show intferaces trunk command

Answered Question
Jul 10th, 2009
User Badges:
  • Bronze, 100 points or more

Hi every body!



The command " show interfaces trunk" shows a lot of information. My focus is information appears under:

" vlans allowed and active in management domain" and " vlans in spanning tree forwarding state and not pruned".



Shouldn't the information be same?

Is there any possibility that information appears below these two above mentioned lines will be different?


thanks a lot and have a nice weekend!

Correct Answer by Edison Ortiz about 7 years 10 months ago

Giuseppe, thanks for the assist - rated.

Correct Answer by Giuseppe Larosa about 7 years 10 months ago

Hello Sarah,


>> Shouldn't the information be same?

Is there any possibility that information appears below these two above mentioned lines will be different?


the first line provides an administrative information, the second line provides an operational information


where the two information can differ?

on uplinks of access layer switches for examples connected to two distribution switches:

on link1 are in STP forwarding state the vlans that have STP root bridge on device dis1 connected to link1

the opposite happens on link2 to dis2


Example:


sh int gi1/1 trunk


Port Mode Encapsulation Status Native vlan

Gi1/1 on 802.1q trunking 1


Port Vlans allowed on trunk

Gi1/1 1,64,68,75,85-87,90-93,209,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,750-751,800-803,805,810,850-853,860,870,880,904,1002-1005


Port Vlans allowed and active in management domain

Gi1/1 1,64,68,75,85-87,90-93,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880,904


Port Vlans in spanning tree forwarding state and not pruned

Gi1/1 64,68,75,85-87,90-93,401-405,411,450,500,502-505,508,510,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880


this is taken from production network the switch has two uplinks one on g1/1 the other on g1/2


the list of permitted vlans is the same on both links but in normal scenario the list of STP fwd vlans is complementary


Here it is the second link


sh int gi1/2 trunk


Port Mode Encapsulation Status Native vlan

Gi1/2 on 802.1q trunking 1


Port Vlans allowed on trunk

Gi1/2 1,64,68,75,85-87,90-93,209,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,750-751,800-803,805,810,850-853,860,870,880,904,1002-1005


Port Vlans allowed and active in management domain

Gi1/2 1,64,68,75,85-87,90-93,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880,904


Port Vlans in spanning tree forwarding state and not pruned

Gi1/2 1,64,90,301,420,550,552,904


I remember old CCNP switching book advising to look always at the last line to understand if a trunk is really carrying user data for a vlan.



Hope to help

Giuseppe



Correct Answer by Edison Ortiz about 7 years 10 months ago

You can have a Vlan 'Active and in Management Domain' without being forwarded on the switchport due to manual or vtp pruning.


__


Edison.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Loading.
Correct Answer
Edison Ortiz Fri, 07/10/2009 - 17:53
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You can have a Vlan 'Active and in Management Domain' without being forwarded on the switchport due to manual or vtp pruning.


__


Edison.

sarahr202 Fri, 07/10/2009 - 18:24
User Badges:
  • Bronze, 100 points or more

Thanks Edison.







"You can have a Vlan 'Active and in Management Domain' without being forwarded on the switchport due to manual or vtp pruning."



In my book, vlan 3 is removed by" switchport trunk allowed vlan remove 3 " command. Then " show interface trunk" shows the following:( output omitted)


port vlans allowed and active in domain

gio/1 1,4


port vlans is stp forwd state ,not pruned



gi0/1 1,4



Here the vlan is not listed under " vlans allowed and active in management domain" though it is manually removed.


Thanks a lot and have a nice weekend!



Edison Ortiz Fri, 07/10/2009 - 18:38
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Stand corrected


I'll have to double-check the situation that you are after when I get a hold of a switch on Monday but I believe it could happen if the downstream switch does not have the Vlan being forwarded on its DB.


It can be active and allowed on the local switch but not being forwarded.


__


Edison.

Correct Answer
Giuseppe Larosa Fri, 07/10/2009 - 21:49
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Sarah,


>> Shouldn't the information be same?

Is there any possibility that information appears below these two above mentioned lines will be different?


the first line provides an administrative information, the second line provides an operational information


where the two information can differ?

on uplinks of access layer switches for examples connected to two distribution switches:

on link1 are in STP forwarding state the vlans that have STP root bridge on device dis1 connected to link1

the opposite happens on link2 to dis2


Example:


sh int gi1/1 trunk


Port Mode Encapsulation Status Native vlan

Gi1/1 on 802.1q trunking 1


Port Vlans allowed on trunk

Gi1/1 1,64,68,75,85-87,90-93,209,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,750-751,800-803,805,810,850-853,860,870,880,904,1002-1005


Port Vlans allowed and active in management domain

Gi1/1 1,64,68,75,85-87,90-93,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880,904


Port Vlans in spanning tree forwarding state and not pruned

Gi1/1 64,68,75,85-87,90-93,401-405,411,450,500,502-505,508,510,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880


this is taken from production network the switch has two uplinks one on g1/1 the other on g1/2


the list of permitted vlans is the same on both links but in normal scenario the list of STP fwd vlans is complementary


Here it is the second link


sh int gi1/2 trunk


Port Mode Encapsulation Status Native vlan

Gi1/2 on 802.1q trunking 1


Port Vlans allowed on trunk

Gi1/2 1,64,68,75,85-87,90-93,209,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,750-751,800-803,805,810,850-853,860,870,880,904,1002-1005


Port Vlans allowed and active in management domain

Gi1/2 1,64,68,75,85-87,90-93,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880,904


Port Vlans in spanning tree forwarding state and not pruned

Gi1/2 1,64,90,301,420,550,552,904


I remember old CCNP switching book advising to look always at the last line to understand if a trunk is really carrying user data for a vlan.



Hope to help

Giuseppe



Correct Answer
Edison Ortiz Sat, 07/11/2009 - 04:52
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Giuseppe, thanks for the assist - rated.

Actions

This Discussion