You nailed it. VLAN 999 was my problem.
I'm confused on this subject. When I do the simple L2 forwarding I'm
actually doing L2 protocol tunneling. When I have to use dot1q and
"layered" vlan tags that is QnQ. Am I wrong?
Meaning, the debug you referenced (which I tried) didn't really help me.
That's actually my issue. I couldn't find an effective way to diagnose
the problem via debug or whatnot. It was only after going over the
config that I caught the issue.
-Hammer-
"I was a normal American nerd"
-Jack Herer
On 09/28/2011 12:16 PM, Di Bias, Steve wrote:
I remember having issues when I was doing this lab as well.
What does the configuration look like on Cat2 and Cat4 for range fa0/20-21 and
fa0/23-24? Have vlan 990 been removed off these trunks?
Also it may be a long shot but have you tried debugging l2protocol?
"debug l2protocol-tunnel"
Thank you,
Steve Di Bias
Network Engineer - Information Systems
Valley Health System - Las Vegas
Office - 702- 369-7594
Cell - 702-241-1801
[email protected]
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of -Hammer-
Sent: Wednesday, September 28, 2011 7:43 AM
To: [email protected]
Subject: [OSL | CCIE_RS] IPExpert R&S Vol1 Lab5 QnQ and Tunnels... Oh my...
So this lab is pretty fun. Or so I thought. Until I got to step 5.5. I
understand the mechanics of QnQ as well as basic L2 tunneling and I know
how to recover from the state but for the life of me I can't figure out
how to "troubleshoot" or "debug" the issue. There are debug options for
QnQ as well as L2protocol-tunnel (not used in this scenario) but there
doesn't seem to be a specific debug for errdisabling beyond the log
messages.
When I no shut the relative interfaces I get the infamous errdis messages:
CAT4(config)#
22:02:37: %PM-4-ERR_DISABLE: l2ptguard error detected on Gi0/19, putting
Gi0/19 in err-disable state
22:02:38: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet0/19, changed state to down
22:02:39: %LINK-3-UPDOWN: Interface GigabitEthernet0/19, changed state
to down
Per the DSG this is expected behavior because of the Cisco MAC being
passed on VLAN 12 from a previous step. But I've pulled that VLAN as
needed to prevent the propriety MAC issue. I also pulled VLAN 990 (used
to encapsulate tunneled traffic) just for the fun of it but still I'm
being shut down.
The main focus is the connection from Cat1 to Cat4 over gi0/19 on each
end. Can anyone offer some insight into why it is failing on tunnel
guard. I'm really perplexed. Or can anyone offer some good debug
commands? I guess my next step is a sniffer but that's really not an
option in the lab. :)
TRAFFIC PATH
Cat1 gi0/19 - gi0/19 Cat4 gi0/22 - gi0/22 Cat2 gi0/19 - gi0/19 Cat3
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
CAT1(config)#do sho run int gi0/19
Building configuration...
Current configuration : 150 bytes
!
interface GigabitEthernet0/19
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-11,13-989,991-4094
switchport mode trunk
end
CAT1(config)#
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
CAT4(config)#do sho run int gi0/19
Building configuration...
Current configuration : 179 bytes
!
interface GigabitEthernet0/19
switchport access vlan 990
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
end
CAT4(config)#do sho run int gi0/22
Building configuration...
Current configuration : 133 bytes
!
interface GigabitEthernet0/22
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 990
switchport mode trunk
end
CAT4(config)#
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
CAT2(config)#
CAT2(config)#do sho run int gi0/22
Building configuration...
Current configuration : 133 bytes
!
interface GigabitEthernet0/22
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 990
switchport mode trunk
end
CAT2(config)#do sho run int gi0/19
Building configuration...
Current configuration : 179 bytes
!
interface GigabitEthernet0/19
switchport access vlan 990
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
end
CAT2(config)#
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
CAT3(config)#do sho run int gi0/19
Building configuration...
Current configuration : 150 bytes
!
interface GigabitEthernet0/19
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-11,13-989,991-4094
switchport mode trunk
end
CAT3(config)#
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
