VTP Pruning - VLAN Pruned, but Some Traffic Traverses Trunk Anyway
I have a metro ethernet connection with 3 switches (Switches A, C, and E) at 3 different locations each with a single interface into the metro-e cloud and each interface configured as an 802.1q trunk. Switch A is in VTP domain xxx-xxx and Switch C and E are in VTP domain yyy-yyy. VTP pruning is enabled on each of the 3 switches. I am able to ping from Switch C to the real AND HSRP addresses of VLAN 251 which reside on a pair of Sup 720s in Switch A and its partner Switch B in another 6509 not connected to the metro e. However, Switch C, while having an interface on VLAN 251, shows me that VLAN 251 is pruned on the trunk link into the metro ethernet. Switch D, which is trunked to switch C, also has a VLAN interface on 251 and can ping the real addresses of Switch A and Switch B on VLAN 251, but cannot ping the HSRP address of VLAN 251 which is Switch D's default gateway. I have no idea why this is. There is a whole other set of interesting things going in the setup, but I'll leave that out for right now in the hopes of focusing the discussion. I have attached a Visio diagram that hopefully helps clairfy what I have written above.
VTP prunning blocks broadcast and unicast flooded traffic on the link. If the switch learns a MAC on a prunned vlan but still in the STP forwarding status, it will still send packets out on that port. It will also accept packets on a prunned vlan (again, assuming in the port is in STP forwarding status for that vlan). The biggest problem you will see is ARP since that is sent via broadcast. However, if ARP is already resolved (possible by ARP request from site with vlan not prunned) and thw switch has the MAC in its CAM, then unicast traffic will work. If we are trying to send broadcast traffic on the link or unicast flood (in the event that the destination MAC is not in the CAM) then prunning will drop the traffic.
I'm not sure of the exact problem that you were originally troubleshoot, but in either case you will likely want to ensure that the necessary vlans are not prunned on the metro link. We can do this in two ways:
1) Disable prunning on the VTP server
Switch(config)#no vtp prunning
2) Set the vlan in question to prunning ineligible for the uplink
On 16th April 2021 Cisco recently announced availability of the latest release on the IOS-XE train – IOS-XE Bengaluru 17.5.1a.
This is the 2nd one in the Cisco IOS XE Bengaluru release series, IOS XE 17.5.1a unlocks various routing features and ...
New to IPv6? Trying to wrap your head around concepts like IPv6 addressing, solicited-node multicast, and just how, exactly, does all this work without ARP? Never fear, Fish Fishburne is here to help with this blog series she wishes had been out there whe...
Cisco recently announced availability of the latest release on the IOS-XE train – IOS-XE 17.5.1. This is a standard maintenance release supporting Switching, Wireless, SP-Access, Routing as well as IOT (Internet of Things) platforms wi...
Support Talks- How to determine a legitimate hardware issue
(Live event - Thursday 13 May, 2020 at 9:30 am Pacific/ 12:30 pm Eastern / 6:30 pm Paris)
This event will place on Thursday 13th, May 13 at 9:30hrs PST
Register today for this Suppor...
Thanks for attending our Ask the Experts (ATXs) sessions! Here’s the post-session resources for easy reference.
New to ATXs? An ATXs session, offered at no cost, is an hour of real-time learning led by Cisco experts, who will answer your technology quest...