Solved: VTP v3 - primary server not detected

David Vavra · ‎05-15-2013

We have a bit of a problem when deploying VTP v3 in our network.

When command vtp primary vlan is issued, switch typically send query to appropriate multicast address in order to find out whether there is already some other one.

The problem we are experiencing is that old primary server is not discovered, because it fails to reply on those multicasts.

This debug messages (from the old primary server )may be more describing.

*Mar 2 22:26:56.057: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ: RX seq 1 ttl 1877620

*Mar 2 22:26:56.057: VTP LOG RUNTIME: Flooding mechanism DB-ADD: seq 1 time 167216060

*Mar 2 22:26:56.057: VTP LOG RUNTIME: Flooding mechanism FLD-REQ: TX seq 1. New TTL 1877621

*Mar 2 22:26:56.057:

*Mar 2 22:26:56.057: relay [Fa1/0/13]: 03 05 00 04 74 65 73 74 00 00 00 00 00 00 00 00 ....test........

*Mar 2 22:26:56.057: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

*Mar 2 22:26:56.057: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 1C 0F 69 B2 80 00 02 ...........i2...

*Mar 2 22:26:56.057: relay [Fa1/0/13]: 00 00 00 01 00 1C A6 75 ......&u

*Mar 2 22:26:56.057:

*Mar 2 22:26:56.258:

*Mar 2 22:26:56.258: relay [Fa1/0/13]: 03 05 00 04 74 65 73 74 00 00 00 00 00 00 00 00 ....test........

*Mar 2 22:26:56.258: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

*Mar 2 22:26:56.258: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 1C 0F 69 B2 80 00 02 ...........i2...

*Mar 2 22:26:56.258: relay [Fa1/0/13]: 00 00 00 01 00 1C A6 75 ......&u

*Mar 2 22:26:56.258:

*Mar 2 22:26:56.460:

*Mar 2 22:26:56.460: relay [Fa1/0/13]: 03 05 00 04 74 65 73 74 00 00 00 00 00 00 00 00 ....test........

*Mar 2 22:26:56.460: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

*Mar 2 22:26:56.460: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 1C 0F 69 B2 80 00 02 ...........i2...

*Mar 2 22:26:56.460: relay [Fa1/0/13]: 00 00 00 01 00 1C A6 75 ......&u

*Mar 2 22:26:56.460:

*Mar 2 22:26:56.661: VTP LOG RUNTIME: Flooding Mechanism FLD-RESP: TX seq 1 on trunk Fa1/0/22

*Mar 2 22:26:56.661: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ: RX seq 1 ttl 1877620

*Mar 2 22:26:56.661: VTP LOG RUNTIME: Flooding mechanism FLD-REQ: Drop seq 1 (Pkt seq = current seq 1).

*Mar 2 22:26:56.661: VTP LOG RUNTIME:

*Mar 2 22:26:56.661: VTP LOG RUNTIME: VTP3: vtp3_core_receive_packet Flood of packet failed

*Mar 2 22:26:56.661: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ: RX seq 1 ttl 1877620

*Mar 2 22:26:56.661: VTP LOG RUNTIME: Flooding mechanism FLD-REQ: Drop seq 1 (Pkt seq = current seq 1).

*Mar 2 22:26:56.661: VTP LOG RUNTIME:

*Mar 2 22:26:56.661: VTP LOG RUNTIME: VTP3: vtp3_core_receive_packet Flood of packet failed

So far, I haven't been able to find out the reason of this behaviour. In spite of that, no other strange behavior of vtp has been observed.

Thanks for any hints.

paul driver · ‎05-17-2013

Hello David,

"The problem is that not conflicting device is found, although it should be"

Should there be a conflicting device in you toplogy? - I guess not.

The ios is telling you that the sanity check is okay and you can promote the secondary server to a primary server?

What is a conflicting device? - I assume cisco means another switch ( possibly a vtp3 enabled primary server) that has come online after the existing primary server has been established - or the primary server has lost connection/reloaded and in the meatime another switch has been promoted to server -Then in this case you would have two switches in primary server state - with the live primary server on the network being the active one for the vtp domain.

This would result in any changes to the vtp database being dropped by the rouge primary server ( in fact this rouge server wont be able make changes either) until a manual transfer of roles is performed by either switch, thus overwriting either ones vtp database

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

paul driver · ‎05-15-2013

Hello,

Below a few thing to look out for-

Are all your vtp clients vtp 2 compatible? (introduce vtp 3 the client swiches will be upgraded to use vtp 2)
Is the vtp domain configured for the primary vtp 3 server and correct throughout the estate?
Do you have stp extended id,configured ( these extended vlans will NOT be propergated so they will have to be applied manually)
Switch interconnects need to be trunked.

res
Paul

Sent from Cisco Technical Support Android App

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

David Vavra · ‎05-16-2013

Hi Paul, thank you for your reply.

Let me explain it this way, maybe I'll be more clear then.

tTpology is quite simple, two Cat2960s (sw1,sw2) interconnected via trunk link, both of them have VTPv3 properly configured in same domain. One of them (sw1) is configured as the primary server for vlan distribution.

But when same commands are issued on the other switch (sw2), current server is not found on the network and sw2 becomes the primary server.

Debug output provided is from sw1, as it receives primary server discovery messages from sw2, but doesn't reply, still don't know why.

paul driver · ‎05-16-2013

Hello David

As you saying you are unable to transfer the vtp primary over from one switch to another - or does it succeed but with this error log?

I assume both switches have same domain/password and vtp mode set to server?

On both switches:

debug sw-vlan vtp events

sh vtp status | in Prim

vtp primary force / vtp primary vlan( force)

Below is the output from my lab:

SW3#

sh vtp status | in Prim

Primary ID : 0011.5c79.9500

Primary Description : SW4

vtp primary force

This system is becoming primary server for feature vlan

Enter VTP Password:

*Mar 1 00:56:28.846: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ: RX seq 11 ttl 0

*Mar 1 00:56:28.846: VTP LOG RUNTIME: Flooding mechanism FLD-REQ: TX seq 11. New TTL 1

*Mar 1 00:56:29.450: VTP LOG RUNTIME: VTP3[VLAN]: takeover is only a primary server change (db now valid)

*Mar 1 00:56:29.567: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ(TO): Delivered to instance 0

*Mar 1 00:56:29.567: %SW_VLAN-4-VTP_PRIMARY_SERVER_CHG: 0014.6992.5680 has become the primary server for the VLAN VTP feature

SW4#

*Mar 1 00:56:29.567: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ: RX seq 11 ttl 0

*Mar 1 00:56:29.567: VTP LOG RUNTIME: Flooding mechanism FLD-REQ: Drop seq 11 (Pkt seq = current seq 11).

*Mar 1 00:56:29.567: VTP LOG RUNTIME:

*Mar 1 00:56:29.567: VTP LOG RUNTIME: VTP3: vtp3_core_receive_packet Flood of packet failed

*Mar 1 00:56:29.567: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ: RX seq 11 ttl 0

*Mar 1 00:56:29.567: VTP LOG RUNTIME: Flooding mechanism FLD-REQ: Drop seq 11 (Pkt seq =

SW4#current seq 11).

*Mar 1 00:56:29.567: VTP LOG RUNTIME:

*Mar 1 00:56:29.567: VTP LOG RUNTIME: VTP3: vtp3_core_receive_packet Flood of packet failed

SW4#

sh vtp status | in Prim

Primary ID : 0014.6992.5680

Primary Description : SW3

I get same result forcing the change or letting the switch check for conflicting devices

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

David Vavra · ‎05-17-2013

Thank you for your reply.

Here is complete output. Although debug messages appear when I'm logged on sw2, please note that they are actually sw1's, as it has debugging mode on.

The problem is that not conflicting device is found, although it should be. Although this mistake is not inpacting any primary functionality of vtp, I would like to work this out before actual deployenment.

----

sw1-3750#show debugging

Generic VLAN Manager:

vtp packets debugging is on

vtp xmit debugging is on

vtp events debugging is on

sw1-3750#show vtp status

VTP Version capable : 1 to 3

VTP version running : 3

VTP Domain Name : test

VTP Pruning Mode : Disabled

VTP Traps Generation : Disabled

Device ID : 0014.a812.6900

Feature VLAN:

--------------

VTP Operating Mode : Primary Server

Number of existing VLANs : 13

Number of existing extended VLANs : 0

Configuration Revision : 3

Primary ID : 0014.a812.6900

Primary Description : sw1-3750

MD5 digest : 0xF7 0x54 0xA5 0xB6 0x86 0x31 0x7B 0x8B

0x13 0x54 0x7D 0x21 0xDE 0xC3 0x8F 0x4C

Feature MST:

--------------

VTP Operating Mode : Transparent

sw1-3750#show vtp pass

VTP Password: testpass

sw1-3750#telnet 10.0.0.2

Trying 10.0.0.2 ... Open

User Access Verification

Password:

sw2-2960>en

Password:

sw2-2960#

sw2-2960#show vtp pass

VTP Password: testpass

sw2-2960#show vtp st

VTP Version capable : 1 to 3

VTP version running : 3

VTP Domain Name : test

VTP Pruning Mode : Disabled

VTP Traps Generation : Disabled

Device ID : 001c.0f69.b280

Feature VLAN:

--------------

VTP Operating Mode : Server

Number of existing VLANs : 13

Number of existing extended VLANs : 0

Maximum VLANs supported locally : 255

Configuration Revision : 3

Primary ID : 0014.a812.6900

Primary Description : sw1-3750

MD5 digest : 0xF7 0x54 0xA5 0xB6 0x86 0x31 0x7B 0x8B

0x13 0x54 0x7D 0x21 0xDE 0xC3 0x8F 0x4C

Feature MST:

--------------

VTP Operating Mode : Transparent

sw2-2960#vtp primary vlan

This system is becoming primary server for feature vlan

*Mar 10 17:17:52.970: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ: RX seq 2 ttl 1877620

*Mar 10 17:17:52.970: VTP LOG RUNTIME: Flooding mechanism FLD-REQ: TX seq 2. New TTL 1877621

*Mar 10 17:17:52.970:

*Mar 10 17:17:52.970: relay [Fa1/0/13]: 03 05 00 04 74 65 73 74 00 00 00 00 00 00 00 00 ....test........

*Mar 10 17:17:52.970: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

*Mar 10 17:17:52.970: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 1C 0F 69 B2 80 00 02 ...........i2...

*Mar 10 17:17:52.970: relay [Fa1/0/13]: 00 00 00 02 00 1C A6 75 ......&u

*Mar 10 17:17:52.970:

*Mar 10 17:17:53.172:

*Mar 10 17:17:53.172: relay [Fa1/0/13]: 03 05 00 04 74 65 73 74 00 00 00 00 00 00 00 00 ....test........

*Mar 10 17:17:53.172: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

*Mar 10 17:17:53.172: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 1C 0F 69 B2 80 00 02 ...........i2...

*Mar 10 17:17:53.172: relay [Fa1/0/13]: 00 00 00 02 00 1C A6 75 ......&u

*Mar 10 17:17:53.172:

*Mar 10 17:17:53.373:

*Mar 10 17:17:53.373: relay [Fa1/0/13]: 03 05 00 04 74 65 73 74 00 00 00 00 00 00 00 00 ....test........

*Mar 10 17:17:53.373: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

*Mar 10 17:17:53.373: relay [Fa1/0/13]: 00 00 00 00 00 00 00 00 00 1C 0F 69 B2 80 00 02 ...........i2...

*Mar 10 17:17:53.373: relay [Fa1/0/13]: 00 00 00 02 00 1C A6 75 ......&u

*Mar 10 17:17:53.373:

*Mar 10 17:17:53.574: VTP LOG RUNTIME: Flooding Mechanism FLD-RESP: TX seq 2 on trunk Fa1/0/22

*Mar 10 17:17:53.574: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ: RX seq 2 ttl 1877620

*Mar 10 17:17:53.574: VTP LOG RUNTIME: Flooding mechanism FLD-REQ: Drop seq 2 (Pkt seq = current seq 2).

*Mar 10 17:17:53.574: VTP LOG RUNTIME:

*Mar 10 17:17:53.574: VTP LOG RUNTIME: VTP3: vtp3_core_receive_packet Flood of packet failed

*Mar 10 17:17:53.574: VTP LOG RUNTIME: Flooding Mechanism FLD-REQ: RX seq 2 ttl 1877620

*Mar 10 17:17:53.574: VTP LOG RUNTIME: Flooding mechanism FLD-REQ: Drop seq 2 (Pkt seq = current seq 2).

*Mar 10 17:17:53.574: VTP LOG RUNTIME:

*Mar 10 17:17:53.574: VTP LOG RUNTIME: VTP3: vtp3_core_receive_packet Flood of packet failed

No conflicting VTP3 devices found.

Do you want to continue? [confirm]

*Mar 10 17:18:10.435: VTP LOG RUNTIME: VTP3[VLAN]: tx vtp summary, domain test, rev 3 window 100

InayathUlla Sharieff · ‎05-15-2013

Hi David,

Some guidelines on VTP V3 , I hope you have already seen this:

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/solution_guide_c78_508010.html

Regards

Inayath

paul driver · ‎05-17-2013

Hello David,

"The problem is that not conflicting device is found, although it should be"

Should there be a conflicting device in you toplogy? - I guess not.

The ios is telling you that the sanity check is okay and you can promote the secondary server to a primary server?

What is a conflicting device? - I assume cisco means another switch ( possibly a vtp3 enabled primary server) that has come online after the existing primary server has been established - or the primary server has lost connection/reloaded and in the meatime another switch has been promoted to server -Then in this case you would have two switches in primary server state - with the live primary server on the network being the active one for the vtp domain.

This would result in any changes to the vtp database being dropped by the rouge primary server ( in fact this rouge server wont be able make changes either) until a manual transfer of roles is performed by either switch, thus overwriting either ones vtp database

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

David Vavra · ‎05-17-2013

Well, I assumed that I should be notified that there is yet another one (at least) primary server on the network and I'm about to retake his role.

But scenario that your have providing makes much more sense, I simply didn't get the idea when I was reading Cisco documentation.

Thank you a lot for making it clear to me.