×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Vlan 1 and STP

Answered Question
Aug 7th, 2006
User Badges:

Hi,


Have a client whose IOS 6500/sup720 shows the following output:

----------show output--------


Core_2#sho spanning-tree vlan 1


Spanning tree instance(s) for vlan 1 does not exist.


------------------------------

--------Config Excerpt--------


no spanning-tree vlan 1025-1045,1055-1062,1065-1083

spanning-tree vlan 101,169,504,516-518,520,571,800 priority 16384

spanning-tree vlan 523,572,900,999 priority 8192


---------------------------------


This puzzles me, why dont I see 'no spanning-tree vlan 1' in the config? I have recommended enabling stp for Vlan 1 but dont understand why this was not apparent in the config. Any ideas please?


rgds Les

Correct Answer by Francois Tallet about 11 years 1 week ago

Hi Les,

In the configuration you are showing, vlan 1 is not allowed on the trunk. That means that means that hopefully everything is fine;-)

Vlan 1 can be removed from a trunk. It used to be that this was not possible. Also, on the cat6k at least, even when the user removes vlan 1 from a trunk, the hardware still programs it as an allowed but blocking vlan. Practically, it means that no user traffic can go through vlan 1 (which is what customer expects) while it is still possible for some Cisco specific protocols like DTP or VTP to go through (these protocols took advantage of the fact that it used to be impossible to remove vlan 1 from a trunk).

Regards,

Francois

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
gpulos Mon, 08/07/2006 - 08:10
User Badges:
  • Blue, 1500 points or more

perhaps VLAN 1 is not in 'protocol UP' state.


verify LINE UP and PROTCOL UP on the VLAN 1 and then look at it's spanningTree config again.

Francois Tallet Mon, 08/07/2006 - 09:56
User Badges:
  • Gold, 750 points or more

In order to save CPU cycles, an STP instance is not run unless it has some ports attached to it. It is likely that in your customer's case, there is not a single port with vlan 1 active on the switch.

Regards,

Francois

les.flack Mon, 08/07/2006 - 14:10
User Badges:

Hi Francois,


There are some ports active in vlan 1 (see below). Any other ideas why I see stp not enabled for vlan 1 but this does not show in the config ?


-----------------------------------

Core_1#sho vlan id 1


VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Gi1/1, Gi1/2, Gi1/3, Gi1/4

Gi1/9, Gi1/10, Gi1/11, Gi1/12

Gi1/20, Gi1/21, Gi1/22, Gi1/23

Gi1/26, Gi1/27


VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1 enet 100001 1500 - - - - - 0 0


Remote SPAN VLAN

----------------

Disabled


Primary Secondary Type Ports

------- --------- ----------------- -----------------


rgds


Les

Francois Tallet Mon, 08/07/2006 - 16:02
User Badges:
  • Gold, 750 points or more

Hi Les,

That's the only possibility. What you showed is that vlan 1 is active and it is configured on several ports. But the question is: is there a single of this port up and carrying vlan 1 (my wording "active in vlan 1" was misleading, sorry about that).

With the output you mentioned and with STP enabled for vlan 1, if you can find a single port forwarding traffic on vlan 1 then you can file a bug;-)

Regards,

Francois

les.flack Mon, 08/07/2006 - 23:40
User Badges:

Hi,


Just to clarify:


Are you saying that even though vlan 1 is configured on trunk ports that are up, because vlan 1 is not active on any access port that stp for vlan 1 is not active?

I expected that because vlan 1 is present (inherently) on 802.1q trunks that the stp for vlan 1 should be active?


rgds


Les

Francois Tallet Tue, 08/08/2006 - 10:48
User Badges:
  • Gold, 750 points or more

Hi Les,

No. I was saying that as soon as you have any port up and carrying traffic for vlan 1, then you should have a vlan 1 stp instance. That would definitely be the case if you have some trunk up and with vlan 1 allowed on them.

Regards,

Francois

les.flack Tue, 08/08/2006 - 13:41
User Badges:

OK


But isnt vlan 1 inherent on an 802.1q trunk. eg in the config below vlan 1 is still allowed right ?


interface GigabitEthernet1/27

description ##UPLINK-Price_01_+49##

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 101,516-518

switchport mode trunk

no ip address

logging event link-status

no cdp enable

So if that interface and trunk is up that implies an interface up in vlan 1 surely.


rgds


Les

Correct Answer
Francois Tallet Tue, 08/08/2006 - 15:06
User Badges:
  • Gold, 750 points or more

Hi Les,

In the configuration you are showing, vlan 1 is not allowed on the trunk. That means that means that hopefully everything is fine;-)

Vlan 1 can be removed from a trunk. It used to be that this was not possible. Also, on the cat6k at least, even when the user removes vlan 1 from a trunk, the hardware still programs it as an allowed but blocking vlan. Practically, it means that no user traffic can go through vlan 1 (which is what customer expects) while it is still possible for some Cisco specific protocols like DTP or VTP to go through (these protocols took advantage of the fact that it used to be impossible to remove vlan 1 from a trunk).

Regards,

Francois

Actions

This Discussion