Kevin,

to your

3. If the resvision levels were coincidentally the same, and you connect them for the first time, I don't know how it will behave - can anyone tell us?

I beleive the VTP domain will remain unsynchronized, because all VTP clients/servers beleive they have the correct VTP revision and ignore the vtp updates with the same revision number.

Another possible causes of the original problem:

4. There might be VTP ver 2 running on the L3 servers but not on the other switches.

If VTP ver 1 is running on other servers, they should should accept ver 2 updates and move themself to ver 2, too. But ver 2 must be enabled on them!

See following output

sh vtp st

VTP Version : 2

Configuration Revision : 20

Maximum VLANs supported locally : 254

Number of existing VLANs : 15

VTP Operating Mode : Client

VTP Domain Name : xxxxxxx

VTP Pruning Mode : Enabled

VTP V2 Mode : Disabled

VTP Traps Generation : Enabled

MD5 digest : 0xA0 0xD1 0x55 0xA6 0xB1 0x12 0xC2 0x5B

V2 is disabled, so it wouldn't accept ver 2 updates.

5. There also might be a VTP password configured, which must be identical in the whole VTP domain, of course.

Regards,

Milan

The problem would appear to be that SWITCH01, your 4000 with the CatOS, is V2 mode disabled. The printout is misleading. According to the Kenedy Clark book, the "VTP version" column identifies what version of VTP your code supports, but does not indicqte which version is currently in use. The "VTP V2 mode" column indicates which version is currently in use.

Also your access switch is V2 disabled, which is why it is taking its updates from the CatOS switch.

Enable V2 on both, and let us know what happens.

Kevin Dorrell

Luxembourg

Thanks Kevin,

I strongly suspect that this is indeed the issue.

One thing I did notice though is the configuration of the cat4k which now runs IOS had a line in its catOS configuration "set vtp v2 enable". Upon seeing this line I have enabled vtp v2 on the IOS command line, too keep the configuration consistent. I have just checked the configuration of the other cat4k still running catOS and there is a line reading "set vtp v2 disable". This would indicate the problem has existed for longer then known about, but not been noticed until the upgrade.

Thanks again for all your help.

There is an interesting statement in the Kennedy Clark / Kevin Hamilton book, page 566: "When you enable version 2, all Catalysts in the management domain enable version 2." This would suggest maybe the problem didn't exist before. Since the book is vintage 1999, my hypothesis is that the propagation of "v2 enable" happens OK from CatOS to CatOS, but not between CatOS and IOS. I know it sounds a bit far-fetched, but that is the only explanation I can come up with. It's interesting, so I'll keep digging.

Perhaps Milan could throw some light on the statement?

Kevin Dorrell

Luxembourg

Heres another oddity.. I have verified that both VTP servers are running VTP v2. That is the CatOS and IOS based 4000 chassis.

In spite of this, the other switches seem to be running VTP v1 only, and are not talking to the IOS based VTP server. The other switches are all in client mode, so I am not sure why they are refusing to listen to updates from the IOS unit.

Just looking again, should the config revision of both VTP servers be the same, or should the IOS based VTP server have a higher revision?

Thanks again for your feedback.

Hi,

are you ABSOLUTELY sure both your VTP servers are running VTP ver 2?

There should be the same revision number on all switches if everything works fine.

So I'd try to do following:

On the CatOS switch (just for sure)

set vtp v2 enable

set vtp version 2 (if possible in your CatOS version - was introduced in CatOS 8.1)

Create a new VLAN on the CatOS server.

You should see the revision number increased.

Issue sh vtp status on your IOS VTP server.

You should see the increased revision number, too.

There should also be a line

"VTP V2 Mode : Enabled"

in the output.

"Configuration last modified by ....."

should show the CatOS server and the recent time.

sh vlan

command issued on the IOS server should show the new VLAN.

If everything is OK so far, your VTP servers work correctly.

You can check the the other switches then.

What type/IOS are them?

I'd start with a client switch directly connected to the IOS server.

1. There has to be a trunk running between the switch and VTP server.

2. For sure, enable VLAN1 on the trunk. This should not be necessary, but I remember some bugs in the past...

3. Check with sh vtp status that VTP ver 2 is enabled on the client(VTP V2 Mode : Enabled). If not, enable it manually (see http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_2_20/config/vtp.htm#wp1032727)

4. If VTP still doesn't work, check if VTP updates are coming via sh VTP counter command. You should see the summary advertisement counter increasing every 5 minutes).

5. If VTP updates are coming but not accepted, check the VTP domain name and password again.

Regards,

Milan

Hi Milan,

this was taken from the CatOS 4000 chassis yesterday:

Last Updater V2 Mode Pruning PruneEligible on Vlans

--------------- -------- -------- -------------------------

(CatOS Chassis) enabled disabled 2-1000

I believe that this indicates that the VTP v2 is indeed up and running. I also confirmed 100% that VTP v2 is running on the IOS based switch.

We have found that it is not possible to manually enable VTP v2 on client mode switches.. these wont accept changes to VTP since they are client only.

I will however try the other things you have suggested and post the outcome here.

Thank you to all for your help with this issue.

Hi Milan,

the revision numbers of the CatOS chassis and other client switches update properly. Changes to VTP on the CatOS Cat4k replicate to all client mode switches no problem. All configuration revision numbers for these switches are the same.

The IOS based Cat4k has a lower configuration revision since it does not update. VTP changes made to the IOS based switch dont replicate to anything I can see. I have also noticed that the Cat4k with IOS has VLAN pruning enabled, whilst none of the other switches do. Could this be related to the problem.

We did try creating a new vlan on the CatOS unit, and this was applied to everything else except for the IOS based unit. VTP v2 also seems to be enabled on the client mode switches now as well.

The 2 Cat4k chassis are joined by a pair of fiber links in a FEC dot1q trunk configuration (if that helps). Now that I think about it, I believe that most client switches are connected to the CatOS chassis... which might indicate something sus..

Thanks again for your responses.

Well, if your IOS VTP server doesn't update when a new VLAN is created on the CatOS server, there is a problem on it,probably.

I'd guess the trunk connection is not working properly.

Check the trunk configuration.

Check the VTP counters for updates imcoming to the IOS server.

If the updates are coming, check the VTP domain name and password on the IOS server again. (I can imagine an extra space character at the end of VTP name or other typo.)

If the VTP updates are not coming, there is something wrong in the trunk configuration.

Regards,

Milan

Hi Milan,

the IOS trunk to the other switch is configured as below:

interface Port-channel1

description Uplink to CATOS_CAT4K

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/1

switchport trunk encapsulation dot1q

switchport mode trunk

channel-group 1 mode on

!

interface GigabitEthernet1/2

switchport trunk encapsulation dot1q

switchport mode trunk

channel-group 1 mode on

The configuration of the CatOS switch was as below:

#module 1 : 2-port 1000BaseX Supervisor

set trunk 1/1 on dot1q 1-1005

set trunk 1/2 on dot1q 1-1005

set port channel 1/1-2 mode on

As I say, connectivity around the network does not have issues, there are a large number of workstations on each switch with no communication problems across a few VLANS.

I will try to get the counter information today and see if this provides any clues.

Thanks again for all of your help with this issue. It is greatly appreciated.

I have been following this thread, and I am convinced the problem lies in your IOS switch, either VTP configuration, or the trunk.

On 6th September at 5:18, you posted:

SWITCH02#sh vtp s

VTP Version : 2

Configuration Revision : 5

Maximum VLANs supported locally : 68

Number of existing VLANs : 10

VTP Operating Mode : Client

VTP Domain Name : XXXXX

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x97 0xC9 0x43 0x17 0x00 0x0C 0x06 0xF0

This clearly shows the box running version 1. Have you updated the config to make it run version 2? Don't forget, it is the "VTP V2 Mode" field that matters, not the "VTP Version".

Have you checked and re-checked the password. Both the domain name and the domain password are case sensitive. Try changing the domain name then changing it back again. The configuration revision will go back to zero on the first step, but it may join the domain as you rename it back again.

All that leaves is the trunk: could you do a "show cdp neighbor detail" please, and read it carefully. You could post the result so we can all look for the problem.

Kevin Dorrell

Luxembourg

Hi Kevin,

I am 100% sure that both 4000 chassis are running VTP v2. The extract you have listed above was from a client switch when the CatOS chassis was still running VTP v1. But that has since been fixed, and all switches are running VTP v2.

Additionally, there is no VTP domain password, and the domain itself is just 5 lowercase letters, which I have confirmed is entered on both CatOS and IOS switches.

I have obtained the sh cdp neighbor detail from both the CatOS and IOS chassis, and have posted it (albeit a bit modified) below. I can however see on both outputs that there is mention of the other switch on the appropriate ports.. see if you can get anything from the information below.

Once again, thankyou for your time and help with this matter.

***IOS CAT4K***

CAT4K_IOS>sh cdp neigbour detail

-------------------------

Device ID: XXXXXXXXXXXXX(CAT4K_CATOS)

Entry address(es):

IP address: IP ADDRESS CAT4K_CATOS

Platform: WS-C4006, Capabilities: Trans-Bridge Switch

Interface: GigabitEthernet1/2, Port ID (outgoing port): 1/2

Holdtime : 122 sec

Version :WS-C4006 Software, Version McpSW: 6.1(2.0) NmpSW: 6.1(2)

Copyright (c) 1995-2001 by Cisco Systems, Inc.

advertisement version: 2

VTP Management Domain: 'domain'

Native VLAN: 1

Duplex: full

-------------------------

Device ID: XXXXXXXXXXXXX(CAT4K_CATOS)

Entry address(es):

IP address: IP ADDRESS CAT4K_CATOS

Platform: WS-C4006, Capabilities: Trans-Bridge Switch

Interface: GigabitEthernet1/1, Port ID (outgoing port): 1/1

Holdtime : 122 sec

Version :WS-C4006 Software, Version McpSW: 6.1(2.0) NmpSW: 6.1(2)

Copyright (c) 1995-2001 by Cisco Systems, Inc.

advertisement version: 2

VTP Management Domain: 'domain'

Native VLAN: 1

Duplex: full

***CATOS CAT4K***

CAT4K_CATOS> sh cdp neighbour detail

Port (Our Port): 1/1

Device-ID: CAT4K_IOS

Device Addresses:

IP Address: IP ADDRESS CAT4K_IOS

Holdtime: 168 sec

Capabilities: ROUTER SWITCH IGMP

Version: Cisco Internetwork Operating System Software IOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(23)E, RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2004 by cisco Systems, Inc.

Compiled Thu 29-Jul-04 18:35 by pwade

Platform: cisco WS-C4006

Port-ID (Port on Neighbors's Device): GigabitEthernet1/1

VTP Management Domain: domain

Native VLAN: 1

Duplex: full

___________________________________________________________________________

Port (Our Port): 1/2

Device-ID: CAT4K_IOS

Device Addresses:

IP Address: IP ADDRESS CAT4K_IOS

Holdtime: 168 sec

Capabilities: ROUTER SWITCH IGMP

Version: Cisco Internetwork Operating System Software IOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(23)E, RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2004 by cisco Systems, Inc.

Compiled Thu 29-Jul-04 18:35 by pwade

Platform: cisco WS-C4006

Port-ID (Port on Neighbors's Device): GigabitEthernet1/2

VTP Management Domain: domain

Native VLAN: 1

Duplex: full