Re: Problem switching to second VTP domain

Bastian-Uz · ‎02-16-2022

Hello,

last week we tra to split our vtp domain in two differnet domains.
Cause: We have to much spanning-tree instances on the access-layer. At the time we are not able to add new vlans because the max stp instances of 128. MSTP is no option in our case.

In the core envionement we have two 4500-X VSS Stacks
At these Switches we have multiple 2960, 2960-X, ...
The Cores and also the Access-Switches are connected in a ring.

Back to the main reason:
At the point at we did change the vtp-domain on the core-switches to a new one, we did lost the connection to the access layer, all bgp-sessions gone down and all hsrp-connections sayed they are the active one.

I read that vtp pruning needs to be disabled. However, if we disable pruning, we have the same phenomenon. Uplinks seem to close, nothing useful in the logs...

All our uplink-interfaces are configured as trunk and native vlan is on every switch vlan1.

Has anybody an idea what can happen here?

Thanks and best regards,

Bastian

Reza Sharifi · ‎02-16-2022

Hi,

have the root bridge and backup root bridge been configured correctly? What device is the root bridge in your network? If this is not a very large network, and you don't have many VLANs, there is no need for multiple VTP domains.

HTH

Bastian-Uz · ‎02-16-2022

Hello,

yes, stp is correctly configured. The Core on the left ist root-bridge for vlan 1-4094 (Prio 4096), the Core on the right is the backup-root for these vlans with prio 8192.
All switches has the core-left as root. As mode we use rapid-pvst on all switches.

When we did change the vtp-domain on the cores, there was nothing special in the logging described. The only ting what we notices was the hsrp changes and that we only can communicate with the switch on these we are nearest connected.

This is our VPN-Config on core-left and right:
-------------------------------------
SW-CORE01#sh vtp status
VTP Version capable : 1 to 3
VTP version running : 3
VTP Domain Name : **removed**
VTP Pruning Mode : Enabled
VTP Traps Generation : Disabled
Device ID : **

Feature VLAN:
--------------
VTP Operating Mode : Server
Number of existing VLANs : 154
Number of existing extended VLANs : 22
Maximum VLANs supported locally : 4094
Configuration Revision : 247
Primary ID : **
Primary Description : SW-CORE02
-------------------------------------

Info: Some VLANs are suspended, so the spanning-tree instances are <128

...

Unfortunately we didn't have the possibility to troubleshoot more because we had to switch back. After the switch back, after some seconds everything works fine again.

Thats an example configuration of our uplinks to the access-layer:
-------------------------------------
interface TenGigabitEthernet2/1/13
description SW-C2-COREXS01 - 1
switchport mode trunk
end

SW-CORE01#sh run int te1/1/14
Building configuration...

Current configuration : 97 bytes
!
interface TenGigabitEthernet1/1/14
description SW-C3-COREXS02 - 1
switchport mode trunk
end

SW-CORE01#sh run int te2/1/14
Building configuration...

Current configuration : 97 bytes
!
interface TenGigabitEthernet2/1/14
description SW-C2-COREXS02 - 1
switchport mode trunk
end
-------------------------------------

On the access-layer we have the same:
-------------------------------------
interface TenGigabitEthernet1/0/1
description SW-CORE01-C3
switchport mode trunk
end
-------------------------------------

Best regards,

Bastian