RE: Redundant Dot1Q Tunnels from Antonio Soares on 2013-02-26 (Ccielab archives 02/2013)

From: Antonio Soares <amsoares_at_netcabo.pt>
Date: Tue, 26 Feb 2013 10:57:41 -0000

VLAN100 is the MetroTag that I want to transport across the SP network to
the remote site.

Do you see a solution to the problem ?

Regards,

Antonio Soares, CCIE #18473 (R&S/SP)
amsoares_at_netcabo.pt
http://www.ccie18473.net

-----Original Message-----
From: Brian Dennis [mailto:bdennis_at_ine.com]
Sent: terga-feira, 26 de Fevereiro de 2013 03:18
To: Antonio Soares; 'Cisco certification'
Subject: Re: Redundant Dot1Q Tunnels

Is there a reason the same VLAN 100 is used on the PE switch's interfaces to
the CE switch?

--
Brian Dennis, CCIEx5 #2210 (R&S/ISP-Dial/Security/SP/Voice) bdennis_at_ine.com
INE, Inc.
http://www.INE.com
On 2/25/13 7:06 PM, "Antonio Soares" <amsoares_at_netcabo.pt> wrote:
>Hello group,
>
>I have requirement that needs redundant Dot1Q Tunnels between switches:
>
>SW1===FastEthernet===SW2
>SW1===GigabitEthernet===SW2
>
>SW1 is configured with normal dot1q trunks. SW2 is configured with 
>dot1q tunnel.
>
>I made a test in the lab and this setup creates a spanning-tree loop. 
>This is because SW2 has bpdu filtering enabled. And this is internal, 
>the command "spanning-tree bpdufilter disable" doesn't have any effect.
>
>In the lab I made the test with FastEthernet interfaces only:
>
>SW1===F0/13===F0/13===SW2
>SW1===F0/14===F0/14===SW2
>
>+++++++++++++++++
>SW1 the CE switch
>+++++++++++++++++
>SW1#sh run int f0/13
>Building configuration...
>
>Current configuration : 150 bytes
>!
>interface FastEthernet0/13
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 10,20
> switchport mode trunk
> load-interval 30
>end
>
>SW1#sh run int f0/14
>Building configuration...
>
>Current configuration : 150 bytes
>!
>interface FastEthernet0/14
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 10,20
> switchport mode trunk
> load-interval 30
>end
>
>SW1#
>
>+++++++++++++++++
>SW2 the PE switch
>+++++++++++++++++
>SW2#sh run int f0/13
>Building configuration...
>
>Current configuration : 140 bytes
>!
>interface FastEthernet0/13
> switchport access vlan 100
> switchport mode dot1q-tunnel
> no cdp enable
> spanning-tree bpdufilter enable
>end
>
>SW2#
>SW2#sh run int f0/14
>Building configuration...
>
>Current configuration : 141 bytes
>!
>interface FastEthernet0/14
> switchport access vlan 100
> switchport mode dot1q-tunnel
> no cdp enable
> spanning-tree bpdufilter disable
>end
>
>SW2#
>
>+++++++++++++++++
>bpdufilter disable has no effect
>+++++++++++++++++
>SW2#sh spanning-tree int f0/13 detail
> Port 15 (FastEthernet0/13) of VLAN0100 is designated forwarding
>   Port path cost 19, Port priority 128, Port Identifier 128.15.
>   Designated root has priority 32868, address 000f.f76d.ac80
>   Designated bridge has priority 32868, address 001f.2711.d580
>   Designated port id is 128.15, designated path cost 19
>   Timers: message age 0, forward delay 0, hold 0
>   Number of transitions to forwarding state: 1
>   Link type is point-to-point by default
>   Bpdu filter is enabled internally <-----------------------------
>   BPDU: sent 0, received 0
>SW2#
>SW2#sh spanning-tree int f0/14 detail
> Port 16 (FastEthernet0/14) of VLAN0100 is designated forwarding
>   Port path cost 19, Port priority 128, Port Identifier 128.16.
>   Designated root has priority 32868, address 000f.f76d.ac80
>   Designated bridge has priority 32868, address 001f.2711.d580
>   Designated port id is 128.16, designated path cost 19
>   Timers: message age 0, forward delay 0, hold 0
>   Number of transitions to forwarding state: 1
>   Link type is point-to-point by default
>   Bpdu filter is enabled internally <-----------------------------
>   BPDU: sent 0, received 0
>SW2#
>
>This creates a loop, both SW1 and SW2 are forwarding on both links for 
>all vlans involved (10 and 20 on the CE side and 100 on the PE side).
>
>This is the kind of messages we never want to see in our lives but it 
>happens :)
>
>*Mar  1 01:26:53.402: %SW_MATM-4-MACFLAP_NOTIF: Host 0011.21c4.5d00 in 
>vlan
>10 is flapping between port Fa0/13 and port Fa0/14 *Mar  1 
>01:26:53.947: %SW_MATM-4-MACFLAP_NOTIF: Host 0011.21c4.5d00 in vlan
>20 is flapping between port Fa0/13 and port Fa0/14
>
>
>In the real scenario, I have a 1Gbps link between the switches and a 
>200Mbps port-channel as well. The objective is to have the 200M backup 
>if the 1G fails.
>
>If I'm not wrong, this is impossible to achieve. Or am I missing 
>something ?
>
>
>Thanks.
>
>Regards,
>
>Antonio Soares, CCIE #18473 (R&S/SP)
>amsoares_at_netcabo.pt
>http://www.ccie18473.net
>
>
>Blogs and organic groups at http://www.ccie.net
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net

Received on Tue Feb 26 2013 - 10:57:41 ART

This archive was generated by hypermail 2.2.0 : Fri Mar 01 2013 - 07:57:58 ART