Are VTP Advertisements Sent over Spanning Tree Blocked Links?

In a Virtual Terminal Protocol (VTP) domain there are 6506 switches, 4912G units and many 35xx units. There are more than 64 VLANs in use, so there are no redundant links due to the 35xx restriction of 64 spanning trees.
Should this be split into three VTP domains to make sure there are no more than 64 VLANs on any 35xx? In this scenario, some of the switches would be connected to one neighbour in the same domain but to other neighbours in other domains. How can we ensure that the first link is not spanning tree blocked for VTP to work?

First, VTP is passed on VLAN 1 and
can be sent and received through blocked
ports.
Second, spantree topology and VTP are totally independent. So, spantree would still block
or forward normally on a link regardless of whether
the switches on each side are in different VTP
domains.

Similar Messages

  • Why the host ports are also seen in the spanning-tree output ?

    Why the host ports are also seen in the spanning-tree output ?
    Switch1#show spann
    VLAN0001
      Spanning tree enabled protocol ieee
      Root ID    Priority    32769
                 Address     0000.0CA2.138B
                 This bridge is the root
                 Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
      Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
                 Address     0000.0CA2.138B
                 Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
                 Aging Time  20
    Interface        Role Sts Cost      Prio.Nbr Type
    Fa0/1            Desg FWD 19        128.1    P2p
    Fa0/2            Desg FWD 19        128.2    P2p
    Fa0/15           Desg FWD 19        128.15   P2p
    interface FastEthernet0/15
    description PC0 Interface
    switchport mode access
    spanning-tree portfast
    interface FastEthernet0/16
    I read somewhere that all the ports of a switch will participate in STP by default. Is there any way to remove the STP operation on host ports ?
    Regards,
    Chandu       

    All ports participate in Spanning Tree by default.
    Spanning tree is there to block redundant L2 paths in order to prevent loops. All ports are capable of causing a loop so you would not want to turn spanning tree off, in fact I don't think you can switch it off on a per port basis. You can switch it off on a per vlan basis.
    You are already using portfast which allows host ports to transition into a forwarding state without going through the listening and learning states of STP. If you switch off STP on a port, you risk the chance of a L2 loop.
    https://supportforums.cisco.com/docs/DOC-5180

  • SF 300 Serires switch not participating in spanning tree?

    I just purchased an SF300-24 managed switch and I am running it in layer3 mode. I am testing it out right now and have it connected to two 2950 switches. The SF300 is connected to each 2950 with a four port etherchannel running LACP. When looking at spanning tree all three switches are configured the same when it comes to hello, forward, max age and all three are in RSTP mode. I adjusted the priorities so that the SF300 would be the root but that is not happening.
    I only have one VLAN as of right now set up and connectivity between the three switches is fine. The only problem seems to be that the two 2950 switches are the only two switches involved in the determination of the root bridge. Additionally it was the same way before I configured the etherchannel and had the switches connected over single trunk lines.
    I would appreciate if someone can expain to me why this is?
    Thanks in advance.

    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin-top:0in;
    mso-para-margin-right:0in;
    mso-para-margin-bottom:10.0pt;
    mso-para-margin-left:0in;
    line-height:115%;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    Thanks for your help but know I still cannot get the three devices to talk MST either,it is getting frustrating. If i add a redundant link and directly connect the two 2950's they immediately talk and configure MST. But when I remove that link no info is passed and both 2950's think they are the root even though the SF 300 priority is 0 on all three MST instances. On the SF300 I have the following settings:
    Spanning tree: enabled
    STP Operation Mode: Multiple STP
    BPDU Handling: Flooding
    Path Cost: Long
    Region name: test
    Revision: 1
    Max Hops: 20
    Max-age: 20
    Hello Time: 2
    Forward Delay: 15
    MST instance 1 Vlan 100
    Bridge Priority 0
    Designated Root Bridge: Self
    Root port: 0
    Root path cost: 0
    MST instance 2 Vlan 2-5
    Bridge Priority 0
    Designated Root Bridge: Self
    Root port: 0
    Root path cost: 0
    MST instance 0 all vlans not in instance 1 and 2
    Bridge Priority 0
    Designated Root Bridge: Self
    Root port: 0
    Root path cost: 0
    For MST interface Settings (both LAGs/instances are thesame)
    Int Priority: 128
    Path Cost: 20000
    Port State: Boundary
    Mode: RSTP
    Type: Boundary
    Designated port ID: 128
    Designated Cost: 0
    Remain Hops: 20
    Forward Transitions: 1
    The 2950 switches: (The only difference on the other switch is that the priority is 8192, and the MACs of course)
    MST00 is executing the mstp compatible Spanning Treeprotocol
      Bridge Identifierhas priority 4096, sysid 0, address 000b.460e.e040
      Configured hello time 2, max age 20, forward delay 15
      Current root haspriority 0, address 6c50.4dcb.334b
      Root port is 65 (Port-channel1), cost of root path is 50000
      Topology change flag not set, detected flag not set
      Number of topology changes 7 last change occurred 00:18:54 ago
              from Port-channel1
      Times:  hold 1, topology change 35, notification 2
              hello 2, max age 20, forward delay 15
      Timers: hello 0, topology change 0, notification 0
    Port 65 (Port-channel1) of MST00 is root forwarding
       Port path cost 50000, Port priority 128, Port Identifier 128.65.
       Designated roothas priority 0, address 6c50.4dcb.334b
       Designatedbridge has priority 0, address 6c50.4dcb.334b
       Designated port id is 128.1000, designated path cost 0
       Timers: message age 4, forward delay 0, hold 0
       Number of transitions to forwarding state: 1
       Link type ispoint-to-point by default, Boundary RSTP
       BPDU: sent 571,received 568
    MST01 is executingthe mstp compatible Spanning Tree protocol
      Bridge Identifierhas priority 4096, sysid 1, address 000b.460e.e040
      Configured hello time 2, max age 20, forward delay 15
      We are the root of the spanning tree
      Topology change flag not set, detected flag not set
      Number of topology changes 9 last change occurred 00:18:55 ago
              from Port-channel1
      Times:  hold 1, topology change 35, notification 2
              hello 2, max age 20, forward delay 15
      Timers: hello 0, topology change 0, notification 0
    Port 65 (Port-channel1) of MST01 is boundary forwarding
       Port path cost 50000, Port priority 128, Port Identifier 128.65.
       Designated root has priority 4097, address 000b.460e.e040
       Designated bridge has priority 4097, address 000b.460e.e040
       Designated port id is 128.65, designated path cost 0
       Timers: message age 0, forward delay 0, hold 0
       Number of transitions to forwarding state: 1
       Link type ispoint-to-point by default, Boundary RSTP
       BPDU: sent 598,received 0
    MST02 is executingthe mstp compatible Spanning Tree protocol
      Bridge Identifierhas priority 4096, sysid 2, address 000b.460e.e040
      Configured hello time 2, max age 20, forward delay 15
      We are the root of the spanning tree
      Topology change flag not set, detected flag not set
      Number of topology changes 9 last change occurred 00:19:50 ago
              from Port-channel1
      Times:  hold 1, topology change 35, notification 2
              hello 2, max age 20, forward delay 15
      Timers: hello 0, topology change 0, notification 0
    Port 65 (Port-channel1) of MST02 is boundary forwarding
       Port path cost 50000, Port priority 128, Port Identifier 128.65.
       Designated root has priority 4098, address 000b.460e.e040
       Designated bridge has priority 4098, address 000b.460e.e040
       Designated port id is 128.65, designated path cost 0
       Timers: message age 0, forward delay 0, hold 0
       Number of transitions to forwarding state: 1
       Link type ispoint-to-point by default, Boundary RSTP
       BPDU: sent 611,received 0
    I notice that on MST01 and 02 they are not receiving BPDU’s,but I am not sure why or if that is the problem. It appears that the SF 300 is not sending BPDU packets for MST01 and 02, but is sending them for MST00. I also attached a capture. I captured the VLAN info for VLAN 100 which is in MST1. on the SF300, it appears that the SF 300 is recieving STP traffic but not generating any.

  • Spanning-tree not working: SG500 to Cat3650

    Hi All,
    Trying to turn up a new site. I have 2 switches: Cat 3650 & SG500-52P.  I want to connect up two ethernet cables between these switches in the event one fails, STP will put the blocked one in forwarding.  However, when I connect up the 2nd ethernet cable, I get the following:
    IPADTBL-N-IPDUPLICATE: Duplicate IP address 192.168.5.232 from MAC a0:ec:f9:ef:6a:18 was detected on VLAN 1, port gi1/1/24
    This log message is then followed by the network locking up & crashing until I remove the 2nd cable (i.e. STP Loop).  Removing the redundant cable solves the problem. This is because STP is allowing both links to transitioning to forwarding state (confirmed in show spanning-tree & show cdp neighbor).
    Why is spanning-tree not correctly blocking one of the lines? Is that type of architecture not supported when there is an SG300/500 in the equation?
    Configs below:
    Core 3650: (box configs basically)
    Switch#show run
    Building configuration...
    Current configuration : 2686 bytes
    ! Last configuration change at 10:01:53 UTC Thu Jan 22 2015
    ! NVRAM config last updated at 09:24:03 UTC Thu Jan 22 2015
    version 15.0
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    service compress-config
    hostname Switch
    boot-start-marker
    boot-end-marker
    vrf definition Mgmt-vrf
     address-family ipv4
     exit-address-family
     address-family ipv6
     exit-address-family
    logging console emergencies
    enable secret 5 $1$Qi5N$u/5q1HESY/TyQsPFNKVah1
    no aaa new-model
    clock timezone UTC -6 0
    clock summer-time UTC recurring
    switch 1 provision ws-c3650-24ts
    ip device tracking
    diagnostic bootup level minimal
    spanning-tree mode pvst
    spanning-tree extend system-id
    spanning-tree vlan 1 priority 24576
    redundancy
     mode sso
    class-map match-any non-client-nrt-class
      match non-client-nrt
    policy-map port_child_policy
     class non-client-nrt-class
        bandwidth remaining ratio 10
    interface GigabitEthernet0/0
     vrf forwarding Mgmt-vrf
     no ip address
     negotiation auto
    interface GigabitEthernet1/0/1
    interface GigabitEthernet1/0/2
    interface GigabitEthernet1/0/3
    interface GigabitEthernet1/0/4
    interface GigabitEthernet1/0/5
    interface GigabitEthernet1/0/6
    interface GigabitEthernet1/0/7
    interface GigabitEthernet1/0/8
    interface GigabitEthernet1/0/9
    interface GigabitEthernet1/0/10
    interface GigabitEthernet1/0/11
    interface GigabitEthernet1/0/12
    interface GigabitEthernet1/0/13
    interface GigabitEthernet1/0/14
    interface GigabitEthernet1/0/15
    interface GigabitEthernet1/0/16
    interface GigabitEthernet1/0/17
    interface GigabitEthernet1/0/18
    interface GigabitEthernet1/0/19
    interface GigabitEthernet1/0/20
    interface GigabitEthernet1/0/21
    interface GigabitEthernet1/0/22
    interface GigabitEthernet1/0/23
    interface GigabitEthernet1/0/24
    interface GigabitEthernet1/1/1
    interface GigabitEthernet1/1/2
    interface GigabitEthernet1/1/3
    interface GigabitEthernet1/1/4
    interface Vlan1
     ip address 192.168.5.230 255.255.255.0
    ip default-gateway 192.168.5.1
    ip http server
    ip http secure-server
    line con 0
     exec-timeout 0 0
     stopbits 1
    line aux 0
    line vty 0 4
     password scrubbed
     login
    line vty 5 15
     password scrubbed
     login
    wsma agent exec
     profile httplistener
     profile httpslistener
    wsma agent config
     profile httplistener
     profile httpslistener
    wsma agent filesys
     profile httplistener
     profile httpslistener
    wsma agent notify
     profile httplistener
     profile httpslistener
    wsma profile listener httplistener
     transport http
    wsma profile listener httpslistener
     transport https
    ap group default-group
    end
    SG500 Switch:
    switchff1182#show run
    config-file-header
    switchff1182
    v1.3.0.62 / R750_NIK_1_3_647_260
    CLI v1.0
    set system mode switch queues-mode 4
    file SSD indicator encrypted
    ssd-control-start
    ssd config
    ssd file passphrase control unrestricted
    no ssd file integrity control
    ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
    voice vlan oui-table add 0001e3 Siemens_AG_phone________
    voice vlan oui-table add 00036b Cisco_phone_____________
    voice vlan oui-table add 00096e Avaya___________________
    voice vlan oui-table add 000fe2 H3C_Aolynk______________
    voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
    voice vlan oui-table add 00d01e Pingtel_phone___________
    voice vlan oui-table add 00e075 Polycom/Veritel_phone___
    voice vlan oui-table add 00e0bb 3Com_phone______________
    hostname switchff1182
    no passwords complexity enable
    username cisco password encrypted scrubbed privilege 15
    ip ssh server
    snmp-server server
    no ip http server
    ip telnet server
    interface vlan 1
     ip address 192.168.5.231 255.255.255.0
     no ip address dhcp
    exit
    ip default-gateway 192.168.5.1

    Hi Peter,
    Thanks for replying. Unfortunately (or fortunately if it worked), STP is running and BPDU's are flooding below:
    SW500A#show spanning-tree
    Spanning tree enabled mode RSTP
    Default port cost method:  long
      Root ID    Priority    24577
                 Address     a0:ec:f9:ef:6a:00
                 Cost        20000
                 Port        gi1/1/43
                 Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
      Bridge ID  Priority    32768
                 Address     2c:3e:cf:ff:11:82
                 Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
    SW500A#show spanning-tree bpdu
    Global: Flooding
    I guess I'm doing etherchannels instead of redundant links :-/
    This is one of many reasons why I regret these small business models being made; A lot of things that are polished and functional in the enterprise grade (i.e. real switches) just don't seem to work on these units. But unfortunately, as the price is significantly cheaper, companies will continue purchasing these over the better quality units, and engineers like myself will be stuck working with the cut-corners version of a Cisco switch.

  • "Peer-switch" command on vPC domain and spanning-tree priority interaction

    Hi guy,
    We have 2 N7K (N7KA and N7KB) which will be running vPC in hybird and pure vPC environment.
    I have a question about the Hybird and pure vPC environment. With the "peer-switch" command enable, should i tune the spanning-tree priority to be the same for all the vlan running on vPC on both N7KA and N7KB? This way, when i enter the "sh spanning-tree vlan X(vPC vlan) detail" command on N7K, it will list both N7K announc itself as "We are the root of the spanning tree".Also the switch running spanning-tree with N7K vPC vlan (Hybird), will see both N7K has the same priority (4096), and it is not desirable for a spanning-tree environment. Therefore, i used the "spanning-tree pseudo-information" on N7KB to tune the spanning-tree priority to "8192" and the switch running spanning-tree with N7K will list N7KB has a priority of 8192(perfect).
    However, I notice some strange "show" output on the switch running Port-channel with the N7KA and N7KB. The "Designated bridge" priority is flapping as show on the switch. It is constantly changing between "4096 and 8192" with the same vPC system wide mac address.
    Entering the "sh spanning-tree vlan X detail" command repeatly on switch with port-channel toward N7KA and N7KB.
    >>sh spanning-tree vlan 10 detail
    Port 65 (Port-channel1) of VLAN10 is root forwarding
    Port path cost 3, Port priority 128, Port Identifier 128.65.
    Designated root has priority 4106, address 0013.05ee.bac8
    Designated bridge has priority 4106, address 0013.05ee.bac8
    Designated port id is 144.2999, designated path cost 0
    Timers: message age 15, forward delay 0, hold 0
    Number of transitions to forwarding state: 1
    Link type is point-to-point by default
    BPDU: sent 5, received 603
    one sec later.
    >>sh spanning-tree vlan 10 detail
    Port 65 (Port-channel1) of VLAN10 is root forwarding Port path cost 3, Port priority 128, Port Identifier 128.65. Designated root has priority 4106, address 0013.05ee.bac8 Designated bridge has priority 8202, address 0013.05ee.bac8 Designated port id is 144.2999, designated path cost 0 Timers: message age 15, forward delay 0, hold 0 Number of transitions to forwarding state: 1 Link type is point-to-point by default BPDU: sent 5, received 603
    Configuration:
    N7KA
    spanning-tree vlan 1-10 priority 4096
    vpc domain 200
    peer-switch
    N7KB
    spanning-tree vlan 1-10 priority 4096spanning-tree pseudo-information vlan 1-10 designated priority 8192
    vpc domain 200
    peer-switch

    We have a issue similar to this in our environment. I am trying to upgrade the existing 3750 stack router with 2 Nexus 5596 running VPC between them. For the transition I have planned to create a channel between 3750 stack and 5596's. Once this environment is set, my plan is to migrate all the access switches to N5k.
    The issue is when I connect the 3750 port channel to both N5Ks, all the Vlans on 3750 started to flap. If I connect the port channel to only one N5K everything is normal; but when I connect the port channel to both N5K running VPC, vlans are flapping. Any idea what is going wrong here? Am I missing something?

  • How to implement uplink redundancy and spanning tree in SFP-300 switches

    We have several Small Business 300 Series Managed Switches, the 10/100 ones with PoE, the first generation ones.
    We've been advised to implement uplink redundancy and spanning tree on these switches.
    I'm sure spanning tree is a checkbox somewhere in the web interface.
    How does one implement uplink redundancy besides interconnecting the switches plus turning on spanning tree (RSTP)??
    Thank you, Tom
    P.S. I also tried to file a service request but it does not work, I get: "Error 500: Request processing failed; nested exception is java.lang.NullPointerException"

    Hello Thomas,
    Thanks for using the Cisco Small Business eSupport Community. I've looked through the articles that are available in our Knowledge Base and found a few that I hope will be able to assist you in setting up spanning tree and link redundancy on your SFP300s:
    In regards to link redundancy, the following article on LAG can hopefully provide some guidance:
    Link Aggregate Group (LAG) Configuration on 200/300 Series Managed Switches
    And for your question on setting up STP, here are a few articles with additional information:
    Configure Spanning Tree Protocol (STP) Status and Global Settings on 200/300 Series Managed Switches
    Setup Spanning Tree Protocol (STP) on a Interface on the 300 Series Managed Switches
    I hope that this information helps! Please remember to mark your question as answered and rate if this solves your problem.
    Best,
    Gunner

  • Blocked Stack Ports on 2960X-48FPD-L Stack (Unstable Switch Stack!) Spanning Tree?

    I am having an issue where 2 2960X-48FPD-L Switches in a redundant flexstack (stack port 1 SW1 to port  2 SW2 and port 2 SW1 to port 1 SW2) ring. 
    At first running the 15.0(2).EX5 (and earlier EX3, and EX4) version IOS yielded all the ports on the stack master switch refusing to run spanning tree and would only link in amber and not pass any traffic other than CDP information (the slave switch linked in fine). 
    I upgraded to 15.2(3)E and this solved the problem of the ports not linking in green and participating in spanning tree. 
    Now, however, about every week or two I lose connectivity to the switch stack and I was able to go to the switch stack locally and found that for some reason the switch stack is blocking and unblocking VLANs on StackPort1 frequently (see below).  When I was at the site, I sometimes had connectivity, sometimes not.  A stack hard reboot brought everything back up, but this is the second time this has occurred and I would expect the same problem in the next week or so. 
    Has anyone else run into these issues, and have you found a solution?
    I'm guessing that if I either get rid of the redundancy on the switch stack or stack using Ethernet cables between switches the problem will go away, but then what is the point of using stackable switches in a non redundant low speed stack.  It seems to me that Spanning tree thinks that I have a spanning tree loop going on with the stack ports which I didn't even think was possible.   
    What do you think?
    Jim
    _BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:02:59: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.
    Mar 11 09:03:16: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:03:27: %SPANTREE-2-BLOCK_PVID_PEER: Blocking StackPort1 on VLAN0307. Inconsistent peer vlan.
    Mar 11 09:03:42: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.
    Mar 11 09:03:46: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:03:47: %SPANTREE-2-BLOCK_PVID_PEER: Blocking StackPort1 on VLAN0307. Inconsistent peer vlan.
    Mar 11 09:04:12: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.
    Mar 11 09:04:22: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:04:56: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:05:13: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 207 on StackPort1 VLAN307.
    Mar 11 09:05:13: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking StackPort1 on VLAN0307. Inconsistent local vlan.
    Mar 11 09:05:30: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:06:00: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:06:04: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.
    Mar 11 09:06:32: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:07:02: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:07:03: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 207 on StackPort1 VLAN307.
    Mar 11 09:07:03: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking StackPort1 on VLAN0307. Inconsistent local vlan.
    Mar 11 09:07:34: %SPANTREE-2-RECV_BAD_TLV: Received SSTP BPDU with bad TLV on StackPort1 VLAN1.
    Mar 11 09:07:45: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking StackPort1 on VLAN0307. Port consistency restored.

    Jim,
    We have also the same problem with our 2960-X switches (access) connecting to a pair of 4500x (VSS) except our issue is with Portchannel with 2 physical links connecting the 2960xs to the 4500.
    If we disconnect one of the physical links from the portchannel everything works fine, but when we connect the same physical link back all users lose connectivity and the physical link starts flapping. Here are some of the messages we see in the logs when both physical links are in the portchannel:
    Mar 10 18:00:43 EST: %SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 1 on Port-channel5 VLAN90.
    Mar 10 18:00:43 EST: %SPANTREE-2-BLOCK_PVID_PEER: Blocking Port-channel5 on VLAN0001. Inconsistent peer vlan.
    Mar 10 18:00:43 EST: %SPANTREE-2-BLOCK_PVID_LOCAL: Blocking Port-channel5 on VLAN0090. Inconsistent local vlan.
    Mar 10 18:00:58 EST: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking Port-channel5 on VLAN0001. Port consistency restored.
    Mar 10 18:00:58 EST: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking Port-channel5 on VLAN0090. Port consistency restored.
    Mar 10 18:01:29 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/0/1, changed state to down
    Mar 10 18:01:37 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/0/1, changed state to up
    Mar 10 18:01:48 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/0/1, changed state to down
    Mar 10 18:01:51 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet1/0/1, changed state to up
    We have upgraded to 15.0(2a).EX5 and still have the same issue.
    We have a ticket open with Cisco and have sent them all the logs and debugs and waiting to hear back from IOS developers.
    HTH

  • Setting up ML cards in 454 so that Spanning Tree one side blocks

    Currently we have two ML 1000 cards in our Main ONS 454. We have spanning tree set up on a 3560G switch that brings the IP portion of the SONET to all the other 310's in our network. Now when I do a sh spanning tree on the both ports on the switch that go up to ports 1 on the ML 1000 cards it shows me that both are in forwarding mode. How do I set this up so that one of the is blocking?
    Thanks

    Hi,
    if you remove "encryption mode ciphers aes-ccm tkip" from the radio interface does it help?
    it should remain like this:
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption vlan 1 mode ciphers aes-ccm tkip
    ssid WLAN_Corporate
    ssid WLAN_HartKitGuest
    HTH,
    Tiago
    If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

  • Technical Details: The website does not support encryption for the page you are viewing. Information sent over the internet withour encryption can be seen by other people while it is in transit

    Technical Details:
    The website does not support encryption for the page you are viewing.
    Information sent over the internet withour encryption can be seen by other people while it is in transit
    == This happened ==
    Not sure how often
    == started few days ago. previously never happened before.

    I was loading a website, it then stated as below, it wasnt any of the problems stated below.
    SERVER NOT FOUND
    # Check the address for typing errors such as
    ww.example.com instead of
    www.example.com
    # If you are unable to load any pages, check your computer's network
    connection.
    # If your computer or network is protected by a firewall or proxy, make sure
    that Firefox is permitted to access the Web.
    Thus i checked the Page Info, it states that:
    Security Info on page:
    '''This website does not supply ownership information.
    Connection not Encrypted.'''
    Technical Details:
    The website does not support encryption for the page you are viewing.
    Information sent over the internet withour encryption can be seen by other people while it is in transit

  • SGE2010 switches, VLAN's and a blocked port in spanning-tree

    Folks,
    I have 2 switch groups.
    2 SGE2010's with VLAN's defined as 10,20 and 30
    Vlan 10 is the management VLAN, and it uplinks to our border router.
    Vlan 20 is the workstation VLAN, and all workstations point to the switch as their default GW
    Vlan 30 is the ip phone VLAN, and all phones use this as their gateway.
    I would like to put a LAG between said switches, we have some servers on the ip phone switch that need to be accessed by the workstation clients, and the single 100mb link through the router is probably not going to be enough.
    As I understand it, because the switches have different networks on them, a simple lag will not work. I did create a lag, and assign ip addresses to each side, however in that mode, it doesn't appear I can block vlan 10 from transiting the LAG, and with out that block I will end up with a logical loop, and spanning-tree will block one of the uplinks, or the LAG itself.
    I have attached an image with a diagram of our current set up.
    Any help/advice would be much appreciated.

    Tom,
    I remember our conversation a few weeks ago. I did not get a chance to have a go at MSTP, mainly because I have no expierence with it, and looking at the configuration properities, it looks a little daunting.
    It has also been a very busy few weeks with the deployment of 200+ phones across several sites, and the system is functioning great with out the LAG trunk, I am just trying to plan for the future.
    I made a few postings a few weeks ago, one here and one on the Cisco forums on reddit, and a user there gave me some advice I have been unable to make work (I think it's just wrong), but I would love to go this route if it is in fact possible.
    Here is the thread : http://www.reddit.com/r/Cisco/comments/x91tc/vlan_trunks_spanning_tree_and_a_port_blocked/c5kskch
    This user implies it's possible to block a VLAN across the LAG which would end the logical loop problems.
    It looks like his advice is to make the LAG into a trunk, and then block specific VLAN's from transiting it, but in trunk mode, I can't assign it an IP, so I am sorta wondering how exactly you transport packets across it.
    Can you confirm that his advice is in fact incorrect?
    If MSTP is my only route, then I suppose it's time to dig into the docs and see If I cant get it up and running.

  • What quality loss is there when cam videos are compressed sent over email?

    What quality loss is there when sending videos taken with the iPhone 3GS over email? It seems that it's being compressed in preparation for being sent over email.

    Hi Ric,
    The Canopus ADVC-100 works fine with FCE. Here are a few tips -
    First, make sure you only connect or disconnect it from your Mac when both your Mac and the ADVC-100 are turned off. Make sure that your camera video-out is connected to the s-video port on the front of the ADVC-100. Ditto for the audio connections. Only DIP switch 2 (IRE level) should be in the ON position. Connect a FW cable from your Mac to the 6-pin FW port on the back of the ADVC-100.
    Second, once they are connected via FW, make sure the ADVC is turned on and actually in analog-in mode before you start FCE. I have often found the ADVC-100 resets this mode by itself after being turned off or idle for an extended time. (All you need to do is hit the silver button once or twice, depending on the current mode, in order to switch it into Analog-in mode.) If it is not in this mode, FCE will not detect the ADVC and will act as if there is no device connected. (Normally there is a warning message if FCE fails to find a camera or ADVC connected however if you turned off that message at some earlier time you would not see it again.)
    Third, you can use either the DV-NTSC or DV Converter easy setup in FCE. I have used both with my ADVC-100 and they both work.

  • LMS4.1: blocking Topology Spanning Tree View

    Hello,
    After selecting a VLAN in Topology's Spanning Tree View to want see forwarding and blocked ports, all TopologyView Windows hangs for ever (>15min, reproduceable). The cancel button doesnt work, killing from task manager is the only possibility to stop.
    The managed network is a Multiple Spanning tree where a HP device is the root bridge for migration reasons.
    Steffen

    Sorry but that's not a currently offered feature.
    It would be nice - the Netsys product that Cisco acquired 18-1/2 years ago (and subsequently abandoned) used to do this quite nicely.

  • Spanning tree and blocked ports

    Hello
    I have a network built with 5 3560 switches. They are linked together over 6 fiber gigabit links. Two of them are for redundancy. I set up STP and all works fine. STP root is on the same switch for all VLANs.
    But I'm wondering why blocked links are only show state blocked on one of the two connected switches. I've read the docu but didn't found a hint.
    Thanks for any comment.
    Thomas

    I guess your question in fact translates to: why is there only one side of my redundant link that is blocking instead of both ends. There are several possible answers to that:
    First, because blocking one side is enough;-)
    But the an explanation I prefer is to remind that STP cannot know that this link is a fiber going to a single neighbor bridge. This link could be connected to a hub, where on the top of the neighboring bridge there would be some hosts (PCs, routers etc...). To put it short, STP must provide connectivity to this link. That's why *every* link has a designated port that connects it to the root bridge.
    Hope this helps;-)
    Francois

  • Triangle Link - Spanning Tree

    Hi All,
    We tried to create a redudancy link between 3 building. When we connect the 3rd link (Red Line) and keep receiving the following error message.
    *Nov  3 19:27:44.932: %SW_MATM-4-MACFLAP_NOTIF: Host 6c41.6a13.3580 in vlan 17 is flapping between port Gi4/0/44 and port Gi1/1/1
    *Nov  3 19:27:44.957: %SW_MATM-4-MACFLAP_NOTIF: Host 001e.0b66.8561 in vlan 19 is flapping between port Gi4/0/44 and port Gi1/1/1
    *Nov  3 19:27:44.965: %SW_MATM-4-MACFLAP_NOTIF: Host 88ae.1dad.2fd3 in vlan 19 is flapping between port Gi1/0/4 and port Gi1/1/1
    *Nov  3 19:27:45.032: %SW_MATM-4-MACFLAP_NOTIF: Host 0013.2304.49f6 in vlan 25 is flapping between port Gi1/1/1 and port Gi4/0/44
    *Nov  3 19:27:45.074: %SW_MATM-4-MACFLAP_NOTIF: Host 0013.2304.4a1b in vlan 25 is flapping between port Gi1/1/1 and port Gi4/0/44
    *Nov  3 19:27:45.091: %SW_MATM-4-MACFLAP_NOTIF: Host a01d.48b7.dcdb in vlan 19 is flapping between port Gi4/0/44 and port Gi3/0/28
    *Nov  3 19:27:45.166: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.569e.6d67 in vlan 2 is flapping between port Gi4/0/44 and port Gi1/1/1
    *Nov  3 19:27:45.234: %SW_MATM-4-MACFLAP_NOTIF: Host 0013.2307.764a in vlan 25 is flapping between port Gi1/1/1 and port Gi4/0/44
    *Nov  3 19:27:45.275: %SW_MATM-4-MACFLAP_NOTIF: Host 28d2.4476.172f in vlan 17 is flapping between port Gi4/0/44 and port Gi1/1/1
    I cannot figure out what is wrong with the setting. Any advise?

    Hey,
    I suggest locating the original location of any of these machines from SW85 and then start looking the STP port states in other direction.
    Say originally users are reachable over link G3/1/1 so ideally as per STP link G4/0/44 needs to be blocking for these user/vlans. Keep tracing the spanning tree port states over the other link and i am sure you will find something useful.
    HTH.
    Regards,
    RS.

  • VTP Advertisements

    Is there any way to turn off VTP advertisements - kind of like the way with trunk negotiation by setting both end of the link to "on" ?
    I checked several websites with the client, server, and transparent modes and have no luck. Thanks for your assistance.

    IOS does not have the off mode yet (it's coming soon though). Your only solution is the transparent mode, where no VTP packets are created by the switch but where it still flood the one it receives.
    Note that a switch in transparent mode uses the spanning tree for vlan 1 to flood the VTP packet it receives, so removing vlan 1 from the trunks should roughly achieve what the off mode does.
    Regards,
    Francois

Maybe you are looking for