Posted on May 26, 2015 4:16 pm
 |  Asked by Steve Conner
 |  1767 views
RESOLVED
0
0
Print Friendly, PDF & Email

I have a tap agg that is connected to a cisco device I am sending the vlag tag toward the Tap Agg switch but the VLAN tags seem to be stripped off when they get to the tool port, is there a way to do this?

CISCO Device

monitor session 1 source vlan 100 , 110 , 130 - 141
monitor session 1 destination interface Gi4/0/27 encapsulation replicate

Arista

interface Ethernet4
description USC
switchport mode tap
switchport tap default group IDS

interface Ethernet24
switchport mode tool
switchport tool identity dot1q
switchport tool group set IDS

If I add a identify vlan I do see that tag however I would prefer to maintain the source tag.

0
Posted by Shine
Answered on May 26, 2015 4:50 pm

Steve,

When you configure identity, your source tag become an inner tag, encapsulated by an outer tag (if not defined in config it will assume vlan 1 tag).

If you want to preserve original source tag without adding an outer vlan tag, you should remove the ”switchport tool identity dot1q” line.

HTH

1
Posted by jp
Answered on May 26, 2015 5:19 pm

Hi Steve,

There are a few possibilities here – actually since you do not have an IDTag value configured on the tool port, I would expect the packets to emerge on the tool port exactly as they entered the device.

This means is could be your analyzer stripping the outermost VLAN header – please see this link for some pointers:

https://eos.arista.com/common-challenges-with-tap-aggregation/

If you do configure the IDTag value on the tap port, your original tags will be ’inside’ the newly added ID Tag.

So if your driver is stripping VLAN tags, then ’enabling the IDTag’ might actually mean you start seeing the original tags at the analyzer (because now the analyzer is taking off the IDTag and leaving the original payload).

As a reminder, you have 3 means to control IDTags:

1. Add/Omit by source port

2. Add/Omit by destination port

3. Use traffic steering policy to apply IDTag to specific flows or groups of flows

My advice is to check out the tips at the link above and experiment with adding the IDTag config to both tap and tool ports.

Hope this helps,

JP

Post your Answer

You must be logged in to post an answer.