On Oct 27, 2011, at 10:51 PM, Guy Harris wrote:
> PVSTP+ does *NOT* use the standard Ethernet type or LLC SAP for STP; instead, it uses SNAP and an OUI of 00:00:0C and a protocol ID of 0x010b. Unfortunately, there's no simple primitive to check for SNAP+{OUI}+{Protocol ID}. The way you way you do that is dependent on the link layer type; for Ethernet I think it'd be
>
> ether[12:2] <= 1500 and ether[14:4] == 0xaaaa0300 and ether[18:4] == 0x000c0010b
Err, sorry, that's
not (ether[12:2] <= 1500 and ether[14:4] == 0xaaaa0300 and ether[18:4] == 0x000c0010b)
if you *don't* want PVST+. If you don't want STP *or* PVST+, it's
not stp and not (ether[12:2] <= 1500 and ether[14:4] == 0xaaaa0300 and ether[18:4] == 0x000c0010b)