Re: Cisco 3560 - behavior from Steve Di Bias on 2011-04-11 (Ccielab archives 04/2011)

From: Steve Di Bias <sdibias_at_gmail.com>
Date: Mon, 11 Apr 2011 12:58:19 -0700

Narbik & Muzammil I stand corrected, so thank you for pointing that out.

To lab this up I followed Narbik's advice and created an SVI on the switch
for VLAN 100 with an IP address of 1.1.1.2/24.

Of course my pings to 1.1.1.1 failed as you can see here

Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:

3w3d: IP: tableid=0, s=1.1.1.2 (local), d=1.1.1.1 (Vlan100), routed via RIB
3w3d: IP: s=1.1.1.2 (local), d=1.1.1.1 (Vlan12), len 100, sending.
3w3d: IP: s=1.1.1.2 (local), d=1.1.1.1 (Vlan12), len 100, encapsulation
failed

Once I added the "native" keyword to the routers sub-interface my pings were
successful

3w3d: IP: tableid=0, s=1.1.1.2 (local), d=1.1.1.1 (Vlan100), routed via RIB
3w3d: IP: s=1.1.1.2 (local), d=1.1.1.1 (Vlan100), len 100, sending
3w3d: IP: s=1.1.1.2 (local), d=1.1.1.1 (Vlan100), len 100, sending full
packet
3w3d: IP: s=1.1.1.1 (Vlan100), d=1.1.1.2, len 100, rcvd 1

I'm not ashamed to say I was incorrect in my answer, and I wasn't
intentionally making fun of the original poster, however I would have
expected him to have at least researched it or tested this in a lab
environment first.

If it came off that way I do apologize

Happy labbing!

On Mon, Apr 11, 2011 at 12:20 PM, Narbik Kocharians <narbikk_at_gmail.com>wrote:

> Totally agreed, you can actually test it by labbing it up. All you need is
> a router and a switch.
> Configure the router with:
>
> Int F0/0
> No shut
> Int F0/0.1
> Encap dot 100
> ip addr 1.1.1.1 /24
>
> Configure the switch with:
> Int F0/1 ------ Let's say this is the port that he router is connected to
> swi mode acc
> swi acc v 100
> no shut
>
> Once you test it, you will never forget it.
> To send untagged frames, just add the "Native" keyword.
>
> On Mon, Apr 11, 2011 at 12:13 PM, Muzammil Malick <malickmuz_at_gmail.com>wrote:
>
>> So are you saying that an access port today will accept tagged traffic
>> as long as it is tagged with the vlan assigned to the access port?
>>
>> This is contradictory to the documentation and everything else I have
>> read.
>>
>> I had always understood that any tagged traffic will be dropped
>> regardless?
>>
>> On 11 April 2011 20:04, Steve Di Bias <sdibias_at_gmail.com> wrote:
>> > Of course, nobody knows everything, so fair enough.
>> >
>> >
>> >
>> > The behavior today would be to forward any untagged frames or frames
>> tagged
>> > with a vlan id of the access vlan while denying everything else.
>> >
>> >
>> >
>> > This wasn't always the case however, and I believe that older OS
>> versions
>> > will actually forward the tagged frames as well.
>> >
>> >
>> >
>> >
>> >
>> > On Mon, Apr 11, 2011 at 11:39 AM, Stephen Robinson <
>> > stephen.robinson_at_qtzl.com> wrote:
>> >
>> >> Sounds like none of you know the answer either... HaHAHa....
>> >>
>> >> Better to make fun than be productive... :)
>> >>
>> >>
>> >>
>> >> Jagdeesh - sorry for the ridicule of my peers. I speculate (but do
>> not
>> >> know) that you could not pass a vlan tag on an access port but I'm not
>> >> sure
>> >> if it would drop or if it would just strip the tag.
>> >>
>> >> Steve-Max-JP care to step up and try to answer?
>> >>
>> >>
>> >> BTW - a ccie number does not mean you know everything.... And who
>> better
>> >> to ask than other smart people like this list. even Narbik and Scott
>> >> don't know everything (I mean... in theory there may be something
>> that
>> >> they don't know... Of course I can't prove it)
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> > From: JB Poplawski <jb.poplawski_at_gmail.com>
>> >> > Reply-To: JB Poplawski <jb.poplawski_at_gmail.com>
>> >> > Date: Mon, 11 Apr 2011 13:09:07 -0500
>> >> > To: Max Pierson <nmaxpierson_at_gmail.com>
>> >> > Cc: Steve Di Bias <sdibias_at_gmail.com>, "Engr. Jagdeesh. K. Vasvani"
>> >> > <jk_vasvani_at_hotmail.com>, group-study <ccielab_at_groupstudy.com>
>> >> > Subject: Re: Cisco 3560 - behavior
>> >> >
>> >> > I just re-read that... yikes!
>> >> > JB
>> >> >
>> >> > On Mon, Apr 11, 2011 at 12:43 PM, Max Pierson <nmaxpierson_at_gmail.com
>> >
>> >> wrote:
>> >> >>> Does your signature say CCIE?
>> >> >>
>> >> >> Lol, i was thinking the same thing. It must be from a pass4sure cert
>> >> :)
>> >> >>
>> >> >> On Mon, Apr 11, 2011 at 12:18 PM, Steve Di Bias <sdibias_at_gmail.com>
>> >> wrote:
>> >> >>
>> >> >>> Does your signature say CCIE?
>> >> >>> On Apr 11, 2011 9:59 AM, "Engr. Jagdeesh. K. Vasvani" <
>> >> >>> jk_vasvani_at_hotmail.com> wrote:
>> >> >>>> Dear Experts,
>> >> >>>> Would appreciate if anyone could help by clarifying below queries:
>> >> >>>>
>> >> >>>>
>> >> >>>> 1. how would a cisco switch reacts when it receives a tagged Frame
>> on
>> >> an
>> >> >>>> Access Port.
>> >> >>>> 2. Does switch pass each & every frame b/w access ports in vlan x,
>> >> where
>> >> >>> one
>> >> >>>> is configured with " switchport voice vlan x" and other with
>> >> "switchport
>> >> >>>> access vlan x"
>> >> >>>>
>> >> >>>>
>> >> >>>> REgards,
>> >> >>>>
>> >> >>>>
>> >> >>>>
>> >> >>>> Jagdeesh. K. Vasvani
>> >> >>>> CCIE# 28213 (R&S)
>> >> >>>>
>> >> >>>>
>> >> >>>> Blogs and organic groups at http://www.ccie.net
>> >> >>>>
>> >> >>>>
>> >> _______________________________________________________________________
>> >> >>>> Subscription information may be found at:
>> >> >>>> http://www.groupstudy.com/list/CCIELab.html
>> >> >>>
>> >> >>>
>> >> >>> Blogs and organic groups at http://www.ccie.net
>> >> >>>
>> >> >>>
>> _______________________________________________________________________
>> >> >>> Subscription information may be found at:
>> >> >>> http://www.groupstudy.com/list/CCIELab.html
>> >> >>
>> >> >>
>> >> >> Blogs and organic groups at http://www.ccie.net
>> >> >>
>> >> >>
>> _______________________________________________________________________
>> >> >> Subscription information may be found at:
>> >> >> http://www.groupstudy.com/list/CCIELab.html
>> >> >
>> >> >
>> >> > Blogs and organic groups at http://www.ccie.net
>> >> >
>> >> >
>> _______________________________________________________________________
>> >> > Subscription information may be found at:
>> >> > http://www.groupstudy.com/list/CCIELab.html
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>> >>
>> >>
>> >
>> >
>> > --
>> > -Steve Di Bias
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> *Narbik Kocharians
> *CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> www.MicronicsTraining.com <http://www.micronicstraining.com/>
> Sr. Technical Instructor
> *Ask about our FREE Lab Voucher with our Boot Camps*
> YES! We take Cisco Learning Credits!
> Training & Remote Racks available
>
>

-- 
-Steve Di Bias
Blogs and organic groups at http://www.ccie.net

Received on Mon Apr 11 2011 - 12:58:19 ART

This archive was generated by hypermail 2.2.0 : Sun May 01 2011 - 09:00:29 ART