From: Joseph Saad (joseph.samir.saad@gmail.com)
Date: Fri Aug 15 2008 - 17:45:01 ART
Turn off Proxy Arp on the SVI and retry your scenario.
On Fri, Aug 15, 2008 at 6:39 PM, Peter Stephan <engpeter@gmail.com> wrote:
> Hello Joe,
>
> My question is that I shouldn't be able to ping from SW1 to SW2 while the
> vlan is pruned from the trunk.
>
> Check below where I put the marks:
>
> ------------------------------
> *From:* Joseph Saad [mailto:joseph.samir.saad@gmail.com]
> *Sent:* Friday, August 15, 2008 18:28
> *To:* Peter Stephan
> *Cc:* ccielab@groupstudy.com
> *Subject:* Re: Pruning a vlan on a trunk from Server to Client passing
> through Transparent sw
>
> So, what is your question?
>
> On Fri, Aug 15, 2008 at 12:19 AM, Peter Stephan <pgstephan@gmail.com>wrote:
>
>> Hello guys,
>>
>> Know most of you had heard about this scenario. But I was actually
>> labbing-it up to see it after I heard about it.
>>
>> Topolgy:
>> SW1 ===== SW2 (vlan41)
>> vlan41 ||
>> ||
>> SW3
>>
>> SW1 is VTP server, SW3 is VTP client, and SW2 is VTP transparent.
>> vlan 41 exists in SW1 and SW2 but not on SW3. So it got prunned from
>> SW1's
>> trunk as no join message was sent from SW3 for vlan 41
>>
>> Now the problem that I can see it pruned on the trunk from sw1 to sw2, but
>> still I'm able to ping from SW1 to SW2!
>> spanning-tree is active on this vlan...
>>
>>
>> Here you go:
>>
>> SW1:
>> Port Mode Encapsulation Status Native vlan
>> Fa0/14 on 802.1q trunking 1
>>
>> Port Vlans allowed on trunk
>> Fa0/14 1-4094
>>
>> Port Vlans allowed and active in management domain
>> Fa0/14 1,3,7,9,13,26,41,43,62
>>
>> Port Vlans in spanning tree forwarding state and not pruned
>> Fa0/14 1,3,9,26,43
>> <<<<<<<<<<< Here the VLAN is pruned from SW1 to SW2
>>
>> SW2
>> Port Mode Encapsulation Status Native vlan
>> Fa0/14 on 802.1q trunking 1
>>
>> Port Vlans allowed on trunk
>> Fa0/14 1-4094
>>
>> Port Vlans allowed and active in management domain
>> Fa0/14 1,13,26,41,62
>>
>> Port Vlans in spanning tree forwarding state and not pruned
>> Fa0/14 1,13,26,41,62
>>
>> And when I take it off from the trunk:
>> SW1(config-if)#do pi 164.29.47.4
>>
>> Type escape sequence to abort.
>> Sending 5, 100-byte ICMP Echos to 164.29.47.4, timeout is 2 seconds:
>> !!!!!
>> <<<<<<<<<<<<< While it's still pinging.
>> Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
>> SW1(config-if)#int fa0/14
>> SW1(config-if)#swi tru allo v rem 41 <<<<
>> When I take-off the vlan from the trunk, by manually restricting it,
>> SW1(config-if)#
>> 01:27:25: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan41, changed
>> state to down
>> SW1(config-if)#do pi 164.29.47.4
>>
>> Type escape sequence to abort.
>> Sending 5, 100-byte ICMP Echos to 164.29.47.4, timeout is 2 seconds:
>> .... <<<<
>> Now it's not pinging (normal)
>> Success rate is 0 percent (0/4)
>> SW1(config-if)#
>>
>>
>>
>> Thx,
>> Peter.
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:30 ART