Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VTP Pruning between 6509 and 3550

I currently have a port-channel set up between a 6509 and a 3550. VTP runs over this channel as well. We currently have 10 vlans, however only 2 of these will need to be configured on the 3550 switch. So I would like to do some VTP prunning to keep traffic from other vlans from going over the channel/trunk. Below is the output from the running config on the 6509 port-channel and interfaces that is set up between the 3550 and 6509. For this example I am only trying to keep vlan 7 from going over the channel. However, after setting this up, we set a fast ethernet port on the 3550 for vlan 7 just to see if the prunning would work. After hooking up a pc and setting the pc to get the IP from an DHCP server, the pc got a IP address in the range for Vlan 7 and was able to go over the network just fine. I assume it shouldn't let any vlan 7 traffic accross. Appreciate any help.

interface Port-channel2

no ip address

switchport

switchport trunk encapsulation isl

switchport trunk pruning vlan 2-6,8-1001

switchport mode trunk

interface GigabitEthernet3/2

no ip address

switchport

switchport trunk encapsulation isl

switchport trunk pruning vlan 2-6,8-1001

switchport mode trunk

channel-group 2 mode on

interface GigabitEthernet4/2

no ip address

switchport

switchport trunk encapsulation isl

switchport trunk pruning vlan 2-6,8-1001

switchport mode trunk

channel-group 2 mode on

1 REPLY
Cisco Employee

Re: VTP Pruning between 6509 and 3550

The 'pruning vlan' option in 'switchport trunk' sets the list of VLANs that are eligible for pruning. So in your case vlan 7 is NOT eligible for prune. You need to replace 'pruning vlan' with 'allowed vlan' which will not allow vlan 7 to send/receive on the trunk. This will permit vlans 2-6,8-1001 and deny vlan 7. BTW we call this manual pruning. VTP pruning will automatically prune back the vlan 7 traffic (except spanning tree) if no ports on the 3550 are in vlan 7.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12119ea1/3550cr/cli2.htm#2423140

86
Views
5
Helpful
1
Replies