For those interested: I got some help from someone on my Twitter feed after and solved it. The issue is a problem with VLAN tag offloading, which more recent Linux kernels try to do.
See this article for some info. This described the same behavior I was seeing, that outbound frames did seem to make it (I had ARP info populated on real devices), but tagged frames going to the virtual routers weren't making it (same as you describe too, Keller). https://bugs.launchpad.net/ubuntu/+source/linux/+bug/658460 You can see the status of the offload feature with Ethtool: *bob@lab:~$ ethtool -k eth0 | grep vlan rx-vlan-offload: on * *tx-vlan-offload: on* I didn't research too deeply, but I assume what happens is that the RX VLAN offload function "overreaches" and strips off all VLAN tags, even beyond the first. R1 (a physical router in my lab) is hearing from the virtual routers R2 and R5, but they don't hear R1: *R1#show ip ospf ne* *Neighbor ID Pri State Dead Time Address Interface * *163.144.0.5 1 INIT/DROTHER 00:00:38 163.144.15.5 FastEthernet0/0.15* *163.144.0.2 1 INIT/DROTHER 00:00:31 163.144.12.2 FastEthernet0/0.12* * * *R1#show arp* *Protocol Address Age (min) Hardware Addr Type Interface* *Internet 163.144.12.2 1 ca00.2552.0008 ARPA FastEthernet0/0.12* *Internet 163.144.15.5 0 ca02.2552.0006 ARPA FastEthernet0/0.15* Then I disable the VLAN offloading for the NIC with Ethtool: *bob@lab:~$ sudo ethtool -K eth0 rxvlan off ; sudo ethtool -K eth0 txvlan off* *bob@lab:~$ ethtool -k eth0 | grep vlan* *rx-vlan-offload: off* *tx-vlan-offload: off* And R1 completes OSPF adjacency with R2 and R5 before I can even flip back to that terminal: *R1#* **Aug 29 04:48:22.843: %OSPF-5-ADJCHG: Process 1, Nbr 163.144.0.5 on FastEthernet0/0.15 from LOADING to FULL, Loading Done* **Aug 29 04:48:22.855: %OSPF-5-ADJCHG: Process 1, Nbr 163.144.0.2 on FastEthernet0/0.12 from LOADING to FULL, Loading Done* **Aug 29 04:48:23.039: %OSPFv3-5-ADJCHG: Process 1, Nbr 5.5.5.5 on FastEthernet0/0.15 from LOADING to FULL, Loading Done* **Aug 29 04:48:23.367: %OSPFv3-5-ADJCHG: Process 1, Nbr 2.2.2.2 on FastEthernet0/0.12 from LOADING to FULL, Loading Done* *R1#* I haven't figured out how to make that setting stick through a reboot yet, but that's probably trivial. I assume it's in sysctl somewhere, I just haven't found it yet. For those curious, I am using actual VLAN sub-interfaces on the server, not the method where you put everything into a Dynamips switch and tie one port of the virtual switch to the Ethernet. The method I use is more flexible for working with the emulator that shall not be named. Keller, I'd guess your solution worked because maybe it didn't make calls to the NIC to use the VLAN tag offload acceleration since it wasn't a Linux-specific NIO driver, but that's just a wild guess. OK, thanks for the help everyone. Back to labbing now that my setup works again :-) On Tue, Aug 28, 2012 at 7:57 PM, Keller Giacomarro <[email protected]>wrote: > I had a similar problem when I upgraded Ubuntu. It looked like the NIC > or Linux was stripping VLANs on inbound. I fixed it by using Generic > Ethernet NIO on the GN GNS3 cloud instead of the Linux Ethernet NIO > one. Which are you using? > > Keller Giacomarro > [email protected] > > > On Tue, Aug 28, 2012 at 4:07 PM, Tony Singh <[email protected]> wrote: > > CDP uses vlan 1, make sure other tagged vlan frames are getting through > - wireshark is your friend > > > > -- > > BR > > > > Sent from my iPhone on 3 > > > > On 28 Aug 2012, at 18:03, Joe Sanchez <[email protected]> wrote: > > > >> is your GNS router going directly into the cloud, or through the GNS3 > >> switch? Can you post your config's for the GNS3 router to include the > IOS > >> version your using? > >> > >> On Tue, Aug 28, 2012 at 9:13 AM, Bob McCouch <[email protected]> wrote: > >> > >>> Thanks CJ. Yeah, I think the VLANs are working. I have CDP working > properly > >>> and even untagged frames from the routers are landing where they > should, > >>> but it seems when I send a tagged frame from the Dynamips router, > that's > >>> not making it through. If the VLANs to separate each router weren't > working > >>> CDP would be all jumbled up. > >>> > >>> I still have the hard drive with my old install but I hate thinking my > >>> setup was impossible to replicate again! > >>> > >>> Bob > >>> -- > >>> Sent from my iPhone, please excuse any typos. > >>> > >>> On Aug 28, 2012, at 10:02 AM, CJ <[email protected]> wrote: > >>> > >>> Is 802.1q support properly installed on Ubuntu? > >>> > >>> Did you rebuild the subinterfaces on the server? If so, then yea > 802.1q is > >>> most likely working. > >>> > >>> I would try to capture on the server and also on the switch interface, > >>> ingress from the router. > >>> > >>> So what the traffic looks like, if both tags are there. > >>> > >>> My guess, some package or some weird setting needs to be set on the > server. > >>> > >>> Are you using ubuntu server or desktop? I also found issues with NICs > when > >>> trying to use the GUI to manage the NICS. The GUI and what you > configure on > >>> the CLI don't match all the time because Ubuntu has changed the way > the OS > >>> manages the interfaces. > >>> > >>> Hope that helps, if I think of something more useful I'll let you know. > >>> > >>> CJ > >>> > >>> On Tue, Aug 28, 2012 at 8:34 AM, Bob McCouch <[email protected]> wrote: > >>> > >>>> Hi all, > >>>> > >>>> Sorry for the semi-off topic question, but so few people do this > >>>> specific server config I thought if anyone has an answer to this they > >>>> might be here. > >>>> > >>>> I just rebuilt my lab server last night using Ubuntu server edition > >>>> 12.04. My design uses a breakout switch to support QinQ so the routers > >>>> can have VLAN subinterfaces and integrate with physical switches. > >>>> Dynamips interfaces are tied to VLAN subinterfaces on the server using > >>>> the Dynamips nio_linux feature. > >>>> > >>>> Keep in mind, this all *worked fine* under Ubuntu 11.04. I rebuilt the > >>>> box for other reasons. No changes to the breakout switch, same > >>>> Ethernet adapters used, etc. > >>>> > >>>> Now, the real switch integration works using untagged frames from the > >>>> virtual routers, but if I use VLAN subinterfaces on the routers they > >>>> don't seem to make it through. So it's really the double-tagged frames > >>>> that seem to be a problem, or frames that are already tagged when they > >>>> hit the server. > >>>> > >>>> Again, this all worked under a previous Ubuntu, so just curious if > >>>> anyone knows of a difference with 12.04 vs earlier versions that might > >>>> need tweaking. > >>>> > >>>> Thanks. Please feel free to reply off-list to keep the noise down and > >>>> I will repost a solution I I find one. > >>>> > >>>> Thanks! > >>>> > >>>> Bob > >>>> -- > >>>> Sent from my iPhone, please excuse any typos. > >>>> _______________________________________________ > >>>> For more information regarding industry leading CCIE Lab training, > please > >>>> visit www.ipexpert.com > >>>> > >>>> Are you a CCNP or CCIE and looking for a job? Check out > >>>> www.PlatinumPlacement.com > >>>> > >>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs > >>>> > >>> > >>> > >>> > >>> -- > >>> CJ > >>> > >>> http://convergingontheedge.com <http://www.convergingontheedge.com> > >>> _______________________________________________ > >>> For more information regarding industry leading CCIE Lab training, > please > >>> visit www.ipexpert.com > >>> > >>> Are you a CCNP or CCIE and looking for a job? Check out > >>> www.PlatinumPlacement.com > >>> > >>> http://onlinestudylist.com/mailman/listinfo/ccie_rs > >>> > >> _______________________________________________ > >> For more information regarding industry leading CCIE Lab training, > please visit www.ipexpert.com > >> > >> Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > >> > >> http://onlinestudylist.com/mailman/listinfo/ccie_rs > > _______________________________________________ > > For more information regarding industry leading CCIE Lab training, > please visit www.ipexpert.com > > > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
