«

Hi all,

I'm playing with a Catalyst 3500 and a Cisco 877 tring to understand how the VTP pruning works.
I would like to see which tagged packets pass through the trunk link but I don't find out any useful command under the
debug menu.

Is there the possibility to do that?
And how?

TIA

Alex.

AM <> writes:
>I'm playing with a Catalyst 3500 and a Cisco 877 tring to understand how the VTP pruning works.
>I would like to see which tagged packets pass through the trunk link but I don't find out any useful command under the
>debug menu.
>Is there the possibility to do that?

show vlan
show int fastE 0/24 switchport

(or whatever your trunk port is on the switch).

Doug McIntyre wrote:
> AM <> writes:
>
>>I'm playing with a Catalyst 3500 and a Cisco 877 tring to understand how the VTP pruning works.
>>I would like to see which tagged packets pass through the trunk link but I don't find out any useful command under the
>>debug menu.
>>Is there the possibility to do that?
>
>
> show vlan
> show int fastE 0/24 switchport
>
> (or whatever your trunk port is on the switch).
>

Thank you Doug,

my first goal is to understand how pruning works. It is the next step after configuring VLANs manually. For that I can
use virtual interfaces and see whether the ping pass through or not.
But the pruning is quite a bit different, because as soon as an interface (either physical or virtual) is associated
with a VLAN the switch enable the trunk to allow tags associated with that VLAN to pass through the link.
So ping is not quite useful and I though to go just a layer below. I though I could enable a debug that told me "hey a
802.1q frame has arrived with tag number #" and so on.
As far as I can see there is no way to test the pruning method and I must rely on which the show commands say to me,
don't I?

Furthermore I thought I could use a device that broacasts tagged frames on all the interfaces it has (just as it is for
the hub that repeats all frames on all ports but the source) but I think such a device doesn't exist, does it? It could
exists just for test purposes...

As you can guess I would like to see by my eyes that what the book says is the truth

Anyway, thank you very much for you quick reply,

Alex.

AM wrote:

> Doug McIntyre wrote:
> > AM <> writes:
> >
> >>I'm playing with a Catalyst 3500 and a Cisco 877 tring to understand how the VTP pruning works.
> >>I would like to see which tagged packets pass through the trunk link but I don't find out any useful command under the
> >>debug menu.
> >>Is there the possibility to do that?
> >
> >
> > show vlan
> > show int fastE 0/24 switchport
> >
> > (or whatever your trunk port is on the switch).
> >
>
> Thank you Doug,
>
> my first goal is to understand how pruning works. It is the next step after configuring VLANs manually. For that I can
> use virtual interfaces and see whether the ping pass through or not.
> But the pruning is quite a bit different, because as soon as an interface (either physical or virtual) is associated
> with a VLAN the switch enable the trunk to allow tags associated with that VLAN to pass through the link.
> So ping is not quite useful and I though to go just a layer below. I though I could enable a debug that told me "hey a
> 802.1q frame has arrived with tag number #" and so on.
> As far as I can see there is no way to test the pruning method and I must rely on which the show commands say to me,
> don't I?
>
> Furthermore I thought I could use a device that broacasts tagged frames on all the interfaces it has (just as it is for
> the hub that repeats all frames on all ports but the source) but I think such a device doesn't exist, does it? It could
> exists just for test purposes...
>
> As you can guess I would like to see by my eyes that what the book says is the truth
>
> Anyway, thank you very much for you quick reply,

AH2-CORE2#sh int trunk

Port Mode Encapsulation Status Native vlan
Gi1/2 on 802.1q trunking 11
Gi4/1 desirable 802.1q trunking 1
Po1 desirable 802.1q trunking 2

Port Vlans allowed on trunk
Gi1/2 11
Gi4/1 5,21
Po1 2,5,11,14,21

Port Vlans allowed and active in management domain
Gi1/2 11
Gi4/1 5,21
Po1 2,5,11,21

Port Vlans in spanning tree forwarding state and not pruned
Gi1/2 11
Gi4/1 5,21
Po1 2,5,11,21

Does that help?

wrote:

>
> AH2-CORE2#sh int trunk
>
> Port Mode Encapsulation Status Native vlan
> Gi1/2 on 802.1q trunking 11
> Gi4/1 desirable 802.1q trunking 1
> Po1 desirable 802.1q trunking 2
>
> Port Vlans allowed on trunk
> Gi1/2 11
> Gi4/1 5,21
> Po1 2,5,11,14,21
>
> Port Vlans allowed and active in management domain
> Gi1/2 11
> Gi4/1 5,21
> Po1 2,5,11,21
>
> Port Vlans in spanning tree forwarding state and not pruned
> Gi1/2 11
> Gi4/1 5,21
> Po1 2,5,11,21
>
> Does that help?
>

Hi anybody43,

unfortunately that command is not supported on our 4006.
I believe Cisco COS provides all the tools needed to understand how their devices are working. But, let me say that,
sometimes you must already know both the theory and what the output of sh <command> means in order to understand what's
going on.
And when you study a topic for the first time you don't know which commands could help you and so my way of studying the
system is to treat it like it was a "black box" and in some way not trusting it.

Last question:

I saw that a switch doesn't forward 802.1Q frames (I thought the opposite but I was wrong). Can perhaps a hub help me?
Sorry I still want to proceed my way and to learn by my errors .
I'm going to use 3 straight-forward cables, 2 that connect the trunking ports to the hub and the third from the hub to a
PC with a 802.1Q sniffer installed on it.

Alex.

AM wrote:
> wrote:
>
> >
> > CORE2#sh int trunk
> >
> > Port Mode Encapsulation Status Native vlan
> >
>
> Hi anybody43,
>
> unfortunately that command is not supported on our 4006.
> I believe Cisco COS provides all the tools needed to understand how their devices are working. But, let me say that,
> sometimes you must already know both the theory and what the output of sh <command> means in order to understand what's
> going on.
> And when you study a topic for the first time you don't know which commands could help you and so my way of studying the
> system is to treat it like it was a "black box" and in some way not trusting it.

This approach will result in you becoming expert in the field.

>
> Last question:
>
> I saw that a switch doesn't forward 802.1Q frames (I thought the opposite but I was wrong). Can perhaps a hub help me?
> Sorry I still want to proceed my way and to learn by my errors .
> I'm going to use 3 straight-forward cables, 2 that connect the trunking ports to the hub and the third from the hub to a
> PC with a 802.1Q sniffer installed on it.

My guess is that a hub in not likely to help.

ask on comp.dcom.lans.ethernet.

This is because 802.1q frames are 4 bytes longer that the standard
alllows
and I guess that a hub will (OK may) not pass them through.

If you have a hub, worth a try though.

Cisco switches can I believe be thought of as dealing with 802.1q
frames as follows.

On entry to the switch the 802.1q header is stripped from the frame
however the
information contained within the header in some proprietary way remains

associated with the frame within the switch.

Various processing is carried out on the frame bearing in mind the
802.1q
information.

The frame then may be forwarded. In this case the 802.1q information
is then used to decide whether to create a new 802.1q header. For
example if the exit port is an "access" port then no header is needed
and a similar case exists if the frame is in the native vlan
of an exit trunk port.

Hope that helps.

There is now a lot of good material on the cisco web site.