Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
265
Views
0
Helpful
3
Replies

802.1Q encap.

mhanif
Level 1
Level 1

‎11-04-2002 05:46 PM - edited ‎03-02-2019 02:37 AM

I have a switch 2950 switch providing connectivity to remote site users through a connection to router. No trunking configured and being a stand-alone switch no VTP configured on switch therefore by default it configured as server with ver. 2. But, when I connect a sniffer to span traffic on uplink port that is the link between router 2621 and switch. I'm start receiving the packet with 802.1Q encapsulation that causes me to open each packet.

I'm wondering why in first place it encapsulation packet with 802.1Q.

Any help appreciated.

Thank in advance.

Labels:
0 Helpful
3 Replies 3

Erick Bergquist
Level 6
Level 6

‎11-05-2002 01:22 AM

How is the uplink port configured, as well as the span port configured?

What may be happening is it may be trying to autoneg. trunking if there isn't a 'switchport mode access' command on these interfaces to define them as access ports only. The 2621 doesn't have any dot1q subinterfaces that the packets could be coming from? Perhaps the sniffer is displaying the traffic wrong - I've seen that before.

HTH, Erick

0 Helpful

mhanif
Level 1
Level 1
In response to Erick Bergquist

‎11-05-2002 05:34 PM

Bellow is switch configuration:

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname xxxxxxxxxxxxxxxxxxx

!

aaa new-model

aaa authentication login admin group tacacs+ line

aaa authentication enable default group tacacs+ enable

enable secret

!

clock timezone PST -8

ip subnet-zero

no ip finger

ip domain-name xxxxxxxxxxxxxxxxx

ip name-server xxxxxxxxxxxx

ip name-server xxxxxxxxxxxxxx

!

!

!

interface FastEthernet0/1

description sw. to router

duplex full

speed 100

!

interface FastEthernet0/2

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/3

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/4

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/5

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/6

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/7

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/8

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/9

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/10

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/11

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/12

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/13

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/14

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/15

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/16

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/17

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/18

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/19

duplex half

speed 10

spanning-tree portfast

!

interface FastEthernet0/20

description link to xxxxxxxxxxx

switchport mode access

duplex half

speed 10

!

interface FastEthernet0/21

duplex half

speed 10

!

interface FastEthernet0/22

duplex half

speed 10

!

interface FastEthernet0/23

duplex half

speed 10

!

interface FastEthernet0/24

duplex half

speed 10

!

interface Vlan1

ip address xxxxxxxxxxxxx xxxxxxxxxxxxxx

no ip route-cache

!

ip default-gateway xxxxxxxxxxx

no ip http server

logging trap notifications

logging 146.22.44.13

logging 146.22.44.10

access-list 10 permit xxxxxxxxxxxxxxxxx

access-list 10 permit xxxxxxxxxxxxxxxx

snmp-server engineID local 00000009020000087DEC7A00

snmp-server community xxxxxxxxxxxx RW 10

snmp-server community xxxxxxxxxxxxx RO

snmp-server contact xxxxxxxxxxxxxxxxxxxxxx

tacacs-server host xxxxxxxxxxxxxxxx

tacacs-server key keymaster

banner motd ^CCC

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxxxxxxxxxx

^C

!

line con 0

exec-timeout 15 0

password xxxxxxxxxxxxxxxxxxxx

login authentication admin

transport input none

stopbits 1

line vty 0 4

exec-timeout 15 0

password 7 xxxxxxxxxxxxxxxxxx

login authentication admin

line vty 5 15

!

ntp clock-period xxxxxxxxxx

ntp server xxxxxxxxxxx

!

monitor session 1 source interface Fa0/1

monitor session 1 destination interface Fa0/16

0 Helpful

sbrobak
Level 1
Level 1

‎11-05-2002 04:41 AM

It's a bug. Use 12.1.11ea1 or later.

0 Helpful
Customers Also Viewed These Support Documents