RE: Another Catalyst 802.1q trunking issue

From: Grant Stevenson (grant.h.stevenson@virgin.net)
Date: Sat Nov 20 2004 - 09:15:43 GMT-3

• Next message: ccie2be: "Re: MQC - Nested Class-maps"
• Previous message: mkamin77@yahoo.com: "R&S Lab Exam attendance"
• Maybe in reply to: Chris Larson: "RE: Another Catalyst 802.1q trunking issue"
• Next in thread: Grant Stevenson: "RE: Another Catalyst 802.1q trunking issue"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

Hope I am not butting in but some good debug commands I came across to test
this

Switch#debug sw-vlan ?
  badpmcookies vlan manager incidents of bad PM (Port Manager) cookies
  cfg-vlan config vlan
  events vlan manager events
  ifs vlan manager ifs error tests
  management vlan manager management of internal vlans
  notification vlan manager notifications
  packets vlan manager packets
  registries vlan manager registries
  vtp vtp protocol debugging

Where you can see if the VTP info is being passed.

I changed the native vlan and no vtp info was passed between the switches.

But DTP did

Switch#debug dtp ?
  aggregation Show DTP debug user message aggregation
  all All DTP debugging messages
  decision Show DTP debug decision table
  events DTP events
  oserrs DTP OS errors
  packets DTP packet processing
  queue Show DTP debug packet queueing
  states DTP state transitions
  timers DTP timer events

I did the debug dtp all, and so the ports negotiate.

HTH.

Grant

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
ccie2be
Sent: 19 November 2004 19:33
To: Bob Sinclair; ccielab@groupstudy.com
Subject: Re: Another Catalyst 802.1q trunking issue

Thanks, Bob.

The documentation definately is not very clear on this.

BTW, do you think Group Study is down? Are you seeing the normal volume of
posts? I'm not.

Tim
----- Original Message -----
From: "Bob Sinclair" <bsinclair@netmasterclass.net>
To: "ccie2be" <ccie2be@nyc.rr.com>; <ccielab@groupstudy.com>
Sent: Friday, November 19, 2004 1:57 PM
Subject: Re: Another Catalyst 802.1q trunking issue

> Tim,
>
> I sniffed a trunk a few years ago to find this answer. As I recall the
> result, that management traffic (VTP, CDP, DTP, PAGP) all comes out on
vlan
> 1, whether or not vlan 1 is allowed or native or whatever.
>
> HTH,
>
> Bob Sinclair
> CCIE #10427, CCSI 30427, CISSP
> www.netmasterclass.net
>
> ----- Original Message -----
> From: "ccie2be" <ccie2be@nyc.rr.com>
> To: "Bob Sinclair" <bsin@cox.net>; <jfaure@sztele.com>;
> <ccielab@groupstudy.com>
> Sent: Friday, November 19, 2004 12:18 PM
> Subject: Re: Another Catalyst 802.1q trunking issue
>
>
> > Bob,
> >
> > I hope this isn't a dumb question but...
> >
> > By default, vlan 1 is the native vlan and the management vlan ie it
> > carries
> > all that vtp, cdp and DTP stuff. When the native vlan is changed to
> > something other than vlan 1, does that mean that the management vlan is
> > also
> > changed and all that management traffic is now carried in the new native
> > vlan?
> >
> > Thanks, Tim
> > ----- Original Message -----
> > From: "Bob Sinclair" <bsin@cox.net>
> > To: <jfaure@sztele.com>; <ccielab@groupstudy.com>
> > Sent: Saturday, November 29, 2003 7:50 PM
> > Subject: Re: Catalyst 802.1q trunking issues
> >
> >
> >> Juan,
> >>
> >> I put a sniffer on a 3550 dot1q trunk and observed the following when I
> >> removed Vlan 1 from the dot1q trunk, but left it as the native vlan:
> >>
> >> 1. All traffic leaving the port is tagged
> >> 2. VTP, CDP and DTP traffic leave the port with Vlan 1 tags
> >> 3. No other Vlan 1 traffic is seen leaving the port (including no Vlan
 1
> >> BPDUs)
> >> 4. All BPDUs are PVST+ encapsulated, to address 01-00-0c-cc-cc-cd
> >>
> >> This should not cause a problem as long as all of your switches are
Cisco
> >> and similarly configured:
> >> a. The Cisco switches recognize that CDP, VTP and DTP are not to be
> >> forwarded
> >> b. The Cisco switches recognize the encapsulated BPDUs
> >>
> >> You very well might have an STP issue if you connect such a port to a
> >> non-Cisco switch, because the brand X switch will not see any
> >> recognizable
> >> BPDUs, and the Cisco switch may not recognize the untagged BPDUs on the
> >> native vlan coming from the Brand X switch. It would seem prudent to
> > allow
> >> the native vlan across the trunk.
> >>
> >> But then, you would never put a Brand X switch in your network...
> >>
> >> would you?
> >>
> >> -Bob Sinclair
> >> CCIE #10427, CISSP, MCSE
> >> bsinclair@netmasterclass.net
> >>
> >>
> >> ----- Original Message -----
> >> From: <jfaure@sztele.com>
> >> To: <ccielab@groupstudy.com>
> >> Sent: Saturday, November 29, 2003 12:55 PM
> >> Subject: Catalyst 802.1q trunking issues
> >>
> >>
> >> > Hi all:
> >> >
> >> > -From the 6500 CCO configuration guide, about removing vlan1 from the
> >> > trunk:
> >> >
> >> > "You can remove VLAN 1. If you remove VLAN 1 from a trunk, the trunk
> >> > interface continues to send and receive management traffic, for
> >> > example,
> >> > Cisco Discovery Protocol (CDP), VLAN Trunking Protocol (VTP), Port
> >> > Aggregation Protocol (PAgP), and DTP in VLAN 1. "
> >> >
> >> > -But also, in the same document:
> >> >
> >> > "Disabling spanning tree on the native VLAN of an 802.1Q trunk
without
> >> > disabling spanning tree on every VLAN in the network can cause
spanning
> >> > tree loops. We recommend that you leave spanning tree enabled on the
> >> native
> >> > VLAN of an 802.1Q trunk. If this is not possible, disable spanning
tree
> > on
> >> > every VLAN in the network. Make sure your network is free of physical
> >> loops
> >> > before disabling spanning tree"
> >> >
> >> > And then my question is:
> >> > If you have several dot1q trunks configured in your swiched network
in
> >> such
> >> > a way that these trunks don't allow pass the vlan1, the vlan1 is the
> >> native
> >> > vlan for them (you can see this doing a "sh int trunk") and the
> > interface
> >> > vlan 1 is in shutdown state in all the switches (but no STP disabled
on
> >> > this vlan 1), can you have any stp issues like to be unable to block
> > some
> >> > loops?
> >> > What happens with the STP control traffic if vlan 1 isn't included on
> > the
> >> > trunks? Having vlan 1 in shutdown state maybe interpreted by the
system
> > as
> >> > it has stp disabled for this vlan? I'm usign RAPID PVSTP
> >> >
> >> > Any thoughs will be greatly apreciated.
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > Juan Faure Ferrer
> >> > email: jfaure@sztele.com
> >> >
> >> > Lmnea de Negocio de Telematica y CC
> >> > Ingeniero de Integracisn de Redes y Sistemas
> >>
>
>> -------------------------------------------------------------------------
-
> >> --
> >> >
> >> > SOLUZIONA TELECOMUNICACIONES
> >> > Servicios Profesionales de UNION FENOSA
> >> > Jerez, 3
> >> > 28016 MADRID
> >> > tel 91 579 30 00 fax 91 350 72 83
> >>
>
>> -------------------------------------------------------------------------
-
> >> -
> >> >
> >> >

• Next message: ccie2be: "Re: MQC - Nested Class-maps"
• Previous message: mkamin77@yahoo.com: "R&S Lab Exam attendance"
• Maybe in reply to: Chris Larson: "RE: Another Catalyst 802.1q trunking issue"
• Next in thread: Grant Stevenson: "RE: Another Catalyst 802.1q trunking issue"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:47 GMT-3