From: Hobbs (deadheadblues@gmail.com)
Date: Wed Aug 06 2008 - 14:32:21 ART
correction: *CAT2 *sees that cisco proprietary address and knows it was a
tunneled packet.
On Wed, Aug 6, 2008 at 11:31 AM, Hobbs <deadheadblues@gmail.com> wrote:
> I think I found my answer reading the DocCD again:
>
>
> http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_44_se/configuration/guide/swtunnel.html#wp1043351
>
> "When the Layer 2 PDUs that entered the service-provider inbound edge
> switch through a Layer 2 protocol-enabled port exit through the trunk port
> into the service-provider network, the switch overwrites the customer
> PDU-destination MAC address with a well-known Cisco proprietary multicast
> address (01-00-0c-cd-cd-d0)."
>
> This pretty much answers my questions. CAT1 sees that cisco proprietary
> address and knows it was a tunneled packet.
>
> Another good conversation here:
>
> http://www.groupstudy.com/archives/ccielab/200710/msg02522.html
>
>
>
> On Wed, Aug 6, 2008 at 11:09 AM, Hobbs <deadheadblues@gmail.com> wrote:
>
>> Thanks. I admit its hard to ask a question, when your not sure how to ask
>> it :)
>>
>> I will be labbing it again in a few hours in some online rack time. These
>> are notes from my last session and I wanted to get a good understanding
>> before doing it again. fyi, it is actually the beginning of ipexpert's
>> version 10, volume 2, section 5 on l2 protocol tunneling. There will be a
>> couple more switches involved, but this is just the beginning.
>>
>> it's a very interesting lab...just having a hard time grasping the
>> concept.
>>
>>
>>
>> On Wed, Aug 6, 2008 at 11:02 AM, Jonathan Greenwood II <gwood83@gmail.com
>> > wrote:
>>
>>> No I read your questions, and thats my fault. I have to lab it up to
>>> test.
>>>
>>> But my thoughts on question 1: Yes the forwarding behavior would be
>>> correct since you have the l2protocol-tunnel cdp. I haven't used it in that
>>> manner without the switchport mode dot1q-tunnel.
>>> My thoughts on question 2: Yes Dest Mac will be the same.
>>>
>>> My thoughts on question 3: Can you post your output when you do the sh
>>> cdp nei on CAT2 Fa0/23? I think its not showing BB1 as a neighbor on CAT2
>>> Fa0/23 because you are not performing dot1q-tunneling. I don't think a
>>> regular trunk overrides the cdp tunneling behavior but more so its not how
>>> the technology works with that particular configuration.
>>>
>>> I have to lab it up myself to play with that scenario you have setup.
>>> Sorry on my lack up reading earlier but those are my thoughts on your
>>> question.
>>>
>>> R/
>>>
>>> Jonathan
>>> On Wed, Aug 6, 2008 at 11:47 AM, Hobbs <deadheadblues@gmail.com> wrote:
>>>
>>>> Jonathan, it is a question. I am not looking for a command to make it
>>>> work. it is working. please read the entire email. If my question doesn't
>>>> make sense, I can try and rephrase.
>>>>
>>>>
>>>> On Wed, Aug 6, 2008 at 10:42 AM, Jonathan Greenwood II <
>>>> gwood83@gmail.com> wrote:
>>>>
>>>>> Just turn off cdp on that particular port on CAT1 connecting to BB1.
>>>>> "no cdp enable"
>>>>>
>>>>>
>>>>> On Wed, Aug 6, 2008 at 11:37 AM, Hobbs <deadheadblues@gmail.com>wrote:
>>>>>
>>>>>> Thank you for the reply, but I am not having any configuration issues.
>>>>>> It is only a question. I don't want CAT1 to see BB1 as a neighbor, I am just
>>>>>> trying to understand why it doesn't.
>>>>>>
>>>>>> I am not doing dot1q tunneling
>>>>>>
>>>>>>
>>>>>> On Wed, Aug 6, 2008 at 10:32 AM, Jonathan Greenwood II <
>>>>>> gwood83@gmail.com> wrote:
>>>>>>
>>>>>>> You need to change the switchport mode from access to dot1q-tunnel.
>>>>>>>
>>>>>>> On Wed, Aug 6, 2008 at 11:27 AM, Hobbs <deadheadblues@gmail.com>wrote:
>>>>>>>
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> I am trying get my head around a semi-complex protocol tunneling
>>>>>>>> task, but I
>>>>>>>> have some questions on the basics.
>>>>>>>>
>>>>>>>> Here's the topology
>>>>>>>>
>>>>>>>> "Near end host": BB1
>>>>>>>> "Far end switch": CAT2
>>>>>>>>
>>>>>>>> [BB1]f0/1-----f0/11[CAT1]f0/23-----dot1q
>>>>>>>> trunk-----f0/23[CAT2]f0/1-----f0/1[R1]
>>>>>>>>
>>>>>>>> To get cdp tunneling to work (and it does work) I enable this on
>>>>>>>> CAT1 and
>>>>>>>> CAT2 access ports:
>>>>>>>>
>>>>>>>> CAT1:
>>>>>>>> interface f0/11
>>>>>>>> switchport mode access
>>>>>>>> switchport access vlan 100
>>>>>>>> l2protocol-tunneling cdp
>>>>>>>> no cdp enable
>>>>>>>>
>>>>>>>> CAT2:
>>>>>>>> interface f0/1
>>>>>>>> switchport mode access
>>>>>>>> switchport access vlan 100
>>>>>>>> l2protocol-tunneling cdp
>>>>>>>> no cdp enable
>>>>>>>>
>>>>>>>> The trunk between CAT1 and CAT2 carries vlan 100 as well as others.
>>>>>>>>
>>>>>>>> This is what I understand so far:
>>>>>>>>
>>>>>>>> BB1 sends a multicast CDP packet on it's port to CAT1.
>>>>>>>> Since CAT1 has cdp tunneling enabled, it forwards it rather than
>>>>>>>> processes
>>>>>>>> it. Is this correct?
>>>>>>>> CAT1 sends this packet out all trunk links that have vlan 100
>>>>>>>> allowed AND
>>>>>>>> any access ports on VLAN100. Is this correct?
>>>>>>>> The packet still has the cisco CDP destination MAC. Is this correct?
>>>>>>>> The packet is dot1q tagged and sent out port fa0/23 and still has
>>>>>>>> cisco CDP
>>>>>>>> destination MAC address. Is this correct?
>>>>>>>>
>>>>>>>> Question:
>>>>>>>>
>>>>>>>> CAT2 doesn't have tunneling on port fa0/23.
>>>>>>>> Why doesn't CAT2 now process this CDP packet and show BB1 has a CDP
>>>>>>>> neighbor
>>>>>>>> on fa0/23?
>>>>>>>> Does trunking override this behavior?
>>>>>>>> Does CAT2 treat this packet differently because it is a tagged CDP
>>>>>>>> packet?
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>>
>>>>>>>>
>>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________________________________
>>>>>>>> Subscription information may be found at:
>>>>>>>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:29 ART