Friday, December 24, 2010

Verifying VTP information

Taken from "Troubleshooting VLAN Trunk Protocol (VTP)"

show vtp statistics
The general purpose of an MD5 value is to verify the integrity of a received packet and to detect any changes to the packet or corruption of the packet during transit. When a switch detects a new revision number that is different from the currently stored value, the switch sends a request message to the VTP server and requests the VTP subsets. A subset advertisement contains a list of VLAN information. The switch calculates the MD5 value for the subset advertisements and compares the value to the MD5 value of the VTP summary advertisement. If the two values are different, the switch increases the No of config digest errors counter.

A common reason for these digest errors is that the VTP password is not configured consistently on all VTP servers in the VTP domain. Troubleshoot these errors as a misconfiguration or data corruption issue.When you troubleshoot this problem, ensure that the error counter is not historical. The statistics menu counts errors since the most recent device reset or the VTP statistics reset.



Catalyst Switches Do Not Exchange VTP Information

VTP allows switches to advertise VLAN information between other members of the same VTP domain. VTP allows a consistent view of the switched network across all switches. There are several reasons why the VLAN information can fail to be exchanged. Verify these items if switches that run VTP fail to exchange VLAN information:
  • VTP information only passes through a trunk port. Make sure that all ports that interconnect switches are configured as trunks and are actually trunking. Make sure that if EtherChannels are created between two switches, only Layer 2 EtherChannels propagate VLAN information.
  • Make sure that the VLANs are active in all the devices.
  • One of the switches must be the VTP server in a VTP domain. All VLAN changes must be done on this switch in order to have them propagated to the VTP clients.
  • The VTP domain name must match and it is case sensitive. CISCO and cisco are two different domain names.
  • Make sure that no password is set between the server and client. If any password is set, make sure that the password is the same on both sides.
  • Every switch in the VTP domain must use the same VTP version. VTP V1 and VTP V2 are not compatible on switches in the same VTP domain. Do not enable VTP V2 unless every switch in the VTP domain supports V2. Note: VTP V2 is disabled by default on VTP V2-capable switches. When you enable VTP V2 on a switch, every VTP V2-capable switch in the VTP domain enables V2. You can only configure the version on switches in VTP server or transparent mode.
  • Switches that operate in transparent mode drop VTP advertisements if they are not in the same VTP domain.
  • The extended-range VLANs are not propagated. Therefore, you must configure extended-range VLANs manually on each network device. Note: In the future, the Catalyst 6500 Cisco IOS Software switches support VTP Version 3. This version is able to transmit extended-range VLANs. So far, VTP Version 3 is only supported on CatOS. Refer to the Understanding How VTP Version 3 Works section of Configuring VTP for more information on VTP Version 3.
  • The Security Association Identifier (SAID) values must be unique. SAID is a user-configurable, 4-byte VLAN identifier. The SAID identifies traffic that belongs to a particular VLAN. The SAID also determines to which VLAN each packet is switched. The SAID value is 100,000 plus the VLAN number. These are two examples:
    • The SAID for VLAN 8 is 100008.
    • The SAID for VLAN 4050 is 104050.
  • The updates from a VTP server do not get updated on a client if the client already has a higher VTP revision number. Also, the client does not allow these updates to flow to its downstream VTP clients if the client has a higher revision number than that which the VTP server sends.

2 comments:

  1. according to this:
    http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/solution_guide_c78_508010.html

    VTPv3 is supported on the latest 6500 SXI trail...

    Hope ths may help in testing it ;-)
    Ivan Brunello

    ReplyDelete
  2. I wonder if this is the same version of IOS code that is in the current CCIE Wireless lab... Thanks for the tip!

    ReplyDelete