STP blocking port processing VTP frames

chandra_rc16 · ‎01-09-2014

Will a switch port which is under STP blocking state act upon VTP messages, i've learned that a port in blocking mode just listens to the BPDU's and doesn't process them.

Here Fa0/1 which in blocking is participating in VTP. How can it be possible?

Thanks in advance.

Regards,

Chandu

Regards, Chandu

chandra_rc16 · ‎01-10-2014

Can somone please have a look at this issue ?

Thanks in advance.

Regards,

Chandu

Regards, Chandu

paul driver · ‎01-10-2014

Hello

Check the vtp status of both the interconnect switches ( vtp version/domain) - possible version mismatch!

sh vtp status

EDITED

#######

Just to confirm- I have just labbed this up and it is indeed a vtp ver mismatch.

sw1-sw2-sw3

sw1 & sw3 = vtp version 2

sw2 = vtp version 1

sw2#

debug sw-vlan vtp events

*Mar 1 01:42:55.013: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/19 - in TRANSPARENT MODE (nc = false)

*Mar 1 01:42:55.122: VTP LOG

It seems you have a switch running a lower version of vtp and int transparent mode possibly between two switches that have their vtp version set to an higher value running server/client mode

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

devils_advocate · ‎01-10-2014

VTP messages are sent untagged so they will be forwarded across Trunk links on the Native Vlan.

In the example above, Fa0/1 is in a Blocking state but you haven't said which Vlan this is for.

Have you checked to make sure this is also in a blocking state for the Native Vlan?

Rolf Fischer · ‎01-10-2014

Chandu,

a (Cisco) switchport in spanning-tree blocking mode processes some layer-2 protocols as well, e.g. you can see CDP neighbors on blocked ports.

The same applies to other (Cisco) layer-2 control protocols like VTP, PAgP, UDLD, etc. (imagine PAgP or UDLD PDUs wouldn't be processed on a STP blocked port - not good at all).

There was an interesting field in ISL encapsulated frames: The BPDU indicator

"The bit in the BPDU field is set for all BPDU packets that are encapsulated by the ISL frame. The BPDUs are used by the spanning tree algorithm in order to determine information about the topology of the network. This bit is also set for CDP and VLAN Trunk Protocol (VTP) frames that are encapsulated."

So conversely we could say that a switchport handles those control protocols similar to BPDUs and "bypasses" them on STP blocked ports for local processing.

On a Cisco device they have a link-local scope [1] (and a non-Cisco switch will not "bypass" them on blocked ports), so they can't cause bridging loops.

HTH

Rolf

[1]: The mentioned control protocols all use the same Multicast destination MAC-address: 01-00-0c-cc-cc-cc

From Cisco documentation:

"Advertisements are transmitted as multicast frames but not forwarded using normal bridging techniques."