Hi,
I’m not seeing some VLAN tags that I think should
exist. I’m running wireshark on a Dell server blade running linux. The Ethernet
adapter is NOT configured for VLANs in any way. It’s connected to a
switch that has port mirroring configured to send packets to the Dell.
I receive the packet, but it looks as if the eth type and
vlan ID (i.e. the entire vlan tag) is stripped.
Reading the FAQ and the wiki, I see that this is expected
behavior in either of the following cases:
(1) Under Linux,
if I have a vlan configured Ethernet adapter, then the VLAN tag might be
stripped before going up the stack.
(2) Under Windows,
the drivers for some broadcom/intel adapters will strip out the vlan tag, and a
registry key needs to be tweaked to allow that data to be visible higher up the
stack.
In my scenario, I’m running Linux, there is no VLAN
configuration, yet the packets still seem to have the 1st VLAN tag
removed. It’s 802.1ah, so I expect to see 2 VLAN tags. I only see one. It’s
as if the first vlan tag is removed, leaving the second one in the place that
the first would otherwise be.
Has anyone ever seen this occur under Linux, when capturing
directly from eth0 (i.e. not eth0.100?)
Regards,
-mike
