802.1Q Tunnel

From: gladston@br.ibm.com
Date: Mon Aug 08 2005 - 20:46:34 GMT-3

• Next message: Security Candidate: "RE: IP phone 7960 unlock configuration"
• Previous message: Cert it: "real ccie material"
• Next in thread: James Matrisciano: "RE: 802.1Q Tunnel"
• Maybe reply: James Matrisciano: "RE: 802.1Q Tunnel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

Trying to test 802.1Q and L2 protocol Tunneling using the example on the book Practical Studies: Security by Dmitry Bokotey (Case Study 25-3),
but no success.

The book shows that interface status on CAT should be trunking, but when I configure 'switchport mode dot1q-tunnel' it does not trunk.

Any help appreciated.

CDP goes through the tunnel between CAT1 and CAT2:
Rack2R5#sh cdp ne
Rack2R6 Fas 0/0.156 174 R 2621 Fas 0/1.105

But there is no IP connectivity:

Rack2R5#pi 148.5.205.6
.....

Monitor commands:

Rack2CAT1#sh int fa 0/4 trunk
Port Mode Encapsulation Status Native vlan
Fa0/4 off 802.1q not-trunking 1

Rack2CAT1#sh l2protocol-tunnel
Port Protocol Shutdown Drop Encapsulation Decapsulation Drop
                 Threshold Threshold Counter Counter Counter
------- -------- --------- --------- ------------- ------------- -------------
Fa0/4 cdp ---- ---- 138 272 0
        stp ---- ---- 0 0 0
        vtp ---- ---- 0 0 0

Config:

CAT1 and CAT2

interface FastEthernet0/4
 switchport access vlan 20
 switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp

R5

interface FastEthernet0/0.156
 encapsulation dot1Q 156
 ip address 148.5.205.5 255.255.255.0

R6

interface FastEthernet0/0.156
 encapsulation dot1Q 156
 ip address 148.5.205.6 255.255.255.0

More monitor commands:

Rack2CAT1#sh int fa 0/4 sw
Name: Fa0/4
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 20 (VLAN20)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

• Next message: Security Candidate: "RE: IP phone 7960 unlock configuration"
• Previous message: Cert it: "real ccie material"
• Next in thread: James Matrisciano: "RE: 802.1Q Tunnel"
• Maybe reply: James Matrisciano: "RE: 802.1Q Tunnel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:18 GMT-3