Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4056
Views
15
Helpful
7
Replies

Difference between "Received BPDU with inconsistent peer vlan & inconsistent local vlan"

sivam siva
Level 3
Level 3

‎07-26-2019 09:14 AM

Hello 

can anyone explain what is the difference between "Received BPDU with inconsistent peer VLAN & inconsistent local VLAN"

I tested lab it was happening when the native VLAN mismatch, but I couldn't understand and differentiate the log messages,

How spanning-tree identifies this mismatch VLAN?

also, I have noticed that bridges were exchanging BPDU with the unique originated VLAN ID, in my case SW1 native vlan is 3 and SW2 side native vlan2, only a single link between two switches.

SW1 receives a BPDU with originated vlan id 2 and 3 (two BPDUs), from which how can SW1 detect the cause?BPDU.PNG

 

Thanks

Siva

Labels:
0 Helpful
7 Replies 7

Martin L
VIP
VIP

‎07-27-2019 05:57 AM


Native VLan ID is included in CDP packets. have u captured CDP packets and checked them ?
0 Helpful

sivam siva
Level 3
Level 3
In response to Martin L

‎07-29-2019 03:32 AM

Hello @Martin L 

Thanks for the reply

I agree that native vlans are included in the CDP packet, but even if I disable the CDP spanning-tree is detecting the error, how it is?

below is the attached output please referPVID inc.PNG

 

0 Helpful

Raja4u
Level 1
Level 1
In response to sivam siva

‎07-29-2019 05:09 AM

Hello Siva,

 

Can you below points

- both switches version (if its 2960 switch, try this command  "vlan dot1q tag native")

- trunk setting on both end

- check if spanning-tree forwarding ports may be pruned ?

 

and share the below o/p for narrow down the issue..

 

- sh spann inconsistentports
- sh spann vlan < vlan number based on above output >
- sh spann vlan < vlan number based on above output > detail | in <port from above output>

 

Thanks,

Raja

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to sivam siva

‎07-29-2019 05:45 AM - edited ‎07-29-2019 06:21 AM

Hello Siva,

the Cisco proprietary PVST  and Rapid PVST BPDU format includes a Vlan id identifier inside the BPDU itself.

This allows to compare the external 802.1Q vlan -id with the internal inside the BPDU vlan-id if they are the same the consistency check is passed.

In your case you have a native Vlan mismatch that should not trigger more then the CDP log message.

in native vlan BPDU are sent both as IEEE standard BPDU and as Cisco proprietary BPDU and your device is checking the vlan-id inside the proprietary BPDU with the native vlan id setting on the receiving side.

 

To be noted this is a spefic case related to the devices you are using, most devices should be able to stay up even if native vlan is mismatch.

 

Edit:

Look at the PVID field in your packet capture you can see that one side has originating Vlan 2 and the other side has originating vlan 3.

 

Hope to help

Giuseppe

 

UtkarshDewangan4753
Level 1
Level 1

‎07-29-2019 05:47 AM - edited ‎07-29-2019 05:56 AM

The PVST+ bpdu has the vlan id encoded in the Root Identifier and Sender Bridge identifier field.
Its encoded in first 12 bytes of the priority field.
If that does not matches with the native vlan configured or the access vlan if its access port then this log message will be displayed. this feature would pop up even if CDP is not running.

 

a switch having vlan 2 as native and vlan 3 as allowed.

The switch would send one CST BPDU to IEEE address of 0180.c200.0000 for native vlan 2(untagged)

The switch would send one PVST+ bpdu to SSTP address of 0100.0ccc.cccd for Vlan 2 (untagged)

The switch would send one PVST+ bpdu to SSTP address of 0100.0ccc.cccd for Vlan 3 (tagged)

 

when other switch having native vlan 3 and allowed vlan 2 receives a Tagged bpdu for vlan 3 it throws inconsistent local vlan message.

when other switch having native vlan 3 and allowed vlan 2 receives a untagged bpdu for vlan 2 it throws inconsistent peer vlan message.

 

sivam siva
Level 3
Level 3

‎07-29-2019 08:43 AM

Hello @Raja4u  @Giuseppe Larosa  @UtkarshDewangan4753 

Thanks for the reply 

 

I got some understanding about it from the below links 

thanks for the help

https://blog.ine.com/2008/07/17/pvst-explained

https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/24063-pvid-inconsistency-24063.html#topic1

 

now my doubt is why Wireshark didn't show the 802.1Q tag in my bpdu packet capture?. 

 

 

0 Helpful

UtkarshDewangan4753
Level 1
Level 1
In response to sivam siva

‎07-29-2019 11:13 PM

By default the switches would strip the dot1q tag when the traffic from trunk port is spanned to a destination port.
If you want to see the tags the for your span session include the "encapsulation replicate" in the monitor session configuration to capture the tags.

monitor session <num> destination interface <num> encapsulation replicate
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card