VTP and STP

Unanswered Question
May 17th, 2008

I'm currently studying for my ICND2 and i'm working through the VTP, VLAN and STP concepts and configuration. Here's my problem.

I have 2 switches, 2950 and a 2900. On the 2950 the fa0/24 is conneted to 2900 fa0/24 with trunking (dot1q) enable and working between them. VTP has been configured with VTP domain name 'Home' and both are in server mode.

I have since connected another cross over cable to 2950 - fa0/16 to 2900 fa0/16 (to play with STP). As it stands trunking has not negociated. The operating state on 2950 fa/16 is 'Operational Mode: static access + Administrative Mode: dynamic desirable' and the operating state on the 2900 fa0/16 is 'Operational Mode: static access + Administrative Mode: static access' Has this trunked or not?

As STP goes, i have set the 2950 as the route bridge by setting the bridge ID priority with 'mode primary'. STP has blocked fa0/24 on the 2900. So as it stands fa0/16 is the route between both switches.

What i dont understand is when i update the VLAN database on either switch, VTP is sending the VLAN information over the fa/16 (because fa0/24 is in a block state)successfully and the VTS configuration revisions are updating, but this port isn't trunked right? I thought VTP traffic can only go over trunks?

I hope from the information above soembody can comment on this but if more information is needed let me know.

Thanks for reading.

Garry

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
glen.grant Sat, 05/17/2008 - 07:21

Are you sure that interface is not trunked. What does it show with a show interface trunk command on the 2950. By default a 2950 is set in desirable mode so if the other side is desirable or auto then a trunk will be created whether you configure anything or not . I don't remember what the 2900's capabilities are as those were like the first switches that cisco created and are pretty out of date at this point. Also just because one link is blocked I believe things like vtp,cdp are still propagated over native vlan 1 so that information still gets passed . STP is per vlan . Not knowing how you have it set up and how many vlans etc we can only speculate but vtp and stuff cdp still get passed over vlan 1 even if it is blocked for normal data.

grichardson661 Sat, 05/17/2008 - 08:41

Hi Glen, thanks for your reply.

Here is the out out (below) from 'show interfaces trunk' on the 2950 switch. Only fa0/24 is trunked. My Native VLAN is the default (1). I have created other VLANS, 10,20,30,40 but not yet assigned them to any interfaces. Are you saying the VTP traffic can be sent over a non-trunk line to the other switch? or are you saying the VTP traffic still still choose the trunk, ignoroing the STP status (blocked)?

Cheers,Garry

SW1#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa0/24 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa0/24 1-4094

Port Vlans allowed and active in management domain

Fa0/24 1,10,20,40

Port Vlans in spanning tree forwarding state and not pruned

Fa0/24 1,10,20,40

grichardson661 Sat, 05/17/2008 - 08:43

I'll try some debug options to try and track the VTP traffic and which interfaces its routing through.

grichardson661 Sat, 05/17/2008 - 09:36

hmmmm still no joy! just to clarify.. the following output does state the fa0/24 (2950) is in the forwarding state, its the other side STP blocked.

SW1#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa0/24 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa0/24 1-4094

Port Vlans allowed and active in management domain

Fa0/24 1,10,20,40

Port Vlans in spanning tree forwarding state and not pruned

Fa0/24 1,10,20,40

Giuseppe Larosa Sat, 05/17/2008 - 11:43

Hello,

you say : "Here is the out out (below) from 'show interfaces trunk' on the 2950 switch. Only fa0/24 is trunked. My Native VLAN is the default (1). I have created other VLANS, 10,20,30,40 but not yet assigned them to any interfaces."

this means that the link fas0/16 -- fas0/16 is in Vlan 1.

STP, CDP, VTP are sent out in multicast frames with a L2 multicast address destination.

However, even if port fas0/24 of cat 2900 is blocked for the STP protocol it does not mean that it is disabled: a blocked port listens for BPDUs from the designated port on the segment and would react if it stops to receive them. The link is still up/up and from the cat2950 you can see your CDP neighbor on port fas0/24. So when you add a new vlan on cat2900 server it cand send out an untagged VTP frame out of fas0/24 with the new vlan and the new revision number.

For vlans 10,20,40 the port fas0/24 of cat2900 is in forwarding state.

The blocking state refers to the user traffic that is not received or sent out the STP blocked port (no learning of unicast mac addresses on blocked ports) and signaling protocols frames are generated by the switch itself and use predefined protocol specific multicast L2 address destinations

hope to help

Giuseppe

grichardson661 Sun, 05/18/2008 - 02:21

Hi Giuseppe, thanks for the detailed response. Very useful!

So, to wrap up, the VTP multicast frames are being sent through the trunk fa0/24 (and can only be sent over trunks) and any traffic thats not STP, CDP or VTP will be routed following the STP protcol decissions, in my case fa0/16.

Cheers,

Garry

Actions

This Discussion