Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 6509 > Nokia FW .... 802.1Q trunk question

Status
Not open for further replies.
rainman

rainman

ISP
Joined
Mar 22, 2001
Messages
186
Location
US
Hello,

I am troubleshooting a scenario where I have a Cisco 6509 switch, trunking VLAN's via 802.1Q to a Nokia firewall. Recently while looking at traffic patterns, I noticed that my VLAN1 has a tremendous amount of traffic on it. This VLAN1 is just used for network administration, and was never intended for use behind the Nokia FW. Only specific VLAN's are. I have my trunk link configured with "vlan allowed", to only allow the specific vlans I want going to the Nokia firewall. I believe that the Nokia firewall is sending VLAN 1 traffic back at my Cisco 6509 switch.

Has anybody ever encountered this? Would one say it's a configuration problem on the Nokia firewall? I know I can't disable VLAN 1 because it's used to carry the trunk info to the firewall.

Any thoughts?


Rainman
 
Sort by date Sort by votes
How certain are you that it's the Nokia that is generating the VLAN 1 traffic?

As you're probably already aware, the 6509 will always use VLAN 1 for things such as CDP, VTP, PAgP, BPDU's etc. These are always forwarded with a VLAN 1 ID even if VLAN 1 has been cleared off the trunk (VLAN 1 BPDU's don't however - they will disappear if VLAN 1 has been cleared)
 
Upvote 0 Downvote
Hello,

Ok, I am not 100% certain that the Nokia FW is generating the traffic. I would expect to see basic traffic on VLAN 1 (such as CDP, VTP, PAgP, BPDU's, etc) however I am seeing normal server traffic on this VLAN.

The addresses I'm seeing are across the DOT1Q trunk, and also on routed VLAN's on the C6509. I have no access ports configured for VLAN 1, it would almost seem as if the traffic is coming from the Nokia FW, or somehow traffic is "seeping" from other VLAN's right on the C6509.


Thanks for any suggestions.


Rainman
 
Upvote 0 Downvote
Am I just thinking about this completely wrong? Is it usual to see traffic from other VLAN's on VLAN 1? I understand that VLAN 1 is used to support trunk links, but should I see the broadcasts within that VLAN, or have I lost my marbles completely lol.


Rainman
 
Upvote 0 Downvote
I would look around and make sure someone hasn't bridged one vlan to another like hooking a patch from a port on vlan 1 to say vlan 3 .
 
Upvote 0 Downvote
You have both ends of the .1q trunk configures the same (Speed, Duplex...etc)?

As the packet passes through the .1q port on the switch it gets Tagged at EGRESS, but only if it has been allowed to traverse this link.

Are you sure you dont have VLAN1 set as the Native VLAN?


 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Blackybear
  • Locked
  • Question Question
Cisco RV042G router
Replies
0
Views
353
Blackybear
Blackybear
B
  • Locked
  • Question Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
422
badwolf1686
B
pbxcomm
  • Locked
  • Question Question
CISCO VG450
Replies
1
Views
858
nt8d09
nt8d09
CPM86
  • Locked
  • Question Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
581
CPM86
CPM86
Skip Rango
  • Locked
  • Question Question
how to backup cisco sg500-52p switch
Replies
1
Views
821
madwok
madwok

Part and Inventory Search

Sponsor

Back
Top