Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,000 --> 00:00:04,000 align:middle line:84% So switch 1 we're gonna shut this interface down 2 00:00:04,000 --> 00:00:07,000 align:middle line:84% to force traffic to go via the hub 3 00:00:07,000 --> 00:00:11,000 align:middle line:84% So interface gigabit 0/2 shut it down 4 00:00:11,000 --> 00:00:15,000 align:middle line:84% sh in g0/3 switchport 5 00:00:15,000 --> 00:00:21,000 align:middle line:84% this port gigabit 0/3 is acting as a trunk 6 00:00:21,000 --> 00:00:25,000 align:middle line:84% using 802.1Q all VLANs are allowed. 7 00:00:25,000 --> 00:00:34,000 align:middle line:84% So let’s do a capture on the hub, were receiving PVST information 8 00:00:34,000 --> 00:00:38,000 align:middle line:84% and notice the difference here's an 802.1Q header 9 00:00:38,000 --> 00:00:44,000 align:middle line:84% so we have Ethernet but notice the type is not IPv4 10 00:00:44,000 --> 00:00:54,000 align:middle line:84% the type is 802.1Q, so the type is 0x8100 rather than 0x0800 for IP. 11 00:00:54,000 --> 00:00:58,000 align:middle line:84% so 802.1Q frame, we can see here 12 00:00:58,000 --> 00:01:03,000 align:middle line:84% that the VLAN ID for this PVST message is VLAN 1 13 00:01:03,000 --> 00:01:10,000 align:middle line:84% Per-VLAN Spanning Tree sends what are called BPDUs on every VLAN 14 00:01:10,000 --> 00:01:14,000 align:middle line:84% so here we can see some Spanning Tree information 15 00:01:14,000 --> 00:01:16,000 align:middle line:84% and as we scroll down 16 00:01:16,000 --> 00:01:20,000 align:middle line:84% we can see that as an example CDP and VTP messages 17 00:01:20,000 --> 00:01:25,000 align:middle line:84% or in this case, DTP is sent as an untagged frame. 18 00:01:25,000 --> 00:01:28,000 align:middle line:84% So we can see some DTP information arriving here. 19 00:01:28,000 --> 00:01:31,000 align:middle line:84% And that will continue on. 20 00:01:31,000 --> 00:01:38,000 align:middle line:84% So let’s do a ping from router 2 acting as PC 2 to router 4 21 00:01:38,000 --> 00:01:44,000 align:middle line:84% and see if we can see why the frames are not permitted. 22 00:01:44,000 --> 00:01:51,000 align:middle line:84% So ICMP is showing nothing, so we can see a broadcast here 23 00:01:51,000 --> 00:01:58,000 align:middle line:84% this is an ARP message saying who has 10.1.2.4 24 00:01:58,000 --> 00:02:06,000 align:middle line:84% so in this ARP message, I'll just stop that capture for a moment. 25 00:02:06,000 --> 00:02:12,000 align:middle line:84% Here’s the ARP you can see it's an Ethernet 2 frame 26 00:02:12,000 --> 00:02:16,000 align:middle line:84% with the broadcast so the destination is broadcast. 27 00:02:16,000 --> 00:02:20,000 align:middle line:84% Source MAC address is the MAC address of router 2. 28 00:02:20,000 --> 00:02:22,000 align:middle line:84% We can see that by looking at the interface 29 00:02:22,000 --> 00:02:30,000 align:middle line:84% so sh int f0/0 notice there’s the MAC address of the router 30 00:02:30,000 --> 00:02:34,000 align:middle line:84% and they're already shown in the Wireshark capture 31 00:02:34,000 --> 00:02:42,000 align:middle line:84% but notice the type is once again 802.1Q and the VLAN is set to VLAN 2. 32 00:02:42,000 --> 00:02:49,000 align:middle line:84% So in other words, the router is sending the frame untagged to the switch. 33 00:02:49,000 --> 00:02:54,000 align:middle line:84% But when it go across this link it's going as a tagged frame. 34 00:02:54,000 --> 00:02:59,000 align:middle line:84% The switch is setting the VLAN tag to 2 35 00:02:59,000 --> 00:03:03,000 align:middle line:84% because it arrived on this port which is in VLAN 2. 36 00:03:03,000 --> 00:03:06,000 align:middle line:84% I’m just reset that capture 37 00:03:06,000 --> 00:03:13,000 align:middle line:84% and what I want to show you is on this port 38 00:03:13,000 --> 00:03:16,000 align:middle line:84% it's gonna show us untagged, so it's standard Ethernet 39 00:03:16,000 --> 00:03:18,000 align:middle line:84% but on this one, it's gonna show us tagged 40 00:03:18,000 --> 00:03:21,000 align:middle line:84% because the switch is tagging the frame. 41 00:03:21,000 --> 00:03:28,000 align:middle line:84% So I'll do the ping again 42 00:03:28,000 --> 00:03:33,000 align:middle line:84% now this is the frame to the switch from the router 43 00:03:33,000 --> 00:03:37,000 align:middle line:84% and we'll the switch for ARP, you can see this, the ARP traffic 44 00:03:37,000 --> 00:03:46,000 align:middle line:84% from the router to a broadcast address it's untagged, this is the type for ARP. 45 00:03:46,000 --> 00:03:51,000 align:middle line:84% There is no 802.1Q header here at all. 46 00:03:51,000 --> 00:03:57,000 align:middle line:84% But when we look for ARP on the link between these switches 47 00:03:57,000 --> 00:04:01,000 align:middle line:84% notice you can see the 802.1Q tagged set to 2. 48 00:04:01,000 --> 00:04:09,000 align:middle line:84% So the traffic is arriving here as untagged 49 00:04:09,000 --> 00:04:13,000 align:middle line:84% and the switch is tagging it to send the frame to switch 2. 50 00:04:13,000 --> 00:04:17,000 align:middle line:84% The problem here is when the traffic hits switch 2 51 00:04:17,000 --> 00:04:19,000 align:middle line:84% switch 2 is not configured with trunking 52 00:04:19,000 --> 00:04:22,000 align:middle line:84% this is just an access port in VLAN 1. 53 00:04:22,000 --> 00:04:27,000 align:middle line:84% So that traffic will be sent to this port 54 00:04:27,000 --> 00:04:30,000 align:middle line:84% but not out of this port which is in VLAN 2. 55 00:04:30,000 --> 00:04:33,000 align:middle line:84% So on switch 2 let’s see if we can see that. 56 00:04:33,000 --> 00:04:37,000 align:middle line:84% sh int trunk 57 00:04:37,000 --> 00:04:40,000 align:middle line:84% At the moment no interfaces are trunking 58 00:04:40,000 --> 00:04:44,000 align:middle line:84% so sh int g0/3 59 00:04:44,000 --> 00:04:47,000 align:middle line:84% and let’s put switchport at the end 60 00:04:47,000 --> 00:04:52,000 align:middle line:84% so sh interfaces g0/3 switchport 61 00:04:52,000 --> 00:04:56,000 align:middle line:84% this interface gigabit 0/3 is enabled 62 00:04:56,000 --> 00:05:03,000 align:middle line:84% it's set for negotiation of trunking. So it’s in VLAN 1. 63 00:05:03,000 --> 00:05:10,000 align:middle line:84% This port belongs to VLAN 1, it’s an access port, no trunking is enabled 64 00:05:10,000 --> 00:05:15,000 align:middle line:84% so traffic from router 2 is simply gonna be sent out of this port. 65 00:05:15,000 --> 00:05:19,000 align:middle line:84% So let’s do a capture there to prove that 66 00:05:19,000 --> 00:05:22,000 align:middle line:84% and then we'll do a capture on this port 67 00:05:22,000 --> 00:05:24,000 align:middle line:84% to check if any traffic arrives on this port. 68 00:05:24,000 --> 00:05:27,000 align:middle line:84% So there's the Wireshark capture 69 00:05:27,000 --> 00:05:29,000 align:middle line:84% do the ping again on router 2 70 00:05:29,000 --> 00:05:33,000 align:middle line:84% I’ll do a filter for ARP 71 00:05:33,000 --> 00:05:36,000 align:middle line:84% and notice there's the broadcast traffic from 10.1.2.2 72 00:05:36,000 --> 00:05:44,000 align:middle line:84% which is router 2 asking for the MAC address of 10.1.2.4 73 00:05:44,000 --> 00:05:50,000 align:middle line:84% So router 2 is asking for the MAC address of router 4 but it never receives it. 74 00:05:50,000 --> 00:05:55,000 align:middle line:84% So what you'll also notice here is there is no 8021.Q tag. 75 00:05:55,000 --> 00:05:58,000 align:middle line:84% So the frame was sent untagged here 76 00:05:58,000 --> 00:06:00,000 align:middle line:84% it was sent tagged cross here 77 00:06:00,000 --> 00:06:05,000 align:middle line:84% arrived here but this port was configured as an access port in VLAN 1. 78 00:06:05,000 --> 00:06:10,000 align:middle line:84% So the traffic was simply copied out on this port in VLAN 1 and with no tag. 79 00:06:10,000 --> 00:06:12,000 align:middle line:84% The traffic never arrived in this port. 80 00:06:12,000 --> 00:06:15,000 align:middle line:84% So let’s prove that do a capture here. 81 00:06:15,000 --> 00:06:23,000 align:middle line:84% I’ll do the ping again, and try and filter for ARP 82 00:06:23,000 --> 00:06:27,000 align:middle line:84% and what you’ll notice is there's no ARP traffic 83 00:06:27,000 --> 00:06:30,000 align:middle line:84% because the traffic is arriving on an access port. 84 00:06:30,000 --> 00:06:35,000 align:middle line:84% Port 1 it’s only gonna be sent out of this port which is port 1. 85 00:06:35,000 --> 00:06:37,000 align:middle line:84% It’s not gonna set out of this port at all. 86 00:06:37,000 --> 00:06:39,000 align:middle line:84% so let’s stop all captures 87 00:06:39,000 --> 00:06:45,000 align:middle line:84% and then what we'll do now is configure this port to be a trunk port 88 00:06:45,000 --> 00:06:47,000 align:middle line:84% and this port to be a trunk port 89 00:06:47,000 --> 00:06:49,000 align:middle line:84% but we'll leave this port shutdown for the moment 90 00:06:49,000 --> 00:06:54,000 align:middle line:84% so that we can see the traffic being captured. 10106