Adding vlan1 to trunk significantly raises ping to far switch.

DenisR · ‎11-20-2020

Hello

I have stack of C9300 as main switch with routing. C9200L is connected to the main with two links (trunks) without PortChannel, so the second link is blocked by spanning tree.

I had to configure new C2960L so I made configuration via console and connected it to 9200 with one link (trunk) for checking remote access and switch can download vlan (we use vtp).

I successfully connected to the switch via ssh but noticed that connection was really weak. So I sent ping to the switch's management interface and got 700 ms. I sent ping to 9200 and got 30-50 ms.

I started finding out what can be the issue and found that if I exclude vlan 1 from the thunk ping become normal (30-50 ms).

Management interfaces of all switches are in Vlan 321. Vlan 1 is used as a user network, SVI is configured on 9300.

9200 has clients in vlan 1.

There isn't any connected port on 2960 except trunk link to 9200

Interface configuration from 9200:

interface GigabitEthernet1/0/4

description to 2960
switchport trunk native vlan 997
switchport mode trunk
switchport nonegotiate
storm-control broadcast level 30.00 15.00
storm-control multicast level 30.00 15.00
ip dhcp snooping limit rate 100

interface configuration from 2960:

interface GigabitEthernet0/24
description to 9200
switchport trunk native vlan 997
switchport mode trunk
switchport nonegotiate
ip dhcp snooping trust

We have 2960L in another loccation. They are connected to 3650. Vlan 1 there is used as users network either but we don't have the issue there.

What can be the reason for the issue? It seems to me that I've already check everything but trying another new 2960.

Reza Sharifi · ‎11-20-2020

Hi,

On both sides of the trunk try adding the allowed vlan that you need to have on the trunk and not everything. Example:

switchport trunk allowed vlan 5-15. This command allows only vlans 5 through 15 and nothing else.

HTH

DenisR · ‎11-20-2020

I tryed it. As soon as I add vlan 1 to the trunk ping raises. The more vlans we allowed the more ping will raise. The maximum RTT is about 700. The total amout of vlans is 31 - not so much.

I have about 30 switches there. Most of them is 9200 but there are some 2960CX, 3650. All of them are working fine, no troubles with thunks even without vlan prunning on trunks.

Georg Pauwen · ‎11-20-2020

Hello,

how do you 'add' Vlan 1 to the trunk ?

Post the output of:

sh interfaces x

where 'x' is the trunk interface on the 2960, when Vlan 1 is active on that link.

DenisR · ‎11-20-2020

with connands

switchport trunk allowed vlan add X

Please see below output from 2960 when all vlans are permitted in trunk

#sh int gi0/24
GigabitEthernet0/24 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 70f0.9611.7098 (bia 70f0.9611.7098)
Description: VZHKASW1401
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 596000 bits/sec, 553 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
10832739 packets input, 1516787438 bytes, 0 no buffer
Received 604762 broadcasts (323569 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 323569 multicast, 0 pause input
0 input packets with dribble condition detected
36739 packets output, 3198438 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out

Reza Sharifi · ‎11-20-2020

Vlan 1 is the default vlan and part of the trunk. So, it does not need to be added to the trunk manually.

What is the vtp mode? sh vtp ?

If it is not in transparent mode, can you change it to transparent mode.

config t

vtp mode transparent

and test again.

HTH

DenisR · ‎11-21-2020

We use vtp version 3. I tryed to switch it to ver 2 - didn't help. Switching to transparent mode didn't help either.

Vlan 1 can be added to or excluded from trunk. So when I exclude vlan 1 from trunk pings become normal

DenisR · ‎12-04-2020

any ideas? I'm still there.