From: Geert Nijs (geert.nijs@simac.be)
Date: Thu Jan 18 2007 - 05:21:28 ART
Of course, this is normal behaviour.
How do you expect these PCs to communicate in VLAN10, when VLAN10 is not known on all intermediate switches ??
By not defining VLAN10 on SW2, you actually cut VLAN10 into two seperate pieces.
Geert
________________________________
From: nobody@groupstudy.com on behalf of Fellenbaum, John D
Sent: Wed 1/17/2007 18:43
To: Hulbert, Jerald; haducbinh; ccielab@groupstudy.com
Subject: RE: VTP Transparent
Jerry,
Great explanation.
John D. Fellenbaum
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Hulbert, Jerald
Sent: Wednesday, January 17, 2007 11:15 AM
To: haducbinh; ccielab@groupstudy.com
Subject: RE: VTP Transparent
This is not a bug, this is normal behavior.
How can SW2 accept and process frames that have Vlan tags with values
not in its own Vlan database?
When SW2 receives the tagged frame with the ICMP (or arp, depending if
PC1 has a layer resolution yet) packet, it will check the numerical
value of that tag. Since SW2 does not have "10" configured locally, it
cannot forward the frame and it will be dropped. SW2's forwarding table
will not be updated with PC1's MAC address either. No spanning tree
instance will exist either for Vlan 10, so incoming bpdu's on Vlan 10
will be dropped as well.
If you have the necessary drivers, use Ethereal/Wireshark and do a
packet capture of the frames coming into SW2 and the frames leaving SW2.
The drivers are needed to actually see the tags. Besides any of your
data, you should see incoming tagged frames for STP for the vlans that
you created on SW1. If you changed your default vlan on SW1, you will
see the VTP/CDP/DTP frames coming in with a tag of "1". For frames
leaving SW2, you shouldn't see any tagged frames (unless you changed the
native vlan).
VTP transparent does not snoop or synchronize its vlan database against
VTP frames that are traversing its own switch.
Do a "show interface trunk" command on SW2, before and after manually
adding Vlan 10.
Remember what VTP was intended to do, "simplify vlan administration
across your switch network".
Jerry
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Phillip Day
Sent: Wednesday, January 17, 2007 6:25 AM
To: haducbinh; Fellenbaum, John D; ccielab@groupstudy.com
Subject: RE: VTP Transparent
Putting aside any problems with the network, have you got the default
gateways on the pc setup properly? And what about the windows firewall
on XP?
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
haducbinh
Sent: Wednesday, January 17, 2007 12:39 PM
To: 'Fellenbaum, John D'; ccielab@groupstudy.com
Subject: RE: VTP Transparent
Link connected between SW1-SW2 and SW2-SW3 is trunking dot1Q!
Nothing wrong with VTP, because SW3 can learn vtp message from SW1!
The problem is PC1 can not ping PC2 if i don't create VLAN10 on SW2!
if I create VLAN10 on SW2, then PC1 can ping PC2 thanks!
HaDucBinh
Email: haducbinh@vnpro.org
Y/M: haducbinh
Phone: +84 908 191 322
------------------------------------------------------------------------
--- Vietnamese Professionals (VnPro) Cisco Authorised Training 149/1D Ung Van Khiem St - Ward 25 - Binh Thanh Dist - HCMC Tel: (08) 5124257 - (08) 5125314 Fax: (08) 5124314 Website: http://vnpro.vn Support Forum: http://vnpro.org-----Original Message----- From: Fellenbaum, John D [mailto:john.d.fellenbaum@lmco.com] Sent: Wednesday, January 17, 2007 7:34 PM To: haducbinh; ccielab@groupstudy.com Subject: RE: VTP Transparent
HaDucBinh,
For IP connectivity from SW1 to SW3, make sure your connection from SW1 to SW2 and SW2 to SW3 is a trunk ( carrying VLAN 10 & any other VLANs you want).
The purpose of SW2 mode of transparency is to just forward the VTP messages on to SW3. SW2 will never act or perform any action based on the VTP messages (i.e. - you must logon to SW2 to perform any changes). SW3 being a client will act on the messages received.
HTH
John D. Fellenbaum
-----Original Message----- From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of haducbinh Sent: Wednesday, January 17, 2007 7:05 AM To: ccielab@groupstudy.com Subject: VTP Transparent
Hi GS!
I have a funny thing with VTP:
This is my topology:
PC1---SW1--------------SW2---------------SW3---PC2
(VTP server) (VTP Trans) (VTP Client)
This is my configuration on SW1,SW2,SW3: (all cat 2950)
SW1(config)# vtp mode server
SW1(config)# vtp domain CISCO
SW1(config)# vlan 1,2,3,4,5,6,7,8,9,10
SW1(config)# int f0/24
SW1(config-if)# sw mo ac
SW1(config-if)# sw ac vlan 10
SW2(config)# vtp mode transparent
SW2(config)# vtp domain CISCO
SW3(config)# vtp mode client
SW3(config)# vtp domain CISCO
SW1(config)# int f0/24
SW1(config-if)# sw mo ac
SW1(config-if)# sw ac vlan 10
PC1 connected to SW1 f0/24
PC2 connected to SW3 f0/24
This is result:
- SW3 have all VLAN learned from SW1, VLAN 1 to 10
- SW2 have only VLAN 1 (default vlan)
- Then pc1 CAN NOT ping pc2
- I use command: #show mac-address-table on SW3 -> no MAC entry of pc1 and pc2
But if we create vlan 10 on SW2:
SW2(config)# vlan 10
Then pc1 CAN ping pc2 and #show mac-address-table on SW3 -> we can see MAC entry of pc1 and pc2
So is this a bug of IOS?
I try on cat 3550 with ipservice 12.2(25)SEE2 -> still se this error!
If this is not error of IOS, so what's purpose of TRANSPARENT switch (SW3)??
Thanks!
HaDucBinh Email: <mailto:haducbinh@vnpro.org> haducbinh@vnpro.org Y/M: haducbinh Phone: +84 908 191 322 ------------------------------------------------------------------------ --- Vietnamese Professionals (VnPro) Cisco Authorised Training 149/1D Ung Van Khiem St - Ward 25 - Binh Thanh Dist - HCMC Tel: (08) 5124257 - (08) 5125314 Fax: (08) 5124314 Website: <http://vnpro.vn> http://vnpro.vn Support Forum: <http://vnpro.org> http://vnpro.org
This archive was generated by hypermail 2.1.4 : Thu Feb 08 2007 - 23:46:57 ART