Solved: VTP propogation issue.

tmpnpo · ‎04-09-2007

Hello,

We currently have two 6509(CatOS) as VTP server with domain name XYZ and rest of the switches (5500) in VTP client mode. So far all the VTP information is being propogated.

We recently added a new 6509-E switch (IOS) in the network with the same domain XYZ information in client mode.

The issue is, the new 6509 switch is not recieving any VTP information from the Server.

Following is the snapshot from production switch

XYZ_CORE1> (enable) sh vtp domain

Domain Name Domain Index VTP Version Local Mode Password

-------------------------------- ------------ ----------- ----------- ----------

XYZ 1 2 server -

Vlan-count Max-vlan-storage Config Revision Notifications

---------- ---------------- --------------- -------------

47 1023 42 enabled

Last Updater V2 Mode Pruning PruneEligible on Vlans

--------------- -------- -------- -------------------------

10.211.1.114 disabled disabled 2-1000

and following is the snapshot from new 6509-E switch

XYZ_ServerFarm2#sh vtp stat

VTP Version : 2

Configuration Revision : 0

Maximum VLANs supported locally : 1005

Number of existing VLANs : 5

VTP Operating Mode : Client

VTP Domain Name : XYZ

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xCC 0x7E 0x61 0xB8 0x85 0xBA 0x1F 0x37

Configuration last modified by 10.211.1.112 at 0-0-00 00:00:00

Please suggest if I'm missing anything.

Thanks in advance.

Regards,

Neeraj

rody · ‎04-11-2007

The VTP basics are:

1. Are you trunked between the switches you want to exchange VTP messages (more on this below in #4)

2. Are you in the (exact) same VTP domain with the exact same password, if any - capitalization and spelling are critical (Are you really in the XYZ domain, or was that an example)

3. You have to be running the same version of VTP (version 1 & 2 are incompatible. Most think they are running version 2, in fact they are running version 1 - you know because it says VTP V2 Mode: Disabled - this is the factory default. Where it says VTP Version 2 - that simply means you are V2 capable). This is usually not a problem because it isn?t changed (you would use V2 with token ring vlans ? that?s why it?s usually not changed).

4. Now for the less obvious because it appears you have checked all of the above. I notice you are not simply trunked between the switches, you have enabled dot1q tunneling on the trunk. Did you really intend to do this, if not remove the tunnel, if so you need to enable L2 protocol tunneling:

Layer 2 protocol tunneling allows Layer 2 protocol data units (PDUs) (CDP, STP, and VTP) to be tunneled through a network. ...

Without Layer 2 protocol tunneling, tunnel ports drop STP and VTP packets and process CDP packets. This handling of the PDUs creates different spanning tree domains (different spanning tree roots) for the customer switches. ... To provide a single spanning tree domain for the customer, a generic scheme to tunnel BPDUs was created for control protocol PDUs (CDP, STP, and VTP). This process is referred to as Generic Bridge PDU Tunneling (GBPT).

The entire Cisco pdf can be found here:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008027476b.html

A good Cisco article on L2 tunneling can be found here:

http://www.cisco.com/en/US/products/hw/switches/ps5528/products_configuration_guide_chapter09186a00802b7c6d.html

Hope this helps

Rody

View solution in original post

sundar.palaniappan · ‎04-09-2007

Can you check a couple of things.

1. Are the other switches configured with VTP password?

2. Do you have a trunk port on the new switch to receive VTP updates?

HTH

Sundar

mahmoodmkl · ‎04-09-2007

Hi

I think there is something worng with u r VTP passowrd.Can u check weather u have the same password for all the swithes.

Thanks

Mahmood

Amit Singh · ‎04-09-2007

Neeraj,

Please paste " Show VTP counters" from the new switch.Also the config for the uplink port to the old switch.

-amit singh

tmpnpo · ‎04-10-2007

Hello All,

1. There is no password configured for VTP

2. The screenshot for sh VTP counter

VTP statistics:

Summary advertisements received : 0

Subset advertisements received : 0

Request advertisements received : 0

Summary advertisements transmitted : 0

Subset advertisements transmitted : 0

Request advertisements transmitted : 0

Number of config revision errors : 0

Number of config digest errors : 0

Number of V1 summary errors : 0

VTP pruning statistics:

Trunk Join Transmitted Join Received Summary advts received from

non-pruning-capable device

---------------- ---------------- ---------------- ---------------------------

3. Config of the trunk port connected to old switch.

interface Port-channel2

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,107-111

switchport mode dot1q-tunnel

no ip address

spanning-tree bpdufilter enable

!

interface GigabitEthernet1/1

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,107-111

switchport mode dot1q-tunnel

no ip address

channel-group 2 mode desirable

!

interface GigabitEthernet1/2

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,107-111

switchport mode dot1q-tunnel

no ip address

channel-group 2 mode desirable

Thanks in advance for your help.

Regards,

Neeraj

rody · ‎04-11-2007

The VTP basics are:

1. Are you trunked between the switches you want to exchange VTP messages (more on this below in #4)

2. Are you in the (exact) same VTP domain with the exact same password, if any - capitalization and spelling are critical (Are you really in the XYZ domain, or was that an example)

3. You have to be running the same version of VTP (version 1 & 2 are incompatible. Most think they are running version 2, in fact they are running version 1 - you know because it says VTP V2 Mode: Disabled - this is the factory default. Where it says VTP Version 2 - that simply means you are V2 capable). This is usually not a problem because it isn?t changed (you would use V2 with token ring vlans ? that?s why it?s usually not changed).

4. Now for the less obvious because it appears you have checked all of the above. I notice you are not simply trunked between the switches, you have enabled dot1q tunneling on the trunk. Did you really intend to do this, if not remove the tunnel, if so you need to enable L2 protocol tunneling:

Layer 2 protocol tunneling allows Layer 2 protocol data units (PDUs) (CDP, STP, and VTP) to be tunneled through a network. ...

Without Layer 2 protocol tunneling, tunnel ports drop STP and VTP packets and process CDP packets. This handling of the PDUs creates different spanning tree domains (different spanning tree roots) for the customer switches. ... To provide a single spanning tree domain for the customer, a generic scheme to tunnel BPDUs was created for control protocol PDUs (CDP, STP, and VTP). This process is referred to as Generic Bridge PDU Tunneling (GBPT).

The entire Cisco pdf can be found here:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008027476b.html

A good Cisco article on L2 tunneling can be found here:

http://www.cisco.com/en/US/products/hw/switches/ps5528/products_configuration_guide_chapter09186a00802b7c6d.html

Hope this helps

Rody