cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6780
Views
45
Helpful
58
Replies

Flapping VLAN in c 2960X switch

rsthakur
Level 1
Level 1

We receive such log in 2960 X switch. Find attach switch configuration and image version.

.Feb 8 15:35:10: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:10: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to up
.Feb 8 15:35:11: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:11: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to down
.Feb 8 15:35:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to up
.Feb 8 15:35:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to down
.Feb 8 15:35:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to up
.Feb 8 15:35:16: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:22: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:30: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to down
.Feb 8 15:35:30: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to up
.Feb 8 15:35:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to down
.Feb 8 15:35:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to up
.Feb 8 15:35:37: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:38: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:39: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:42: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:44: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:35:45: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:35:59: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:36:00: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:36:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to down
.Feb 8 15:36:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:36:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:36:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to up
.Feb 8 15:36:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to down
.Feb 8 15:36:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:36:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan19, changed state to up
.Feb 8 15:36:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up
.Feb 8 15:36:16: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to down
.Feb 8 15:36:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan5, changed state to up

58 Replies 58

Hi, 

 

To check VTP, it's "show vtp status".  

 

Thanks for supplying the details and as expected the VLANs were added to the VLAN database as I said they would be. 

From the logs I notice that ports Gi1/0/23 and Gi1/0/24 are up and down quite a bit. Not sure if that's as a result of testing you are carrying out or if it's just that unstable. If it's as unstable as this, consider getting the cabling checked between these switches. 

 

 

ports Gi1/0/23 and Gi1/0/24 are up and down quite just because of testing.

 

show vtp status
VTP Version capable : 1 to 3
VTP version running : 1
VTP Domain Name : jst
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 4c71.0c09.9a00
Configuration last modified by 0.0.0.0 at 2-2-21 07:15:41
Local updater ID is 172.28.64.60 on interface Vl19 (lowest numbered VLAN interface found)

Feature VLAN:
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 67
Configuration Revision : 109
MD5 digest : 0xDF 0xF8 0xC8 0xCE 0xED 0xC2 0x74 0xA4
0x6A 0x59 0x33 0x3F 0x67 0xC4 0xC6 0x12

 

 

OK, that would make some sense. 

Do your other working switches have the same VTP status / configuration in place? 

Also, are you running the same version of IOS where you have similar models of switches? 

Yes, Same VTP status/ Configuration

sh vtp status
VTP Version capable : 1 to 3
VTP version running : 1
VTP Domain Name : jst
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 4c71.0ce0.f080
Configuration last modified by 0.0.0.0 at 1-2-06 17:48:16
Local updater ID is 172.28.64.61 on interface Vl19 (lowest numbered VLAN interfa ce found)

Feature VLAN:
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 67
Configuration Revision : 109
MD5 digest : 0xDF 0xF8 0xC8 0xCE 0xED 0xC2 0x74 0xA4
0x6A 0x59 0x33 0x3F 0x67 0xC4 0xC6 0x12

 

Also, are you running the same version of IOS where you have similar models of switches?

yes we are running same version of IOS. But, we have mixup of 2960 S series and X series.

S series configuration is same like above mention in notepad.

sh version
Cisco IOS Software, C2960S Software (C2960S-UNIVERSALK9-M), Version 15.2(2)E9, R ELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2018 by Cisco Systems, Inc.
Compiled Sat 08-Sep-18 14:56 by prod_rel_team

ROM: Bootstrap program is C2960S board boot loader
BOOTLDR: C2960S Boot Loader (C2960S-HBOOT-M) Version 12.2(55r)SE, RELEASE SOFTWA RE (fc1)

Acad3_Test_28.64.62 uptime is 6 days, 4 hours, 33 minutes
System returned to ROM by power-on
System restarted at 10:28:01 GMT Wed Feb 3 2021
System image file is "flash:c2960s-universalk9-mz.152-2.E9/c2960s-universalk9-mz .152-2.E9.bin"
Last reload reason: Reload command

 

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C2960S-24PS-L (PowerPC) processor (revision H0) with 131072K bytes of memory.
Processor board ID FOC1750Z3XU
Last reset from power-on
3 Virtual Ethernet interfaces
1 FastEthernet interface
28 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address : 6C:99:89:1B:81:80
Motherboard assembly number : 73-11908-09
Power supply part number : 341-0393-02
Motherboard serial number : FOC17500WZP
Power supply serial number : LIT174203DD
Model revision number : H0
Motherboard revision number : A0
Model number : WS-C2960S-24PS-L
Daughterboard assembly number : 73-11933-04
Daughterboard serial number : FOC17496YP7
System serial number : FOC1750Z3XU
Top Assembly Part Number : 800-30945-04
Top Assembly Revision Number : C0
Version ID : V04
CLEI Code Number : COMGE00ARD
Daughterboard revision number : A0
Hardware Board Revision Number : 0x01


Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 28 WS-C2960S-24PS-L 15.2(2)E9 C2960S-UNIVERSALK9-M


Configuration register is 0xF

Acad3_Test_28.64.62#sh vtp sta
Acad3_Test_28.64.62#sh vtp status
VTP Version capable : 1 to 3
VTP version running : 1
VTP Domain Name : jst
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 6c99.891b.8180
Configuration last modified by 0.0.0.0 at 2-2-21 07:15:41
Local updater ID is 172.28.64.62 on interface Vl19 (lowest numbered VLAN interface found)

Feature VLAN:
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 67
Configuration Revision : 109
MD5 digest : 0xDF 0xF8 0xC8 0xCE 0xED 0xC2 0x74 0xA4
0x6A 0x59 0x33 0x3F 0x67 0xC4 0xC6 0x12


@rsthakur wrote:

interface Vlan17
description Academic-1 VLAN
ip address 172.28.55.254 255.255.248.0
ip helper-address 172.28.48.99
!
interface Vlan18
description Community Center VLAN
ip address 172.28.63.254 255.255.248.0
ip helper-address 172.28.56.99
!
interface Vlan19
description AB-3 VLAN
ip address 172.28.71.254 255.255.248.0
ip helper-address 172.28.64.99


These are NOT VLAN Database entries. 

These are INTERFACE VLANS.  

Two different things.

Now look at the recommendation to fix the issue.  Does it say "interface" in there? 

conf t
 vlan 5
 vlan 19
end

Please find attach notepad file

Not sure until i see full config and asked in the past post outputs :

 

 

show interface status

show ip interface brief

show run

show version

show vlan

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

interface GigabitEthernet1/0/1
 switchport access vlan 19
 switchport voice vlan 5
 storm-control broadcast level 1.00
 storm-control multicast level 1.00
 spanning-tree portfast edge

I think you need to add "switchport mode access"  (to all similar ports)
this also explains why ports are listed to both vlans in "show vlan brief" output as the switch "thinks" it is a trunk port

Hi there,

 

I agree that access ports should be configured with "mode access" (something I would always do too) but mode access changes the administrative mode and turns off the negotiation of trunking altogether. The ports would still appear in both VLANs within the VLAN database whether mode access is configured or not. 

If we remove 2960 S series switch from subnet then everythink work fine.

When i connect again S series switch then the problem will start.

 

Hi, 

 

Circling back to this comment here. Do you have another switch you can try in place of the "problem" switch? E.g. another S or X and do you experience the same issue? I don't think we've seen the 2960S config yet? Would you be willing to share that? 

 

Re finding the spanning-tree root, issue the command is "show spanning-tree root". You will know your on the root bridge because there won't be any root ports. Hoping that your root bridge is your backbone switch! Can you also confirm that you have rapid-pvst configured on all of your switches too? 

 

Regarding max-hop limit, I can't find an official Cisco doc, but there is a lot of info on the Internet about it and has been discussed in this forum in other posts. 

 

Circling back to this comment here. Do you have another switch you can try in place of the "problem" switch? E.g. another S or X and do you experience the same issue? I don't think we've seen the 2960S config yet? Would you be willing to share that? 

I try another switch but the problem remains the same. Attach S series config.

Re finding the spanning-tree root, issue the command is "show spanning-tree root". You will know your on the root bridge because there won't be any root ports. Hoping that your root bridge is your backbone switch! Can you also confirm that you have rapid-pvst configured on all of your switches too?

No rapid-pvst configured on all switches

 

 

 

Hi,

 

According to the config you supplied, that switch is configured with pvst, not rapid-pvst.

 

Can you please ensure that rapid-pvst is enabled on all of the switches in the path from backbone to edge? Again, might not solve your issue but would speed up convergence times at least.

Review Cisco Networking for a $25 gift card