vlan 抓包分析
# vlan (virtual LAN ) # 一台未设置任何VLAN的二层交换机上,任何广播帧都会被转发给除接收端口外的全部其余端口(Flooding)。VLAN经过限制广播帧转发的范围分割了广播域 # 802.1Q也即“Virtual Bridged Local Area Networks”(虚拟桥接局域网,简称“虚拟局域网”)协议,公有协议 # ISL&DISL思科交换链路内协议和动态 ISL协议(ISL & DISL:Cisco Inter-Switch Link Protocol and Dynamic ISL Protocol) 交换链路内协议(ISL),是思科私有协议 # 802.1Q和ISL主要区别: # ISL 思科私有标准,只用于思科设备之间互联,在数据帧头部和尾部封装30byte的开销; # 802.1Q 国际标准协议,适用于各个厂商生产的交换机,在数据帧内部增长4byte的开销;
# 以太网帧结构和802.1Q帧结构 # 以太网帧格式 |-----------------------------------------------------------------------------| | DMAC(6bytes) | SMAC(6bytes) | Ether-Type(2bytes) | DATA | |-----------------------------------------------------------------------------| # 802.1Q 以太网帧格式 |--------------------------------------------------------------------------------------------| | DMAC(6bytes) | SMAC(6bytes) | Ether-Type(0x8100)| VLAN(4bytes) | Ether-Type(2bytes) | DATA | |--------------------------------------------------------------------------------------------| # VLAN TAG的格式 |--------------------------------------------------------------------------------------| | Ether-Type(0x8100)| PRI(3bits) | CFI(1bit) | TAG(12bits) | Ether-Type(2bytes) | DATA | |--------------------------------------------------------------------------------------| # PRI:帧优先级,就是一般所说的802.1p,(LAN Layer 2 QoS/CoS Protocol for Traffic Prioritization ) 有关流量优先级LAN第二层QoS/CoS协议 # 1(background),0(默认,没有优先级),2 (excellent effort),3(关键应用),4 (视频),5 (语音),6 (网间控制),7 (网络控制) # CFI:规范标识位,0为规范格式,用于802.3或EthII。1为非规范格式,它被用在令牌环/源路由FDDI介质访问方法中来指示封装帧中所带地址的比特次序信息 # TAG:就是咱们一般说的VLAN ID,12bit,指明VLAN的ID,一共4096个 # 12bit 0-4095 # 1:系统vlan # 2-1001:以太vlan # 1002/1003/1004/1005: tocken ring # 1006-2095:扩展vlan vtp3 vtp1/2 transparant # Ether-Type:标识紧随其后的数据类型。
# VLAN TAG处理过程
# PC :大部分的PC(专用的,或用于测试的除外)是工做在应用层的,缺省状况下是不支持(其实也不须要)VLAN TAG的。也就是说,PC发出的都是UNTAGED数据帧。
# Router:路由器是支持VLAN TAG的。也就是说,路由器能够发出TAGED数据帧,也能够发出UNTAGED数据帧。须要说明的是,路由器是处理数据包的三层信息的,对于二层信息# (包括VLAN信息),路由器只是检查其有效性,以后将其剥离。这个过程就是咱们常说的‘终结’,也就是说,路由器会终结掉报文的VLAN信息的。
# Switch:以太网交换机。VLAN技术就是主要针对于交换机提出的,因此,在讨论VLAN概念时都是立足于交换机来讨论。很显然,交换机既支持收发TAGED数据帧,
# 也支持收发UNTAGED数据帧。从严格意义上讲,引入VLAN后,交换机的行为再也不是‘透明传输’,由于数据帧通过交换机后可能发生了变化。
# 全部能感知VLAN的交换机,报文在交换机内部转发过程当中都是带Tag的。在交给交换芯片处理以前,或者交换芯片交给端口时会根据端口的设置添加或去掉Tag。
# 若是没有进行配置,默认全部的端口都处于Access模式。通常来讲,对端口来讲与VLAN相关的有三个属性,PVID、Tag Vlan、Untag Vlan。PVID有且只有一个,Tag Vlan和Untag Vlan可能有一个,多个,也能够没有,但两个至少其中一个有一个。
# PVID的做用是:若是此端口收到一个Untag的报文,则交换机会根据PVID的值给此报文打上等于PVID的Tag,而后交给交换芯片处理;若是交换芯片要将一个报文今后端口发送,发现此报文的Tag值与PVID相同,则会将Tag去掉,而后今后端口发送出去。
# Tag Vlan和Untag Vlan主要是用于报文发送的处理,若是交换芯片要将报文今后端口发送,发现报文的Tag在此端口的Tag Vlan中,且不等于PVID,则此报文将以Tag的形式发送出去,若是在Untag Vlan中,则以Untag形式发出去。若是报文的Tag既不在Tag Vlan中,也不在Untag Vlan中,则只有一种可能,交换芯片出毛病了。这就是交换机处理Vlan Tag的基本原则了。能够如图所示,即Tag处理只在交换芯片的进、出时刻。
# 若是是Trunk,端口只能有一个Untag的VLAN,且其等于PVID,有多个Tag的VLAN。端口能够接收在全部容许的VLAN和Untag的报文,若是是Untag的报文,则在PVID所在的VLAN转发。报文发送时,按上述规则转发,便可能是Tag的,也多是Untag的。
# 交换机互联为trunk模式
IOU1#interface Ethernet3/3
IOU1#switchport trunk encapsulation dot1q
IOU1#switchport mode trunk
IOU1#duplex auto
IOU1(config-if)#do sh int e3/3 swi
Name: Et3/3
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Appliance trust: none
IOU2#interface Ethernet3/3
IOU2#switchport trunk encapsulation dot1q
IOU2#switchport mode trunk
IOU2#duplex auto
-------------------------------------------------------------------------------------------------------------------
1.1.1.3 ----> | access vlan 10 |-----| trunk |---->| trunk |-----| access vlan 10 |----> 1.1.1.6
| port1 | SW1 | port2 | | port1 | SW1 | port2 |
-------------------------------------------------------------------------------------------------------------------
# 一、路由R3 发出 UNTAGED 以太帧
Frame 37: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:00 (aa:bb:cc:00:06:00), Dst: aa:bb:cc:00:04:00 (aa:bb:cc:00:04:00)
Destination: aa:bb:cc:00:04:00 (aa:bb:cc:00:04:00)
Source: aa:bb:cc:00:06:00 (aa:bb:cc:00:06:00)
Type: IPv4 (0x0800) #
Internet Protocol Version 4, Src: 1.1.1.1, Dst: 1.1.1.3
Internet Control Message Protocol
# 二、从SW1 access vlan 10口进入,并从SW1 trunk 口出
Frame 96: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:00 (aa:bb:cc:00:06:00), Dst: aa:bb:cc:00:04:00 (aa:bb:cc:00:04:00)
Destination: aa:bb:cc:00:04:00 (aa:bb:cc:00:04:00)
Source: aa:bb:cc:00:06:00 (aa:bb:cc:00:06:00)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 10
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 1010 = ID: 10
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 1.1.1.1, Dst: 1.1.1.3
Internet Control Message Protocol
# 三、从SW2 trunk 口入,并从SW2 access vlan 10 口出
Frame 29: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:00 (aa:bb:cc:00:06:00), Dst: aa:bb:cc:00:04:00 (aa:bb:cc:00:04:00)
Destination: aa:bb:cc:00:04:00 (aa:bb:cc:00:04:00)
Source: aa:bb:cc:00:06:00 (aa:bb:cc:00:06:00)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 1.1.1.1, Dst: 1.1.1.3
Internet Control Message Protocol
# 若是是Access,端口只能有一个VLAN Tag,且其等于PVID,没有tag的VLAN。所以Access端口只能接收Untag的报文或所属的VLAN,即等于PVID的VLAN。出去的报文都是Untag的。
# 交换机互联为access模式
-------------------------------------------------------------------------------------------------------------------
1.1.1.3 ----> | access vlan 10 |-----| access vlan 10 |---->| access vlan 10 |-----| access vlan 10 |----> 1.1.1.6
| port1 | SW1 | port2 | | port1 | SW1 | port2 |
-------------------------------------------------------------------------------------------------------------------
# 一、路由R3 发出 UNTAGED 以太帧
Frame 169: 60&n鈙p;b9teq on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:07:00 (aa:bb:cc:00:07:00), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Source: aa:bb:cc:00:07:00 (aa:bb:cc:00:07:00)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
# 二、从SW1 access vlan 10口进入,并从SW1 access vlan 10 口出
Frame 296: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:07:00 (aa:bb:cc:00:07:00), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Source: aa:bb:cc:00:07:00 (aa:bb:cc:00:07:00)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
# 二、从SW2 access vlan 10口进入,并从SW2 access vlan 10 口出
Frame 151: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:07:00 (aa:bb:cc:00:07:00), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Source: aa:bb:cc:00:07:00 (`a:b:cg:00:07:00)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
# native vlan
# Native VLAN是trunk上才有的概念.主要的目的是不丢弃非标记帧.接收方交换机把全部接收到的未标记的数据包转发到NATIVE VLAN中,而不是丢弃.默认是VLAN1.
# trunk native vlan只对Untag帧加pvid,对tag pvid的帧去除pvid
801.q的TRUNK中能够存在多个VLAN。各个VLAN都被加上一个头,并在该头部说明VLAN号码,可是有一个VLAN,不加头,不进行封装。就是native vlan。交换机在发送数据时候会使用vlan的标记来标记该数据属于哪一个vlan,802.1Q容许一个不打标记的vlan,凡在这个segement上没有打标记,对端交换机读数据时候没有读到802.1Q的标记则认为是native vlan
简单的来讲Native Vlan 是802。1Q协议封装下的一种特殊Vlan,来自该VLAN的流量在穿越TRUNK接口时不打TAG,缺省时VLAN1为Native Vlan .
而VLAN1 为交换机的缺省VLAN,通常不承载用户DATA也不承载管理流量,只承载控制信息:如CDP,DTP,BPDU,VTP,Pagp等。
# arp request:
------------------------------------------------------------------------------------------------------------------------------------
1.1.1.4 ----> | trunk native vlan 10 |-----| trunk native vlan 20 |---->| trunk native vlan 30 |-----| access vlan 10 |----> 1.1.1.6
| port1 | SW1 | port2 | | port1 | SW1 | port2 |
------------------------------------------------------------------------------------------------------------------------------------
Frame 2061: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Source: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
#arp request: untag数据包进入trunk native vlan 10 ,从trunk native vlan 20转发
Frame 2387: 64 bytes on wire (512 bits), 64 bytes captured (512 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Source: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 10
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 1010 = ID: 10
Type: ARP (0x0806)
Padding: 0000000000000000000000000000
Trailer: 00000000
Address Resolution Protocol (request)
#arp request: vlan 10 数据包进入trunk native vlan 30,从access vlan 10出
Frame 1371: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Source: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
# arp reply
------------------------------------------------------------------------------------------------------------------------------------
1.1.1.6 ----> | access vlan 10 |-----| trunk native vlan 30 |---->| trunk native vlan 20 |-----| access vlan 10 |----> 1.1.1.4
| port1 | SW1 | port2 | | port1 | SW1 | port2 |
------------------------------------------------------------------------------------------------------------------------------------
tag 10 tag 10 tag 10
Frame 1372: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11), Dst: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11)
Destination: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11)
Source: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (reply)
Frame 2388: 64 bytes on wire (512 bits), 64 bytes captured (512 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11), Dst: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11)
Destination: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11)
Source: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 10
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 1010 = ID: 10
Type: ARP (0x0806)
Padding: 0000000000000000000000000000
Trailer: 00000000
Address Resolution Protocol (reply)
Frame 2062: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11), Dst: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11)
Destination: aa:bb:cc:00:04:11 (aa:bb:cc:00:04:11)
Source: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (reply)
#
-------------------------------------------------------------------------------------------------------------
| | | | | | | |
1.1.1.6 ----> |trunk native vlan 10|-SW1-|trunk native vlan 30|---->|trunk native vlan 20|--|trunk|----> 1.1.1.4
| | | | | | | |
-------------------------------------------------------------------------------------------------------------
Frame 7406: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11), Dst: aa:bb:cc:00:07:11 (aa:bb:cc:00:07:11)
Destination: aa:bb:cc:00:07:11 (aa:bb:cc:00:07:11)
Source: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 1.1.1.6, Dst: 1.1.1.3
Internet Control Message Protocol
Frame 8211: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11), Dst: aa:bb:cc:00:07:11 (aa:bb:cc:00:07:11)
Destination: aa:bb:cc:00:07:11 (aa:bb:cc:00:07:11)
Source: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 10
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 1010 = ID: 10
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 1.1.1.6, Dst: 1.1.1.3
Internet Control Message Protocol
Frame 4608: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11), Dst: aa:bb:cc:00:07:11 (aa:bb:cc:00:07:11)
Destination: aa:bb:cc:00:07:11 (aa:bb:cc:00:07:11)
Source: aa:bb:cc:00:09:11 (aa:bb:cc:00:09:11)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 10
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 1010 = ID: 10
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 1.1.1.6, Dst: 1.1.1.3
Internet Control Message Protocol
1.1.1.3 ping 1.1.1.4 不通
request
-----------------------------------------------------------------------------------------
| | | |
1.1.1.3 ----> | trunk | SW1 | trunk native vlan 10 |----> 1.1.1.4
| port1 | | port2 |
-----------------------------------------------------------------------------------------
Frame 307: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Source: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
Frame 13: 68 bytes on wire (544 bits), 68 bytes captured (544 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:04:21 (aa:bb:cc:00:04:21), Dst: PVST+ (01:00:0c:cc:cc:cd)
Destination: PVST+ (01:00:0c:cc:cc:cd)
Source: aa:bb:cc:00:04:21 (aa:bb:cc:00:04:21)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 0001 = ID: 1
Length: 50
Logical-Link Control
Spanning Tree Protocol
# trunk收,untag加pvid;trunk发,tag直接转发
1.1.1.4 ping 1.1.1.3 不通
request
--------------------------------------------------------------------------------------------------
| | | |
1.1.1.4 ----> | trunk native vlan 10 | SW1 | trunk |----> 1.1.1.3
| port2 | | port1 |
--------------------------------------------------------------------------------------------------
Frame 6945: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11), Dst: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Destination: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Source: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 1.1.1.4, Dst: 1.1.1.3
Internet Control Message Protocol
Frame 3877: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11), Dst: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Destination: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Source: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 10
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 1010 = ID: 10
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 1.1.1.4, Dst: 1.1.1.3
Internet Control Message Protocol
# trunk收,untag加pvid;trunk发,tag直接转发
1.1.1.3 ping 1.1.1.4 通
request
--------------------------------------------------------------------------------------------------
| | | |
1.1.1.3 ----> | access vlan 10 | SW1 | trunk native vlan 10 |----> 1.1.1.4
| port1 | | port2 |
--------------------------------------------------------------------------------------------------
Frame 1777: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Source: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
Frame 1786: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Source: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (request)
# trunk发,tag去pvid
reply
---------------------------------------------------------------------------------------------------
| | | |
1.1.1.4 ----> | trunk native vlan 10 | SW1 | access vlan 10 |----> 1.1.1.3
| port2 | | port1 |
---------------------------------------------------------------------------------------------------
Frame 2413: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11), Dst: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Destination: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Source: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (reply)
Frame 1980: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11), Dst: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Destination: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Source: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11)
Type: ARP (0x0806)
Padding: 000000000000000000000000000000000000
Address Resolution Protocol (reply)
# trunk收,untag加pvid
request 1.1.1.3 Ping 1.1.1.4 不通
--------------------------------------------------------------------------------------------------
| | | |
1.1.1.3 ----> | access vlan 10 | SW1 | trunk native vlan 20 |----> 1.1.1.4
| port1 | | port2 |
--------------------------------------------------------------------------------------------------
Frame 2563: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11), Dst: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11)
Destination: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11)
Source: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 1.1.1.3, Dst: 1.1.1.4
Internet Control Message Protocol
Frame 4152: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11), Dst: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11)
Destination: aa:bb:cc:00:06:11 (aa:bb:cc:00:06:11)
Source: aa:bb:cc:00:08:11 (aa:bb:cc:00:08:11)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 10
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 1010 = ID: 10
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 1.1.1.3, Dst: 1.1.1.4
Internet Control Message Protocol
# trunk发,tag 直接转发
# DTP(DynamicTrunking protocol)是思科私有协议为Trunk服务,前身是DISL。可让交换机间的链路自动协商是否造成Trunk。
# TRUNK介绍过配置Trunk用switchporttrunk encapsulation dot1Q和switchportmode trunk这两条命令便可。
# 如今能够不用手动打这两条命令,而是用DTP来自动协商造成Trunk。另外DTP还能够协商Trunk链路的封装类型(802.1Q或ISL)。配置了DTP的交换机会发送DTP协商包,对方对DTP协商包进行响应,最终决定是否能够造成Trunk。
# 30s发送一次DTP的frame. 该协议仅在交换机间协商。
# DTP有4种模式类型是:auto,dersirable,trunk negotiate,trunk nonegotiate
# auto:被动协商,不主动发送DTP,但收到DTP后能够回复,回复后成功协商成Trunk链路
# desirable:指望把接口置于Trunk模式,会主动发送或回复DTP协商,只要对方能响应,就成功协商成Trunk链路
# negotiate:已经强制将端口配成Trunk模式了,会主动发送或回复DTP协商,只要对方能响应,就成功协商成Trunk链路
# nonegotiate:已经强制将端口配成Trunk模式了,但不主动发送或回复DTP协商。所以只有在对方端口已是negotiate或nonegotiate,即对方端口已经配置成了Trunk的状况下,才能造成Trunk链路
# 思科交换机端口的主干模式
# OFF(关闭):使用"switchport mode access"命令,静态配置交换机端口为接入端口(非主干端口)。
# ON(打开):使用"switchport mode trunk"命令,静态配置交换机端口为主干端口。
# Dynamic auto(动态自动):使用"switchport mode dynamic auto"命令,静态配置交换机端口为动态自动模式。
# Dynamic desirable(动态指望):使用"switchport mode dynamic desirable"命令,静态配置交换机端口为动态指望模式。
# Nonegotiate(关闭DTP协议):使用"switchport nonegotiate"命令,将关闭DTP协议
--------------------------------------------------------------------
| SW1 | | SW2 |
| trunk | -- | trunk |
| none | | none |
--------------------------------------------------------------------
IOU1(config)#do sh int e3/3 swi
Name: Et3/3
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: isl
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Appliance trust: none
IOU1(config)#
IOU2(config)#do sh int e3/3 swi
Name: Et3/3
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: isl
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Appliance trust: none
IOU2(config)#
Frame 5064: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33), Dst: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
Destination: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc) # 目的MAC地址 CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
Source: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 0001 = ID: 1 # 802.1Q封装 vlan 1
Length: 34
Padding: 0000000000000000
Logical-Link Control
DSAP: SNAP (0xaa)
1010 101. = SAP: SNAP
.... ...0 = IG Bit: Individual
SSAP: SNAP (0xaa)
1010 101. = SAP: SNAP
.... ...0 = CR Bit: Command
Control field: U, func=UI (0x03)
000. 00.. = Command: Unnumbered Information (0x00)
.... ..11 = Frame type: Unnumbered frame (0x3)
Organization Code: Cisco (0x00000c) # cisco 私有协议
PID: DTP (0x2004) # 采用DTP协议
Dynamic Trunk Protocol: (Operating/Administrative): Trunk/Desirable (0x83) (Operating/Administrative): ISL/Negotiated (0x40): aa:bb:cc:00:04:33
Version: 1
Domain
Type: Domain (0x0001)
Length: 5
Domain:
Trunk Status
Type: Trunk Status (0x0002)
Length: 5
Value: Trunk/Desirable (0x83) # Trunk Status :Trunk/Desirable 模式
1... .... = Trunk Operating Status: Trunk (0x1)
.... .011 = Trunk Administrative Status: Desirable (0x3)
Trunk Type
Type: Trunk Type (0x0003)
Length: 5
Value: ISL/Negotiated (0x40)
010. .... = Trunk Operating Type: ISL (0x2) # trunk 类型为 ISL
.... .000 = Trunk Administrative Type: Negotiated (0x0) # 管理配置类型:Negotiated
Sender ID
Type: Sender ID (0x0004)
Length: 10
Sender ID: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33)
Frame 5065: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33), Dst: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
Destination: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc) # 目的MAC地址 CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
Source: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 0001 = ID: 1
Length: 34
Padding: 0000000000000000
Logical-Link Control
DSAP: SNAP (0xaa)
1010 101. = SAP: SNAP
.... ...0 = IG Bit: Individual
SSAP: SNAP (0xaa)
1010 101. = SAP: SNAP
.... ...0 = CR Bit: Command
Control field: U, func=UI (0x03)
000. 00.. = Command: Unnumbered Information (0x00)
.... ..11 = Frame type: Unnumbered frame (0x3)
Organization Code: Cisco (0x00000c)
PID: DTP (0x2004)
Dynamic Trunk Protocol: (Operating/Administrative): Trunk/Desirable (0x83) (Operating/Administrative): ISL/Negotiated (0x40): aa:bb:cc:00:06:33
Version: 1
Domain
Type: Domain (0x0001)
Length: 5
Domain:
Trunk Status
Type: Trunk Status (0x0002)
Length: 5
Value: Trunk/Desirable (0x83)
1... .... = Trunk Operating Status: Trunk (0x1)
.... .011 = Trunk Administrative Status: Desirable (0x3)
Trunk Type
Type: Trunk Type (0x0003)
Length: 5
Value: ISL/Negotiated (0x40)
010. .... = Trunk Operating Type: ISL (0x2)
.... .000 = Trunk Administrative Type: Negotiated (0x0)
Sender ID
Type: Sender ID (0x0004)
Length: 10
Sender ID: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33)
--------------------------------------------------------------------------------------------------
| SW1 | | SW2 |
| trunk | -- | trunk |
|switchport trunk encapsulation dot1q | |switchport trunk encapsulation dot1q |
| switchport mode trunk | | switchport mode trunk |
--------------------------------------------------------------------------------------------------
IOU1(config-if)#do sh int e3/3 swi
Name: Et3/3
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Appliance trust: none
IOU1(config-if)#
IOU2(config-if)#do sh int e3/3 swi
Name: Et3/3
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Appliance trust: none
IOU2(config-if)#
Frame 6159: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33), Dst: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
Destination: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
Source: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 0001 = ID: 1
Length: 34
Padding: 0000000000000000
Logical-Link Control
DSAP: SNAP (0xaa)
1010 101. = SAP: SNAP
.... ...0 = IG Bit: Individual
SSAP: SNAP (0xaa)
1010 101. = SAP: SNAP
.... ...0 = CR Bit: Command
Control field: U, func=UI (0x03)
000. 00.. = Command: Unnumbered Information (0x00)
.... ..11 = Frame type: Unnumbered frame (0x3)
Organization Code: Cisco (0x00000c)
PID: DTP (0x2004)
Dynamic Trunk Protocol: (Operating/Administrative): Trunk/On (0x81) (Operating/Administrative): 802.1Q/802.1Q (0xa5): aa:bb:cc:00:06:33
Version: 1
Domain
Type: Domain (0x0001)
Length: 5
Domain:
Trunk Status
Type: Trunk Status (0x0002)
Length: 5
Value: Trunk/On (0x81)
1... .... = Trunk Operating Status: Trunk (0x1) #
.... .001 = Trunk Administrative Status: On (0x1)
Trunk Type
Type: Trunk Type (0x0003)
Length: 5
Value: 802.1Q/802.1Q (0xa5)
101. .... = Trunk Operating Type: 802.1Q (0x5) # Trunk Type : 802.1Q
.... .101 = Trunk Administrative Type: 802.1Q (0x5) # 管理配置类型: 802.1Q
Sender ID
Type: Sender ID (0x0004)
Length: 10
Sender ID: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33)
Frame 6160: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33), Dst: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
Destination: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
Source: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33)
Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
000. .... .... .... = Priority: Best Effort (default) (0)
...0 .... .... .... = CFI: Canonical (0)
.... 0000 0000 0001 = ID: 1
Length: 34
Padding: 0000000000000000
Logical-Link Control
DSAP: SNAP (0xaa)
1010 101. = SAP: SNAP
.... ...0 = IG Bit: Individual
SSAP: SNAP (0xaa)
1010 101. = SAP: SNAP
.... ...0 = CR Bit: Command
Control field: U, func=UI (0x03)
000. 00.. = Command: Unnumbered Information (0x00)
.... ..11 = Frame type: Unnumbered frame (0x3)
Organization Code: Cisco (0x00000c)
PID: DTP (0x2004)
Dynamic Trunk Protocol: (Operating/Administrative): Trunk/On (0x81) (Operating/Administrative): 802.1Q/802.1Q (0xa5): aa:bb:cc:00:04:33
Version: 1
Domain
Type: Domain (0x0001)
Length: 5
Domain:
Trunk Status
Type: Trunk Status (0x0002)
Length: 5
Value: Trunk/On (0x81)
1... .... = Trunk Operating Status: Trunk (0x1)
.... .001 = Trunk Administrative Status: On (0x1)
Trunk Type
Type: Trunk Type (0x0003)
Length: 5
Value: 802.1Q/802.1Q (0xa5)
101. .... = Trunk Operating Type: 802.1Q (0x5)
.... .101 = Trunk Administrative Type: 802.1Q (0x5)
Sender ID
Type: Sender ID (0x0004)
Length: 10
Sender ID: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33)
相关文章
- 1. DTP 抓包分析
- 2. VTP 抓包分析
- 3. STP 抓包分析
- 4. tcpdump 抓包分析
- 5. VLAN+DHCP(1)(附抓包)
- 6. WireShark抓包分析
- 7. wireshark抓包分析
- 8. TLS抓包分析
- 9. Fiddler抓包分析
- 10. DHCP抓包分析
- 更多相关文章...
- • 互联网系统应用架构基础分析 - 红包项目实战
- • 高并发系统的分析和设计 - 红包项目实战
- • Git五分钟教程
- • 算法总结-二分查找法
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 安装cuda+cuDNN
- 2. GitHub的使用说明
- 3. phpDocumentor使用教程【安装PHPDocumentor】
- 4. yarn run build报错Component is not found in path “npm/taro-ui/dist/weapp/components/rate/index“
- 5. 精讲Haproxy搭建Web集群
- 6. 安全测试基础之MySQL
- 7. C/C++编程笔记:C语言中的复杂声明分析,用实例带你完全读懂
- 8. Python3教程(1)----搭建Python环境
- 9. 李宏毅机器学习课程笔记2:Classification、Logistic Regression、Brief Introduction of Deep Learning
- 10. 阿里云ECS配置速记
欢迎关注本站公众号,获取更多信息
相关文章
- 1. DTP 抓包分析
- 2. VTP 抓包分析
- 3. STP 抓包分析
- 4. tcpdump 抓包分析
- 5. VLAN+DHCP(1)(附抓包)
- 6. WireShark抓包分析
- 7. wireshark抓包分析
- 8. TLS抓包分析
- 9. Fiddler抓包分析
- 10. DHCP抓包分析