DTP 抓包分析

# DTP(DynamicTrunking protocol)是思科私有协议为Trunk服务,前身是DISL。可以让交换机间的链路自动协商是否形成Trunk。
# TRUNK介绍过配置Trunk用switchporttrunk encapsulation dot1Q和switchportmode trunk这两条命令即可。
# 现在可以不用手动打这两条命令,而是用DTP来自动协商形成Trunk。另外DTP还可以协商Trunk链路的封装类型(802.1Q或ISL)。配置了DTP的交换机会发送DTP协商包,对方对DTP协商包进行响应,最终决定是否可以形成Trunk。
# 30s发送一次DTP的frame. 该协议仅在交换机间协商。

# DTP有4种模式分别是:auto,dersirable,trunk negotiate,trunk nonegotiate
# auto:被动协商,不主动发送DTP,但收到DTP后可以回复,回复后成功协商成Trunk链路
# desirable:期望把接口置于Trunk模式,会主动发送或回复DTP协商,只要对方能响应,就成功协商成Trunk链路
# negotiate:已经强制将端口配成Trunk模式了,会主动发送或回复DTP协商,只要对方能响应,就成功协商成Trunk链路
# nonegotiate:已经强制将端口配成Trunk模式了,但不主动发送或回复DTP协商。因此只有在对方端口已经是negotiate或nonegotiate,即对方端口已经配置成了Trunk的情况下,才能形成Trunk链路

--------------------------------------------------------------------
        |         SW1         |      |         SW2         |
        |        trunk        |  --  |        trunk        |
        |        none         |      |        none         |
--------------------------------------------------------------------      

IOU1(config)#do sh int e3/3 swi
Name: Et3/3
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: isl
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Appliance trust: none
IOU1(config)#

IOU2(config)#do sh int e3/3 swi
Name: Et3/3
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: isl
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Appliance trust: none
IOU2(config)#

Frame 5064: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33), Dst: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
    Destination: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)       # 目的MAC地址 CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
    Source: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33)
    Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
    000. .... .... .... = Priority: Best Effort (default) (0)
    ...0 .... .... .... = CFI: Canonical (0)
    .... 0000 0000 0001 = ID: 1                                  # 802.1Q封装 vlan 1
    Length: 34
    Padding: 0000000000000000
Logical-Link Control
    DSAP: SNAP (0xaa)
        1010 101. = SAP: SNAP
        .... ...0 = IG Bit: Individual
    SSAP: SNAP (0xaa)
        1010 101. = SAP: SNAP
        .... ...0 = CR Bit: Command
    Control field: U, func=UI (0x03)
        000. 00.. = Command: Unnumbered Information (0x00)
        .... ..11 = Frame type: Unnumbered frame (0x3)
    Organization Code: Cisco (0x00000c)                          # cisco 私有协议
    PID: DTP (0x2004)                                            # 采用DTP协议
Dynamic Trunk Protocol:  (Operating/Administrative): Trunk/Desirable (0x83) (Operating/Administrative): ISL/Negotiated (0x40): aa:bb:cc:00:04:33
    Version: 1
    Domain
        Type: Domain (0x0001)
        Length: 5
        Domain:
    Trunk Status
        Type: Trunk Status (0x0002)
        Length: 5
        Value: Trunk/Desirable (0x83)                            # Trunk Status :Trunk/Desirable 模式
            1... .... = Trunk Operating Status: Trunk (0x1)
            .... .011 = Trunk Administrative Status: Desirable (0x3)
    Trunk Type
        Type: Trunk Type (0x0003)
        Length: 5
        Value: ISL/Negotiated (0x40)
            010. .... = Trunk Operating Type: ISL (0x2)                # trunk 类型为 ISL
            .... .000 = Trunk Administrative Type: Negotiated (0x0)    # 管理配置类型:Negotiated
    Sender ID
        Type: Sender ID (0x0004)
        Length: 10
        Sender ID: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33)

Frame 5065: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33), Dst: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
    Destination: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)        # 目的MAC地址 CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
    Source: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33)
    Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
    000. .... .... .... = Priority: Best Effort (default) (0)
    ...0 .... .... .... = CFI: Canonical (0)
    .... 0000 0000 0001 = ID: 1
    Length: 34
    Padding: 0000000000000000
Logical-Link Control
    DSAP: SNAP (0xaa)
        1010 101. = SAP: SNAP
        .... ...0 = IG Bit: Individual
    SSAP: SNAP (0xaa)
        1010 101. = SAP: SNAP
        .... ...0 = CR Bit: Command
    Control field: U, func=UI (0x03)
        000. 00.. = Command: Unnumbered Information (0x00)
        .... ..11 = Frame type: Unnumbered frame (0x3)
    Organization Code: Cisco (0x00000c)
    PID: DTP (0x2004)
Dynamic Trunk Protocol:  (Operating/Administrative): Trunk/Desirable (0x83) (Operating/Administrative): ISL/Negotiated (0x40): aa:bb:cc:00:06:33
    Version: 1
    Domain
        Type: Domain (0x0001)
        Length: 5
        Domain:
    Trunk Status
        Type: Trunk Status (0x0002)
        Length: 5
        Value: Trunk/Desirable (0x83)
            1... .... = Trunk Operating Status: Trunk (0x1)
            .... .011 = Trunk Administrative Status: Desirable (0x3)
    Trunk Type
        Type: Trunk Type (0x0003)
        Length: 5
        Value: ISL/Negotiated (0x40)
            010. .... = Trunk Operating Type: ISL (0x2)
            .... .000 = Trunk Administrative Type: Negotiated (0x0)
    Sender ID
        Type: Sender ID (0x0004)
        Length: 10
        Sender ID: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33)

--------------------------------------------------------------------------------------------------
        |                 SW1                 |      |                 SW2                 |
        |                trunk                |  --  |                trunk                |
        |switchport trunk encapsulation dot1q |      |switchport trunk encapsulation dot1q |
        |       switchport mode trunk         |      |       switchport mode trunk         |
--------------------------------------------------------------------------------------------------

IOU1(config-if)#do sh int e3/3 swi
Name: Et3/3
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Appliance trust: none
IOU1(config-if)#

IOU2(config-if)#do sh int e3/3 swi
Name: Et3/3
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Appliance trust: none
IOU2(config-if)#

Frame 6159: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33), Dst: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
    Destination: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
    Source: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33)
    Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
    000. .... .... .... = Priority: Best Effort (default) (0)
    ...0 .... .... .... = CFI: Canonical (0)
    .... 0000 0000 0001 = ID: 1
    Length: 34
    Padding: 0000000000000000
Logical-Link Control
    DSAP: SNAP (0xaa)
        1010 101. = SAP: SNAP
        .... ...0 = IG Bit: Individual
    SSAP: SNAP (0xaa)
        1010 101. = SAP: SNAP
        .... ...0 = CR Bit: Command
    Control field: U, func=UI (0x03)
        000. 00.. = Command: Unnumbered Information (0x00)
        .... ..11 = Frame type: Unnumbered frame (0x3)
    Organization Code: Cisco (0x00000c)
    PID: DTP (0x2004)
Dynamic Trunk Protocol:  (Operating/Administrative): Trunk/On (0x81) (Operating/Administrative): 802.1Q/802.1Q (0xa5): aa:bb:cc:00:06:33
    Version: 1
    Domain
        Type: Domain (0x0001)
        Length: 5
        Domain:
    Trunk Status
        Type: Trunk Status (0x0002)
        Length: 5
        Value: Trunk/On (0x81)
            1... .... = Trunk Operating Status: Trunk (0x1)              #
            .... .001 = Trunk Administrative Status: On (0x1)
    Trunk Type
        Type: Trunk Type (0x0003)
        Length: 5
        Value: 802.1Q/802.1Q (0xa5)
            101. .... = Trunk Operating Type: 802.1Q (0x5)               # Trunk Type : 802.1Q
            .... .101 = Trunk Administrative Type: 802.1Q (0x5)          # 管理配置类型: 802.1Q
    Sender ID
        Type: Sender ID (0x0004)
        Length: 10
        Sender ID: aa:bb:cc:00:06:33 (aa:bb:cc:00:06:33)

Frame 6160: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
Ethernet II, Src: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33), Dst: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
    Destination: CDP/VTP/DTP/PAgP/UDLD (01:00:0c:cc:cc:cc)
    Source: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33)
    Type: 802.1Q Virtual LAN (0x8100)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 1
    000. .... .... .... = Priority: Best Effort (default) (0)
    ...0 .... .... .... = CFI: Canonical (0)
    .... 0000 0000 0001 = ID: 1
    Length: 34
    Padding: 0000000000000000
Logical-Link Control
    DSAP: SNAP (0xaa)
        1010 101. = SAP: SNAP
        .... ...0 = IG Bit: Individual
    SSAP: SNAP (0xaa)
        1010 101. = SAP: SNAP
        .... ...0 = CR Bit: Command
    Control field: U, func=UI (0x03)
        000. 00.. = Command: Unnumbered Information (0x00)
        .... ..11 = Frame type: Unnumbered frame (0x3)
    Organization Code: Cisco (0x00000c)
    PID: DTP (0x2004)
Dynamic Trunk Protocol:  (Operating/Administrative): Trunk/On (0x81) (Operating/Administrative): 802.1Q/802.1Q (0xa5): aa:bb:cc:00:04:33
    Version: 1
    Domain
        Type: Domain (0x0001)
        Length: 5
        Domain:
    Trunk Status
        Type: Trunk Status (0x0002)
        Length: 5
        Value: Trunk/On (0x81)
            1... .... = Trunk Operating Status: Trunk (0x1)
            .... .001 = Trunk Administrative Status: On (0x1)
    Trunk Type
        Type: Trunk Type (0x0003)
        Length: 5
        Value: 802.1Q/802.1Q (0xa5)
            101. .... = Trunk Operating Type: 802.1Q (0x5)
            .... .101 = Trunk Administrative Type: 802.1Q (0x5)
    Sender ID
        Type: Sender ID (0x0004)
        Length: 10
        Sender ID: aa:bb:cc:00:04:33 (aa:bb:cc:00:04:33)
时间: 2024-10-10 18:07:24

DTP 抓包分析的相关文章

tcpdump抓包分析具体解释

說實在的,對於 tcpdump 這個軟體來說,你甚至能够說這個軟體其實就是個駭客軟體, 因為他不但能够分析封包的流向,連封包的內容也能够進行『監聽』, 假设你使用的傳輸資料是明碼的話,不得了,在 router 上面就可能被人家監聽走了! 非常可怕吶!所以,我們也要來瞭解一下這個軟體啊!(註:這個 tcpdump 必須使用 root 的身份執行) [[email protected] ~]# tcpdump [-nn] [-i 介面] [-w 儲存檔名] [-c 次數] [-Ae] [-qX] [

云计算之路-阿里云上:Wireshark抓包分析一个耗时20秒的请求

这篇博文分享的是我们针对一个耗时20秒的请求,用Wireshark进行抓包分析的过程. 请求的流程是这样的:客户端浏览器 -> SLB(负载均衡) -> ECS(云服务器) -> SLB -> 客户端浏览器. 下面是分析的过程: 1. 启动Wireshark,针对内网网卡进行抓包. 2. 在IIS日志中找出要分析的请求(借助Log Parser Studio) 通过c-ip(Client IP Address)可以获知SLB的内网IP,在分析Wireshar抓包时需要依据这个IP进

Python 爬虫知识点 - 淘宝商品检索结果抓包分析(续二)

一.URL分析 通过对“Python机器学习”结果抓包分析,有两个无规律的参数:_ksTS和callback.通过构建如下URL可以获得目标关键词的检索结果,如下所示: https://s.taobao.com/search?data-key=s&data-value=44&ajax=true&_ksTS=1482325509866_2527&callback=jsonp2528&q=Python机器学习&imgfile=&js=1&stat

使用Fiddler对手机进行抓包分析

场景:一个html页面,安卓app使用webview来显示,但是显示效果不是预期的.于是自己写了一个基本webview的demo,使用webview的loadurl方法请求这个html页面.可以正确显示,但是客户端组抓包说我请求的地址不一样,让我自己抓包分析. 分析:app在请求这个页面时请求附加了字符串及cookie等信息. 解决方法:使用Fiddler抓包,抓包过程网上有很多教程,注意一点有的手机可能设置代理时不能设置全局代理,可以使用ProxyDroid来设置全局代理. Fiddler抓包

云计算之路-阿里云上:超过70秒的请求抓包分析

超过70秒的请求是通过分析IIS日志发现的: 10.159.63.104是SLB的内网IP. 通过Wireshark抓包分析请求是9:22:21收到的(tcp.stream eq 23080): 09:22:21.299838000 10.159.63.104 10.161.241.208 HTTP 291 GET /eastsea/p/3764040.html HTTP/1.0 这个请求响应内容的长度是:Content-Length 1154110(1.1MB) 云服务器(ECS)在收到请求后

Wireshark抓包分析从入门到精通

曾近有个牛逼的实战课程放在你的面前,你不懂得好好珍惜,直到失去后才追悔莫及,如果G-LAB可以给你再来一次的机会,你会不会抓住?没错,G-LAB真的给了你再来一次的机会.[Wireshark抓包分析从入门到精通]主讲<郭主任>(月光宝盒索取)请联系QQ:2853771084

TcpIP协议,HTTP,DNS 实战:基于wireshark与BurpSuit抓包分析

TcpIP协议,HTTP,DNS 实战:基于wireshark与BurpSuite抓包分析

python Pycurl 库 —— 实现对网站抓包分析

经常使用基调网络的同学,可能对基调网络对页面元素的性能展示感觉很好.它可以做到对一条URL做详细的检测,包括:阻塞时间.DNS解析时间.建立连接时间.SSL握手时间.发出请求时间.首包时间等. 其实,我们也可以做到.比如Python pycurl 库就可以做到对数据的收集,然后可以对收集的数据写入redis或者Mysql.最后前端使用echars通过图形的形式进行展示出来. echars是百度一个开源项目,功能很强大(项目URL:http://echarts.baidu.com)可以将数据通过各

[转]Linux操作系统tcpdump抓包分析详解

PS:tcpdump是一个用于截取网络分组,并输出分组内容的工具,简单说就是数据包抓包工具.tcpdump凭借强大的功能和灵活的截取策略,使其成为Linux系统下用于网络分析和问题排查的首选工具. tcpdump提供了源代码,公开了接口,因此具备很强的可扩展性,对于网络维护和入侵者都是非常有用的工具.tcpdump存在于基本的Linux系统中,由于它需要将网络界面设置为混杂模式,普通用户不能正常执行,但具备root权限的用户可以直接执行它来获取网络上的信息.因此系统中存在网络分析工具主要不是对本