Solved: Different VTP revision number in the same domain

CSCO11584685 · ‎06-09-2010

So, here is something i got. which is very confusing for a start. and gets more complicated.

I have many switches connected to my VTP server. suddenly, we get some connectivity issues. so we start checking the usual thing. what we found was the following:

one client had a revision number: 32, and vlans: 39. while the other client had a revision number: 76, and vlans: 59, and the last one had a revision number: 0, and vlans: 39.

Keep in mind they are all in the same domain!

what possible thing can cause this.

Another issue we got is that, since the trunks were in auto desiarble, suddenly some of them turned into access while at the other end they are trunk!

I thought both the issues could be related, but knowing that we havent added or removed any vlans in past weeks the number of vlans and revisions should match regardless.

Another issue that happened, which is more confusing to me. let me put a diagram.

So, switch 0 has many mac address for the CPU (when you do "show mac-address") lets say (aaaa;aaaa;aaaa, bbbb;bbbb;bbbb, cccc;cccc;cccc)

i found that in switch 1. the mac address aaaa;aaaa;aaaa is repeating in every vlan in the vlan database when i did "show mac-address dynamic" and the outgoing link is the trunk connecting to 0.

while in switch 2. he mac address bbbb;bbbb;bbbb is repeating in every vlan in the vlan database when i did "show mac-address dynamic" and the outgoing link is the trunk connecting to 0.

while in switch 3, it was normal. no repeating mac addresses in any vlan. and they were all unique.

if any idea, let me know. thanks.

Giuseppe Larosa · ‎06-09-2010

Hello CSCO11584685,

>> So, switch 0 has many mac address for the CPU (when you do "show mac-address") lets say (aaaa;aaaa;aaaa, bbbb;bbbb;bbbb, cccc;cccc;cccc)

i found that in switch 1. the mac address aaaa;aaaa;aaaa is repeating in every vlan in the vlan database when i did "show mac-address dynamic" and the outgoing link is the trunk connecting to 0.

while in switch 2. he mac address bbbb;bbbb;bbbb is repeating in every vlan in the vlan database when i did "show mac-address dynamic" and the outgoing link is the trunk connecting to 0.

>>

Be aware that different switch platforms may:

use a different MAC address for each SVI

use the same MAC address on all SVIs (for example in C6500 with recent IOS images)

so what you see may be quite normal and not a problem, also a router using Vlan subinterfaces use the same MAC address for all of them based on BIA of main physical interface

on C6500 sh module gives the list of MAC addresses on the device but not all of them are used.

A different MAC address should be used as source in STP BPDUs sent out (one per L2 port)

Hope to help

Giuseppe

View solution in original post

CSCO11584685 · ‎06-09-2010

there is no edit. so let me add.

yes, i know that the design is wrong in the drawing. but lets say that the building is just not as important as other ones. hence the every wrong thing in the best practices guide.

Giuseppe Larosa · ‎06-09-2010

Hello ,

>> Another issue we got is that, since the trunks were in auto desiarble, suddenly some of them turned into access while at the other end they are trunk!

use switchport mode trunk between switches it is highly recommended this is probably the root cause of the issues you are seeing as some trunks may have been turned in access ports over time.

VTP require a trunk link to propagate information so this is a key point

fix all this and wait some time.

revision 0 should mean the device never received a VTP update from server

Hope to help

Giuseppe

CSCO11584685 · ‎06-09-2010

believe me, if it was in my hand. all the trunks would have been hard coded. but ya, now that they seen what can happen, they will do it.

It is not possible that revision is 0, while he is a client, in the right domain, and with the exact vlan numbers (with the exact vlans). that is just too weird.

Jon Marshall · ‎06-09-2010

It is not possible that revision is 0, while he is a client, in the right domain, and with the exact vlan numbers (with the exact vlans). that is just too weird.

It is possible if the trunk link is down. If your switch was changed to VTP transparent and then back to VTP client it would end up with a revision number of 0 but it would still have the vlans it had before.

As Guiseppe says the trunk links need sorting out

Jon

CSCO11584685 · ‎06-09-2010

It is possible if the trunk link is down. If your switch was changed to VTP transparent and then back to VTP client it would end up with a revision number of 0 but it would still have the vlans it had before.

yeah, that could be. im not sure if the other two engineer did something like that to it or not. although they shouldnt have. o well.

so even this mac address thing is related to trunking issues?

sachinraja · ‎06-09-2010

Well, MAC addresses repeating might really not be due to trunking issue.

What IPs do these MAC correspond to ? Can you go to the upstream switch and see on the ARP table if you find any IP address for these entries ? Are they HSRP MAC address by any chance ? HSRP MACs are anyway different for each group specified on the switch.. what vlans do these MAC correspond to ? and arent the same vlans defined on switch 3, where you dont see these MACs ?

Raj

Giuseppe Larosa · ‎06-09-2010

Hello CSCO11584685,

>> So, switch 0 has many mac address for the CPU (when you do "show mac-address") lets say (aaaa;aaaa;aaaa, bbbb;bbbb;bbbb, cccc;cccc;cccc)

i found that in switch 1. the mac address aaaa;aaaa;aaaa is repeating in every vlan in the vlan database when i did "show mac-address dynamic" and the outgoing link is the trunk connecting to 0.

while in switch 2. he mac address bbbb;bbbb;bbbb is repeating in every vlan in the vlan database when i did "show mac-address dynamic" and the outgoing link is the trunk connecting to 0.

>>

Be aware that different switch platforms may:

use a different MAC address for each SVI

use the same MAC address on all SVIs (for example in C6500 with recent IOS images)

so what you see may be quite normal and not a problem, also a router using Vlan subinterfaces use the same MAC address for all of them based on BIA of main physical interface

on C6500 sh module gives the list of MAC addresses on the device but not all of them are used.

A different MAC address should be used as source in STP BPDUs sent out (one per L2 port)

Hope to help

Giuseppe

CSCO11584685 · ‎06-09-2010

@raj:

as i said, the mac address was not of certain IP or unknown device (ruling out any attacks here) but it was one of the switch mac address. (when you do show mac-address you'll see 3 or 10 like this format All xxxx:xxxx:xxxx CPU )

>>>>>>>>>>

Be aware that different switch platforms may:

use a different MAC address for each SVI

use the same MAC address on all SVIs (for example in C6500 with recent IOS images)

so what you see may be quite normal and not a problem, also a router using Vlan subinterfaces use the same MAC address for all of them based on BIA of main physical interface

on C6500 sh module gives the list of MAC addresses on the device but not all of them are used.

A different MAC address should be used as source in STP BPDUs sent out (one per L2 port)

Hope to help

Giuseppe

>>>>>>>>>>>

you are correct, another person told me something similar. said that since it is trunk, and the trunk connecting two switches, then the mac address of that switch will appear in each vlan connected to the other switch. and yes, it makes alot of sense. so i guess it was normal, and im learning.