VLANs Allowed on Trunk

rob42

Could someone please explain to me what it is I'm missing regarding VLANs Allowed on Trunk.

I'm studying from the W. Odom book ICND1 100-101: Chapter 9.

On page 255, there's a sample output which reinforces the text regarding the 'allowed VLAN list' feature, which sates "By default, switches include all possible VLANs (1-4094) in each trunk's allowed VLAN list."

The examples are using 2960 switches.

Using CPT (7), I've setup two 2960 switches with a cross-over cable linking the Gig0/1 ports.

On one switch I've done the following, and the other I've left as the default mode; dynamic auto.



Switch#show interfaces trunk


Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#interface gi0/1
Switch(config-if)#switchport mode dynamic desirable
Switch(config-if)#end


Switch#show in gig0/1 switchport
Name: Gig0/1
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none


Switch#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Gig0/1 desirable n-802.1q trunking 1

Port Vlans allowed on trunk
Gig0/1 1-1005

Port Vlans allowed and active in management domain
Gig0/1 1

Port Vlans in spanning tree forwarding state and not pruned
Gig0/1 1

Switch#


A couple of questions; why do I have only 1-1005 Vlans allowed, rather than 1-4096 and what is the meaning of the prefix 'n-' with the 802.1q encapsulation?

I can't see what it is that I've not done, or done wrong...

Thanks.

clarson

the "n-" means that the trunking protocol 802.1q was negotiated.

you aren't seeing extended vlan id's.
could be because:
the version of the ios doesn't support them
the version of VTP that is running doesn't support them
the version of Packet Tracer doesn't support them

see if you can create an extended vlan
(config) vlan 1111

Let us know what happens.

rob42

Thanks for your explanation: I've been driving myself batty trying to figure out what it is that I'm not getting!

I've done as you suggested...
Switch(config)#vlan 1111

% Invalid input detected at '^' marker.

The '^' marker being under the 1st '1'

So I then did...

Switch(config)#vlan ?
<1-1005> ISL VLAN IDs 1-1005
Switch(config)#vlan

Also...

Switch#show interfaces vlan ?
<1-1005> Vlan interface number
Switch#show interfaces vlan

I didn't think that CPT V7, with 2960 switches would be anything other than up-to-date.

I've got a couple of 2950 switches, a 2600 Router and a C880 Router/Switch as my lab set-up, but I've yet to get my Lab up-and-running, preferring to use CPT (call me lazy!). When I do, it'll be interesting to run this on the lab.

Cheers for your help.

Simrid

There's quite a few possibilities of why you may be experiencing these issues.

I would start by verifying your VTP mode set to. It is quite likely that it is set to server, which means that you should be using VTPv3 for extended vlan support. Please could you try this and post the output?:

switch#show vtp status
switch(config)#vtp version 3
switch(config)#vlan 2000

rob42

Thanks for your post.

I've done as you have asked and have documented the results...

Switch#show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)

Switch(config)#vtp version 3

% Invalid input detected at '^' marker. {The '^' marker being under the '3'}

Switch(config)#vtp version ?
<1-2> Set the adminstrative domain VTP version number
Switch(config)#vtp version

I think I can see what you're driving at; looking at my notes I see that if a Switch is in 'VTP server mode', only the standard rage of VLANs (1-1005) may be configured, and in 'client mode', VLANs can't be configured at all.

So, I issued this command...

Switch(config)#vtp mode transparent

... effectively disabling VTP, (correct?) as the only options I have are...

Switch(config)#vtp mode ?
client Set the device to client mode.
server Set the device to server mode.
transparent Set the device to transparent mode.

Then...

Switch(config)#do show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Transparent
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0x0D 0x15 0x4B 0xF2 0xAC 0x5E 0xFA 0x95
Configuration last modified by 0.0.0.0 at 3-1-93 00:04:37

Switch(config)#vlan ?
<1-1005> ISL VLAN IDs 1-1005
Switch(config)#vlan

Thanks for making we aware of VTPv3. I'd not come across that until I read your post. In the book that I'm using for my studies, I'm advised to 'ignore VTP for your switch configuration for the CCENT and CCNA exam.'

MAC_Addy

I know some older models of switches only have two versions of VTP. Also, a bit of real-world experience for you - I have found that sometimes when you add a VLAN on a production switch - even when the command "switchport trunk vlan allowed all" it doesn't always add the newest. I have found you have to use "switchport trucnk vlan allowed add xx".

rob42

That's an interesting little nugget - thank you.