Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
674
Views
0
Helpful
6
Replies

VTP Server is Member (Not Master) of Switch Stack - Unable to Add VLAN

GBcertz
Level 1
Level 1

‎08-10-2022 11:10 AM

Hello Cisco Family,

I have a replacement 3750 switch (Model: WS-C3750G-24TS-1U SW Version: 12.2(55)SE) configured as "vtp client"... all configuration settings seem to be confirmed between client/server:

  • Common version (3), correct domain name/password

The VTP Server is within a 3-stack of 2960's (Model#: WS-C2960X-48FPS-L SW Version: 15.2(2)E7)

Although the new client I added does not populate with the same VLANs/"Revision number" as the other clients on the network, it shows those same vtp devices on the domain per "Show vtp devices". The other "client" switches do not populate with the new client's name.

I tried to create a VLAN via the switch stack to test if the update forces a revision across all switches and the new client, but the "Master" switch is not the "VTP Server" and will not allow the configuration of a new VLAN (below error).

Error:
"VTP VLAN configuration not allowed when device is not the primary server for vlan database."

I'm not sure why the former Engineer set a lower-priority for the switch configured as VTP Server, but wondering my options for resolution with no downtime for the network (changing priority/forcing reload etc).

Is there something I may be missing in the configuration? One thing that jumps at me for a "sh vtp counters" is the "Number of config digest errors are incrementing", but not sure how that can be if configuration requirements were met.

Thanks for reviewing!

========================================================================
3750 UpLink:
interface GigabitEthernet1/0/24
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
end
========================================================================
3750 "sh int gi 1/0/24 trunk":
Port Mode Encapsulation Status Native vlan
Gi1/0/24 on 802.1q trunking 1

Port Vlans allowed on trunk
Gi1/0/24 1-4094

Port Vlans allowed and active in management domain
Gi1/0/24 1,20,30,40,90,100,130,200,210,3100,3200

Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/24 1,20,30,40,90,100,130,200,210,3100,3200
========================================================================
3750 "Show vtp status":
VTP Version capable : 1 to 3
VTP version running : 3
VTP Domain Name : "N/A"
VTP Pruning Mode : Enabled
VTP Traps Generation : Disabled
Device ID : 0022.0c5e.xxxx

Feature VLAN:
--------------
VTP Operating Mode : Client
Number of existing VLANs : 13
Number of existing extended VLANs : 2
Configuration Revision : 0
Primary ID : 0000.0000.0000
Primary Description :
MD5 digest : 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00


Feature MST:
--------------
VTP Operating Mode : Transparent


Feature UNKNOWN:
--------------
VTP Operating Mode : Transparent
========================================================================
3750 "show vtp counters":
Summary advertisements received : 436
Subset advertisements received : 0
Request advertisements received : 0
Summary advertisements transmitted : 0
Subset advertisements transmitted : 0
Request advertisements transmitted : 1413
Number of config revision errors : 0
Number of config digest errors : 219
Number of V1 summary errors : 0


VTP pruning statistics:

Trunk Join Transmitted Join Received Summary advts received from
non-pruning-capable device
---------------- ---------------- ---------------- ---------------------------
Gi1/0/24 12085 12252 0
========================================================================

 

Labels:
0 Helpful
6 Replies 6

Jitendra Kumar
Spotlight
Spotlight

‎08-25-2022 10:47 PM

use below command .

VTP Primary 

from priv exec , NOT global config  use -> vtp primary;  by default this will make you the primary for VLANs

Thanks,
Jitendra
0 Helpful

GBcertz
Level 1
Level 1

‎08-30-2022 11:19 AM

Many thanks for the assistance Jitendra!

I used the command and was prompted for vtp-password, which I just copied/pasted from "sh vtp password", but the switch returned "Password mismatch".

 

0 Helpful

Jitendra Kumar
Spotlight
Spotlight
In response to GBcertz

‎09-01-2022 05:16 AM

 use the command 'sh vtp password' to compare two passwords.

to resolve this simply create another VLAN that you will never use.

there is some bugs as well on the firmware's.

http://tititec.blogspot.com/2009/09/vtp-password-mismatch.html

Thanks,
Jitendra
0 Helpful

GBcertz
Level 1
Level 1
In response to Jitendra Kumar

‎09-06-2022 09:29 AM

Thanks Jitendra.

I should have been more clear on my action(s) taken/findings along the way, but the "bugs" you mention may be a contributing factor.

Leading up to when I opened this thread, action(s) taken/findings on the switch I'm adding to the network included:

-Deleted vlan.dat
-Rebooted system
-Configured VTP mode for "client"
-Configured VTP password via copy from VTP server (switch#2 in stack)
-Rebooted for good measure in attempt to force VTP update
-New switch can list all switches on VTP domain via "sh vtp devices", but other switches do not include this new switch in there output of "sh vtp devices"

Actions taken/findings on VTP server (switch stack)
-Initially, VTP server (Primary ID) was not the "primary switch"
-Configured VTP server as "Primary Switch"
-Attempted to create random VLAN and switch output "VTP VLAN configuration not allowed when device is not the primary server for vlan database."
-Entered "show vtp password" from VTP server and copied
-Attempted to set "vtp primary" and prompted for password
-Entered password initially copied and output "Password mismatch"

I'm to the point I may move forward with adding this new switch with the understanding VLANs may need to be added outside of the VTP domain (defeats the purpose, but I'm also near defeated with this buggy-issue)

0 Helpful

paul driver
VIP
VIP

‎09-01-2022 04:54 PM

Hello 
Just log onto the vtp primary server (sh vtp status will tell you what switch is the primary) and create the vlan, otherwise turn off vtp on that new switch stack and add the vlans manually


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

GBcertz
Level 1
Level 1
In response to paul driver

‎09-06-2022 09:31 AM

Thanks Paul... per everything attempted, as outlined in my recent reply to Jitendra, that may be the ultimate route once if I receive approval from management.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card