Re: IE Lab9 Task 1.7 L2 Tunnel

From: ISolveSystems (support@isolvesystems.com)
Date: Wed Aug 29 2007 - 09:13:43 ART

Same here. I was wondering why it was so quiet.....

On 8/29/07, CCIE 19999 <ccie@iprimus.com.au> wrote:
>
> Hi,
>
> Do you guys receiving the list emails? I have no list e-mails since the
> last
> 24 hours.
>
> Thanks,
> Shine
>
> -----Original Message-----
> From: Joseph Brunner [mailto:joe@affirmedsystems.com]
> Sent: Wednesday, 29 August 2007 12:29 AM
> To: 'Gregory Gombas'; 'ISolveSystems'
> Cc: 'CCIE 19999'; 'Cisco certification'
> Subject: RE: IE Lab9 Task 1.7 L2 Tunnel
>
> Thanks Greg.
>
> This should give everyone an example of something required to pass the
> CCIE
> lab- CREATIVITY. You need to improvise and make decisions on the fly,
> fast.
>
> If it's not working with one vlan, make a second vlan. Make sure those
> vlans
> are allowed on trunks if we are doing switchport trunk vlan allowed, etc.
>
> -Joe
>
> -----Original Message-----
> From: Gregory Gombas [mailto:ggombas@gmail.com]
> Sent: Tuesday, August 28, 2007 10:24 AM
> To: ISolveSystems
> Cc: Joseph Brunner; CCIE 19999; Cisco certification
> Subject: Re: IE Lab9 Task 1.7 L2 Tunnel
>
> Thanks for trying this out. I'm not exactly sure how it works myself.
> Are you saying the packet is sent out of both links on the far end?
>
> But you and Joe are correct and it would make sense to have two vlans
> to keep the traffic separate for each link and support the
> point-to-point design.
>
> Also as a side note PAGP did not work when I was using the single
> vlan, probably the same reason - packets send out both links and
> trying to negotiate with the wrong interface on the far end...
>
> On 8/27/07, ISolveSystems <support@isolvesystems.com> wrote:
> > Greg,
> > I tried one VLAN and it worked. However, two VLANs are needed according
> to
> > DocCD. I think the receiving end would get duplicate packets if one
> vlan
> is
> > configured.
> >
> > The task didn't say vlan 100 only. That's why I added 101...
> >
> >
> >
> > On 8/27/07, Gregory Gombas <ggombas@gmail.com> wrote:
> > > Here is the config I used which worked perfectly with one vlan. I
> > > verified with show etherchannel summary, my EIGRP neighbors
> > > established, and I could ping across with no loss:
> > >
> > > SW1:
> > > interface FastEthernet0/17,18,20,21
> > > switchport access vlan 100
> > > switchport mode access
> > > l2protocol-tunnel cdp
> > > l2protocol-tunnel stp
> > > l2protocol-tunnel vtp
> > > no cdp enable
> > >
> > > SW3:
> > > interface Port-channel1
> > > no switchport
> > > ip address 148.8.1.9 255.255.255.0
> > > !
> > > interface FastEthernet0/14
> > > no switchport
> > > no ip address
> > > channel-group 1 mode on
> > > !
> > > interface FastEthernet0/15
> > > no switchport
> > > no ip address
> > > channel-group 1 mode on
> > >
> > > SW4:
> > > interface Port-channel1
> > > no switchport
> > > ip address 148.8.1.10 255.255.255.0
> > > !
> > > interface FastEthernet0/14
> > > no switchport
> > > no ip address
> > > channel-group 1 mode on
> > > !
> > > interface FastEthernet0/15
> > > no switchport
> > > no ip address
> > > channel-group 1 mode on
> > >
> > > Notice I am not using the switchport mode dot1q-tunnel command. I'm
> > > not sure why that is needed considering you are not using dot1q
> > > trunks?
> > >
> > > Also aren't you breaking the task requirement by adding 2 additional
> > > vlans instead of 1? I know thats what it does in the solution guide
> > > but these points are not addressed.
> > >
> > > Hopefully one of the Brian's can comment here...
> > >
> > > Thanks
> > >
> > > On 8/26/07, Joseph Brunner <joe@affirmedsystems.com> wrote:
> > > > I tried to get it going as the task hinted, with 1 vlan only. The
> > channel's
> > > > kept bouncing and pings were not successful. I realized how
> etherchannel
> > is
> > > > a POINT TO POINT technology. Using 1 vlan for "both dot1q tunnels"
> would
> > > > break that point to point technology, and make it running
> etherchannel
> > via
> > > > hub (of sorts)...
> > > >
> > > > I did it with 2 vlans, and it worked, so I verified, add the points
> and
> > kept
> > > > going.
> > > >
> > > > LOL
> > > >
> > > > -Joe
> > > >
> > > > -----Original Message-----
> > > > From: CCIE 19999 [mailto:ccie@iprimus.com.au]
> > > > Sent: Sunday, August 26, 2007 7:32 PM
> > > > To: 'Joseph Brunner'; 'Gregory Gombas'; 'Cisco certification'
> > > > Subject: RE: IE Lab9 Task 1.7 L2 Tunnel
> > > >
> > > > Joe,
> > > >
> > > > When you apply the command L2protocol-tunnel cdp, the end ports
> would
> > see
> > > > each other directly connected. Isn't it? Also, the task says, IF YOU
> > NEED
> > > > ANY ADDITIONAL VLANS, then use 100. And you are using 100 and 101.
> Is
> > that a
> > > > correct approach?
> > > >
> > > > So in my opinion, of you can get this working without using any
> > additional
> > > > vlans, the solutions must be correct.
> > > >
> > > > Any addional thoughts welcome.
> > > >
> > > > Regards,
> > > > Shine
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > > > Joseph Brunner
> > > > Sent: Monday, 27 August 2007 8:36 AM
> > > > To: 'Gregory Gombas'; 'Cisco certification'
> > > > Subject: RE: IE Lab9 Task 1.7 L2 Tunnel
> > > >
> > > > Because they are asking you to make the logical topology do one
> thing,
> > > > (two DIRECT links between Sw3 & Sw4 using the stated ports), when in
> the
> > > > physical topology those ports are indeed going to SW1.
> > > >
> > > > So SW1 must be INVISIBLE between SW3 & 4 on this L3 ether-channel
> link.
> > > >
> > > > >I was able to get this working simply with the l2protocol tunnel
> > > > >command on the middle switch with the ports in access mode.
> > > >
> > > > Read the task again, Look at where they say "if an additional VLAN
> is
> > needed
> > > > use VLAN 100"... This should give you the hint you need to approach
> this
> > > > task - Dot1q-tunnel mode on SW1, the intermediary...
> > > >
> > > > Look at the solution where they use VLAN 100 + VLAN 101 as each
> > > > "link" between SW3 and SW4 needs an intermediary vlan to tunnel the
> > > > etherchannel on. I tried this task without making two vlans and the
> > channel
> > > > didn't work properly. Originally, I just tried to use VLAN 100 on
> all
> 4
> > > > ports of SW1. I realized the channeling was getting confused and it
> was
> > > > looping traffic. I created a second vlan (like they did, 101) and
> the
> > > > channel did come up fine.
> > > >
> > > > With your solution, what was your verification you had completed the
> > task?
> > > > Did you verify on SW3 & SW4 "show etherchannel summary" ?
> > > > Did you verify on SW1 "show interface switch | beg 0/17 ?
> > > > Did you verify on SW1 "show interface switch | beg 0/18 ?
> > > > Did you verify on SW1 "show interface switch | beg 0/20 ?
> > > > Did you verify on SW1 "show interface switch | beg 0/21 ?
> > > >
> > > >
> > > > -Joe
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com ] On
> Behalf
> Of
> > > > Gregory Gombas
> > > > Sent: Sunday, August 26, 2007 5:38 PM
> > > > To: Cisco certification
> > > > Subject: IE Lab9 Task 1.7 L2 Tunnel
> > > >
> > > > The task requires you to connect two switches via a layer 3
> > > > etherchannel by tunneling through another switch in the middle.
> > > >
> > > > The solution states to use this config on the middle switch:
> > > > switchport mode dot1q-tunnel
> > > > l2protocol tunnel cdp
> > > >
> > > > My question is why are they using a dot1q-tunnel when the end
> switches
> > > > are not even using dot1q encapsulation (they are layer 3 ports)?
> > > > I was able to get this working simply with the l2protocol tunnel
> > > > command on the middle switch with the ports in access mode.
> > > >
> > > >
> > _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> > > >
> > > >
> > _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:13 ART