VTP Pruning - VLAN Pruned, but Some Traffic Traverses Trunk Anyway
I have a metro ethernet connection with 3 switches (Switches A, C, and E) at 3 different locations each with a single interface into the metro-e cloud and each interface configured as an 802.1q trunk. Switch A is in VTP domain xxx-xxx and Switch C and E are in VTP domain yyy-yyy. VTP pruning is enabled on each of the 3 switches. I am able to ping from Switch C to the real AND HSRP addresses of VLAN 251 which reside on a pair of Sup 720s in Switch A and its partner Switch B in another 6509 not connected to the metro e. However, Switch C, while having an interface on VLAN 251, shows me that VLAN 251 is pruned on the trunk link into the metro ethernet. Switch D, which is trunked to switch C, also has a VLAN interface on 251 and can ping the real addresses of Switch A and Switch B on VLAN 251, but cannot ping the HSRP address of VLAN 251 which is Switch D's default gateway. I have no idea why this is. There is a whole other set of interesting things going in the setup, but I'll leave that out for right now in the hopes of focusing the discussion. I have attached a Visio diagram that hopefully helps clairfy what I have written above.
Re: VTP Pruning - VLAN Pruned, but Some Traffic Traverses Trunk
VTP prunning blocks broadcast and unicast flooded traffic on the link. If the switch learns a MAC on a prunned vlan but still in the STP forwarding status, it will still send packets out on that port. It will also accept packets on a prunned vlan (again, assuming in the port is in STP forwarding status for that vlan). The biggest problem you will see is ARP since that is sent via broadcast. However, if ARP is already resolved (possible by ARP request from site with vlan not prunned) and thw switch has the MAC in its CAM, then unicast traffic will work. If we are trying to send broadcast traffic on the link or unicast flood (in the event that the destination MAC is not in the CAM) then prunning will drop the traffic.
I'm not sure of the exact problem that you were originally troubleshoot, but in either case you will likely want to ensure that the necessary vlans are not prunned on the metro link. We can do this in two ways:
1) Disable prunning on the VTP server
Switch(config)#no vtp prunning
2) Set the vlan in question to prunning ineligible for the uplink
Currently when changing the Authentication Template under the Onboarding section, there is no choice but to remove SGTs, VNs and IP Pools which clearly disrupt existing services.
Hitless Authentication was introduced in...
Hi, I want to redistribute OMP routes to BGP, i have the doubt if all of the OMP prefixes located in the local vEdge will be redistributed to BGP or just the connected+static networks located in the vEdge. Also how can i restrict some OMP prefix...
Let's say we have two routers configured as RP candidates for auto-RP: R1 - "advertising" its loopback0 interface IP address 22.214.171.124 as the RP for these groups:126.96.36.199/32188.8.131.52/32184.108.40.206/24220.127.116.11/16 R2 - "advertising" its loopback0 int...
hi,i just performed an IOS upgrade and got a report that admin can't create L2 VLANs.i noticed the 'vtp primary force' and 'vtp primary mst' was applied to one of the core switch and perhaps got lost after the upgrade.how to keep the VTP primary persisten...