[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 476
  • Last Modified:

OPT-E-MAN new service configuration

Hello,

I have new service from AT&T which they state is sending untagged traffic to all my new ports.

 At my central office I have a 2821 with an interface configured like this:

interface GigabitEthernet0/1/0
 description (Fiber connection to HFE/
 no ip address
 negotiation auto
!
interface GigabitEthernet0/1/0.1
 encapsulation dot1Q 20
 ip address 172.16.5.1 255.255.255.0
!
interface GigabitEthernet0/1/0.2
 encapsulation dot1Q 10 native
 ip address 172.16.2.1 255.255.255.0

At the remote sites I've tried tagging the interface for Vlan# but it doesn't seem to matter.  What does work is which ever side I set for "Native".  So router2 let's say had an interface configured for 172.16.2.2 it's running along no problem.

router3 172.16.5.2 doesn't get any traffic.

I know I am missing something.  Please talk to me like I am 5 because I am just a lone ranger on this one without a smartnet contract.

Thank you so much in advance!
0
mwvwca
Asked:
mwvwca
  • 6
  • 5
5 Solutions
 
harbor235Commented:
You have configured the interface as tagged with the encapsulation command, native tells the interface that these frames in vlan X are untagged, thats why the native works.

So my questionis, if they are sending you untagged frames why are you configuring the subinterfaces with the encap and trunk type?

Is the opt-e-man basic?


harbor235 ;}
0
 
mwvwcaAuthor Commented:
Thank you for the reply.  If I remove the encap then it strips the ip address also. When I go to reapply the address I get :

% Configuring IP routing on a LAN subinterface is only allowed if that
subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q,
or ISL vLAN.

For the record, I am 99% this is user error.

*edit* Sorry, yes the service is basic (best effort).
0
 
harbor235Commented:
Have you tried it without the sub-interface?   Native means the frames are untagged so you should not need the encap or sub. Give it a try.  


harbor235 ;}
0
Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

 
mwvwcaAuthor Commented:
Not sure how I would do that without a subinterface?  Can I put two address on one interface?  I have two connections coming into one port.  

Sorry if my questions seems clueless but that's about where I am  ;)

Router 1
ip address 172.16.5.1 255.255.255.0
ip address 172.16.2.1 255.255.255.0 secondary

Router 2
ip address 172.16.5.1 255.255.255.0

Router 3
ip address 172.16.2.2 255.255.255.0

It can't really be that simple can it?
0
 
harbor235Commented:
So is AT&T sending untagged frames or tagged, or both? You say untagged only initially?

>I have new service from AT&T which they state is sending untagged traffic to all my new ports


harbor235 ;}
0
 
mwvwcaAuthor Commented:
Well they say it's untagged traffic.  Router 2 is at one physical location and Router 3 at another.  My understanding was that all traffic was available to all locations (not port based).
0
 
harbor235Commented:
opt-e-man basic is pt-2-pt only, the other service is multi-point. I would sniff the traffic and see what is coming in, tagged or untagged. If it is untagged only that means there are no additional vlans arriving via tagged frames. Are you sure you are getting multiple vlans with that service?

So, if they are untagged you do not add the encapsulation commands, it would be as if they are on the same vlan on your closet switch. All you would need to do is configure a layer3 interface and ip address. AT&T's network is a layer 2 transport network.

harbor235 ;}
0
 
mwvwcaAuthor Commented:
From what I can see, no tagging.

so this should work then?
Router 1
ip address 172.16.5.1 255.255.255.0
ip address 172.16.2.1 255.255.255.0 secondary
0
 
harbor235Commented:
That would be inline with two subnets operational on the same wire without tagging, agreed.

harbor235 ;}
0
 
mwvwcaAuthor Commented:
outstanding, I will give it a go here in a bit when I can do the least amount of disruption.  I truly appreciate your help.  I will confirm here soon.
0
 
mwvwcaAuthor Commented:
harbor235 ;} helped me understand exactly what I was doing wrong and walked me through to a solution.  THANK YOU.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now