We're seeing something interesting: we're sending a packet from a third-party NIC to the XL710 and it seems the XL710 is stripping the VLAN tag inside the tunnel.
The ethtool offload flags on the XL710 look like this:
ethtool -K p1p1 rx off tx off sg off tso off gso off gro off rxvlan off txvlan off rxhash off tx-udp_tnl-segmentation off rx-vlan-filter off rx-ntuple-filter off tx-nocache-copy off
The driver and firmware version:
firmware-version: f4.33.31377 a1.2 n4.42 e1932
We're using Ubuntu 14.04.2 with kernel 3.13.0-49-generic (i40e version 1.2.38 gives similar results).
This is the packet that we sent out (attached as gre_vlan.pcap):
13:49:57.163641 00:15:4d:0a:08:cc > 68:05:ca:30:68:80, ethertype IPv4 (0x0800), length 150: 10.100.10.1 > 10.100.10.2: GREv0, key=0x64, proto TEB (0x6558), length 116: 52:12:ef:32:45:ab > 54:a2:32:ef:54:1b, ethertype 802.1Q (0x8100), length 108: vlan 100, p 2, ethertype IPv4, 184.108.40.206.3000 > 220.127.116.11.4000: UDP, length 62
We received this on the LX710 (attached as gre_novlan.pcap):
13:49:57.526798 00:15:4d:0a:08:cc > 68:05:ca:30:68:80, ethertype IPv4 (0x0800), length 146: truncated-ip - 4 bytes missing! 10.100.10.1 > 10.100.10.2: GREv0, key=0x64, proto TEB (0x6558), length 116: 52:12:ef:32:45:ab > 54:a2:32:ef:54:1b, ethertype IPv4 (0x0800), length 108: 18.104.22.168.3000 > 22.214.171.124.4000: UDP, length 62
Is there a flag that we're missing to turn off the automatic VLAN stripping? Note, the VLAN on the frame inside the NVGRE tunnel is stripped: we're able to suppress stripping on the outside of the tunnel.
Thank you for the posts. We have information that by default, the driver in promiscuous mode does not strip VLAN tags and the capture software
is responsible for enabling the promiscuous mode.You may refer to this site under Linux* for reference:
http://www.intel.com/support/network/sb/CS-005897.htm Network Connectivity — My Sniffer is Not Seeing VLAN, 802.1q, or QoS Tagged Frames
Please do let me know if the information help.
By default we are sniffing in promiscuous mode: the documentation you are referring to might apply to the older model NIC's (using the ixgbe driver). If we repeat our tests on a 10G connection with an ixgbe driver we're seeing the packets sniffed correctly, the VLAN tag is intact inside the tunnel.
Please keep in mind another thing: the VLAN tag being stripped is INSIDE the tunnel. It's only after the packet has been detunneled (which should not happen in this case) that the Linux stack is even supposed to be able to access it.
Thanks for your reply,
Hi, we have pushed a fix upstream that repairs this issue:
he 1.3.46 driver released on Sourceforge has this fix.