Those are faulty configurations I am encountering right now. The question is not about how to make things right. But more like "how could this mess has worked..?"
[1] What comes out of an untagged trunk port? does the port strip all tagging and just dump all vlans and native vlan together to the end device?
[2] if a computer has a nic that is made vlan aware, it can see all the vlans. Can this computer somehow see the trunk line's native vlan as well?
in my particular case:
vlan1 == native vlan, and there is vlan2, and vlan3.
a rogue ip packet with vlan2 ip address and subnet, and intended for vlan2, was put on the native vlan (vlan1).
a computer that has the nic configured to see vlan2 and vlan3 ONLY (Intel Advanced Network Services Protocol) somehow sees the rogue ip packet and the wireshark on this computer sees the rogue ip packet on its vlan2.
No comments:
Post a Comment