VLAN and VTP errors

burleyman · ‎03-01-2007

I am seeing these two things when I do a show log....

Feb 28 20:45:41.799 EST: %SW_VLAN-SP-4-VTP_USER_NOTIFICATION: VTP protocol user notification: MD5 digest checksum

mismatch on receipt of equal revision summary on trunk: Gi13/3

00:02:13: %SW_VLAN-SP-STDBY-4-VTP_INTERNAL_ERROR: VLAN manager received an internal error 14 from vtp function vtp_download_info:

Bad parent VLAN ID-Traceback= 40D12308 40D2CDB8 40D2E9B0 40A9E508 40A9C968 40A9D950 40A9985C 40A949D0

Any ideas.

I did a show vlans to see if I had duplicate SAIDs but I do not.

any direction as to where to look would be great.

Mike

jim.coyne · ‎03-01-2007

Number of MD5 digest value errors.

The number of digest errors increments whenever the MD5 digest in the summary packet and the MD5 digest of the received advertisement calculated by the switch do not match. This error usually indicates that the VTP password in the two switches is different. To solve this problem, make sure the VTP password on all switches is the same.

These errors indicate that the switch is filtering incoming advertisements, which causes the VTP database to become unsynchronized across the network.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35xp/olhelp/vtpvqhlp.htm

burleyman · ‎03-01-2007

Thanks I will checl this out.

Mike

Amit Singh · ‎03-01-2007

Mike,

Please paste and use " show VTP counters" output to see if you have MD5 digest errors on the switch.If you see the counter increasing under the output of "show VTP counters" then you have password mismatch. Please match the VTP password at both the ends and it should be fine.

-amit singh

Francois Tallet · ‎03-01-2007

As far as I can remember, this can also occur as a result of having two neighbor having a database with the same revision number but different content. VTP databases have a revision number that is incremented each time they change. The goal is that the database with the highest revision number (supposedly the most recent database) overwrite the ones with a lower revision number. If two database have the same revision number but different content, their MD5 digest differ, and VTP cannot make a decision as to which database is the most recent. Thus the error message and the discontinuity in the VTP domain. This can occur when your domain is partitioned and you make the same number of configuration changes on each side of the partition. When the domain is merged again, you get into the issue. If this is the case, making a single VTP config (change the name of a vlan for instance, then put it back to its original value), will increase the revision number of the database on one side of the partition. Then, this database will be propagated to the whole domain, as it has now a better revision number. Of course, check the VTP config on both side of the partition (on the switch displaying the error message and its neighbor), in order to decide which database you want to keep, because they are different.

Regards,

Francois

burleyman · ‎03-01-2007

here is the output

6513-A#show vtp counters

VTP statistics:

Summary advertisements received : 280

Subset advertisements received : 0

Request advertisements received : 0

Summary advertisements transmitted : 1070

Subset advertisements transmitted : 0

Request advertisements transmitted : 0

Number of config revision errors : 0

Number of config digest errors : 187

Number of V1 summary errors : 0

VTP pruning statistics:

Trunk Join Transmitted Join Received Summary advts received from

non-pruning-capable device

---------------- ---------------- ---------------- ---------------------------

Gi13/1 9790 9678 0

Gi13/2 9789 9788 0

Gi13/3 9789 9690 0

Gi13/4 9788 9676 0

Gi13/5 9791 9683 0

Gi13/6 9788 9675 0

Gi13/8 9789 9678 0

burleyman · ‎03-01-2007

More info

6513-A#show vtp password

The VTP password is not configured.

ROC-6513-A#show vtp status

VTP Version : 2

Configuration Revision : 27

Maximum VLANs supported locally : 1005

Number of existing VLANs : 28

VTP Operating Mode : Server

VTP Domain Name : Company

VTP Pruning Mode : Enabled

VTP V2 Mode : Enabled

VTP Traps Generation : Disabled

MD5 digest : 0x33 0xFA 0x99 0x5C 0x96 0x89 0xFE 0xCE

*** MD5 digest checksum mismatch on trunk: Gi13/3 ***

Configuration last modified by 10.10.10.10 at 2-14-06 01:01:33

Local updater ID is 127.0.0.71 on interface EO0/0 (first interface found)

olmy · ‎03-08-2007

if you're still experiencing this issue and have investigated the obvious issues of domain/password mismatches, v2/v1 mismatches, and have set up your trunking correctly, you might consider creating a dummy vlan on your vtp server. this forces a new push of the vtp state information and creates a new md5 digest value for both the server and client.

I ran into this same issue w/ getting a 3560 talking vtp to my server on a 4507. it wound up being a mismatch between each device's understanding of the same vtp revision.

Rajat Chauhan · ‎03-10-2007

Hi,

There can be two scenarios thus far:

1. Two vtp servers with different content but same revision number.

The MD5 digest checksum errors suggest that two switches have the same configuration revision, but not the same vlans configured. If you create a fake vlan on one of the VTP servers, then the configuration revision should increase and this will update the other switch, stopping the mismatch.

2. Vlan.dat corruption.

If the file is corrupted, we'd need to delete the file and create vlans manually again. This would require downtime for this switch. You can use any other switch as a vtp server for that time period. Be cautious though.

Please rate as helpful.

Regards

Rajat Chauhan

mimalloy · ‎07-30-2008

Thanks guys. I had the same problem. Triple checked my passwords and was pulling my hair out. Changed the name of a vlan on the vtp server and rev number jumped to 1 (both switches were at 0) and problem fixed. Thanks much.....MM