From: Hobbs (deadheadblues@gmail.com)
Date: Wed Aug 06 2008 - 14:31:22 ART
I think I found my answer reading the DocCD again:
"When the Layer 2 PDUs that entered the service-provider inbound edge switch
through a Layer 2 protocol-enabled port exit through the trunk port into the
service-provider network, the switch overwrites the customer PDU-destination
MAC address with a well-known Cisco proprietary multicast address
(01-00-0c-cd-cd-d0)."
This pretty much answers my questions. CAT1 sees that cisco proprietary
address and knows it was a tunneled packet.
Another good conversation here:
http://www.groupstudy.com/archives/ccielab/200710/msg02522.html
On Wed, Aug 6, 2008 at 11:09 AM, Hobbs <deadheadblues@gmail.com> wrote:
> Thanks. I admit its hard to ask a question, when your not sure how to ask
> it :)
>
> I will be labbing it again in a few hours in some online rack time. These
> are notes from my last session and I wanted to get a good understanding
> before doing it again. fyi, it is actually the beginning of ipexpert's
> version 10, volume 2, section 5 on l2 protocol tunneling. There will be a
> couple more switches involved, but this is just the beginning.
>
> it's a very interesting lab...just having a hard time grasping the concept.
>
>
>
> On Wed, Aug 6, 2008 at 11:02 AM, Jonathan Greenwood II <gwood83@gmail.com>wrote:
>
>> No I read your questions, and thats my fault. I have to lab it up to
>> test.
>>
>> But my thoughts on question 1: Yes the forwarding behavior would be
>> correct since you have the l2protocol-tunnel cdp. I haven't used it in that
>> manner without the switchport mode dot1q-tunnel.
>> My thoughts on question 2: Yes Dest Mac will be the same.
>>
>> My thoughts on question 3: Can you post your output when you do the sh
>> cdp nei on CAT2 Fa0/23? I think its not showing BB1 as a neighbor on CAT2
>> Fa0/23 because you are not performing dot1q-tunneling. I don't think a
>> regular trunk overrides the cdp tunneling behavior but more so its not how
>> the technology works with that particular configuration.
>>
>> I have to lab it up myself to play with that scenario you have setup.
>> Sorry on my lack up reading earlier but those are my thoughts on your
>> question.
>>
>> R/
>>
>> Jonathan
>> On Wed, Aug 6, 2008 at 11:47 AM, Hobbs <deadheadblues@gmail.com> wrote:
>>
>>> Jonathan, it is a question. I am not looking for a command to make it
>>> work. it is working. please read the entire email. If my question doesn't
>>> make sense, I can try and rephrase.
>>>
>>>
>>> On Wed, Aug 6, 2008 at 10:42 AM, Jonathan Greenwood II <
>>> gwood83@gmail.com> wrote:
>>>
>>>> Just turn off cdp on that particular port on CAT1 connecting to BB1.
>>>> "no cdp enable"
>>>>
>>>>
>>>> On Wed, Aug 6, 2008 at 11:37 AM, Hobbs <deadheadblues@gmail.com> wrote:
>>>>
>>>>> Thank you for the reply, but I am not having any configuration issues.
>>>>> It is only a question. I don't want CAT1 to see BB1 as a neighbor, I am just
>>>>> trying to understand why it doesn't.
>>>>>
>>>>> I am not doing dot1q tunneling
>>>>>
>>>>>
>>>>> On Wed, Aug 6, 2008 at 10:32 AM, Jonathan Greenwood II <
>>>>> gwood83@gmail.com> wrote:
>>>>>
>>>>>> You need to change the switchport mode from access to dot1q-tunnel.
>>>>>>
>>>>>> On Wed, Aug 6, 2008 at 11:27 AM, Hobbs <deadheadblues@gmail.com>wrote:
>>>>>>
>>>>>>> Hello,
>>>>>>>
>>>>>>> I am trying get my head around a semi-complex protocol tunneling
>>>>>>> task, but I
>>>>>>> have some questions on the basics.
>>>>>>>
>>>>>>> Here's the topology
>>>>>>>
>>>>>>> "Near end host": BB1
>>>>>>> "Far end switch": CAT2
>>>>>>>
>>>>>>> [BB1]f0/1-----f0/11[CAT1]f0/23-----dot1q
>>>>>>> trunk-----f0/23[CAT2]f0/1-----f0/1[R1]
>>>>>>>
>>>>>>> To get cdp tunneling to work (and it does work) I enable this on CAT1
>>>>>>> and
>>>>>>> CAT2 access ports:
>>>>>>>
>>>>>>> CAT1:
>>>>>>> interface f0/11
>>>>>>> switchport mode access
>>>>>>> switchport access vlan 100
>>>>>>> l2protocol-tunneling cdp
>>>>>>> no cdp enable
>>>>>>>
>>>>>>> CAT2:
>>>>>>> interface f0/1
>>>>>>> switchport mode access
>>>>>>> switchport access vlan 100
>>>>>>> l2protocol-tunneling cdp
>>>>>>> no cdp enable
>>>>>>>
>>>>>>> The trunk between CAT1 and CAT2 carries vlan 100 as well as others.
>>>>>>>
>>>>>>> This is what I understand so far:
>>>>>>>
>>>>>>> BB1 sends a multicast CDP packet on it's port to CAT1.
>>>>>>> Since CAT1 has cdp tunneling enabled, it forwards it rather than
>>>>>>> processes
>>>>>>> it. Is this correct?
>>>>>>> CAT1 sends this packet out all trunk links that have vlan 100 allowed
>>>>>>> AND
>>>>>>> any access ports on VLAN100. Is this correct?
>>>>>>> The packet still has the cisco CDP destination MAC. Is this correct?
>>>>>>> The packet is dot1q tagged and sent out port fa0/23 and still has
>>>>>>> cisco CDP
>>>>>>> destination MAC address. Is this correct?
>>>>>>>
>>>>>>> Question:
>>>>>>>
>>>>>>> CAT2 doesn't have tunneling on port fa0/23.
>>>>>>> Why doesn't CAT2 now process this CDP packet and show BB1 has a CDP
>>>>>>> neighbor
>>>>>>> on fa0/23?
>>>>>>> Does trunking override this behavior?
>>>>>>> Does CAT2 treat this packet differently because it is a tagged CDP
>>>>>>> packet?
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>>>
>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________________________________
>>>>>>> Subscription information may be found at:
>>>>>>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:29 ART