RE: Pruning a vlan on a trunk from Server to Client passing

From: Peter Stephan (engpeter@gmail.com)
Date: Sat Aug 16 2008 - 05:03:09 ART

Joe,
 
Nope. Still pinging!!!
 
Try it on any rack... simply between SVIs, and you gonna find it working!
Looks like there's something fundamentally wrong here... I really wanna know
WHY!!

  _____

From: Joseph Saad [mailto:joseph.samir.saad@gmail.com]
Sent: Saturday, August 16, 2008 00:45
To: Peter Stephan
Cc: Peter Stephan; ccielab@groupstudy.com
Subject: Re: Pruning a vlan on a trunk from Server to Client passing through
Transparent sw

Turn off Proxy Arp on the SVI and retry your scenario.

On Fri, Aug 15, 2008 at 6:39 PM, Peter Stephan <engpeter@gmail.com> wrote:

Hello Joe,
 
My question is that I shouldn't be able to ping from SW1 to SW2 while the
vlan is pruned from the trunk.
 
Check below where I put the marks:

  _____

From: Joseph Saad [mailto:joseph.samir.saad@gmail.com]
Sent: Friday, August 15, 2008 18:28
To: Peter Stephan
Cc: ccielab@groupstudy.com
Subject: Re: Pruning a vlan on a trunk from Server to Client passing through
Transparent sw

So, what is your question?

On Fri, Aug 15, 2008 at 12:19 AM, Peter Stephan <pgstephan@gmail.com> wrote:

Hello guys,

Know most of you had heard about this scenario. But I was actually
labbing-it up to see it after I heard about it.

Topolgy:
               SW1 ===== SW2 (vlan41)
              vlan41 ||
                                    ||
                                  SW3

SW1 is VTP server, SW3 is VTP client, and SW2 is VTP transparent.
 vlan 41 exists in SW1 and SW2 but not on SW3. So it got prunned from SW1's
trunk as no join message was sent from SW3 for vlan 41

Now the problem that I can see it pruned on the trunk from sw1 to sw2, but
still I'm able to ping from SW1 to SW2!
spanning-tree is active on this vlan...

Here you go:

SW1:
Port Mode Encapsulation Status Native vlan
Fa0/14 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/14 1-4094

Port Vlans allowed and active in management domain
Fa0/14 1,3,7,9,13,26,41,43,62

Port Vlans in spanning tree forwarding state and not pruned

Fa0/14 1,3,9,26,43
<<<<<<<<<<< Here the VLAN is pruned from SW1 to SW2

SW2
Port Mode Encapsulation Status Native vlan
Fa0/14 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/14 1-4094

Port Vlans allowed and active in management domain
Fa0/14 1,13,26,41,62

Port Vlans in spanning tree forwarding state and not pruned
Fa0/14 1,13,26,41,62

And when I take it off from the trunk:
SW1(config-if)#do pi 164.29.47.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 164.29.47.4, timeout is 2 seconds:

!!!!!
<<<<<<<<<<<<< While it's still pinging.

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
SW1(config-if)#int fa0/14

SW1(config-if)#swi tru allo v rem 41
<<<< When I take-off the vlan from the trunk, by manually restricting it,

SW1(config-if)#
01:27:25: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan41, changed
state to down
SW1(config-if)#do pi 164.29.47.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 164.29.47.4, timeout is 2 seconds:

....
<<<< Now it's not pinging (normal)

Success rate is 0 percent (0/4)
SW1(config-if)#

Thx,
Peter.

Blogs and organic groups at http://www.ccie.net

This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:31 ART