cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1045
Views
0
Helpful
17
Replies

VTP clients not listening to VTP server after upgrade

TalonKarrde
Level 1
Level 1

Howdy,

we had a pair of 4000 series chassis switches with sup 2 in them on a basic L2 network with a bunch of vlans and a router to route between vlans.

One of the 4000 chassis had its sup 2 upgraded to a sup 3, the configuration of the sup 2 (CatOS) was then brough across to an IOS configuration. This seemed to work fine.

At the same time, L3 routing was implemented on the sup 3 so that intervlan routing would happen in the switch, rather then having to go to a slow router.

This also went fine.

VTP was in operation on both 4000 chassis, and both were configured as VTP servers. This information was also brought across to the new IOS sup 3 and appeared to be functioning correctly.

However we have now found that although the sup 3 is configured as a VTP server (v. 2) and all the rest of it, vlans created on the sup 3 cat 4000 do not propogate to other switches, whereas previously they would.

Does anyone have any suggestion as to why this might happen?

Cheers.

17 Replies 17

Kevin Dorrell
Level 10
Level 10

Has the new switch synchronised with the rest of the VTP domain at all? What do you get if you "show vtp status", and compare it with the old 4000? Are the configuration revision levels the same? If not, it did not synchronise. You could also check who was the last updater, and the VTP version number on both domain and new box (normally 2).

These can be the major reasons why a chassis does not synchronise:

1. The domain name or password is different. Beware that these are case-sensitive.

2. There are no trunks between the the new chassis and any existing server.

3. You have no other VTP servers on the network.

Beware:

1. If the VTP configuration revision level on the new chassis is less than that on the domain, any changes you have made on the new chassis will be lost as it updtaes.

2. If the VTP configuration revision level on the new chassis is more than that on the domain, the domain will synchronise to the new chassis.

3. If the resvision levels were coincidentally the same, and you connect them for the first time, I don't know how it will behave - can anyone tell us?

When you change a VTP domain name on a switch, the config revision level goes back to 0 for safety.

I hope this helps. Let us know the results.

Kevin Dorrell

Luxembourg

Kevin,

to your

3. If the resvision levels were coincidentally the same, and you connect them for the first time, I don't know how it will behave - can anyone tell us?

I beleive the VTP domain will remain unsynchronized, because all VTP clients/servers beleive they have the correct VTP revision and ignore the vtp updates with the same revision number.

Another possible causes of the original problem:

4. There might be VTP ver 2 running on the L3 servers but not on the other switches.

If VTP ver 1 is running on other servers, they should should accept ver 2 updates and move themself to ver 2, too. But ver 2 must be enabled on them!

See following output

sh vtp st

VTP Version : 2

Configuration Revision : 20

Maximum VLANs supported locally : 254

Number of existing VLANs : 15

VTP Operating Mode : Client

VTP Domain Name : xxxxxxx

VTP Pruning Mode : Enabled

VTP V2 Mode : Disabled

VTP Traps Generation : Enabled

MD5 digest : 0xA0 0xD1 0x55 0xA6 0xB1 0x12 0xC2 0x5B

V2 is disabled, so it wouldn't accept ver 2 updates.

5. There also might be a VTP password configured, which must be identical in the whole VTP domain, of course.

Regards,

Milan

TalonKarrde
Level 1
Level 1

Thank you all for your responses. I have posted below some information that might be helpful (sh vtp st and equiv on catOS).

Looking at this information, if the "configuration last modified" statement refers to where the VTP updates are comming from, then these are comming from the CatOS based Cat4k switch which is a VTP server, when they should be comming from the IOS based Cat4k which is also a server.

***CAT4000 with SUPIII/IOS***

SWITCH# sh vtp st

VTP Version : 2

Configuration Revision : 6

Maximum VLANs supported locally : 1005

Number of existing VLANs : 23

VTP Operating Mode : Server

VTP Domain Name : XXXXX

VTP Pruning Mode : Enabled

VTP V2 Mode : Enabled

VTP Traps Generation : Disabled

MD5 digest : 0xE8 0xE6 0xB7 0xD7 0xA2 0xA0 0x53 0x87

Configuration last modified by (Cat4000 with IOS) at 9-3-04 16:43:12

Local updater ID is (Cat4000 with IOS) on interface Vl1 (lowest numbered VLAN interface

***CAT4000 with SUPII/CATOS***

SWITCH01> (enable) sh vtp dom

Domain Name Domain Index VTP Version Local Mode Password

-------------------------------- ------------ ----------- ----------- ----------

XXXXX 1 2 server -

Vlan-count Max-vlan-storage Config Revision Notifications

---------- ---------------- --------------- -------------

10 1023 5 disabled

Last Updater V2 Mode Pruning PruneEligible on Vlans

--------------- -------- -------- -------------------------

(CAT4000 with CATOS) disabled disabled 2-1000

***CLIENT SWITCH WITH IOS***

SWITCH02#sh vtp s

VTP Version : 2

Configuration Revision : 5

Maximum VLANs supported locally : 68

Number of existing VLANs : 10

VTP Operating Mode : Client

VTP Domain Name : XXXXX

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x97 0xC9 0x43 0x17 0x00 0x0C 0x06 0xF0

Configuration last modified by (CAT4000 with CATOS) at 8-17-04 23:45:06

The problem would appear to be that SWITCH01, your 4000 with the CatOS, is V2 mode disabled. The printout is misleading. According to the Kenedy Clark book, the "VTP version" column identifies what version of VTP your code supports, but does not indicqte which version is currently in use. The "VTP V2 mode" column indicates which version is currently in use.

Also your access switch is V2 disabled, which is why it is taking its updates from the CatOS switch.

Enable V2 on both, and let us know what happens.

Kevin Dorrell

Luxembourg

Thanks Kevin,

I strongly suspect that this is indeed the issue.

One thing I did notice though is the configuration of the cat4k which now runs IOS had a line in its catOS configuration "set vtp v2 enable". Upon seeing this line I have enabled vtp v2 on the IOS command line, too keep the configuration consistent. I have just checked the configuration of the other cat4k still running catOS and there is a line reading "set vtp v2 disable". This would indicate the problem has existed for longer then known about, but not been noticed until the upgrade.

Thanks again for all your help.

There is an interesting statement in the Kennedy Clark / Kevin Hamilton book, page 566: "When you enable version 2, all Catalysts in the management domain enable version 2." This would suggest maybe the problem didn't exist before. Since the book is vintage 1999, my hypothesis is that the propagation of "v2 enable" happens OK from CatOS to CatOS, but not between CatOS and IOS. I know it sounds a bit far-fetched, but that is the only explanation I can come up with. It's interesting, so I'll keep digging.

Perhaps Milan could throw some light on the statement?

Kevin Dorrell

Luxembourg

Heres another oddity.. I have verified that both VTP servers are running VTP v2. That is the CatOS and IOS based 4000 chassis.

In spite of this, the other switches seem to be running VTP v1 only, and are not talking to the IOS based VTP server. The other switches are all in client mode, so I am not sure why they are refusing to listen to updates from the IOS unit.

Just looking again, should the config revision of both VTP servers be the same, or should the IOS based VTP server have a higher revision?

Thanks again for your feedback.

Hi,

are you ABSOLUTELY sure both your VTP servers are running VTP ver 2?

There should be the same revision number on all switches if everything works fine.

So I'd try to do following:

On the CatOS switch (just for sure)

set vtp v2 enable

set vtp version 2 (if possible in your CatOS version - was introduced in CatOS 8.1)

Create a new VLAN on the CatOS server.

You should see the revision number increased.

Issue sh vtp status on your IOS VTP server.

You should see the increased revision number, too.

There should also be a line

"VTP V2 Mode : Enabled"

in the output.

"Configuration last modified by ....."

should show the CatOS server and the recent time.

sh vlan

command issued on the IOS server should show the new VLAN.

If everything is OK so far, your VTP servers work correctly.

You can check the the other switches then.

What type/IOS are them?

I'd start with a client switch directly connected to the IOS server.

1. There has to be a trunk running between the switch and VTP server.

2. For sure, enable VLAN1 on the trunk. This should not be necessary, but I remember some bugs in the past...

3. Check with sh vtp status that VTP ver 2 is enabled on the client(VTP V2 Mode : Enabled). If not, enable it manually (see http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_2_20/config/vtp.htm#wp1032727)

4. If VTP still doesn't work, check if VTP updates are coming via sh VTP counter command. You should see the summary advertisement counter increasing every 5 minutes).

5. If VTP updates are coming but not accepted, check the VTP domain name and password again.

Regards,

Milan

Hi Milan,

this was taken from the CatOS 4000 chassis yesterday:

Last Updater V2 Mode Pruning PruneEligible on Vlans

--------------- -------- -------- -------------------------

(CatOS Chassis) enabled disabled 2-1000

I believe that this indicates that the VTP v2 is indeed up and running. I also confirmed 100% that VTP v2 is running on the IOS based switch.

We have found that it is not possible to manually enable VTP v2 on client mode switches.. these wont accept changes to VTP since they are client only.

I will however try the other things you have suggested and post the outcome here.

Thank you to all for your help with this issue.

Hi Milan,

the revision numbers of the CatOS chassis and other client switches update properly. Changes to VTP on the CatOS Cat4k replicate to all client mode switches no problem. All configuration revision numbers for these switches are the same.

The IOS based Cat4k has a lower configuration revision since it does not update. VTP changes made to the IOS based switch dont replicate to anything I can see. I have also noticed that the Cat4k with IOS has VLAN pruning enabled, whilst none of the other switches do. Could this be related to the problem.

We did try creating a new vlan on the CatOS unit, and this was applied to everything else except for the IOS based unit. VTP v2 also seems to be enabled on the client mode switches now as well.

The 2 Cat4k chassis are joined by a pair of fiber links in a FEC dot1q trunk configuration (if that helps). Now that I think about it, I believe that most client switches are connected to the CatOS chassis... which might indicate something sus..

Thanks again for your responses.

Well, if your IOS VTP server doesn't update when a new VLAN is created on the CatOS server, there is a problem on it,probably.

I'd guess the trunk connection is not working properly.

Check the trunk configuration.

Check the VTP counters for updates imcoming to the IOS server.

If the updates are coming, check the VTP domain name and password on the IOS server again. (I can imagine an extra space character at the end of VTP name or other typo.)

If the VTP updates are not coming, there is something wrong in the trunk configuration.

Regards,

Milan

Hi Milan,

the IOS trunk to the other switch is configured as below:

interface Port-channel1

description Uplink to CATOS_CAT4K

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/1

switchport trunk encapsulation dot1q

switchport mode trunk

channel-group 1 mode on

!

interface GigabitEthernet1/2

switchport trunk encapsulation dot1q

switchport mode trunk

channel-group 1 mode on

The configuration of the CatOS switch was as below:

#module 1 : 2-port 1000BaseX Supervisor

set trunk 1/1 on dot1q 1-1005

set trunk 1/2 on dot1q 1-1005

set port channel 1/1-2 mode on

As I say, connectivity around the network does not have issues, there are a large number of workstations on each switch with no communication problems across a few VLANS.

I will try to get the counter information today and see if this provides any clues.

Thanks again for all of your help with this issue. It is greatly appreciated.

I have been following this thread, and I am convinced the problem lies in your IOS switch, either VTP configuration, or the trunk.

On 6th September at 5:18, you posted:

SWITCH02#sh vtp s

VTP Version : 2

Configuration Revision : 5

Maximum VLANs supported locally : 68

Number of existing VLANs : 10

VTP Operating Mode : Client

VTP Domain Name : XXXXX

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x97 0xC9 0x43 0x17 0x00 0x0C 0x06 0xF0

This clearly shows the box running version 1. Have you updated the config to make it run version 2? Don't forget, it is the "VTP V2 Mode" field that matters, not the "VTP Version".

Have you checked and re-checked the password. Both the domain name and the domain password are case sensitive. Try changing the domain name then changing it back again. The configuration revision will go back to zero on the first step, but it may join the domain as you rename it back again.

All that leaves is the trunk: could you do a "show cdp neighbor detail" please, and read it carefully. You could post the result so we can all look for the problem.

Kevin Dorrell

Luxembourg

Hi Kevin,

I am 100% sure that both 4000 chassis are running VTP v2. The extract you have listed above was from a client switch when the CatOS chassis was still running VTP v1. But that has since been fixed, and all switches are running VTP v2.

Additionally, there is no VTP domain password, and the domain itself is just 5 lowercase letters, which I have confirmed is entered on both CatOS and IOS switches.

I have obtained the sh cdp neighbor detail from both the CatOS and IOS chassis, and have posted it (albeit a bit modified) below. I can however see on both outputs that there is mention of the other switch on the appropriate ports.. see if you can get anything from the information below.

Once again, thankyou for your time and help with this matter.

***IOS CAT4K***

CAT4K_IOS>sh cdp neigbour detail

-------------------------

Device ID: XXXXXXXXXXXXX(CAT4K_CATOS)

Entry address(es):

IP address: IP ADDRESS CAT4K_CATOS

Platform: WS-C4006, Capabilities: Trans-Bridge Switch

Interface: GigabitEthernet1/2, Port ID (outgoing port): 1/2

Holdtime : 122 sec

Version :WS-C4006 Software, Version McpSW: 6.1(2.0) NmpSW: 6.1(2)

Copyright (c) 1995-2001 by Cisco Systems, Inc.

advertisement version: 2

VTP Management Domain: 'domain'

Native VLAN: 1

Duplex: full

-------------------------

Device ID: XXXXXXXXXXXXX(CAT4K_CATOS)

Entry address(es):

IP address: IP ADDRESS CAT4K_CATOS

Platform: WS-C4006, Capabilities: Trans-Bridge Switch

Interface: GigabitEthernet1/1, Port ID (outgoing port): 1/1

Holdtime : 122 sec

Version :WS-C4006 Software, Version McpSW: 6.1(2.0) NmpSW: 6.1(2)

Copyright (c) 1995-2001 by Cisco Systems, Inc.

advertisement version: 2

VTP Management Domain: 'domain'

Native VLAN: 1

Duplex: full

***CATOS CAT4K***

CAT4K_CATOS> sh cdp neighbour detail

Port (Our Port): 1/1

Device-ID: CAT4K_IOS

Device Addresses:

IP Address: IP ADDRESS CAT4K_IOS

Holdtime: 168 sec

Capabilities: ROUTER SWITCH IGMP

Version: Cisco Internetwork Operating System Software IOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(23)E, RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2004 by cisco Systems, Inc.

Compiled Thu 29-Jul-04 18:35 by pwade

Platform: cisco WS-C4006

Port-ID (Port on Neighbors's Device): GigabitEthernet1/1

VTP Management Domain: domain

Native VLAN: 1

Duplex: full

___________________________________________________________________________

Port (Our Port): 1/2

Device-ID: CAT4K_IOS

Device Addresses:

IP Address: IP ADDRESS CAT4K_IOS

Holdtime: 168 sec

Capabilities: ROUTER SWITCH IGMP

Version: Cisco Internetwork Operating System Software IOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(23)E, RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2004 by cisco Systems, Inc.

Compiled Thu 29-Jul-04 18:35 by pwade

Platform: cisco WS-C4006

Port-ID (Port on Neighbors's Device): GigabitEthernet1/2

VTP Management Domain: domain

Native VLAN: 1

Duplex: full

Review Cisco Networking for a $25 gift card