This will keep your link quiet, your netbios connection up and when other
> >interesting traffic between the DLSW peers
> >comes along, correctly invoke the isdn line.
> >
> >However these pesky snap packets are in the way. I notice that all my
> >peers see the catalysts in their reachability
> >cache's.
> >
> >Julie Ann
> >------------------------------------------------------------------------
> > Julie Ann Connary
> > | | Network Consulting Engineer
> > ||| ||| Federal Support Program
> > .|||||. .|||||. 13635 Dulles Technology Drive,
> >Herndon VA 20171
> > .:|||||||||:.:|||||||||:. Pager: 1-888-642-0551
> > c i s c o S y s t e m s Email: jconnary@cisco.com
> >
> >------------------------------------------------------------------------
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:37 GMT-3