Header Only - DO NOT REMOVE - Extreme Networks
Question

0x8100 Tagged VLAN


We have recently noticed with the addition of dynamic profile QnQ on our Provider Edge Router connected to our Extreme aggregation layer we can pass traffic between nodes configured on a tagged VLAN with no VMAN's configuration present on the switch. It is my understanding that a tagged VLAN should only forward the dot1q value associated with the VLAN.

In a normal scenario where QnQ is desired we would use VMAN's with CEP CVID.

Our topology:

Extreme A: X440-48t: 16.1.1.4 patch1-1
Extreme B: X430-48t 15.5.3.4

(PE-A)----1:4(Extreme A)1:48-------ISL------1:48(Extreme B)1:1-----(PE-B)

#################
Debug from PE-A indicates the packet is successfully received with 0x8100 CVID 1073
#################

13:45:20.320426 In PFE proto 2 (ipv4): 172.16.100.2 > 172.16.100.1: ICMP echo request, id 31752, seq 23, length 64
13:45:20.320473 Out f8:c0:01:1e:58:58 > f8:c0:01:1e:46:58, ethertype 802.1Q (0x8100), length 68: vlan 1073, p 0, ethertype IPv4, truncated-ip - 34 bytes missing! 172.16.100.1 > 172.16.100.2: ICMP echo reply, id 31752, seq 23

#################
Debug from PE-B indicates packet is sent with outer tag 102 inner tag 1073
#################

14:03:40.813825 In PFE proto 2 (ipv4): (tos 0x0, ttl 64, id 40959, offset 0, flags [none], proto: ICMP (1), length: 84) 172.16.100.1 > 172.16.100.2: ICMP echo reply, id 31782, seq 3, length 64
14:03:41.813889 Out f8:c0:01:1e:46:58 > f8:c0:01:1e:58:58, ethertype 802.1Q (0x8100), length 102: vlan 1073, p 0, ethertype IPv4, (tos 0x0, ttl 64, id 58270, offset 0, flags [none], proto: ICMP (1), length: 84) 172.16.100.2 > 172.16.100.1: ICMP echo request, id 31782, seq 4, length 64

#################
VLAN Configuration
#################

Admin State: Enabled Tagging: 802.1Q Tag 102

Dumping vlan data base from process: --- vlan --
Vlan:DOT-ONE vlanIf:0x5e9f98 vlanInstance:1000476 vlanId:102 tagged:1
Num ports:2 state:1 speed:3, type:3 noVpifs: 2
noActiveVpifs:2 ipfwd:0 ip6fwd:0 vlanNameInkernel:DOT-O_F441C
flags:0x100000000[-] mtu:1500 qos:0 l2Protos:0 adminState:1
numIp:1 numTentIp:0 numValidIp:1 numDupIp:0 ipv4IfUp:1
numIp6:0 ipv6IfUp:0 ipv6IfLLPfxDup:0
ifIndex:36 ifInstance:1000476 fwdState:1
appSpecificData:0x0x5eb6e0 clientUsage:0x10
vManMode:0 dot1ahMode:0
noVirtualVpifs:0 noActiveVirtualVpifs:0
filter: ANY
vr name: VR-Default
VLAN: DOT-ONE, port:1:48, vlanId:102, instance: 50003469, tag: 1,
Ingress:0x5, Egress: 0x1, l2 prot priority: 0, cfgSave: TRUE
l2Protos (IDs): 0x0 [PIF: type:SLOTPORT linkState:1 phyLinkState:1]
uRPF[-]:0, isTrillAppointedForwarder:0 isTrillDesignated:0
clientUsage: 0x10
VLAN: DOT-ONE, port:1:1, vlanId:102, instance: 50003468, tag: 1,
Ingress:0x5, Egress: 0x1, l2 prot priority: 0, cfgSave: TRUE
l2Protos (IDs): 0x0 [PIF: type:TRUNK linkState:1 phyLinkState:1]
uRPF[-]:0, isTrillAppointedForwarder:0 isTrillDesignated:0
clientUsage: 0x10

Egress and Ingres state bit definitions
typedef enum ifIngressState_ {
IF_STATE_ENABLE_LEARNING= 0x1,
IF_STATE_DISABLE_LEARNING = 0x2,
IF_STATE_ALLOW_ALL = 0x4,
IF_STATE_ALLOW_AUTH_MAC = 0x8,
IF_STATE_SLOWPATH_PROCESSING = 0x10,
IF_STATE_IN_BLOCK_ALL = 0x20,
IF_STATE_IN_BLOCK_DATA = 0x40,
IF_STATE_INVALID = 0xffffffff,
} ifIngressState_t;
typedef enum ifEgressState_ {
IF_STATE_FORWARDING = 0x1,
IF_STATE_EG_BLOCK_ALL = 0x2,
IF_STATE_BLOCK_FLOODING = 0x4,
IF_STATE_EG_BLOCK_DATA = 0x8,
IF_STATE_BLOCK_BROAD_CAST = 0x10,
} ifEgressState_t;Total vlans: 13, Next vlanId(to be allocated): 3865

My question is - why is the switch forwarding the inner CVID of a tagged VLAN on egress?

0 replies

Be the first to reply!

Reply