Re: VTP Pruning - VTP broadcast filtering - 6509 to 2940

SteveGodfrey · ‎01-26-2004

I have a 6509 with a trunk link 802.1q to a 2940, the 2940's only support 8 VLANs, there are about 40 on our core network so I need to remove all but two of the VLANs.

Even with the below config on the 6509 the 2940 is still receiving VTP updates containing all the VLAN's, I thought the pruning would remove the unused VLAN's from the VTP updates, am I wrong?

Port Mode Encapsulation Status Native vlan

-------- ----------- ------------- ------------ -----------

5/8 on dot1q trunking 1

Port Vlans allowed on trunk

-------- ---------------------------------------------------------------------

5/8 1,100

Port Vlans allowed and active in management domain

-------- ---------------------------------------------------------------------

5/8 1,100

Port Vlans in spanning tree forwarding state and not pruned

-------- ---------------------------------------------------------------------

5/8 1,100

As you can see I only wish to propogate VLANs 1 and 100.

I configured the 2940 to be a VTP client but a VTP debug shows the VTP update conatains all the VLANs and as the 2940 doesn't support enough VLANs it reverts back to VTP transparent mode.

Jan 26 20:56:43: %SW_VLAN-6-VTP_MODE_CHANGE: VLAN manager changing device mode from CLIENT to TRANSPARENT

Can I prune the VTP updates so they only contain the VLANs I want to propogate?

Thanks

smcquerry · ‎01-26-2004

The simple answer to the final question is no.

There are three separate but somewhat related issues here.

1. VTP Updates.

2. VTP Pruning

3. Manual removal of VLANs from a Trunk.

First pruning does not affect VTP updates. VTP will synchronize all of the VLAN databases within a VTP domain regardless of what VLANs are active, allowed, or pruned on a switch or trunk link.

VTP pruning will allow the upstream switch (the 6509) to not send flood traffic (broadcasts, multicasts, and unknown unicasts) for VLANs that the downstream switch (the 2900). However the VLANs are still part of the trunk and subject to STP.

When you manually remove the VLAN from the trunk then traffic for that VLAN can not be placed onto the trunk at all by the switch.

Based on the trunk output here, you have manually removed all VLANs from the Trunk except 1 and 100. This means that only traffic from those VLANs are allowed on the link.

Now the problem you are experiencing is because of the software on the 2900, since it doesn't support enough VLANs it keeps going into transparent mode. Since this is occurring, the VLAN database between the 6K and this switch will not synchronize.

The only problem this causes is that you have to manually create vlan 100 on the 2900. As long as that VLAN exists on that switch, a port is assigned, and the trunk is configured, the data should be able to traverse the link fine. Personally I would recommendation the 2900 to be in transparent mode in this case anyway, and that the 6500 trunk be configured as you have it, to carry vlan 1 and 100 only.

.

milan.kulik · ‎01-26-2004

I agree.

Just to be precise: this is not a limit of "the software on the 2900".

It's only Cat2940 stupid limitation.

Cat2950 and 2900XL don't have any similar problem.

And I've noticed another 2940 bug:

My 2940 had moved to Transparent mode after a VTP update (20 VLANs) receipt. But after a reload it remained a Server with Null VTP domain name. So I think the safest way is to configure 2940 to Transparent mode manually and wait some time for this bug fix from Cisco engineers.

Regards,

Milan

SteveGodfrey · ‎01-27-2004

Thanks for the help guys, looks like I'll have to manually create the VLANs on the 2940. I'm surprised there's no way to filter the VTP update contents.

Steve

a.diot · ‎01-27-2004

hi Milan ,

May be could you try to conf a vtp domain name diff

than the one on the 6K,so the 2940 wouldn't consider

the vtp received from the 6K

Hope this help

Regards