I am trying to understand some interesting layer 2 behavior that occurred when pruning a VLAN.
The topology is a 3750 stack uplinked to a 6509 and 4006 via 1gb fiber ports configured for dot1Q trunking. The 6509 and 4006 are also connected by a trunk. Initially VLAN 10 was allowed on all trunks, and Spanning Tree was blocking the 3750 port to the 6509. The 4006 is the root bridge.
The original problem was intermittent packet loss on VLAN 10. No port errors or other obvious issues. Other VLANs using the 6509 link were error free. To force VLAN 10 traffic to use the 6509 link, the 4006 trunk port was pruned to clear VLAN 10. As expected VLAN 10 then used the 6509, and no errors were seen, at least not initially. After an hour or so, 3 IP phones (out of 100 plus on the stack) started resetting every few minutes.
Observing traffic counters it became clear that VLAN 10 traffic was looping in one direction. The outbound utilization on the 6509 matched the inbound on the 4006. The inbound utilization on the 4006 was about 10 times the outbound. A Sniffer SPAN'd to the port did not show this asymmetry. At that point the 3750 trunk to the 4006 was also pruned to not allow VLAN 10, resulting in the loop being broken and traffic returning to normal.
The looping traffic was not Ethernet broadcasts which the Sniffer would have seen, so I am thinking it was VLAN 10 PVST BPDUs, but why would the 4006 that was the root for VLAN 10 not discard BPDUs that it had originated? Or will a port SPAN session on a trunk not show inbound traffic on a pruned VLAN that is actually being forwarded by the switch. Unfortunately I did not put the Sniffer on the 6509 port.
Clearly, when pruning VLANs, both sides of a trunk should match, but what happens when only one side is pruned? Shouldn't the pruned trunk block that VLAN in both directions?