VLAN tagging on non-tagged interfaces

Question

We have a BIG-IP VE running under ESXi. All its virtual NICs are connected to virtual switch port groups configured for EST (External Switch Tagging) - that is, with VLAN ID 0. Correspondingly, in BIG-IP configuration all VLANs (there are only two) are assigned to NICs in untagged mode. As far as I understand, that means BIG-IP should never receive or generate 802.1Q tagged packets. However, when I do some traffic capture on the BIG-IP with tcpdump and then open it in Wireshark, I see 802.1Q layer between Ethernet and IP, and it contains correct VLAN IDs as set in system config. That totally puzzles me. The only idea I have, this layer is a kind of "virtual" - not really sent or received by the NIC, but added and used internally to facilitate traffic handling within TMOS. Is that correct?

surgeon · Answer

Hi Vadim,&nbsp;
VLAN tagging is added to the packet capture when you do it on the big-ip. This is expected. Big-ip uses modified tcpdump and capturing mode data (including internal tmm) then regular tcpdump&nbsp;

Forum Discussion

VLAN tagging on non-tagged interfaces

1 Reply

Recent Discussions

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Related Content

Application Programming Interface (API) Authentication types simplified

Google Tag Manager

vCMP logical interfaces throughput

Minimum number of VLANS tag required for the 5 VLANS on a single interface of F5

Symmetric routing on NGINX Plus with multiple interfaces