Unable to See VLAN Details in the show run Command Output
Configuration changes in CatOS are written to NVRAM immediately after a change is made. In contrast, Cisco IOS® Software does not save configuration changes to NVRAM unless you issue the copy running-config startup-config command. VTP client and server systems require VTP updates from other VTP servers to be immediately saved in NVRAM without user intervention. The VTP update requirements are met by the default CatOS operation, but the Cisco IOS update model requires an alternative update operation.
For this alteration, a VLAN database was introduced into Cisco IOS Software as a method to immediately save VTP updates for VTP clients and servers. In some versions of software, this VLAN database is in the form of a separate file in NVRAM, called the vlan.dat file. You can view VTP/VLAN information that is stored in the vlan.dat file for the VTP client or VTP server if you issue theshow vtp status command.
VTP server/client mode switches do not save the entire VTP/VLAN configuration to the startup config file in the NVRAM when you issue the copy running-config startup-config command on these systems. It saves the configuration in the vlan.dat file. This does not apply to systems that run as VTP transparent. VTP transparent systems save the entire VTP/VLAN configuration to the startup config file in NVRAM when you issue the copy running-config startup-config command. For example, if you delete vlan.dat file after the configuration of the VTP in server or client mode and reload the switch, it resets the VTP configuration to default settings. However, if you configure VTP in transparent mode, delete the vlan.dat and reload the switch. This retains the VTP configuration.
This is an example of a default VTP configuration:
Switch#show vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 1005Number of existing VLANs : 5VTP Domain Name : CISCOVTP Operating Mode : ClientVTP V2 Mode : DisabledVTP Pruning Mode : DisabledMD5 digest : 0xD3 0x78 0x41 0xC8 0x35 0x56 0x89 0x97VTP Traps Generation : DisabledConfiguration last modified by 0.0.0.0 at 0-0-00 00:00:00
You can configure normal-range VLANs (2 through 1000) when the switch is in either VTP server or transparent mode. However, you can only configure extended-range VLANs (1025 through 4094) in VTP transparent switches.
- In order to display all the VLAN configurations, the VLAN ID, name, and so forth, that are stored in the binary file, you must issue the show vlan command.
- You can display the VTP information, the mode, domain, and so forth, with use of the show vtp status command.
- The VLAN information and the VTP information are not displayed in the show running-config command output when the switch is in the VTP server/client mode. This is normal behavior of the switch.Router#show run | include vlanvlan internal allocation policy ascending
Router#show run | include vtp - Switches that are in VTP transparent mode display the VLAN and VTP configurations in the show running-config command output because this information is also stored in the configuration text file.Router#show run | include vlanvlan internal allocation policy ascendingvlan 1 tb-vlan1 1002 tb-vlan2 1003tb-vlan2 1003vlan 20-21,50-51 vlan 1002 tb-vlan1 1 vlan 1003Router#show run | include vtptb-vlan1 1 tb-vlan2 1002 vlan 1004 vlan 1005vtp domain ciscovtp mode transparent
Extended-range VLANs are not supported by 3500XL. The 2900XL and 3500XL can use only VLANs in the range of 1 to 1001, and they do not support extended-range VLANs. If you upgrade the software of the switch, it does not bring an enhancement to support the configuration of extended-range VLANs.
Catalyst Switches Do Not Exchange VTP Information
VTP allows switches to advertise VLAN information between other members of the same VTP domain. VTP allows a consistent view of the switched network across all switches. There are several reasons why the VLAN information can fail to be exchanged.
Verify these items if switches that run VTP fail to exchange VLAN information:
- VTP information only passes through a trunk port. Make sure that all ports that interconnect switches are configured as trunks and are actually trunking.Make sure that if EtherChannels are created between two switches, only Layer 2 EtherChannels propagate VLAN information.
- Make sure that the VLANs are active in all the devices.
- One of the switches must be the VTP server in a VTP domain. All VLAN changes must be done on this switch in order to have them propagated to the VTP clients.
- The VTP domain name must match and it is case sensitive. CISCO and cisco are two different domain names.
- Make sure that no password is set between the server and client. If any password is set, make sure that the password is the same on both sides.
- Every switch in the VTP domain must use the same VTP version. VTP V1 and VTP V2 are not compatible on switches in the same VTP domain. Do not enable VTP V2 unless every switch in the VTP domain supports V2.Note: VTP V2 is disabled by default on VTP V2-capable switches. When you enable VTP V2 on a switch, every VTP V2-capable switch in the VTP domain enables V2. You can only configure the version on switches in VTP server or transparent mode.
- Switches that operate in transparent mode drop VTP advertisements if they are not in the same VTP domain.
- The extended-range VLANs are not propagated. Therefore, you must configure extended-range VLANs manually on each network device.In the future, the Catalyst 6500 Cisco IOS Software switches support VTP Version 3. This version is able to transmit extended-range VLANs. So far, VTP Version 3 is only supported on CatOS. Refer to the Understanding How VTP Version 3 Works section of Configuring VTP for more information on VTP Version 3.
- The Security Association Identifier (SAID) values must be unique. SAID is a user-configurable, 4-byte VLAN identifier. The SAID identifies traffic that belongs to a particular VLAN. The SAID also determines to which VLAN each packet is switched. The SAID value is 100,000 plus the VLAN number. These are two examples:
- The SAID for VLAN 8 is 100008.
- The SAID for VLAN 4050 is 104050.
- The updates from a VTP server do not get updated on a client if the client already has a higher VTP revision number. Also, the client does not allow these updates to flow to its downstream VTP clients if the client has a higher revision number than that which the VTP server sends.
Catalyst Switch Automatically Changes VTP Mode from Client to Transparent
Some Catalyst Layer 2 and Layer 3 fixed configuration switches change the VTP mode automatically from client to transparent with this error message:
%SW_VLAN-6-VTP_MODE_CHANGE: VLAN manager changing device mode fromCLIENT to TRANSPARENT.
Either of these two reasons can cause the automatic VTP mode change in these switches:
- More VLANs run on the Spanning Tree Protocol (STP) than the switch can support.Catalyst Layer 2 and Layer 3 fixed configuration switches support a different maximum number of instances of STP with the use of per-VLAN spanning tree+ (PVST+). For example, the Catalyst 2940 supports four instances of STP in PVST+ mode, while the Catalyst 3750 supports 128 instances of STP in PVST+ mode. If more than the maximum number of VLANs is defined in the VTP, the VLANs that remain operate with STP disabled.If the number of instances of STP that is already in use is greater than the maximum number, you can disable STP on one of the VLANs and enable it on the VLAN where you want STP to run. Issue the no spanning-tree vlan vlan-id global configuration command in order to disable STP on a specific VLAN. Then, issue the spanning-tree vlan vlan-id global configuration command in order to enable STP on the desired VLAN.Note: Switches that do not run STP still forward the bridge protocol data units (BPDUs) that they receive. In this way, the other switches on the VLAN that have a running STP instance can break loops. Therefore, STP must run on enough switches in order to break all the loops in the network. For example, at least one switch on each loop in the VLAN must run STP. You do not need to run STP on all switches in the VLAN. However, if you run STP only on a minimal set of switches, a change to the network can introduce a loop into the network and can result in a broadcast storm.Workarounds:
- Reduce the number of VLANs that are configured to a number that the switch supports.
- Configure the IEEE 802.1s Multiple STP (MSTP) on the switch in order to map multiple VLANs to a single STP instance.
- Use switches and/or images (Enhanced Image [EI]) which support a greater number of VLANs.
- The switch receives more VLANs from a connected switch than the switch can support.An automatic VTP mode change also can occur if the switch receives a VLAN configuration database message that contains more than a set number of VLANs. This normally happens in Catalyst Layer 2 and Layer 3 fixed configuration switches when they are connected to a VTP domain that has more VLANs than are supported locally.Workarounds:
- Configure the allowed VLAN list on the trunk port of the connected switch in order to restrict the number of VLANs that are passed to the client switch.
- Enable pruning on the VTP server switch.
- Use switches and/or images (EI) which support a greater number of VLANs.
Data Traffic Blocked between VTP Domains
Sometimes it is required to connect to switches that belong to two different VTP domains. For example, there are two switches called Switch1 and Switch2. Switch1 belongs to VTP domain cisco1 and Switch2 belongs to VTP domain cisco2. When you configure trunk between these two switches with the Dynamic Trunk Negotiation (DTP), the trunk negotiation fails and the trunk between the switches does not form, because the DTP sends the VTP domain name in a DTP packet. Because of this, the data traffic does not pass between the switches.
Switch1#show vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 1005Number of existing VLANs : 9VTP Domain Name : cisco1VTP Operating Mode : ServerVTP Pruning Mode : DisabledVTP Traps Generation : DisabledVTP V2 Mode : DisabledSwitch2#show vtp statusVTP Version : 2Configuration Revision : 2Maximum VLANs supported locally : 1005Number of existing VLANs : 42VTP Domain Name : cisco2VTP Operating Mode : ServerVTP Pruning Mode : DisabledVTP Traps Generation : DisabledVTP V2 Mode : DisabledSwitch1#show interface fastethernet 1/0/23 trunkPort Mode Encapsulation Status Native vlanFa1/0/23 auto 802.1q not-trunking 1Port Vlans allowed on trunkFa1/0/23 1Port Vlans allowed and active in management domainFa1/0/23 1Fa1/0/23 1Port Vlans in spanning tree forwarding state and not pruned
It is possible that you can also see this error message.
Some of the switches do not show this error message.
4w2d: %DTP-SP-5-DOMAINMISMATCH: Unable to perform trunk negotiation on port Fa3/3 because of VTP domain mismatch.
The solution for this issue is to manually force the trunking instead in order to rely on the DTP. Configure the trunk ports between the switches with the switchport mode trunk command.
Switch1(config)#interface fastethernet 1/0/23switch1(config-if)#switchport mode trunkSwitch2(config)#interface fastethernet 3/3switch2(config-if)#switchport mode trunkswitch1#show interface fastethernet 1/0/23 trunkPort Mode Encapsulation Status Native vlanFa1/0/23 on 802.1q trunking 1Port Vlans allowed and active in management domainPort Vlans allowed on trunk Fa1/0/23 1-4094 Fa1/0/23 1-5Fa1/0/23 1-5Port Vlans in spanning tree forwarding state and not pruned
No comments:
Post a Comment