ExtremeSwitching (EXOS)

  • 1.  0x8100 Tagged VLAN

    Posted 08-15-2018 10:11
    We have recently noticed with the addition of dynamic profile QnQ on our Provider Edge Router connected to our Extreme aggregation layer we can pass traffic between nodes configured on a tagged VLAN with no VMAN's configuration present on the switch. It is my understanding that a tagged VLAN should only forward the dot1q value associated with the VLAN.

    In a normal scenario where QnQ is desired we would use VMAN's with CEP CVID.

    Our topology:

    Extreme A: X440-48t: 16.1.1.4 patch1-1
    Extreme B: X430-48t 15.5.3.4

    (PE-A)----1:4(Extreme A)1:48-------ISL------1:48(Extreme B)1:1-----(PE-B)

    #################
    Debug from PE-A indicates the packet is successfully received with 0x8100 CVID 1073
    #################

    13:45:20.320426 In PFE proto 2 (ipv4): 172.16.100.2 > 172.16.100.1: ICMP echo request, id 31752, seq 23, length 64
    13:45:20.320473 Out f8:c0:01:1e:58:58 > f8:c0:01:1e:46:58, ethertype 802.1Q (0x8100), length 68: vlan 1073, p 0, ethertype IPv4, truncated-ip - 34 bytes missing! 172.16.100.1 > 172.16.100.2: ICMP echo reply, id 31752, seq 23

    #################
    Debug from PE-B indicates packet is sent with outer tag 102 inner tag 1073
    #################

    14:03:40.813825 In PFE proto 2 (ipv4): (tos 0x0, ttl 64, id 40959, offset 0, flags [none], proto: ICMP (1), length: 84) 172.16.100.1 > 172.16.100.2: ICMP echo reply, id 31782, seq 3, length 64
    14:03:41.813889 Out f8:c0:01:1e:46:58 > f8:c0:01:1e:58:58, ethertype 802.1Q (0x8100), length 102: vlan 1073, p 0, ethertype IPv4, (tos 0x0, ttl 64, id 58270, offset 0, flags [none], proto: ICMP (1), length: 84) 172.16.100.2 > 172.16.100.1: ICMP echo request, id 31782, seq 4, length 64

    #################
    VLAN Configuration
    #################

    Admin State: Enabled Tagging: 802.1Q Tag 102

    Dumping vlan data base from process: --- vlan --
    Vlan:DOT-ONE vlanIf:0x5e9f98 vlanInstance:1000476 vlanId:102 tagged:1
    Num ports:2 state:1 speed:3, type:3 noVpifs: 2
    noActiveVpifs:2 ipfwd:0 ip6fwd:0 vlanNameInkernel:DOT-O_F441C
    flags:0x100000000[-] mtu:1500 qos:0 l2Protos:0 adminState:1
    numIp:1 numTentIp:0 numValidIp:1 numDupIp:0 ipv4IfUp:1
    numIp6:0 ipv6IfUp:0 ipv6IfLLPfxDup:0
    ifIndex:36 ifInstance:1000476 fwdState:1
    appSpecificData:0x0x5eb6e0 clientUsage:0x10
    vManMode:0 dot1ahMode:0
    noVirtualVpifs:0 noActiveVirtualVpifs:0
    filter: ANY
    vr name: VR-Default
    VLAN: DOT-ONE, port:1:48, vlanId:102, instance: 50003469, tag: 1,
    Ingress:0x5, Egress: 0x1, l2 prot priority: 0, cfgSave: TRUE
    l2Protos (IDs): 0x0 [PIF: type:SLOTPORT linkState:1 phyLinkState:1]
    uRPF[-]:0, isTrillAppointedForwarder:0 isTrillDesignated:0
    clientUsage: 0x10
    VLAN: DOT-ONE, port:1:1, vlanId:102, instance: 50003468, tag: 1,
    Ingress:0x5, Egress: 0x1, l2 prot priority: 0, cfgSave: TRUE
    l2Protos (IDs): 0x0 [PIF: type:TRUNK linkState:1 phyLinkState:1]
    uRPF[-]:0, isTrillAppointedForwarder:0 isTrillDesignated:0
    clientUsage: 0x10

    Egress and Ingres state bit definitions
    typedef enum ifIngressState_ {
    IF_STATE_ENABLE_LEARNING= 0x1,
    IF_STATE_DISABLE_LEARNING = 0x2,
    IF_STATE_ALLOW_ALL = 0x4,
    IF_STATE_ALLOW_AUTH_MAC = 0x8,
    IF_STATE_SLOWPATH_PROCESSING = 0x10,
    IF_STATE_IN_BLOCK_ALL = 0x20,
    IF_STATE_IN_BLOCK_DATA = 0x40,
    IF_STATE_INVALID = 0xffffffff,
    } ifIngressState_t;
    typedef enum ifEgressState_ {
    IF_STATE_FORWARDING = 0x1,
    IF_STATE_EG_BLOCK_ALL = 0x2,
    IF_STATE_BLOCK_FLOODING = 0x4,
    IF_STATE_EG_BLOCK_DATA = 0x8,
    IF_STATE_BLOCK_BROAD_CAST = 0x10,
    } ifEgressState_t;Total vlans: 13, Next vlanId(to be allocated): 3865

    My question is - why is the switch forwarding the inner CVID of a tagged VLAN on egress?