RE: HELP on 4 port etherswitch module.

From: Biggs, Jeff \(M/CIO/BIE\) (JBiggs@usaid.gov)
Date: Fri Nov 16 2007 - 09:43:34 ART

• Next message: subodh.rawat@wipro.com: "RE: CCIE 19366"
• Previous message: Joel Amao: "RE: CCIE 19366"
• Maybe in reply to: Biggs, Jeff \(M/CIO/BIE\): "HELP on 4 port etherswitch module."
• Next in thread: Biggs, Jeff \(M/CIO/BIE\): "RE: HELP on 4 port etherswitch module."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

But the interfaces are not trunking; they are in access mode, so why
would dot1q come into play here?

Jeffrey Biggs

Sr. Network Engineer

USAID

M/CIO/BIE

240-646-5003

jbiggs@usaid.gov <mailto:jbiggs@usaid.gov>

From: Tarun Pahuja [mailto:pahujat@gmail.com]
Sent: Friday, November 16, 2007 2:10 AM
To: Biggs, Jeff (M/CIO/BIE)
Cc: ccielab@groupstudy.com
Subject: Re: HELP on 4 port etherswitch module.

Ask him if the software supports dot1q trunking. If yes, Send the
interesting traffic in Native Vlan. The concept of Native vlan was
included with dot1q in the initial draft to accommodate backward
compatibility with devices that did not understand or support tagging,
hence native vlan.

HTH,

Tarun

On Nov 15, 2007 8:10 PM, Biggs, Jeff (M/CIO/BIE) <JBiggs@usaid.gov>
wrote:

I have a security person that has a tap on one of our connections that
is hanging off of one of our 4 port Etherswitch modules on a 2811. The
source side from our router is the 192.168 side of the connection. The
complaint from the security person is that they would like the "vlan
tag" removed so there tap software can group the traffic better (go
figure). I believe this is the nature of this card and that there is
nothing we can do about it, but would like to verify this with
documentation if it is out there. Anyone have any ideas?

Router config:

interface FastEthernet0/0/1

 description <<FW01>>

 switchport access vlan 48

!

interface FastEthernet0/0/2

 description <<FW02>>

 switchport access vlan 48

!

interface FastEthernet0/0/3

 shutdown

!

interface Vlan1

 no ip address

!

interface Vlan48

 ip address 192.168.48.1 <http://192.168.48.1/> 255.255.255.0
<http://255.255.255.0/>

This is what the TAP is seeing:

13:54:41.822389 IP 11.1.11.1.www > 192.168.46.2.53081: . ack 295 win 432

13:54: 41.822838 IP 11.1.11.1.www > 192.168.46.2.53081: P 1:545(544) ack
295 win 432

13:54:41.822842 IP 11.1.11.1.www > 192.168.46.2.53081: F 545:545(0) ack
295 win 432

13:54:41.829957 vlan 48, p 0, IP 192.168.46.2.53081 > 11.1.11.1.www: .
ack 546 win 16378

13:54:41.830001 vlan 48, p 0, IP 192.168.46.2.53081 > 11.1.11.1.www: F
295:295(0) ack 546 win 16378

13:54:41.831561 vlan 48, p 0, IP 192.168.46.2.53082 > 11.1.11.1.www: S
417069398

Jeffrey Biggs

Sr. Network Engineer

USAID

M/CIO/BIE

240-646-5003

jbiggs@usaid.gov <mailto: jbiggs@usaid.gov>

• Next message: subodh.rawat@wipro.com: "RE: CCIE 19366"
• Previous message: Joel Amao: "RE: CCIE 19366"
• Maybe in reply to: Biggs, Jeff \(M/CIO/BIE\): "HELP on 4 port etherswitch module."
• Next in thread: Biggs, Jeff \(M/CIO/BIE\): "RE: HELP on 4 port etherswitch module."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:30 ART