cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
44167
Views
201
Helpful
21
Replies

MD5 digest checksum mismatch on trunk: Gi0/1

haikalmesiniaga
Level 1
Level 1

#sh vtp status

VTP Version capable             : 1 to 3

VTP version running             : 1

VTP Domain Name                 : msc2020

VTP Pruning Mode                : Disabled

VTP Traps Generation            : Disabled

Device ID                       : 9c4e.2082.1680

Configuration last modified by 10.112.117.xxx at 3-1-93 01:09:03

Feature VLAN:

--------------

VTP Operating Mode                : Client

Maximum VLANs supported locally   : 255

Number of existing VLANs          : 12

Configuration Revision            : 0

MD5 digest                        : 0x97 0x34 0xA1 0x22 0xEF 0x55 0x38 0xE9

                                    0x5D 0x66 0x03 0x6B 0x36 0x30 0xC1 0xA8

*** MD5 digest checksum mismatch on trunk: Gi0/2 ***

****************

Any ide how to fix this ?

21 Replies 21

InayathUlla Sharieff
Cisco Employee
Cisco Employee

Haikal,

Three options to be checked:

1-

Do you have  a VTP password set on these switches ? Are they matching ? Can you give a "show vtp statistics" to see if the config digest errors are increasing?

This is what I saw in CCO:

The general purpose of an MD5 value is to verify the integrity of a received packet and to detect any changes to the packet or corruption of the packet during transit. When a switch detects a new revision number that is different from the currently stored value, the switch sends a request message to the VTP server and requests the VTP subsets. A subset advertisement contains a list of VLAN information. The switch calculates the MD5 value for the subset advertisements and compares the value to the MD5 value of the VTP summary advertisement. If the two values are different, the switch increases the No of config digest errors counter.

A common reason for these digest errors is that the VTP password is not configured consistently on all VTP servers in the VTP domain. Troubleshoot these errors as a misconfiguration or data corruption issue.

When you troubleshoot this problem, ensure that the error counter is not historical. The statistics menu counts errors since the most recent device reset or the VTP statistics reset.

2-

Go to the config mode on all of your switches and set a password for VTP.

vtp password (hidden)

I would also check and make sure all switches are set to the same VTP version, it appears your VTP server is using VTP v2.

vtp version {1 | 2 | 3}

3-

Last option is that the  problem could be due to bug if you are running version 12.2(40)SE ) VTP digest mismatch.

Solution: The resolve is to simply create another vlan that you will never use.

{Eg:

The fastest way I am aware of to solve this is to just force an update from the VTP server.

We could do this for example in config mode, by creating and removing a bogus vlan:

vlan 999

exit

no vlan 999

}

HTH

Regards

Inayath

(((((((((*Plz rate if this info is helpfull))))))))))))))

Hi,

you have 12 VLANs, the VTP mode is "client" and the configuration revision is 0.

Seeing that, I assume that you recently changed your switches from transparent mode to server/client.

What about the VTP server, is it's configuration revision also 0?

If so, there won't be any synchronization of the VLAN databases because all the configuration revisions have the same number. If that is the case, simply rename a VLAN on your VTP server in order to increase the configuration revision (you can change the name back afterwards).

If the VTP server's CR is > 0, Inayath provided you a very good guidance for troubleshooting.

Hope that helps

Rolf

Hi Rolf,

Yes,recently we change from Vtp transparent mode to client mode .

Rolf,we are enterprise network,hw can i search where is my VTP server...

Thanks guys for helping me!

Haikal,

Show VTP Status, the bottom of the display shows the IP address of the VTP server that updated the VLANS.

Switch# show vtp st

VTP Version                     : 2

Configuration Revision          : 2

Maximum VLANs supported locally : 1005

Number of existing VLANs        : 11

VTP Operating Mode              : Client

VTP Domain Name                 : cisco

VTP Pruning Mode                : Disabled

VTP V2 Mode                     : Disabled

VTP Traps Generation            : Disabled

MD5 digest                      : 0x59 0x51 0x93 0xD3 0x5D 0xAE 0xD4 0x90

Configuration last modified by 10.0.0.1 at 3-1-93 00:06:27 >>>>>>>>>>>>>. Here you see the last modified by 10.0.0.1>>> is the server ip address.

HTH

REgards

Inayath

*Plz rate all usefull posts.

hw can i search where is my VTP server

Don't get me wrong but this question forces me to sensibilize regarding the use of VTP in server/client mode.

You really have to know how VTP works especially in those modes, otherwise sooner or later things will go wrong.

Inayath perfectly answered how to find the server when a distribution of the Vlan.dat has already taken place.

However, the output you posted shows that this is not the case (at least not on switch MY_KUL_EP4_T1_L03_L2A_02).

Perhaps you have a network-management application like CiscoWorks which can help you in finding out the modes; with SNMP and some scripting you could also use VTP-MIB::managementDomainLocalMode. Otherwise you'll have to log-in on all your switches and type a "show vtp status".

Btw: It's a good practice to configure the Core switches as VTP servers.

But before you go on, make sure that on the VTP server(s) all the VLAN you need in your domain are configured. Like mentioned before, the configuration revision of your switch is 0 but you have 12 active VLANs. If one of those 12 VLANs doesn't exist on the VTP server and you make a change that increases the configurtaion revision, it will be deleted!!

I've seen a lot of such VTP "accidents" over the years, so absolutely make sure that you have have a good understanding of the protocol and your network as well.

Best regards

Rolf

Thanks, that helped me

Inayath,

1.We do not setup VTP password.

2,Some of  the another switch is using version 2, is there any proper way to reconfigure the VTP version ?

Or I need to change to transparent mode first,later i reconfigure to version 2 ?

Haikal,

Please check the following things:

1- Make sure the VTP Domain Name is same on all the switches.

2- Trunk Ports should be configured connecting between the switches.

3- Check the show int trunk and check if the vlans are been forwarded out and not blocked by STP.

4- VTP version 2 : this is the command to be there on all the switches.

5-Changing the VTP mode to transparent means that it clears the config revision number to 0 not the vtp version, for vtp version you need to configure manually.

HTH

REgards

Inayath

*******Plz rate all usefull posts**************

Hi Inayath,

Thanks for the responds and supports...

1.Yup..domain is same

2.yes configured.

3.yes forwarded.

4.yes,the current switch running version 1

5.I want to change to version 2,any impact  to the switch ? SW in production environment...

Haikal,

I dont see any impact if you change the VTP version from 1 to 2.

Hi,

Just change to vtp version 2

VTP Version capable             : 1 to 3

VTP version running             : 2

VTP Domain Name                 : msc2020

VTP Pruning Mode                : Disabled

VTP Traps Generation            : Disabled

Device ID                       : 9c4e.2030.f280

Configuration last modified by 10.112.117.228 at 3-1-93 01:09:03

Feature VLAN:

--------------

VTP Operating Mode                : Client

Maximum VLANs supported locally   : 255

Number of existing VLANs          : 12

Configuration Revision            : 0

MD5 digest                        : 0xA7 0x2E 0x02 0x56 0x09 0x2A 0xE0 0x9F

                                    0x27 0x30 0x39 0x29 0x29 0x92 0x29 0x35

*** MD5 digest checksum mismatch on trunk: Gi0/2 ***

Still got MD5 error , but only reduce to 1 interface,before this got two MD5 error,

---------------------------------------------------------------------------------------------------

another switch ...why the vtp status a bit different and whats the different between VTP version 2 and VTP V2 mode ?

VTP Version                     : 2

Configuration Revision          : 109

Maximum VLANs supported locally : 250

Number of existing VLANs        : 37

VTP Operating Mode              : Client

VTP Domain Name                 : msc2020

VTP Pruning Mode                : Enabled

VTP V2 Mode                     : Enabled

VTP Traps Generation            : Disabled

MD5 digest                      : 0xC9 0xB8 0xC7 0x69 0xF3 0x0B 0x0B 0xB0

Configuration last modified by 10.1xx.xx.xx at 5-18-13 09:53:55

Hi,

on the second switch we can see a configuration revision of 109.

The switch with the MD5 mismatch still has 0, so the vlan.dat of the domain hasn't been synchronized on that switch.

Reasons for that can be a non-trunk connection, different domain names or -passwords, etc. - I think you've already checked all of that.

Could you run a debug sw-vlan vtp events on the switch with the mismatch, so that we can see

  • if VTP advertisements are received from a neighbor switch
  • and if so, why they are not accepted

Regards

Rolf

[EDIT] : Before you run the debug, could you post the output of show vtp counters ?

Permit me to make a suggestion?  Try this:

1.  Delete the VLAN.dat;

2.  Save the config; and

3.  Reboot the switch.

03#sh vtp counters
VTP statistics:
Summary advertisements received    : 164576
Subset advertisements received     : 2060
Request advertisements received    : 4240
Summary advertisements transmitted : 174295
Subset advertisements transmitted  : 4242
Request advertisements transmitted : 2078
Number of config revision errors   : 0
Number of config digest errors     : 32411
Number of V1 summary errors        : 0


VTP pruning statistics:

Trunk            Join Transmitted Join Received    Summary advts received from
                                                   non-pruning-capable device
---------------- ---------------- ---------------- ---------------------------
Gi0/1               0                105855           0
Gi0/2               0                0                0

*************************************************************

03#sh vtp status
VTP Version capable             : 1 to 3
VTP version running             : 2
VTP Domain Name                 : msc2020

VTP Pruning Mode                : Disabled
VTP Traps Generation            : Disabled
Device ID                       : 9c4e.2030.f280
Configuration last modified by x.x.x.x at 3-1-93 01:09:03  - local switch ip

Feature VLAN:
--------------
VTP Operating Mode                : Client
Maximum VLANs supported locally   : 255
Number of existing VLANs          : 12
Configuration Revision            : 0
MD5 digest                        : 0xA7 0x2E 0x02 0x56 0x09 0x2A 0xE0 0x9F
                                    0x27 0x30 0x39 0x29 0x29 0x92 0x29 0x35
*** MD5 digest checksum mismatch on trunk: Gi0/2 ***

***************************************************************************************************

trunk configuration

interface GigabitEthernet0/1

switchport access vlan 100

switchport mode trunk

!

interface GigabitEthernet0/2

switchport mode trunk

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: