Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Bronze

show intferaces trunk command

Hi every body!

The command " show interfaces trunk" shows a lot of information. My focus is information appears under:

" vlans allowed and active in management domain" and " vlans in spanning tree forwarding state and not pruned".

Shouldn't the information be same?

Is there any possibility that information appears below these two above mentioned lines will be different?

thanks a lot and have a nice weekend!

3 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Bronze

Re: show intferaces trunk command

You can have a Vlan 'Active and in Management Domain' without being forwarded on the switchport due to manual or vtp pruning.

__

Edison.

Hall of Fame Super Silver

Re: show intferaces trunk command

Hello Sarah,

>> Shouldn't the information be same?

Is there any possibility that information appears below these two above mentioned lines will be different?

the first line provides an administrative information, the second line provides an operational information

where the two information can differ?

on uplinks of access layer switches for examples connected to two distribution switches:

on link1 are in STP forwarding state the vlans that have STP root bridge on device dis1 connected to link1

the opposite happens on link2 to dis2

Example:

sh int gi1/1 trunk

Port Mode Encapsulation Status Native vlan

Gi1/1 on 802.1q trunking 1

Port Vlans allowed on trunk

Gi1/1 1,64,68,75,85-87,90-93,209,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,750-751,800-803,805,810,850-853,860,870,880,904,1002-1005

Port Vlans allowed and active in management domain

Gi1/1 1,64,68,75,85-87,90-93,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880,904

Port Vlans in spanning tree forwarding state and not pruned

Gi1/1 64,68,75,85-87,90-93,401-405,411,450,500,502-505,508,510,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880

this is taken from production network the switch has two uplinks one on g1/1 the other on g1/2

the list of permitted vlans is the same on both links but in normal scenario the list of STP fwd vlans is complementary

Here it is the second link

sh int gi1/2 trunk

Port Mode Encapsulation Status Native vlan

Gi1/2 on 802.1q trunking 1

Port Vlans allowed on trunk

Gi1/2 1,64,68,75,85-87,90-93,209,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,750-751,800-803,805,810,850-853,860,870,880,904,1002-1005

Port Vlans allowed and active in management domain

Gi1/2 1,64,68,75,85-87,90-93,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880,904

Port Vlans in spanning tree forwarding state and not pruned

Gi1/2 1,64,90,301,420,550,552,904

I remember old CCNP switching book advising to look always at the last line to understand if a trunk is really carrying user data for a vlan.

Hope to help

Giuseppe

Hall of Fame Super Bronze

Re: show intferaces trunk command

Giuseppe, thanks for the assist - rated.

5 REPLIES
Hall of Fame Super Bronze

Re: show intferaces trunk command

You can have a Vlan 'Active and in Management Domain' without being forwarded on the switchport due to manual or vtp pruning.

__

Edison.

Bronze

Re: show intferaces trunk command

Thanks Edison.

"You can have a Vlan 'Active and in Management Domain' without being forwarded on the switchport due to manual or vtp pruning."

In my book, vlan 3 is removed by" switchport trunk allowed vlan remove 3 " command. Then " show interface trunk" shows the following:( output omitted)

port vlans allowed and active in domain

gio/1 1,4

port vlans is stp forwd state ,not pruned

gi0/1 1,4

Here the vlan is not listed under " vlans allowed and active in management domain" though it is manually removed.

Thanks a lot and have a nice weekend!

Hall of Fame Super Bronze

Re: show intferaces trunk command

Stand corrected

I'll have to double-check the situation that you are after when I get a hold of a switch on Monday but I believe it could happen if the downstream switch does not have the Vlan being forwarded on its DB.

It can be active and allowed on the local switch but not being forwarded.

__

Edison.

Hall of Fame Super Silver

Re: show intferaces trunk command

Hello Sarah,

>> Shouldn't the information be same?

Is there any possibility that information appears below these two above mentioned lines will be different?

the first line provides an administrative information, the second line provides an operational information

where the two information can differ?

on uplinks of access layer switches for examples connected to two distribution switches:

on link1 are in STP forwarding state the vlans that have STP root bridge on device dis1 connected to link1

the opposite happens on link2 to dis2

Example:

sh int gi1/1 trunk

Port Mode Encapsulation Status Native vlan

Gi1/1 on 802.1q trunking 1

Port Vlans allowed on trunk

Gi1/1 1,64,68,75,85-87,90-93,209,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,750-751,800-803,805,810,850-853,860,870,880,904,1002-1005

Port Vlans allowed and active in management domain

Gi1/1 1,64,68,75,85-87,90-93,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880,904

Port Vlans in spanning tree forwarding state and not pruned

Gi1/1 64,68,75,85-87,90-93,401-405,411,450,500,502-505,508,510,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880

this is taken from production network the switch has two uplinks one on g1/1 the other on g1/2

the list of permitted vlans is the same on both links but in normal scenario the list of STP fwd vlans is complementary

Here it is the second link

sh int gi1/2 trunk

Port Mode Encapsulation Status Native vlan

Gi1/2 on 802.1q trunking 1

Port Vlans allowed on trunk

Gi1/2 1,64,68,75,85-87,90-93,209,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,750-751,800-803,805,810,850-853,860,870,880,904,1002-1005

Port Vlans allowed and active in management domain

Gi1/2 1,64,68,75,85-87,90-93,301,401-405,411,420,450,500,502-505,508,510,550,552,600-610,612,620,630,640,650-651,660,670,690,692,700-702,751,800-803,805,810,850-853,860,870,880,904

Port Vlans in spanning tree forwarding state and not pruned

Gi1/2 1,64,90,301,420,550,552,904

I remember old CCNP switching book advising to look always at the last line to understand if a trunk is really carrying user data for a vlan.

Hope to help

Giuseppe

Hall of Fame Super Bronze

Re: show intferaces trunk command

Giuseppe, thanks for the assist - rated.

349
Views
5
Helpful
5
Replies