Highlighted
CarlosMa
1 Copper

vlan tag on untagged port on S6010

I have a weird issue with a S6010 switch that seems to be tagging packets when it shouldn't. This is my configuration:

Port:

s6010a_Gn#sh ru interface tengigabitethernet 1/22/3
!
interface TenGigabitEthernet 1/22/3
description NS2CoreNic8_Spirent_ACCESS
no ip address
mtu 1900
switchport
rate-interval 60
no shutdown

 

VLAN Interface. As you can see the port is marked as "untagged" which as per my understanding mean we won't be expecting any VLAN tags on the incoming traffic nor will be setting a VLAN tag on the outgoing traffic.

 

s6010a_Gn#sh running-config interface vlan 2127
!
interface Vlan 2127
description Spirent_ACC
ip address 172.27.1.1/16
untagged TenGigabitEthernet 1/22/3
no shutdown

However, when I try to send a ping and capture on the interface I see the ARP request not having any tags (as expected) but the returning ARP reply does have VLAN tag=2127. Needless to say, the ping is failing as the ARP entry on the source never gets populated properly (given that incorrect VLAN Id)

 Is there anything incorrect on my config or is my understanding of "untagged" wrong? ARP_Response_wrong_Tag.jpgARP Response wrong VLAN TagARP_Request_No_VLAN.jpgARP Request no VLAN sent

Labels (2)
Tags (1)
0 Kudos
4 Replies
CarlosMa
1 Copper

vlan tag on untagged port on S6010

I have a weird issue with a S6010 switch that seems to be tagging packets when it shouldn't. This is my configuration:

Port:

s6010a_Gn#sh ru interface tengigabitethernet 1/22/3
!
interface TenGigabitEthernet 1/22/3
description NS2CoreNic8_Spirent_ACCESS
no ip address
mtu 1900
switchport
rate-interval 60
no shutdown

 

VLAN Interface. As you can see the port is marked as "untagged" which as per my understanding mean we won't be expecting any VLAN tags on the incoming traffic nor will be setting a VLAN tag on the outgoing traffic.

 

s6010a_Gn#sh running-config interface vlan 2127
!
interface Vlan 2127
description Spirent_ACC
ip address 172.27.1.1/16
untagged TenGigabitEthernet 1/22/3
no shutdown

However, when I try to send a ping and capture on the interface I see the ARP request not having any tags (as expected) but the returning ARP reply does have VLAN tag=2127. Needless to say, the ping is failing as the ARP entry on the source never gets populated properly (given that incorrect VLAN Id)

 Is there anything incorrect on my config or is my understanding of "untagged" wrong? ARP_Response_wrong_Tag.jpgARP Response wrong VLAN TagARP_Request_No_VLAN.jpgARP Request no VLAN sent

0 Kudos
Anonymous
Not applicable

Re: vlan tag on untagged port on S6010

How is the other end of this connection configured? Perhaps there is a mismatch in the configs. On the S6010 you can issue the command #show vlan, which will list out all VLANs and the interfaces they are configured on.

0 Kudos
CarlosMa
1 Copper

Re: vlan tag on untagged port on S6010

Hi Daniel,

The other end is a SR-IOV Interface on an R730XD running ESXI 6.5. The configuration itself is just the SR-IOV VF assigned to a Ubuntu 16.04 VM with no tagging configured anywhere. 

 

The fundamental question is, why with the configuration given above (untagged port associated to VLAN 2127) the S6010 would reply to an ARP request sent without any VLAN tag with an ARP response setting a VLAN tag? Let me know if you'd like to take a look at the wireshark capture.

0 Kudos
Anonymous
Not applicable

Re: vlan tag on untagged port on S6010

I am not certain why the switch would be replying with tagged packets. Is it just the ARP packets that are tagged? Or is all traffic the switch sends out this interface tagged?

0 Kudos