6509 connection the gig interface and uplink are in spanning-tree but the uplink does not forward traffic on the trunk even though it is allowed.


  Spanning tree enabled protocol ieee

  Root ID    Priority    8414

             Address     0022.9189.a800

             Cost        4

             Port        513 (GigabitEthernet5/1)

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32990  (priority 32768 sys-id-ext 222)

             Address     0017.0f3c.b800

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time 1830

Interface        Role Sts Cost      Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Gi5/1            Root FWD 4         128.513  P2p

Gi6/1            Altn BLK 4         128.641  P2p

Gi7/43           Desg FWD 19        128.811  Edge P2p

USSMCECEDSI001>sh int gi5/1 trunk

Port          Mode         Encapsulation  Status        Native vlan

Gi5/1         desirable    802.1q         trunking      1

Port          Vlans allowed on trunk

Gi5/1         1-4,8-10,12-15,18,20,26,30,48,52,57,60,62,71-72,80,85-86,199,204,222,227,229-230,234,236-237,239,242-243,247-248,250,268-275,300,305,329,338,345,350,360,363,365,372-376,383-387,389,391-392,530-533,536-537,558

Port          Vlans allowed and active in management domain

Gi5/1         1-4,8-10,12-15,18,20,26,30,48,52,57,60,62,71-72,80,85-86,199,204,222,227,229-230,234,236-237,239,242-243,247-248,250,268-275,300,305,329,338,345,350,360,363,365,372-376,383-387,389,391-392,530-533,536-537,558

Port          Vlans in spanning tree forwarding state and not pruned

Gi5/1         1,3,9,13,15,57,60,71,85-86,199,227,229-230,237,239,242,247-248,250,268-275,300,305,329,345,365,372-373,375,383-384,386-387,391,531,533,537

Jon Marshall Mon, 09/20/2010 - 11:30


How are you determing that the link is not forwarding traffic ?


Jon Marshall Mon, 09/20/2010 - 11:41


Okay, obvious question i'm afraid, where is that device ie. what switch is it connected to and is that switch on the other end of the trunk ? Whether it is or it is further down the line on another switch can you check all the trunk links back to the 6500 from the switch the device is connected into and make sure vlan 222 is allowed on all trunk links and that it is not blocked.

Could you also check the device is up and running and that it has no inbuilt firewall that would stop it responding.


The end device is a fw. the g7/43

interface is the e0/0 and the mac adress is 001a.6d7c.8676

the sh int g5/1 trunk command in the first posting shows the vlan allowed and in the domain but the vlan is not forwarding on the interface even though the spanning-tree commands say it is.

The two commands sh spannng-tree vlan 222 and the sh int gi5/1 trunk say two different things on the same switch.

Jon Marshall Mon, 09/20/2010 - 12:18


Oops, missed that, thanks for pointing it out. What is gi5/1 connected to ie. is it directly connected to the fw (by which i assume you mean firewall) or is there another switch in between (or multiple switches). Perhaps you could explain the topology.

If multiple switches can you check their status, specifically the vlan database ie. "sh vlan brief" and make sure vlan 222 is present.



