Recovering specific vlan on a trunk from Spantree blocking

Answered Question
Feb 27th, 2009
User Badges:

I have a situation, where an Edge Switch is connected to the campus network by a single trunk port to the distribution switch. The issue is, the trunk for some reason is blocking this particular vlan, while the other vlans are in functional (forwarding state).


I wonder if there is a way to recover the blocked vlan back to the forwarding state without impacting the other vlans on the trunk.


Appreciate your expertise.


Thanks


Sami


Correct Answer by Francois Tallet about 8 years 1 month ago

Ah, I did not think of this one;-)

This is a mismatch in the native vlan configuration of the trunk.

Check both ends of your trunk. It should have the same vlan specified in:

switchport trunk native vlan X

(if the command is not appearing, the default native vlan is 1).

Regards,

Francois

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Fri, 02/27/2009 - 04:51
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Sami


You need to work out why this vlan is blocked. Is the connection an etherchannel or it is a single port ?


Is this the only connection the edge switch has to another switch.


if you do "sh spanning-tree vlan xx" for the vlan that is blocked what is it's root bridge ?


Jon

ccie16351 Fri, 02/27/2009 - 06:20
User Badges:

Hi Jon,

the connection for that edge switch to the campus is a single port in trunk mode, all other ports are access ports connected to servers.


Yes, this connection is the only uplink for this switch.


The output for sh spanning-tree for the 3 vlans this trunk is carrying show that the root bridge for all these vlans is the Core Switch of the Data Center.


Thanks



Francois Tallet Fri, 02/27/2009 - 06:24
User Badges:
  • Gold, 750 points or more

Hi Sami,

STP blocks only redundant connection to the root bridge. If STP blocks this port on this vlan, it means that it has detected at least two ports leading to root bridge on this vlan. In the show spanning-tree vlan x that you have collected, check where the root port is. This is your redundant connection.

If you don't see this, please post the result of "show spanning-tree vlan X detail" for this particular vlan.

Thanks and regards,

Francois

ccie16351 Fri, 02/27/2009 - 06:38
User Badges:

Thanks Francios,

what you said is quite interesting, I can't imagine how any of the other ports could become the root ports, since the switch I am talking about is a Blade Switch serving only servers.


I am off-work today but I will go to the office just to post the output for the show spanning-tree vlan x.


Sami



Francois Tallet Fri, 02/27/2009 - 06:43
User Badges:
  • Gold, 750 points or more

Maybe you have a server doing bridging instead of nic teaming;-)

Other possibility could be a specific STP feature kicking in... but with the information you have already provided, I don't see any (except maybe loopguard or the dispute mechanism, that could highlight a problem on the upstream switch). The show command will definitely help understanding.

Thanks and regards,

Francois

ccie16351 Fri, 02/27/2009 - 07:17
User Badges:

Hi Francois,

here is the output I have taken when the problem did occured and before the remedy I have taken to keep the business going.


CAB2-BC1-E1#sh spanning-tree vlan 3


VLAN0003

Spanning tree enabled protocol rstp

Root ID Priority 32771

Address 0016.9d3d.3900

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec


Bridge ID Priority 32771 (priority 32768 sys-id-ext 3)

Address 0016.9d3d.3900

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300


Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Gi0/5 Desg FWD 4 128.5 P2p

Gi0/8 Desg FWD 4 128.8 P2p

Gi0/9 Desg FWD 4 128.9 P2p

Gi0/17 Desg BKN*4 128.17 P2p *PVID_Inc


CAB2-BC1-E1#



Correct Answer
Francois Tallet Fri, 02/27/2009 - 07:27
User Badges:
  • Gold, 750 points or more

Ah, I did not think of this one;-)

This is a mismatch in the native vlan configuration of the trunk.

Check both ends of your trunk. It should have the same vlan specified in:

switchport trunk native vlan X

(if the command is not appearing, the default native vlan is 1).

Regards,

Francois

ccie16351 Fri, 02/27/2009 - 07:36
User Badges:

Hi Francois & Jon and every one out there,

the native vlan at both ends of the trunk is the default vlan 1.


Does any one out there noticed some thing abnormal in the the output of show spanning-tree vlan 3.


Thanks

Sami



Francois Tallet Fri, 02/27/2009 - 07:45
User Badges:
  • Gold, 750 points or more

Hi again Sami,

Yes, having port g0/17 in broken state due to PVID inconsistency is not normal. Is gi0/17 the port you were concerned about? I guess so because it's the only one blocking there.

Is it directly connected to a Cisco switch?

Regards,

Francois

ccie16351 Fri, 02/27/2009 - 07:50
User Badges:

Thanks Francois,

I found mismatch in native vlan at both ends of the trunk, fixed it and problem is resolved.


Appreciate your help. I will rate your post, right away.



Actions

This Discussion