What does 3850 dot1q tunnel outer tag is not poped mean?
Dear Experts,
Can anyone explain to me what this open caveat is talking about?
CSCvn42743 - 3850 dot1q tunnel outer tag is not poped
Can anyone explain to me what this open caveat is talking about?
CSCvn42743 - 3850 dot1q tunnel outer tag is not poped
Um ... might that be "popped", perhaps, not "poped"?
ASKER
After doing shut no shut interface is not removing outer tag (in the case when is supposed to remove it) in the case of double tagging (dot1q tunneling). In which case traffic may be dropped on interface when MTU is not adjusted and in the case that it is not dropping packets packet will most likely end up in wrong VLAN. Still traffic may not be accepted by end hosts since inner tag may also still be present which will as result have tagged frame on access port - such traffic is dropped since end hosts typically don't accept tagged traffic or if host accepts tagged traffic traffic may be destined to wrong VLAN.
>>3850 dot1q tunnel outer tag is not poped
Packets need to be blessed by the pontiff, if the switch is on site this might involve routing them to Rome :(
Pete
Packets need to be blessed by the pontiff, if the switch is on site this might involve routing them to Rome :(
Pete
ASKER
HI! Pete,
I really have difficulty understanding this bug.
Is there a more simpler explanation on this issue?
I really have difficulty understanding this bug.
Is there a more simpler explanation on this issue?
:) Sorry I was in a sarcastic mood
Basically, you need to take off your Cisco hat and treat dot1q traffic like everyone else in the world, packets are either 'tagged' or 'untagged' (in Cisco parlance trunked or access.) If a packet is tagged it carries its VLAN number in its tag, as a tagged packet gets send out of an untagged port its VLAN tag is checked to makes sure its the same, if it is, its removed (popped off) and the packet is sent out of the same port on the correct VLAN without its VLAN tag. (if it does not match then the packet is dropped as it not meant for this VLAN).
Think of it as removing a post code, (or Zip code is you have a stupid president,) that the mailman removes from your package as he delivers your letter, that's what up-popping means (removing the VLAN tag).
TBH - I don't like to use the term unpopping as that makes me think of MPLS and VPLS - but that's another story!
Pete
Basically, you need to take off your Cisco hat and treat dot1q traffic like everyone else in the world, packets are either 'tagged' or 'untagged' (in Cisco parlance trunked or access.) If a packet is tagged it carries its VLAN number in its tag, as a tagged packet gets send out of an untagged port its VLAN tag is checked to makes sure its the same, if it is, its removed (popped off) and the packet is sent out of the same port on the correct VLAN without its VLAN tag. (if it does not match then the packet is dropped as it not meant for this VLAN).
Think of it as removing a post code, (or Zip code is you have a stupid president,) that the mailman removes from your package as he delivers your letter, that's what up-popping means (removing the VLAN tag).
TBH - I don't like to use the term unpopping as that makes me think of MPLS and VPLS - but that's another story!
Pete
Actually, it is a little bit different since Pete's description is matching 802.1q behavior (or I misread/misunderstod post).
Cisco bug is about dot1q tunneling 802.1ad (Q-in-Q).
Traffic forwarded from customer to service provider (SP) will have 2 tags when traffic enter SP network outer S-tag (service-provide tag) and inner C-tag (customer tag). That's why therm is "pop" present, it is actually tunneling technology (as it is MPLS).
In normal behavior on SP edge - after removing (popping) S-tag, C-tag is still present in frame that is forwarded to customer (this way customer can send frames from many VLANs into SP network and SP will forward it to destination). Before delivering traffic back to customer from SP network S-tag should be removed before traffic is being forwarded into customer network.
Cisco bug CSCvn42743 is about S-tag not being popped from frame and frame is delivered to customer with both tags.
Generally, if you are not working for SP company, most likely you are not affected by this bug.
Cisco bug is about dot1q tunneling 802.1ad (Q-in-Q).
Traffic forwarded from customer to service provider (SP) will have 2 tags when traffic enter SP network outer S-tag (service-provide tag) and inner C-tag (customer tag). That's why therm is "pop" present, it is actually tunneling technology (as it is MPLS).
In normal behavior on SP edge - after removing (popping) S-tag, C-tag is still present in frame that is forwarded to customer (this way customer can send frames from many VLANs into SP network and SP will forward it to destination). Before delivering traffic back to customer from SP network S-tag should be removed before traffic is being forwarded into customer network.
Cisco bug CSCvn42743 is about S-tag not being popped from frame and frame is delivered to customer with both tags.
Generally, if you are not working for SP company, most likely you are not affected by this bug.
ASKER
Thanks Pete for the explanation.
Hi! JustInCase,
From what you are saying, this traffic affects from customer to service provider.
Am I right to say that?
Hi! JustInCase,
From what you are saying, this traffic affects from customer to service provider.
Am I right to say that?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, got it, thanks JustInCase
You're welcome.