The problem that the S7503E-M as an intermediate device fails to pass the Layer 2 mirrored traffic

On the Layer 2 network, Huawei equipment performs local mirroring, and throws mobile DNS traffic directly to our switch through the local mirror. Our switch acts as an intermediate device for pure Layer 2 forwarding. The mobile engineer stated: 1. The mirror source interface of the mobile party is a Layer 3 port. 2. The monitoring port of the mobile party (that is, the port connected to the S75 switch) is a Layer 2 port and is an access port. The vlan is a local vlan of Huawei"s own, so the traffic should be untagged.

At this time, Layer 2 traffic cannot pass through S75. Check the interface count. There is a lot of traffic on the inbound interface, but the outbound interface traffic is very small.

<YD-JZ-HJSW-2>dis counters inbound interface  gi 0/0/1

Interface         Total (pkts)   Broadcast (pkts)   Multicast (pkts)  Err (pkts)

GE0/0/1                1154698                  0                  9           0

 Overflow: More than 14 digits (7 digits for column "Err").

       --: Not supported.

<YD-JZ-HJSW-2>dis counters outbound interface  ten 0/0/25

Interface         Total (pkts)   Broadcast (pkts)   Multicast (pkts)  Err (pkts)

XGE0/0/25               102107                 24                 95           0

 Overflow: More than 14 digits (7 digits for column "Err").

       --: Not supported.

GE0/0/1(in)

XGE0/0/25(out)

First check the configuration under the device interface is a simple Layer 2 forwarding configuration, traffic flooded in vlan101.

#

interface GigabitEthernet0/0/1

 port link-mode bridge

 description To-YD-JZ-DNS01

 port access vlan 101

#

interface Ten-GigabitEthernet0/0/25

 port link-mode bridge

 description To-40G_SW To-Core-1&2

 port link-type trunk

 undo port trunk permit vlan 1

 port trunk permit vlan 20 101 to 104 652

#

Secondly, use the debug port flow-info slot 0 command to view the incremental traffic changes. You can see that the packets in the inbound direction of 0/0/1 are much larger than the packets in the outbound direction of 0/0/25, and the packet is not forwarded. Packets may be dropped on the S75 switch.

inbound

outbound

It is suspected that the reason is that the layer 2 traffic carries the vlan tag. Although the Huawei device indicates that it is thrown to our S75E G0/0/1 interface to the traffic without carrying the vlan-tag, it is received from our device ge1 (G0 / 0/1) chip. According to the statistics of the received packets, a large number of vlan-tag packets were received.

UC_PERQ_BYTE(7).ge0:             2,023,941          +2,023,941             131/s

RUC.ge1           :         1,409,965,854      +1,237,338,671          61,335/s

RDBGC3.ge1        :         1,409,976,359      +1,237,347,910          61,335/s

RDBGC8.ge1        :         1,409,976,358      +1,237,347,909          61,335/s

ING_NIV_RX_FRAMES_VLAN_TAGGED.ge1:         1,409,976,358      +1,237,347,909          61,335/s  //Count of TAG packets received on the port

R64.ge1           :               189,608            +164,997               3/s

R127.ge1          :           831,165,610        +731,516,945          35,010/s

R255.ge1          :           456,778,664        +398,236,914          19,650/s

R511.ge1          :           107,757,150         +94,497,804           6,565/s

R1023.ge1         :             3,481,027          +3,038,954              96/s

R1518.ge1         :               147,305            +137,589               3/s

Therefore, Huawei devices use Layer 3 ports as mirror source ports to send mirror packets that also carry vlan tags.

The QinQ function is implemented on the S75 switch. When the message enters the S75 switch port, because qinq will be marked with an outer tag, the tagged message will be released by the port. The label is peeled off.