When I studied for my CCIE almost 15 years ago, I recall that I was fascinated by how different PDUs such as CDP, DTP, STP would have different encapsulations on a trunk depending on the configuration of it. What happens when you change the native VLAN? What happens if the native VLAN is not allowed on the trunk? What happens if you tag the native VLAN? There aren’t many resources describing this as most people don’t care for this level of detail, but there are situations where this is important. The goal of this post is to configure different protocols and see how they are encapsulated using different trunk configurations. You don’t need to consume this entire post, rather use it as a reference for different scenarios. Just be aware that some of this may be platform/OS specific.
The protocols we’ll cover for this post are:
- CDP.
- LLDP.
- DTP.
- PAgP.
- LACP.
- PVST+.
- RPVST+.
- MST.
The topology is going to be very simple, two switches connected by a single link:
These are IOSv-L2 devices:
SW1#show version Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Experimental Version 15.2(20200924:215240) [sweickge-sep24-2020-l2iol-release 135] Copyright (c) 1986-2020 by Cisco Systems, Inc. Compiled Tue 29-Sep-20 11:53 by sweickge ROM: Bootstrap program is IOSv SW1 uptime is 3 days, 1 hour, 20 minutes System returned to ROM by reload System image file is "flash0:/vios_l2-adventerprisek9-m"
Trunk With Default Settings
To start out, we’ll use a trunk with the default settings which implies the following:
- The native VLAN is 1.
- All VLANs are allowed to traverse the trunk.
The trunk currently has this configuration:
interface GigabitEthernet0/0 switchport trunk encapsulation dot1q switchport mode trunk negotiation auto
CDP
With the default configuration, CDP is sending untagged frames to a destination MAC of 0100.0ccc.cccc:
Frame 10: 381 bytes on wire (3048 bits), 381 bytes captured (3048 bits)
IEEE 802.3 Ethernet
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:0b:45:06
Length: 367
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: CDP (0x2000)
Cisco Discovery Protocol
Version: 2
TTL: 180 seconds
Checksum: 0x305d [correct]
[Checksum Status: Good]
Device ID: SW1
Software Version
Platform: Cisco
Addresses
Port ID: GigabitEthernet0/0
Capabilities
IP Prefixes: 1
VTP Management Domain:
Native VLAN: 1
Duplex: Full
Trust Bitmap: 0x00
Untrusted port CoS: 0x00
Management Addresses
Note that the frame is 802 SNAP encapsulated.
LLDP
With the default configuration, LLDP is sending untagged frames to a destination MAC of 0180.c200.000e:
Frame 19: 320 bytes on wire (2560 bits), 320 bytes captured (2560 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:80:c2:00:00:0e
Destination: 01:80:c2:00:00:0e
Source: 52:54:00:0b:45:06
Type: 802.1 Link Layer Discovery Protocol (LLDP) (0x88cc)
Trailer: 000000
Link Layer Discovery Protocol
Chassis Subtype = MAC address, Id: 52:54:00:0b:45:06
Port Subtype = Interface name, Id: Gi0/0
Time To Live = 120 sec
System Name = SW1
[truncated]System Description = Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Experimental Version 15.2(20200924:215240) [sweickge-sep24-2020-l2iol-release 135]\nCopyright (c) 1986-2020 by Cisco Systems, Inc.\nCompiled
Port Description = GigabitEthernet0/0
Capabilities
Management Address
End of LLDPDU
LLDP has Ethernet II encapsulation (not 802 SNAP) as this is IEEE protocol.
DTP
With the default configuration, DTP is sending untagged frames to a destination MAC of 0100.0ccc.cccc:
Frame 23: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:04:2a:87
Length: 34
Padding: 000000000000000000000000
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: DTP (0x2004)
Dynamic Trunk Protocol: (Operating/Administrative): Trunk/On (0x81) (Operating/Administrative): 802.1Q/802.1Q (0xa5): 52:54:00:04:2a:87
Version: 1
Domain
Trunk Status
Trunk Type
Sender ID
This frame is also 802 SNAP encapsulated.
PAgP
With the default configuration, PAgP is sending untagged frames to a destination MAC of 0100.0ccc.cccc:
Frame 1: 84 bytes on wire (672 bits), 84 bytes captured (672 bits)
IEEE 802.3 Ethernet
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:0b:45:06
Length: 70
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PAgP (0x0104)
Port Aggregation Protocol
Version: Info PDU (0x01)
Flags: 0x00
Local Device ID: 52:54:00:0b:80:00
Local Learn Capability: Arbitrary Distribution (0x02)
Local Port Hot Standby Priority: 128
Local Sent Port ifindex: 1
Local Group Capability: 0x00010001
Local Group ifindex: 0
Partner Device ID: 00:00:00:00:00:00
Partner Learn Capability: Unknown (0x00)
Partner Port Hot Standby Priority: 0
Partner Sent Port ifindex: 0
Partner Group Capability: 0x00000000
Partner Group ifindex: 0
Partner Count: 0
Number of TLVs: 2
TLV Entry #1
TLV Entry #2
This frame is also 802 SNAP encapsulated.
LACP
With the default configuration, LACP is sending untagged frames to a destination MAC of 0180.c200.0002:
Frame 101: 124 bytes on wire (992 bits), 124 bytes captured (992 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:80:c2:00:00:02
Destination: 01:80:c2:00:00:02
Source: 52:54:00:0b:45:06
Type: Slow Protocols (0x8809)
Slow Protocols
Link Aggregation Control Protocol
LACP Version: 0x01
TLV Type: Actor Information (0x01)
TLV Length: 0x14
Actor System Priority: 32768
Actor System ID: 52:54:00:0b:80:00
Actor Key: 1
Actor Port Priority: 32768
Actor Port: 1
Actor State: 0x45, LACP Activity, Aggregation, Defaulted
[Actor State Flags: *F***G*A]
Reserved: 000000
TLV Type: Partner Information (0x02)
TLV Length: 0x14
Partner System Priority: 0
Partner System: 00:00:00:00:00:00
Partner Key: 0
Partner Port Priority: 0
Partner Port: 0
Partner State: 0x00
[Partner State Flags: ********]
Reserved: 000000
TLV Type: Collector Information (0x03)
TLV Length: 0x10
Collector Max Delay: 32768
Reserved: 000000000000000000000000
TLV Type: Terminator (0x00)
TLV Length: 0x00
Pad: 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
LACP is using Ethernet II encapsulation.
PVST+
With the default configuration, PVST+ is sending two PDUs:
- SSTP BPDU encapsulated with 802 SNAP to a destination MAC of 0100.0ccc.cccd.
- IEEE BPDU encapsulated with 802.2 LLC to a destination MAC of 0180.c200.0000.
Both of the frames are untagged. First the SSTP BPDU:
Frame 2: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
IEEE 802.3 Ethernet
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Length: 50
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 1
Note that the BPDU has the originating VLAN in it, as I described in the post Detecting Mismatched Native VLANs.
Then the IEEE BPDU:
Frame 3: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: 01:80:c2:00:00:00
Source: 52:54:00:04:2a:87
Length: 38
Padding: 0000000000000000
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
There are also tagged frames being sent for the non-native VLANs. These are only the SSTP BPDUs. The one for VLAN 2 is shown below:
Frame 4: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 2
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = DEI: Ineligible
.... 0000 0000 0010 = ID: 2
Length: 50
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 2 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 2 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 2
RPVST+
RPVST+ behaves exactly like PVST+. There are just some additional fields in the BPDU. Untagged SSTP BPDU:
Frame 13: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
IEEE 802.3 Ethernet
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Length: 50
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Originating VLAN (PVID): 1
Untagged IEEE BPDU:
Frame 14: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: 01:80:c2:00:00:00
Source: 52:54:00:04:2a:87
Length: 39
Padding: 00000000000000
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Tagged SSTP BPDU:
Frame 15: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 2
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 2 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 2 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Originating VLAN (PVID): 2
MST
For MST, there is only untagged BPDU with a destination MAC of 0180.c200.000. It is encapsulated with 802.2 LLC:
Frame 62: 119 bytes on wire (952 bits), 119 bytes captured (952 bits)
IEEE 802.3 Ethernet
Destination: 01:80:c2:00:00:00
Source: 52:54:00:04:2a:87
Length: 105
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Multiple Spanning Tree (3)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 0 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 0 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Version 3 Length: 64
MST Extension
Until now, all PDUs have been untagged, except for PVST+/RPVST+ for VLANs other than the native VLAN. Currently, the native VLAN is allowed on the trunk:
SW1#show int gi0/0 trunk Port Mode Encapsulation Status Native vlan Gi0/0 on 802.1q trunking 1 Port Vlans allowed on trunk Gi0/0 1-4094 Port Vlans allowed and active in management domain Gi0/0 1 Port Vlans in spanning tree forwarding state and not pruned Gi0/0 1
What happens if we remove VLAN 1 from the trunk? Let’s find out!
Trunk Without VLAN 1
We’ll remove VLAN 1 from allowed VLANs on the trunk:
SW1(config-if)#switchport trunk allowed vlan remove 1 SW1#show int gi0/0 trunk Port Mode Encapsulation Status Native vlan Gi0/0 on 802.1q trunking 1 Port Vlans allowed on trunk Gi0/0 2-4094 Port Vlans allowed and active in management domain Gi0/0 none Port Vlans in spanning tree forwarding state and not pruned Gi0/0 none
After modifying the configuration, all the PDUs like CDP, LLDP, DTP, PAgP, LACP, are still being sent untagged. The control plane protocols are not impacted by removing VLAN 1. Essentially, there is some protection to not break control plane protocols even if transit data is not being allowed.
The only change is that the PVST+/RPVST+ BPDUs are all tagged now:
Why are there no untagged SSTP or IEEE BPDUs? This is because STP is not running for VLAN 1 on Gi0/0 any longer:
SW1#show span vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 5254.000b.4506
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 5254.000b.4506
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1 Desg FWD 4 128.2 P2p
Gi0/2 Desg FWD 4 128.3 P2p
Gi0/3 Desg FWD 4 128.4 P2p
What about MST, though? Since MST does not send BPDUs per VLAN, they are sent untagged as always:
Frame 27: 119 bytes on wire (952 bits), 119 bytes captured (952 bits)
IEEE 802.3 Ethernet
Destination: 01:80:c2:00:00:00
Source: 52:54:00:04:2a:87
Length: 105
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Multiple Spanning Tree (3)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 0 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 0 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Version 3 Length: 64
MST Extension
Removing the native VLAN from the trunk does not stop PDUs from being sent. They are still sent untagged with the exception of PVST+/RPVST+ that stop sending BPDUs for the native VLAN.
Now let’s take a look what happens when we change the native VLAN from 1 to 2.
Trunk Native VLAN 2
The native VLAN is set to 2. Note that VLAN 1 is once again allowed:
SW1(config-if)#switchport trunk native vlan2 SW1#show int gi0/0 trunk Port Mode Encapsulation Status Native vlan Gi0/0 on 802.1q trunking 2 Port Vlans allowed on trunk Gi0/0 1-4094 Port Vlans allowed and active in management domain Gi0/0 1-2 Port Vlans in spanning tree forwarding state and not pruned Gi0/0 1-2
CDP
The CDP frame is now tagged with VLAN 1:
Frame 367: 358 bytes on wire (2864 bits), 358 bytes captured (2864 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cc
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: CDP (0x2000)
Cisco Discovery Protocol
Version: 2
TTL: 180 seconds
Checksum: 0x464d [correct]
[Checksum Status: Good]
Device ID: SW2
Software Version
Platform: Cisco
Addresses
Port ID: GigabitEthernet0/0
Capabilities
VTP Management Domain:
Native VLAN: 2
Duplex: Full
Trust Bitmap: 0x00
Untrusted port CoS: 0x00
Management Addresses
LLDP
For LLDP, the frame is still untagged:
Frame 94: 306 bytes on wire (2448 bits), 306 bytes captured (2448 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:80:c2:00:00:0e
Destination: 01:80:c2:00:00:0e
Source: 52:54:00:0b:45:06
Type: 802.1 Link Layer Discovery Protocol (LLDP) (0x88cc)
Trailer: 100000
Link Layer Discovery Protocol
Chassis Subtype = MAC address, Id: 52:54:00:0b:45:06
Port Subtype = Interface name, Id: Gi0/0
Time To Live = 120 sec
System Name = SW1
[truncated]System Description = Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Experimental Version 15.2(20200924:215240) [sweickge-sep24-2020-l2iol-release 135]\nCopyright (c) 1986-2020 by Cisco Systems, Inc.\nCompiled
Port Description = GigabitEthernet0/0
Capabilities
End of LLDPDU
DTP
Interestingly, DTP is untagged as opposed to the other Cisco protocols:
Frame 24: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: DTP (0x2004)
Dynamic Trunk Protocol: (Operating/Administrative): Trunk/On (0x81) (Operating/Administrative): 802.1Q/802.1Q (0xa5): 52:54:00:0b:45:06
Version: 1
Domain
Trunk Status
Trunk Type
Sender ID
PAgP
For PAgP, the frame is tagged:
Frame 128: 88 bytes on wire (704 bits), 88 bytes captured (704 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:00:0c:cc:cc:cc
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:0b:45:06
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PAgP (0x0104)
Port Aggregation Protocol
Version: Info PDU (0x01)
Flags: 0x00
Local Device ID: 52:54:00:0b:80:00
Local Learn Capability: Arbitrary Distribution (0x02)
Local Port Hot Standby Priority: 128
Local Sent Port ifindex: 1
Local Group Capability: 0x00010001
Local Group ifindex: 0
Partner Device ID: 00:00:00:00:00:00
Partner Learn Capability: Unknown (0x00)
Partner Port Hot Standby Priority: 0
Partner Sent Port ifindex: 0
Partner Group Capability: 0x00000000
Partner Group ifindex: 0
Partner Count: 0
Number of TLVs: 2
TLV Entry #1
TLV Entry #2
LACP
LACP is still untagged, as expected:
Frame 190: 124 bytes on wire (992 bits), 124 bytes captured (992 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:80:c2:00:00:02
Destination: 01:80:c2:00:00:02
Source: 52:54:00:0b:45:06
Type: Slow Protocols (0x8809)
Slow Protocols
Link Aggregation Control Protocol
LACP Version: 0x01
TLV Type: Actor Information (0x01)
TLV Length: 0x14
Actor System Priority: 32768
Actor System ID: 52:54:00:0b:80:00
Actor Key: 1
Actor Port Priority: 32768
Actor Port: 1
Actor State: 0x45, LACP Activity, Aggregation, Defaulted
[Actor State Flags: *F***G*A]
Reserved: 000000
TLV Type: Partner Information (0x02)
TLV Length: 0x14
Partner System Priority: 0
Partner System: 00:00:00:00:00:00
Partner Key: 0
Partner Port Priority: 0
Partner Port: 0
Partner State: 0x00
[Partner State Flags: ********]
Reserved: 000000
TLV Type: Collector Information (0x03)
TLV Length: 0x10
Collector Max Delay: 32768
Reserved: 000000000000000000000000
TLV Type: Terminator (0x00)
TLV Length: 0x00
Pad: 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
PVST+
The SSTP BPDU is now sent tagged with VLAN 1:
Frame 32: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 1
The IEEE BPDU is sent untagged:
Frame 30: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: 01:80:c2:00:00:00
Source: 52:54:00:04:2a:87
Length: 38
Padding: 0000000000000000
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
The BPDU for VLAN 2 is now untagged as VLAN 2 is the native VLAN:
Frame 31: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
IEEE 802.3 Ethernet
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Length: 50
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 2 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 2 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 2
RPVST+
Same as PVST+, just another version of the BPDU. Tagged SSTP BPDU:
Frame 261: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x3c, Forwarding, Learning, Port Role: Designated
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Originating VLAN (PVID): 1
Untagged IEEE BPDU:
Frame 262: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x3c, Forwarding, Learning, Port Role: Designated
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Untagged BPDU for VLAN 2:
Frame 263: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
IEEE 802.3 Ethernet
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x3c, Forwarding, Learning, Port Role: Designated
Root Identifier: 32768 / 2 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 2 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Originating VLAN (PVID): 2
MST
MST has untagged BPDU as always:
Frame 317: 119 bytes on wire (952 bits), 119 bytes captured (952 bits)
IEEE 802.3 Ethernet
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Multiple Spanning Tree (3)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 0 / 52:54:00:0b:45:06
Root Path Cost: 0
Bridge Identifier: 32768 / 0 / 52:54:00:0b:45:06
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Version 3 Length: 64
MST Extension
Then, let’s see what happens if we enable tagging of the native VLAN.
Trunk With Native VLAN 1 and Native VLAN tagged
The native VLAN is set to 1 and tagging of native VLAN is enabled:
SW1(config-if)#switchport trunk native vlan 1 SW1(config)#vlan dot1q tag native
CDP
CDP is now tagged with VLAN 1:
Frame 14: 358 bytes on wire (2864 bits), 358 bytes captured (2864 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cc
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: CDP (0x2000)
Cisco Discovery Protocol
Version: 2
TTL: 180 seconds
Checksum: 0x474d [correct]
[Checksum Status: Good]
Device ID: SW2
Software Version
Platform: Cisco
Addresses
Port ID: GigabitEthernet0/0
Capabilities
VTP Management Domain:
Native VLAN: 1
Duplex: Full
Trust Bitmap: 0x00
Untrusted port CoS: 0x00
Management Addresses
LLDP
LLDP is also tagged with VLAN 1, which is something I didn’t expect:
Frame 33: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:80:c2:00:00:0e
Destination: 01:80:c2:00:00:0e
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Link Layer Discovery Protocol
Chassis Subtype = MAC address, Id: 52:54:00:04:2a:87
Port Subtype = Interface name, Id: Gi0/0
Time To Live = 0 sec
End of LLDPDU
DTP
DTP is now also tagged:
Frame 28: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cc
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: DTP (0x2004)
Dynamic Trunk Protocol: (Operating/Administrative): Trunk/On (0x81) (Operating/Administrative): 802.1Q/802.1Q (0xa5): 52:54:00:04:2a:87
Version: 1
Domain
Trunk Status
Trunk Type
Sender ID
DTP was untagged for all other scenarios, except when explicitly tagging the native VLAN.
PAgP
PAgP is tagged:
Frame 35: 88 bytes on wire (704 bits), 88 bytes captured (704 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cc
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PAgP (0x0104)
Port Aggregation Protocol
Version: Info PDU (0x01)
Flags: 0x00
Local Device ID: 52:54:00:04:80:00
Local Learn Capability: Arbitrary Distribution (0x02)
Local Port Hot Standby Priority: 128
Local Sent Port ifindex: 1
Local Group Capability: 0x00010001
Local Group ifindex: 0
Partner Device ID: 00:00:00:00:00:00
Partner Learn Capability: Unknown (0x00)
Partner Port Hot Standby Priority: 0
Partner Sent Port ifindex: 0
Partner Group Capability: 0x00000000
Partner Group ifindex: 0
Partner Count: 0
Number of TLVs: 2
TLV Entry #1
TLV Entry #2
LACP
LACP is untagged:
Frame 61: 124 bytes on wire (992 bits), 124 bytes captured (992 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:80:c2:00:00:02
Destination: 01:80:c2:00:00:02
Source: 52:54:00:04:2a:87
Type: Slow Protocols (0x8809)
Slow Protocols
Link Aggregation Control Protocol
LACP Version: 0x01
TLV Type: Actor Information (0x01)
TLV Length: 0x14
Actor System Priority: 32768
Actor System ID: 52:54:00:04:80:00
Actor Key: 1
Actor Port Priority: 32768
Actor Port: 1
Actor State: 0x45, LACP Activity, Aggregation, Defaulted
[Actor State Flags: *F***G*A]
Reserved: 000000
TLV Type: Partner Information (0x02)
TLV Length: 0x14
Partner System Priority: 0
Partner System: 00:00:00:00:00:00
Partner Key: 0
Partner Port Priority: 0
Partner Port: 0
Partner State: 0x00
[Partner State Flags: ********]
Reserved: 000000
TLV Type: Collector Information (0x03)
TLV Length: 0x10
Collector Max Delay: 32768
Reserved: 000000000000000000000000
TLV Type: Terminator (0x00)
TLV Length: 0x00
Pad: 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
LACP is the only protocol to remain untagged in all scenarios.
PVST+
SSTP BPDU is sent tagged:
Frame 1: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 1
IEEE BPDU is sent untagged:
Frame 2: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
BPDU for VLAN 2 is sent tagged:
Frame 3: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 2
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 2 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 2 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 2
RPVST+
For RPVST+, it’s the same, just another version of BPDU. SSTP BPDU is tagged:
Frame 87: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Originating VLAN (PVID): 1
Untagged IEEE BPDU:
Frame 88: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Tagged BPDU for VLAN 2:
Frame 89: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 2
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 2 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 2 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Originating VLAN (PVID): 2
MST
MST is untagged as always:
Frame 130: 119 bytes on wire (952 bits), 119 bytes captured (952 bits)
IEEE 802.3 Ethernet
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Multiple Spanning Tree (3)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 0 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 0 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Version 3 Length: 64
MST Extension
Trunk With Native VLAN 2, VLAN 2 Not Allowed
What happens if we set the native VLAN to 2, but remove it from the trunk? Is this different than removing VLAN 1? Let’s see!
SW1(config-if)#switchport trunk native vlan 2 SW1(config-if)#switchport trunk allowed vlan remove 2
CDP
CDP is tagged with VLAN 1:
Frame 43: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:00:0c:cc:cc:cc
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:0b:45:06
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = DEI: Ineligible
.... 0000 0000 0001 = ID: 1
Length: 41
Padding: 00
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: CDP (0x2000)
Cisco Discovery Protocol
Version: 2
TTL: 0 seconds
Checksum: 0x75ff [correct]
[Checksum Status: Good]
Device ID: SW1
Port ID: GigabitEthernet0/0
LLDP
LLDP is untagged:
Frame 6: 306 bytes on wire (2448 bits), 306 bytes captured (2448 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:80:c2:00:00:0e
Destination: 01:80:c2:00:00:0e
Source: 52:54:00:04:2a:87
Type: 802.1 Link Layer Discovery Protocol (LLDP) (0x88cc)
Trailer: 100000
Link Layer Discovery Protocol
Chassis Subtype = MAC address, Id: 52:54:00:04:2a:87
Port Subtype = Interface name, Id: Gi0/0
Time To Live = 120 sec
System Name = SW2
[truncated]System Description = Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Experimental Version 15.2(20200924:215240) [sweickge-sep24-2020-l2iol-release 135]\nCopyright (c) 1986-2020 by Cisco Systems, Inc.\nCompiled
Port Description = GigabitEthernet0/0
Capabilities
End of LLDPDU
DTP
DTP is untagged:
Frame 3: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:0b:45:06
Length: 34
Padding: 000000000000000000000000
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: DTP (0x2004)
Dynamic Trunk Protocol: (Operating/Administrative): Trunk/On (0x81) (Operating/Administrative): 802.1Q/802.1Q (0xa5): 52:54:00:0b:45:06
Version: 1
Domain
Trunk Status
Trunk Type
Sender ID
PAgP
PAgP is tagged with VLAN 1:
Frame 41: 88 bytes on wire (704 bits), 88 bytes captured (704 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:00:0c:cc:cc:cc
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:0b:45:06
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = DEI: Ineligible
.... 0000 0000 0001 = ID: 1
Length: 70
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PAgP (0x0104)
Port Aggregation Protocol
Version: Info PDU (0x01)
Flags: 0x00
Local Device ID: 52:54:00:0b:80:00
Local Learn Capability: Arbitrary Distribution (0x02)
Local Port Hot Standby Priority: 128
Local Sent Port ifindex: 1
Local Group Capability: 0x00010001
Local Group ifindex: 0
Partner Device ID: 00:00:00:00:00:00
Partner Learn Capability: Unknown (0x00)
Partner Port Hot Standby Priority: 0
Partner Sent Port ifindex: 0
Partner Group Capability: 0x00000000
Partner Group ifindex: 0
Partner Count: 0
Number of TLVs: 2
TLV Entry #1
TLV Entry #2
LACP
LACP is untagged:
Frame 86: 124 bytes on wire (992 bits), 124 bytes captured (992 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:80:c2:00:00:02
Destination: 01:80:c2:00:00:02
Source: 52:54:00:0b:45:06
Type: Slow Protocols (0x8809)
Slow Protocols
Link Aggregation Control Protocol
LACP Version: 0x01
TLV Type: Actor Information (0x01)
TLV Length: 0x14
Actor System Priority: 32768
Actor System ID: 52:54:00:0b:80:00
Actor Key: 1
Actor Port Priority: 32768
Actor Port: 1
Actor State: 0x45, LACP Activity, Aggregation, Defaulted
[Actor State Flags: *F***G*A]
Reserved: 000000
TLV Type: Partner Information (0x02)
TLV Length: 0x14
Partner System Priority: 0
Partner System: 00:00:00:00:00:00
Partner Key: 0
Partner Port Priority: 0
Partner Port: 0
Partner State: 0x00
[Partner State Flags: ********]
Reserved: 000000
TLV Type: Collector Information (0x03)
TLV Length: 0x10
Collector Max Delay: 32768
Reserved: 000000000000000000000000
TLV Type: Terminator (0x00)
TLV Length: 0x00
Pad: 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
PVST+
The SSTP BPDU is tagged:
Frame 1: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = DEI: Ineligible
.... 0000 0000 0001 = ID: 1
Length: 50
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 1
The IEEE BPDU is untagged:
Frame 2: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: 01:80:c2:00:00:00
Source: 52:54:00:04:2a:87
Length: 38
Padding: 0000000000000000
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Spanning Tree (0)
BPDU Type: Configuration (0x00)
BPDU flags: 0x00
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
There is no BPDU for VLAN 2 as it’s not allowed on the trunk.
RPVST+
The SSTP BPDU is tagged:
Frame 139: 68 bytes on wire (544 bits), 68 bytes captured (544 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cd
Destination: 01:00:0c:cc:cc:cd
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = DEI: Ineligible
.... 0000 0000 0001 = ID: 1
Length: 50
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PVSTP+ (0x010b)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Originating VLAN (PVID): 1
The IEEE BPDU is untagged:
Frame 140: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: 01:80:c2:00:00:00
Source: 52:54:00:04:2a:87
Length: 39
Padding: 00000000000000
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Rapid Spanning Tree (2)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 1 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 1 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
There is no BPDU for VLAN 2. Same as with PVST+, of course.
MST
With MST, the BPDU is untagged as always:
Frame 159: 119 bytes on wire (952 bits), 119 bytes captured (952 bits)
IEEE 802.3 Ethernet
Destination: 01:80:c2:00:00:00
Source: 52:54:00:04:2a:87
Length: 105
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Multiple Spanning Tree (3)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x0e, Port Role: Designated, Proposal
Root Identifier: 32768 / 0 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 0 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Version 3 Length: 64
MST Extension
Trunk With Native VLAN 2, VLAN 1 and 2 Not Allowed
What happens if we remove VLAN 1 from the trunk?
SW1(config-if)#switchport trunk allowed vlan remove 1
CDP
CDP is sent tagged with VLAN 1:
Frame 4: 358 bytes on wire (2864 bits), 358 bytes captured (2864 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:00:0c:cc:cc:cc
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:04:2a:87
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: CDP (0x2000)
Cisco Discovery Protocol
Version: 2
TTL: 180 seconds
Checksum: 0x464d [correct]
[Checksum Status: Good]
Device ID: SW2
Software Version
Platform: Cisco
Addresses
Port ID: GigabitEthernet0/0
Capabilities
VTP Management Domain:
Native VLAN: 2
Duplex: Full
Trust Bitmap: 0x00
Untrusted port CoS: 0x00
Management Addresses
LLDP
LLDP is untagged:
Frame 6: 306 bytes on wire (2448 bits), 306 bytes captured (2448 bits)
Ethernet II, Src: 52:54:00:04:2a:87, Dst: 01:80:c2:00:00:0e
Destination: 01:80:c2:00:00:0e
Source: 52:54:00:04:2a:87
Type: 802.1 Link Layer Discovery Protocol (LLDP) (0x88cc)
Trailer: 100000
Link Layer Discovery Protocol
Chassis Subtype = MAC address, Id: 52:54:00:04:2a:87
Port Subtype = Interface name, Id: Gi0/0
Time To Live = 120 sec
System Name = SW2
[truncated]System Description = Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Experimental Version 15.2(20200924:215240) [sweickge-sep24-2020-l2iol-release 135]\nCopyright (c) 1986-2020 by Cisco Systems, Inc.\nCompiled
Port Description = GigabitEthernet0/0
Capabilities
End of LLDPDU
DTP
DTP is untagged:
Frame 2: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:04:2a:87
Length: 34
Padding: 000000000000000000000000
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: DTP (0x2004)
Dynamic Trunk Protocol: (Operating/Administrative): Trunk/On (0x81) (Operating/Administrative): 802.1Q/802.1Q (0xa5): 52:54:00:04:2a:87
Version: 1
Domain
Trunk Status
Trunk Type
Sender ID
PAgP
PAgP is tagged with VLAN 1:
Frame 18: 88 bytes on wire (704 bits), 88 bytes captured (704 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:00:0c:cc:cc:cc
Destination: 01:00:0c:cc:cc:cc
Source: 52:54:00:0b:45:06
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 1
Logical-Link Control
DSAP: SNAP (0xaa)
SSAP: SNAP (0xaa)
Control field: U, func=UI (0x03)
Organization Code: 00:00:0c (Cisco Systems, Inc)
PID: PAgP (0x0104)
Port Aggregation Protocol
Version: Info PDU (0x01)
Flags: 0x00
Local Device ID: 52:54:00:0b:80:00
Local Learn Capability: Arbitrary Distribution (0x02)
Local Port Hot Standby Priority: 128
Local Sent Port ifindex: 1
Local Group Capability: 0x00000000
Local Group ifindex: 0
Partner Device ID: 00:00:00:00:00:00
Partner Learn Capability: Unknown (0x00)
Partner Port Hot Standby Priority: 0
Partner Sent Port ifindex: 0
Partner Group Capability: 0x00000000
Partner Group ifindex: 0
Partner Count: 0
Number of TLVs: 2
TLV Entry #1
TLV Entry #2
LACP
LACP is untagged:
Frame 22: 124 bytes on wire (992 bits), 124 bytes captured (992 bits)
Ethernet II, Src: 52:54:00:0b:45:06, Dst: 01:80:c2:00:00:02
Destination: 01:80:c2:00:00:02
Source: 52:54:00:0b:45:06
Type: Slow Protocols (0x8809)
Slow Protocols
Link Aggregation Control Protocol
LACP Version: 0x01
TLV Type: Actor Information (0x01)
TLV Length: 0x14
Actor System Priority: 32768
Actor System ID: 52:54:00:0b:80:00
Actor Key: 1
Actor Port Priority: 32768
Actor Port: 1
Actor State: 0x45, LACP Activity, Aggregation, Defaulted
[Actor State Flags: *F***G*A]
Reserved: 000000
TLV Type: Partner Information (0x02)
TLV Length: 0x14
Partner System Priority: 0
Partner System: 00:00:00:00:00:00
Partner Key: 0
Partner Port Priority: 0
Partner Port: 0
Partner State: 0x00
[Partner State Flags: ********]
Reserved: 000000
TLV Type: Collector Information (0x03)
TLV Length: 0x10
Collector Max Delay: 32768
Reserved: 000000000000000000000000
TLV Type: Terminator (0x00)
TLV Length: 0x00
Pad: 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
PVST+
No BPDUs as the VLANs aren’t allowed on the trunks.
RPVST+
Same as for PVST+.
MST
BPDUs are sent untagged:
Frame 1: 119 bytes on wire (952 bits), 119 bytes captured (952 bits)
IEEE 802.3 Ethernet
Destination: 01:80:c2:00:00:00
Source: 52:54:00:04:2a:87
Length: 105
Logical-Link Control
DSAP: Spanning Tree BPDU (0x42)
SSAP: Spanning Tree BPDU (0x42)
Control field: U, func=UI (0x03)
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Multiple Spanning Tree (3)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x4e, Agreement, Port Role: Designated, Proposal
Root Identifier: 32768 / 0 / 52:54:00:04:2a:87
Root Path Cost: 0
Bridge Identifier: 32768 / 0 / 52:54:00:04:2a:87
Port identifier: 0x8001
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Version 3 Length: 64
MST Extension
That’s a lot of testing and iterating! Let’s summarize all of the tests with a table:
You don’t have to go through this entire post. Just use it as a reference. Of course, results may vary based on platform and OS. I hope you learned something interesting! See you in the next one!
Encapsulation of PDUs On Trunk Ports
Thanks for putting this together, Daniel.
Seeing LLDP tagged is surprising to me too!
An extra test with “Native VLAN 2 and Native VLAN tagged” might be interesting. I guess LLDP would be sent with tag 2 in that case?
I was starting to wonder how interoperable THAT would be, but I guess it doesn’t matter: “tag native” is a strange and proprietary (I think) lever. All bets are off when you pull it.
Nice seeing you here, Chris!
I ran a quick test and indeed LLDP is tagged with VLAN 2. Also DTP, which is normally sent untagged, is sent with VLAN 2. However, CDP and PAgP are sent tagged with VLAN 1.