Normally, Cisco switches intercept and process a number of layer two protocols, including CDP, STP, VTP, and others. This can present problems when attempting to make a switch appear completely transparent, as is a common goal of service providers. Full transparency can be achieved with layer 2 protocol tunneling (not to be confused with L2TP).
Switches can be configured to forward CDP, STP, and VTP frames instead of intercepting them. The command to enable basic L2 tunneling is l2protocol-tunnel at interface configuration. By default, this one command disables CDP on the interface and enables tunneling for CDP, STP, and VTP, as seen in the running configuration:
interface GigabitEthernet0/1
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
The switch will transparently forward incoming CDP/STP/VTP frames out other similarly configured interfaces in the same VLAN. We can inspect the traffic statistics with show l2protocol-tunnel:
show l2protocol-tunnel
Note the three seemingly useless lines at the end of the output. These lines present additional information when tunneling is expanded to include point-to-point protocols PAgP, LACP, and UDLD with the command l2protocol-tunnel point-to-point. Similar to the base command, the interface is automatically configured to include each of these protocols individually:
interface GigabitEthernet0/1
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
l2protocol-tunnel point-to-point pagp
l2protocol-tunnel point-to-point lacp
l2protocol-tunnel point-to-point udld
no cdp enable
show l2protocol-tunnel
No comments:
Post a Comment