From: Mujica, Raul - (Per) (raul.mujica@attla.com)
Date: Sun Nov 30 2003 - 12:40:27 GMT-3
Bob:
When I remove vlan1 from trunk, the vtp doesn4t work as you can see:
vlan dot1q tag native
interface range FastEthernet0/23 -24
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2-4094
switchport mode trunk
no ip address
udld enable
channel-group 1 mode on
***********************************************************************
***********************************************************************
Switch#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : IPExpert
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xA2 0x41 0xDC 0x60 0xC4 0x4D 0x57 0x36
Configuration last modified by 0.0.0.0 at 3-1-93 00:18:36
Switch#sh vtp s
Switch#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : IPExpert
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xA2 0x41 0xDC 0x60 0xC4 0x4D 0x57 0x36
Configuration last modified by 0.0.0.0 at 3-1-93 00:18:36
Switch#sh vl
Switch#sh vlan
VLAN Name Status Ports
---- -------------------------------- ---------
-------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11,
Fa0/12
Fa0/13, Fa0/14, Fa0/15,
Fa0/16
Fa0/17, Fa0/18, Fa0/19,
Fa0/20
Fa0/21, Fa0/22, Gi0/1, Gi0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1
Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------
------
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
----------------------------------------------------------------------------
--
Primary Secondary Type Ports
------- --------- -----------------
------------------------------------------
Switch#
Switch#sh int trunk
Port Mode Encapsulation Status Native vlan
Po1 on 802.1q trunking 1
Port Vlans allowed on trunk
Po1 2-4094
Port Vlans allowed and active in management domain
Po1 none
Port Vlans in spanning tree forwarding state and not pruned
Po1 none
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int Po1
Switch(config-if)#switchport trunk allowed vlan add 1
Switch(config-if)#
00:27:03: VTP LOG RUNTIME: Transmit vtp summary, domain IPExpert, rev 0,
followers 1
MD5 digest calculated = A2 41 DC 60 C4 4D 57 36 D9 6B 78 F7 8F 66 0A AB
00:27:03: VTP LOG RUNTIME: Transmit vtp summary, domain IPExpert, rev 0,
followers 1
MD5 digest calculated = A2 41 DC 60 C4 4D 57 36 D9 6B 78 F7 8F 66 0A AB
00:27:04: VTP LOG RUNTIME: Summary packet received, domain = IPExpert, rev =
2, followers = 1
00:27:04: VTP LOG RUNTIME: Summary packet rev 2 greater than domain IPExpert
rev 0
00:27:04: VTP LOG RUNTIME: Domain IPExpert currently not in updating state
00:27:04: VTP LOG RUNTIME: Subset packet received, domain = IPExpert, rev =
2, seq = 1, length = 204
00:27:04: VTP LOG RUNTIME: Transmit vtp summary, domain IPExpert, rev 2,
followers 1
MD5 digest calculated = 18 0E F6 1B 89 F1 8B 45 93 BD 93 D5 61 32 A6 D2
00:27:04: VTP LOG RUNTIME: Summary packet received, domain = IPExpert, rev =
2, followers = 1
00:27:04: VTP LOG RUNTIME: Summary packet rev 2 equal to domain IPExpert rev
2
00:27:04: VTP LOG RUNTIME: Subset packet received, domain = IPExpert, rev =
2, seq = 1, length = 204
Switch(config-if)#
Switch(config-if)#end
Switch#sh vtp s
00:27:15: %SYS-5-CONFIG_I: Configured from console by console
Switch#sh vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : IPExpert
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x18 0x0E 0xF6 0x1B 0x89 0xF1 0x8B 0x45
Configuration last modified by 0.0.0.0 at 3-1-93 00:25:09
Switch#
00:27:41: VTP LOG RUNTIME: Summary packet received, domain = IPExpert, rev =
3, followers = 1
00:27:41: VTP LOG RUNTIME: Summary packet rev 3 greater than domain IPExpert
rev 2
00:27:41: VTP LOG RUNTIME: Domain IPExpert currently not in updating state
00:27:41: VTP LOG RUNTIME: Subset packet received, domain = IPExpert, rev =
3, seq = 1, length = 224
00:27:41: VTP LOG RUNTIME: Transmit vtp summary, domain IPExpert, rev 3,
followers 1
MD5 digest calculated = 70 60 DD 7D E7 84 42 3A B6 9B 6C 70 29 58 82 21
Switch#sh vtp status
VTP Version : 2
Configuration Revision : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs : 6
VTP Operating Mode : Client
VTP Domain Name : IPExpert
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x70 0x60 0xDD 0x7D 0xE7 0x84 0x42 0x3A
Configuration last modified by 0.0.0.0 at 3-1-93 00:28:01
Switch#sh vtp status
VTP Version : 2
Configuration Revision : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs : 6
VTP Operating Mode : Client
VTP Domain Name : IPExpert
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x70 0x60 0xDD 0x7D 0xE7 0x84 0x42 0x3A
Configuration last modified by 0.0.0.0 at 3-1-93 00:28:01
Switch#
00:28:02: VTP LOG RUNTIME: Summary packet received, domain = IPExpert, rev =
4, followers = 1
00:28:02: VTP LOG RUNTIME: Summary packet rev 4 greater than domain IPExpert
rev 3
00:28:02: VTP LOG RUNTIME: Domain IPExpert currently not in updating state
00:28:02: VTP LOG RUNTIME: Subset packet received, domain = IPExpert, rev =
4, seq = 1, length = 244
00:28:02: VTP LOG RUNTIME: Transmit vtp summary, domain IPExpert, rev 4,
followers 1
MD5 digest calculated = 0F 4A 4C F4 54 CD FD 37 D3 06 0F F2 C4 A1 7C 2C
sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : IPExpert
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x0F 0x4A 0x4C 0xF4 0x54 0xCD 0xFD 0x37
Configuration last modified by 0.0.0.0 at 3-1-93 00:28:22
Switch#
********************************************************************
********************************************************************
Also UDLD frame are not being forwarding:
Switch(config)#int Po1
Switch(config-if)#switchport trunk allowed vlan except 1
At the other side:
00:32:11: %SYS-5-CONFIG_I: Configured from console by console
00:32:22: %UDLD-4-UDLD_PORT_DISABLED: UDLD disabled interface Fa0/23,
unidirectional link detected
00:32:22: %PM-4-ERR_DISABLE: udld error detected on Fa0/23, putting Fa0/23
in err-disable state
00:32:22: %UDLD-4-UDLD_PORT_DISABLED: UDLD disabled interface Fa0/24,
unidirectional link detected
00:32:22: %PM-4-ERR_DISABLE: udld error detected on Fa0/24, putting Fa0/24
in err-disable state
00:32:22: VTP LOG RUNTIME: switchport trunk mode on Po1 has changed
00:32:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/23,
changed state to down
00:32:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/24,
changed state to down
00:32:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1,
changed state to down
*********************************************************************
*********************************************************************
And finally PAGP packet as you can see in the e-mail posted today "RE:
Etherchannel one way-link question"
After a few days dealing with PAGP, VTP and UDLD, finally I learned what CCO
recommends about allowing VLAN on C3550:
Note You cannot remove VLAN 1 or VLANs 1002 to 1005 from the allowed VLAN
list.
Regards,
Raul Mujica
-----Original Message-----
From: Bob Sinclair
To: jfaure@sztele.com; ccielab@groupstudy.com
Sent: 29/11/2003 19:50
Subject: Re: Catalyst 802.1q trunking issues
Juan,
I put a sniffer on a 3550 dot1q trunk and observed the following when I
removed Vlan 1 from the dot1q trunk, but left it as the native vlan:
1. All traffic leaving the port is tagged
2. VTP, CDP and DTP traffic leave the port with Vlan 1 tags
3. No other Vlan 1 traffic is seen leaving the port (including no Vlan
1
BPDUs)
4. All BPDUs are PVST+ encapsulated, to address 01-00-0c-cc-cc-cd
This should not cause a problem as long as all of your switches are
Cisco
and similarly configured:
a. The Cisco switches recognize that CDP, VTP and DTP are not to be
forwarded
b. The Cisco switches recognize the encapsulated BPDUs
You very well might have an STP issue if you connect such a port to a
non-Cisco switch, because the brand X switch will not see any
recognizable
BPDUs, and the Cisco switch may not recognize the untagged BPDUs on the
native vlan coming from the Brand X switch. It would seem prudent to
allow
the native vlan across the trunk.
But then, you would never put a Brand X switch in your network...
would you?
-Bob Sinclair
CCIE #10427, CISSP, MCSE
bsinclair@netmasterclass.net
----- Original Message -----
From: <jfaure@sztele.com>
To: <ccielab@groupstudy.com>
Sent: Saturday, November 29, 2003 12:55 PM
Subject: Catalyst 802.1q trunking issues
> Hi all:
>
> -From the 6500 CCO configuration guide, about removing vlan1 from the
> trunk:
>
> "You can remove VLAN 1. If you remove VLAN 1 from a trunk, the trunk
> interface continues to send and receive management traffic, for
example,
> Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP), Port
> Aggregation Protocol (PAgP), and DTP in VLAN 1. "
>
> -But also, in the same document:
>
> "Disabling spanning tree on the native VLAN of an 802.1Q trunk without
> disabling spanning tree on every VLAN in the network can cause
spanning
> tree loops. We recommend that you leave spanning tree enabled on the
native
> VLAN of an 802.1Q trunk. If this is not possible, disable spanning
tree on
> every VLAN in the network. Make sure your network is free of physical
loops
> before disabling spanning tree"
>
> And then my question is:
> If you have several dot1q trunks configured in your swiched network in
such
> a way that these trunks don't allow pass the vlan1, the vlan1 is the
native
> vlan for them (you can see this doing a "sh int trunk") and the
interface
> vlan 1 is in shutdown state in all the switches (but no STP disabled
on
> this vlan 1), can you have any stp issues like to be unable to block
some
> loops?
> What happens with the STP control traffic if vlan 1 isn't included on
the
> trunks? Having vlan 1 in shutdown state maybe interpreted by the
system as
> it has stp disabled for this vlan? I'm usign RAPID PVSTP
>
> Any thoughs will be greatly apreciated.
>
>
>
>
>
> Juan Faure Ferrer
> email: jfaure@sztele.com
>
> Lmnea de Negocio de Telematica y CC
> Ingeniero de Integracisn de Redes y Sistemas
>
------------------------------------------------------------------------
--
--
>
> SOLUZIONA TELECOMUNICACIONES
> Servicios Profesionales de UNION FENOSA
> Jerez, 3
> 28016 MADRID
> tel 91 579 30 00 fax 91 350 72 83
>
------------------------------------------------------------------------
--
-
>
>
This archive was generated by hypermail 2.1.4 : Fri Dec 12 2003 - 12:29:19 GMT-3