I had a problem at work today that im still trying to understand.
We have a vtp domain at work with various switches in. I added a new switch into the network, configured the vtp domain info and it joined fine. data was working ok on the network. Trunk was working fine to the uplink switch and I added the voice vlan so that we could get the voip phones working.
Data was ok but the phones werent.
I checked other switches in this domain and they didnt allow specific vlans on the trunk ports between switches for this voice vlan. However in order to fix my problem I had to specifically allow this voice vlan under 'switchport trunk allowed' on the uplink switch.
I dont understand why this switch had to allow this vlan when none of the other uplink switches in that domain had to, its like the vlan was being pruned out but shouldnt have been.
I guess i'm just not understanding vtp well enough. I just thought that if each end was trunked it should allow all vlans?
Someone try and help me understand this as it felt like a school boy error if all I had to do was allow the vlan on the trunk!!
I may be misunderstanding your issue but if the vlan is not allowed on the trunk it won't work if that vlan's traffic needs to go across the trunk.
So if you specifically use the "switchport trunk allowed vlan ..." command on a trunk link then if you need a vlan to go across it you need to add it to the list.
VTP pruning is different ie. the vlan will be pruned off the trunk link if the switch at the other end has no member ports in that vlan.
So are you saying that all the other uplinks have been configured with allowed vlans and the voice vlan is not one of them but it works ?
Yes I probably was not making much sense. When I was checking other switches in the area there was an example of a link in the vtp domain with 2 switches linked together one being the uplink, and the gig ports were literally only configured with switchport trunk mode and encapsulation dot1q however when I did a 'show interfaces trunk' all vlans were there, so if those switches didnt need specific 'switchport trunk allowed vlan....' on their gig ports then why did my ones?
Does that make sense?
If they are only configured with the mode and encapsulation then by default all vlans are allowed across.
If you then configure the "switchport trunk allowed vlan .." command on the trunk port then that limits the vlans across the link to those in the list.
So once you have used that command if you want another vlan to be allowed on that trunk you must add it.
Are you saying the trunk link you had to explicitly allow the vlan across wan't already configured with the "switchport trunk allowed vlan ..." command ?
I think thats my point,
Before I explicitly allowed the vlans across the trunk the voice was not working, both the spur and uplink switch gig interfaces were just straight trunks without explicitly set vlans so the trunk should have carried the voice vlan the same as the data one.
However the voip phones would not work unless I explicitly allowed both data and voice vlans on the uplink switch gig port.
This is why I got confused as no where else in the domain did any of the other uplink switches have to explicitly allow any vlans on their trunks!
When the senior network engineer looked at it he immediately advised they were working as I had not added switchport trunk allowed vlan... on the uplink and that they were being 'pruned' from the interface.
Yes, your question makes sense now.
What doesn't make a lot of sense is that a vlan would only be pruned if there were no ports on the switch on the other end of the trunk link that were in that vlan.
Were there ports on both switches assigned to the voice vlan ?
As an additional question did you do a "sh int trunk" on both switches because this would have shown you which vlans were being pruned off the link ?
Thats possibly what it was Jon,
On the uplink switch the voice vlan on all ports was 168 and the voice vlan I needed on mine was 177. Presumably the other switches in the domain i had looked at had the same vlan for the voice.
Its obviously my ropey underatanding of vtp, I also hadnt checked show int trunk so did not see that the 177 was being pruned.
Cheers for your help.
Yes, i suspect that may have been the reason it was getting pruned off the link.
And by specifically allowing the vlan on the trunk you in effect overrode the VTP pruning.
Sorry it took me so long to understand the question