vlan on dist switch n access switch puzzling me...

Unanswered Question
Sep 14th, 2007

Hi Experts,

got one qn to ask u..it looks simple but doesn;t work to prove on the technically side.. I have created vlan 20 at access switch 2950 for one user, n this access switch is connected to 3750 which is Distribution switch. In turn, this distribution switch is connected to the core switch. The problem now is..user vlan 20 is not in the same vlan 20 as in core switch ip add range until create another vlan 20 at the distribution switch.

Why does this happens? as the trunkings are suppose to span all VLANs across.. which in this case 3750 connected to 4506 is trunked..and 3750 connected to 2950 is also trunk..

very puzzling..

Another info is , 3750 has a domain vlan name and is a transparent mode n no password set.

interface vlan 20 : ip add

Vlan 20 Vlan 20

4506 --------------------------- 3750 ------------------------------------------ 2950 ----------------------- USer PC

gi0/1(trunk) gi2/0/1(trunk) fa0/1 (trunk) fa0/1 (trunk)

Thanks in advanced.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
paul.matthews Fri, 09/14/2007 - 00:19

The 3750 in transparent mode for VTP means it passes VTP through, but ignores it.

What you are best doing really is set the core switches up as VTP servers, all other switches as VTP clients all in the same VTP domain. That way you just add VLAN20 at the server and it gets propagated to all switches.

Idwally you should also have a password applied, to reduce the chance of a rouge VTP server being added.

cindylee27 Fri, 09/14/2007 - 00:28

Thanks Paul for your reply..

But the user is connected to 2950 switch and there are no users at 3750 switch. 3750 merely for connection to all the access switches and uplink to the Core Switch.

What i dun understand is..Since the gigabitethernet and the fastethernet are both in trunking mode.. meaning can span even vlan 20 across to Core Switch...why transparent mode still can impact on this??

Thanks again!

Jon Marshall Fri, 09/14/2007 - 00:38


I'm a little confused. You say you created vlan 20 on the 2950 so then it must be either vtp transparent or a VTP server.

What mode is the 4500 switch running in ?

Where i am confused is if you had already created vlan 20 on 4500 then why was that not propogated to 2950. Are the 4500 and the 2950 in different VTP domains ?


paul.matthews Fri, 09/14/2007 - 00:44

My reading of the question was that VLAN20 was present on both core and access switches, but it didn't work until VLAN20 was created on the distribution switch (3750) manually - with the 3750 in transparent mode.

Jon Marshall Fri, 09/14/2007 - 00:46

Hi Paul

Yes it's a little unclear. I think it was when Cindy said she had created vlan 20 on the access switch but rereading it you may well be right in your interpretation.

Cindy, could you put us out of our misery :)


paul.matthews Fri, 09/14/2007 - 00:50

Isn't English wonderful!

People get upset when they ask for advice because a switch keeps falling over and I suggest rack mounting it properly

cindylee27 Fri, 09/14/2007 - 00:52

Sorry Jon, I really didn;t clarify properly.

Well, there are 2 core switch 4506 as redundancy.

Core Switch(4506) - 1 : transparent mode, X vtp domain

Core Switch(4506)- 2 : transparent mode, no vtp domain

Dist Switch(3750) : transparent mode, X vtp domain

Access Switch(2950) : transparent mode, X vtp domain

So, can say that all of them are transparent mode..

Hope this is clear..thanks again..

cindylee27 Fri, 09/14/2007 - 00:59

ops..just saw Paul's reply :) well, english really wonderful as it can really bridge everyone from all over the world..

From East Asia (myself) to West, and to you guys..:P

paul.matthews Fri, 09/14/2007 - 01:03

The fun with English is that there are so many subtleties thatis can get very confusing, and sometimes we native speakers have to take a step back from what something appears to say and look at alternative meanings to try to understand what is being asked.


Kevin Dorrell Fri, 09/14/2007 - 01:43

[OT], and very much so.

English is great for bridging cultures, but there is also much local dialect. In an international situation like this we have to be careful not to be misinterpreted. Brits (like me) and Americans have been described as "two peoples, divided by a common language".

I'm sure I use expressions in "English English" that would leave Americans baffled: "Nice weather for ducks", "Two sandwiches short of a picnic", etc. etc.

And I'm sure that the Internet itself is developing its own "local" dialect.

OK, I'll shut up now - this is extreme OffTopic.

Kevin Dorrell


paul.matthews Fri, 09/14/2007 - 01:59

I know what you mean - I am a fellow Brit

While OT I do think it is relevant (at times).

I'll shut up too!

Jon Marshall Fri, 09/14/2007 - 02:25

Yep, me also and just to show solidarity with my fellow Brits i'll shut up as well :)

paul.matthews Fri, 09/14/2007 - 00:59

I'll be honest - I have never seen the point of transparent mode!


For best effect set all domains the same, set core switches as servers and all others as clients.

If you really want to use transparent, you will need to manually create the VLAN on the core, distribution and access switches. Assuming access and dist switches are multi-homed, you will need to configure the VLAN on both/all core, both dist and the access switches if you want to use the resilience you have of the multi-homing.

cindylee27 Fri, 09/14/2007 - 01:12

Thanks Paul..

Somehow it happened..due to history i presumed... ;)

well, "multi-homed" get into me now.. what is that actually ?

Well,am still lost..:) due to the "trunk" word as well..still dun get it why..

Jon Marshall Fri, 09/14/2007 - 01:57


To try and answer you question.

If all switches are set to transparent mode then to have a vlan that spans your switches you will as Paul says have to create that vlan on all the switches.

Now lets say host A is on sw1 and in vlan 20.

Host B in sw2 and is in vlan 20.

Both switches are in VTP transparent mode and both switches have a vlan 20.

All switches in this example are connected via trunk links.

Host A wants to send a packet to Host B, gets the mac-address for host B, sends the packet which is switched across the trunk link and then delivered to Host B on the sw2.

Now lets say you add a switch in between sw1 and sw2, call it sw1a. On sw1a you do not have a vlan 20. If sw1a does not have a vlan 20 then in effect the vlan 20 on sw1 and the vlan 20 on sw2 are completely separate vlans. Neither sw1 nor sw2 see vlan 20 down the other end of the trunk link, they only see vlan 20 locally.

Only when you have actually created a vlan 20 on the sw1a have you in effect "joined" up the two isolated vlan 20's.

VTP server/client mode takes care of all of this for you.

Does this make sense ?


paul.matthews Fri, 09/14/2007 - 01:57

By multi homed I mean you have two (or more) core switches so each distribution switch will link back to two core switches, at the next layer, each access switch also links back to two distribution switches, so that you have resilience for device or link failure.

See attached diagram as an example.

cindylee27 Fri, 09/14/2007 - 02:01

Thanks guys for all your input..post rated..

will try to digest..:)

cindylee27 Mon, 09/17/2007 - 20:21


sorry to bring up this issue but would like to get deep out of it on what is happening..I found some info from the switch..silly me..not sure if this could be the course of it..

VTP Version : 2

Configuration Revision : 0

Maximum VLANs supported locally : 1005

Number of existing VLANs : 44

VTP Operating Mode : Transparent

VTP Domain Name : LTTA

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Enabled

MD5 digest : 0x40 0xF5 0x0D 0xE3 0x5F 0xCA 0x1B 0x48

Configuration last modified by at 0-0-00 00:00:00

The VTP Version 2 seems like disable..Could this be the reason which not able to propagate the vlan info across the trunk interface connected to core switches??

paul.matthews Mon, 09/17/2007 - 23:50

Disabled means ignore the info but forward it. A switch in VTP mode transparent will not learn any VLANs vis VTP, so it could well be part of your problem.


This Discussion