VLAN tagging on non-tagged interfaces

Question

We have a BIG-IP VE running under ESXi. All its virtual NICs are connected to virtual switch port groups configured for EST (External Switch Tagging) - that is, with VLAN ID 0. Correspondingly, in BIG-IP configuration all VLANs (there are only two) are assigned to NICs in untagged mode. As far as I understand, that means BIG-IP should never receive or generate 802.1Q tagged packets. However, when I do some traffic capture on the BIG-IP with tcpdump and then open it in Wireshark, I see 802.1Q layer between Ethernet and IP, and it contains correct VLAN IDs as set in system config. That totally puzzles me. The only idea I have, this layer is a kind of "virtual" - not really sent or received by the NIC, but added and used internally to facilitate traffic handling within TMOS. Is that correct?

surgeon · Answer

Hi Vadim,&nbsp;
VLAN tagging is added to the packet capture when you do it on the big-ip. This is expected. Big-ip uses modified tcpdump and capturing mode data (including internal tmm) then regular tcpdump&nbsp;

Forum Discussion

VLAN tagging on non-tagged interfaces

Recent Discussions

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Submenus missing in ASM Security Tab

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Related Content

Application Programming Interface (API) Authentication types simplified

Google Tag Manager

Minimum number of VLANS tag required for the 5 VLANS on a single interface of F5

vCMP logical interfaces throughput

R-Series Tenant - Need to change Vlan tag

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS