07-15-2010 07:15 AM - edited 03-06-2019 12:02 PM
I have a customer that insists we are either blocking STP BPDU traffic, and in wireshark traces our switches are mixing BPDU traffic with theirs. My goal is to configure a transparent switch port that allows everything, customer can send anything end-to-end thus making our switch invisible. Also, I wish to constrain this to there port only.
Network:
Two Cisco 6500 switches running IOS
Customer:
Using port Fa6/7 on Cisco6500-LOCA to port Fa6/7 on Cisco6500-LOCZ
Question;
Will the configuration below work? Has anybody done this? My reference is http://packetlife.net/blog/2010/apr/15/invisible-catalyst-switch/
Configuration:
On Cisco6500-LOCA
interface fa6/7
description Facing LOCA
switchport mode dot1q-tunnel
switchport access vlan 201
speed 100
duplex full
mtu 9216
no cdp enable
switchport nonegotiate
no keepalive
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
l2protocol-tunnel point-to-point pagp
l2protocol-tunnel point-to-point lacp
l2protocol-tunnel point-to-point udld
end
interface gig 1/1
description Trunk between Cisco6500-LOCA and Cisco6500-LOCZ
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 201,800-850
mtu 9216
end
On Cisco6500-LOCZ
interface fa6/7
description Facing LOCZ
switchport mode dot1q-tunnel
switchport access vlan 201
speed 100
duplex full
mtu 9216
no cdp enable
switchport nonegotiate
no keepalive
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
l2protocol-tunnel point-to-point pagp
l2protocol-tunnel point-to-point lacp
l2protocol-tunnel point-to-point udld
end
interface gig 1/1
description Trunk between Cisco6500-LOCZ and Cisco6500-LOCA
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 201,800-850
mtu 9216
end
-Mn
07-30-2010 01:15 AM
Mn,
Yes that should work.
I am assuming that 6/7 is the end points going to your customer. Also make sure that your have "dot1q tag native".
Jayakrishna
07-30-2010 03:31 AM
Add under interfaces
vlan dot1q tag native
and in global configuration add :
errdisable recovery cause l2ptguard
HTH
Hitesh Vinzoda
Pls rate useful posts
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: