Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
837
Views
0
Helpful
2
Replies

VTP Pruning is enabled and working, but traffic is still allowed on the trunk.

Cauli Medeiros
Level 1
Level 1

‎09-01-2015 09:37 AM - edited ‎03-08-2019 01:36 AM

Hi guys, I'm a little confused about how the VTP Pruning acts, monitoring traffic on an interface realized that traffic from one pruned vlan still able to cross a trunk link. 

 

In attached image 1 you can see that the pruning is active. The only allowed vlan on the link is vlan 1

In attached image 2 you can see that traffic is only interrupted at the interface when the pruning is done manually. (with the command "switchport trunk allowed  vlan")

 

 

The traffic in question is in a video vlan. They are multicast frames. Anyone know if this is a normal behavior? is there any reason for this traffic be going through the link?

 

 

Labels:
Preview file
81 KB
Preview file
106 KB
0 Helpful
2 Replies 2

paul driver
VIP
VIP

‎09-01-2015 11:36 AM

Hello

VTP pruning is a switches non deterministic way of dynamically pruning vlan membership off a given trunk.

If the switch doesn’t receive/or send a vlan membership announcement (VMA) for a given vlan the neighboring switch will not send traffic for that vlan, so that traffic will be pruned.

Personally I am in favor of manually pruning ( switchport trunk allowed) as you can be sure what is being pruned and what isnt.

sh int x/x pruning

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Cauli Medeiros
Level 1
Level 1
In response to paul driver

‎09-01-2015 12:52 PM

Hi paul , thanks for the feedback!

I agree that manual pruning would be the best option,  unfortunately I have a layer 2 topology involving more than 100 switches and some VLANs (such as vlan of cameras) spread across all of them.

The pruning seems to be working normally, ( follow the output attached) the correct VLANs are marked as "pruned for lack .. " ( attached image ), but traffic from vlan 5 still being sent through the trunk (I'm sure the traffic is being sent , based on the chart that I sent and on the fact that the command "switchport allowed vlan except 5" takes the traffic to nearly 0).

Preview file
24 KB
0 Helpful
Customers Also Viewed These Support Documents