Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3258
Views
21
Helpful
4
Replies

VTP pruning and/or clearing VLANs from trunks

Kevin Dorrell
Level 10
Level 10

‎06-09-2005 04:44 AM - edited ‎03-02-2019 11:03 PM

I am reading about trunking, and there are some concepts I am trying to sort out. I just want to make sure I understand them.

First of all, VTP pruning. I understand that if I enable VTP pruning, "if a downstream switch does not have an active port in the VLAN being pruned, the switch prevents the forwarding of flooded traffic to that prune-eligible downstream VLAN." Now, suppose I have two distribution switches, and an access switch that has an uplink to each, (running uplinkfast) ... classical architecture. There are no ports in VLAN n on that access switch except the two trunks. Will the distribution switch prune VLAN 'n' from both trunks? It should do, I think. One of the uplink ports will be forwarding that VLAN, and the other blocking it. Does that mean that, in the definition I quoted above, the blocking does not count as an "active port"?

Will both ends of the trunk see that VLAN n is pruned, or only the upstream end? I know that it sounds a bit academic, 'cos there aren't any downstream ports that could generate any traffic on the VLAN. But does the access switch show it as pruned from the trunk?

My second question concerns Spanning Tree and VTP pruning. From what I read, VTP pruning has no effect on the Spanning Tree. The VLAN still exists in the access switch, and is still in the SpanningTree topology just as if it had not been pruned. So, for those switches that can handle only a limited number of Spanning Tree instances, pruning is not a useful tool to get round the restriction. Am I right?

Third question ... but clearing the VLAN from the trunk is a useful tool, and does affect the PVST topology. (I have actually tried that.) Now suppose the access switch has no active ports in the VLAN, and I clear the VLAN from both trunks - does the Spanning Tree instance in the access switch disappear, even if the VTP is still telling the switch about it? Supplementary question - should the VLAN be cleared at the upstream end of the trunk or the downstream end? Or both?

Thanks in advance for any responses.

Kevin Dorrell

Luxembourg

Labels:
0 Helpful
4 Replies 4

milan.kulik
Level 10
Level 10

‎06-09-2005 05:33 AM

Hi Kevin,

1. VTP pruning

"Will the distribution switch prune VLAN 'n' from both trunks? It should do, I think. One of the uplink ports will be forwarding that VLAN, and the other blocking it. Does that mean that, in the definition I quoted above, the blocking does not count as an "active port"? "

IMHO, both distribution switches should prune VLANn from both trunks.

Blocking (STP) doesn't have any influence on pruning.

2.

"Will both ends of the trunk see that VLAN n is pruned, or only the upstream end? Does the access switch show it as pruned from the trunk? "

No, my understanding is pruning is one-direction feature. There might be a port on the distribution switch which belongs to VLANn. And the data targeted to that port could come to the access switch via another trunk.

My understanding (not documented anywhere, so I might be wrong) is: pruning is always local on the trunk.

If you look to the "sh int gi 0/2 pruning" command output

Port Vlans pruned for lack of request by neighbor

Gi0/2 2,3,5,7,10,11,14,17,19,30,50,51,115,117,118

Port Vlans traffic requested of neighbor

Gi0/2 1,11,99

taken from one of my switches, you can see VLAN11 pruned from trunk Gi0/2 (which means there are no VLAN11 ports configured on the neighbour switch).

The second line means (my understanding, haven't found any document explaining) that this switch has some ports in VLAN11 so it told the neighbour "Hey, I need traffic for VLAN11!" and the neighbour should not prune VLAN11 from the trunk.

3. Yes, you're correct, VTP pruning doesn't help with STP instances problem.

4. "Now suppose the access switch has no active ports in the VLAN, and I clear the VLAN from both trunks - does the Spanning Tree instance in the access switch disappear, even if the VTP is still telling the switch about it?"

Yes, it should.

5. " Supplementary question - should the VLAN be cleared at the upstream end of the trunk or the downstream end? Or both?"

From the STP instance point of view: It should be cleared on the local trunk end.

But generally, the correct way is clearing VLANn from both trunk ends, otherwise VLANn traffic could be sent to the trunk from one side and dropped on the other side causing possible error messages sent to your syslog.

HTH,

Milan

Kevin Dorrell
Level 10
Level 10
In response to milan.kulik

‎06-09-2005 06:15 AM

Milan, Amit,

Thank you both for your responses. I shall spend some time thinking through the implications of all that. I have not implemented pruning or clearing here yet, (except one particular case) but I should do. But I think I'll look for a maintenance window before I do it, just in case.

My concern about the access switch with two uplinks was whether it would see both the requests coming in on both uplink ports, and pass it on to the other so that nothing gets pruned. I will be interested to try it for real.

I was interested in Amit's comments about VLAN 2-1001 being pruning-eligible by default. I did read that somewhere else as well. But there is the question about VLAN 1, and I think this must be platform/version defined. There is a question in the CCIE Flash Cards that wants the answer that all VLANs will be pruning eligible, so I don't know whether the expected answer is actually wrong (again!) or whether it is just an unfair question.

Thanks again for the replies.

Kevin Dorrell

Luxembourg

0 Helpful

milan.kulik
Level 10
Level 10
In response to Kevin Dorrell

‎06-10-2005 06:33 AM

Hi Kevin,

AFAIK, VLAN1 should be prune-eligibible with latest CatOS/IOS.

But it't impossible to clear (disable) it from trunk on some devices (2900/3500XLs, e.g.) at least.

The command is available, it gives no error message, but VLAN1 remains allowed on the trunk in fact.

Regards,

Milan

0 Helpful

amit-singh
Level 8
Level 8

‎06-09-2005 05:48 AM

Hi Kevin,

1. By defualt Vlan 2-1001 are prunning eligible. The moment you enable VTP prunning on the server this will be advertised to all the switches in the domain and will be seen on their all of trunk ports.The blocked port above is the trunk port its not the access port for the Vlan N.

Both the ends will see that the x number of vlans are prunning eligble.The access switch will be aware of the prunning list as advertised by the VTP server.

2. By enabling the VTP prunning, it doesnot take off the VLAN from the trunk. Yes you are right.You have to specifically remoce the vlans from the trunk to achieve that.

3. The STP instance will be clared for that vlan.It should be cleared manually from both the ends.

HTH,

-amit singh

Customers Also Viewed These Support Documents