VLAN.DAT creation from TFTP'd config

Unanswered Question
Jan 30th, 2009

I did a complete switch config, VLANs and all, and TFTPd the config out to a server. Then I cleared the switch out (delete vlan.dat and wri era/reload). Once it reloaded I configured the minimum necessary to get IP connectivity to the TFTP server, and did a copy tftp run. The copy was successful and everything was right...expect that no VLAN.DAT was created.

I assumed that when the switch parsed the confg file, as an interface was configured for access to a VLAN, that particular VLAN would be created. But that didn't happen.

I ran a SHO IP INT F0/2 and saw that the port was assigned to VLAN120 and it was (INACTIVE). SHO VLAN does NOT show VLAN120 in any way (active or suspended).

So why doesn't the switch create the VLAN.DAT while parsing the config? or does it, but something is missing so the VLAN is inactive instead of...active?

Tried this on two 3560s, one running IPSVCS-K9 and the other running IPBASE. Same results on both.

Thanks for any insight!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
lamav Fri, 01/30/2009 - 13:48

The vlan.dat file is created and written directly to NVRAM when you enter the commands to create the vlans:

vlan 20

name Management_vlan

vlan.dat fies are not dynamically created by parsing the startup config.



lamav Fri, 01/30/2009 - 13:55

For some reason, I am not allowed to edit my own message. I will have to post another as a correction.

The vlan.dat file is written to FLASH, not NVRAM.

glen.grant Fri, 01/30/2009 - 16:42

Thats because your box is set as  a vtp server and the vlan config is not part of the running config . If you change the setup to transparent mode all vlan information is in the config file and the vlans would be created when tftping the file into the switch.  If the switch is in server mode then you have to save a copy of the vlan.dat  also and copy it back in , otherrwise that is why you would have 2 vtp servers , if one goes away you can just just the config the switch   and once you put the switch on the network it would learn all the vlans from the other vtp server.   If you have 1 vtp server you must backup the vlan.dat file.

lamav Fri, 01/30/2009 - 17:16


Im not sure what you're saying is correct. The vlan.dat file is not dynamically created from scratch simply because there are access ports configured to be in certain vlans, even when the switch is operating in vtp transparent mode.



glen.grant Fri, 01/30/2009 - 18:50

That is correct but the vlans are created in global config mode and they do show up in the running config when in transparent mode . 

conf t

vlan X

lamav Fri, 01/30/2009 - 19:23

"the vlans are created in global config mode and they do show up in the running config when in transparent mode." 

Yeah, and? Im not sure I understand what that has to do with his question.

If I understand him correctly, he is asking why it is that the vlan.dat file was not automatically created and populated with the correct vlan information when he downloaded the config file from the tftp server.

As he explains, his expectation is that, upon importing the configuration file from the tftp server, the switch's parser will see that certain access ports are placed in certain vlans and, based on that, intuitively build a vlan database (vlan.dat) file accordingly. That's now how it works regardless of what VTP mode the switch is in.



glen.grant Fri, 01/30/2009 - 19:55

My guess is he ran into something like this if the switches are new. So if it uses the vlan.dat and there is nothing in it then that would make all the ports inactive because there is nothing defined in the vlan.dat . Maybe the answer is on the switches configure the vtp domain name and vtp mode and then download your file then the config file and the vlan.dat would match for the domain name and vtp mode. Wow there is something wrong with trying to post stuff in here today, they have webpage issues. Try to put the domain name and vtp mode in first and then download the config and see what happens.


When the switch boots, if the VTP domain name and VTP mode in the startup-config and vlan.dat files do not match, the switch uses the configuration in the vlan.dat file.

riedmueller Sat, 01/31/2009 - 18:02

The switches were blank, e.g. del flash:vlan.dat and write erase were run. I don't believe VTP mode has anything to do with this, as in both server and transparent mode the switch is allowed complete access to the VLAN.DAT file, and this switch (all three i tried this on) were stand alone (e.g. not trunked to other switches) so there wasn't even the opportunity for VTP to have an impact.

I think Victor caught on to what I was trying to say.

There are two common ways to create the VLAN.DAT file; the first is from global config using the VLAN <#> command, and the other is from interface configuration mode, but configuring an interface to access a particular VLAN; if it doesn't exist, the command parser recognizes that and creates the VLAN for you.

I configured the switches completely, with switchport mode access, switchport access vlan xxx, and spanning-tree portfast as configuration commands for each interface. That was saved into the startup config.

My expectation, based on what I just typed, is that the switch will receive the config file from the tftp server and parse it, line by line -- so when it gets to the configuration for F0/2, it reads the switchport access vlan 120 line and creates that VLAN as well as adds that port to that VLAN. That's not happening.

glen.grant Sat, 01/31/2009 - 19:47

Understood , I'm just speculating here on what is going on from info gleaned from a cisco config doc.


caveat:When the switch boots, if the VTP domain name and VTP mode in the startup-config and vlan.dat files do not match, the switch uses the configuration in the vlan.dat file.


So if you clear out the config along with the vlan.dat and just configure enough to get on the air to download the config into startup config . you reload the switch according to the caveat it looks to see if the vtp domain name and vtp mode matches between startup and the current vlan.dat , it does not match because it was stripped out and thus uses a vlan.dat file that has nothing in it currently. Something to try would be to see if you put the vtp domain and vtp mode in the vlan.dat before downloading it would then match between startup and the vlan.dat . Then maybe it might populate the vlan.dat file with the vlans because the information matches between startup and the vlan.dat. Just something to try.

Can someone comment on why this new system is putting all the extra garbage in the message , I can't figure it out .



This Discussion