parameter to the maximum of 40 seconds. A physical port on a router or switch may be part of more than one spanning tree if it is a trunk. Note: VTP runs on Catalyst switches not routers. It is advisable to configure a Catalyst switch neighboring a router to operate in VTP transparent mode until Cisco supports VTP on its routers. The Spanning-Tree Protocol (STP) is considered one of the most important Layer 2 protocols on the Catalyst switches. By preventing logical loops in a bridged network, STP allows Layer 2 redundancy without generating broadcast storms. Minimize spanning-tree problems by actively developing a baseline study of the network. Web Links VLAN Tech Notes http://www.cisco.com/en/US/tech/
tk389/tk689/tech_tech_notes_list.html

---

Content 8.3 Troubleshooting VLANs 8.3.4 Troubleshooting VLANs The show and debug commands can be extremely useful when troubleshooting VLANs. Figure illustrates the most common problems found when troubleshooting VLANs. To troubleshoot the operation of Fast Ethernet router connections to switches, it is necessary to make sure that the router interface configuration is complete and correct. Verify that an IP address is not configured on the Fast Ethernet interface. IP addresses are configured on each subinterface of a VLAN connection. Verify that the duplex configuration on the router matches that on the appropriate port/interface on the switch. The show vlan command displays the VLAN information on the switch. Figure , displays the output from the show vlan command. The display shows the VLAN ID, name, status, and assigned ports. The CatOS show vlan keyword options and keyword syntax descriptions of each field are also shown. The show vlan displays information about that VLAN on the router. The show vlan command followed by the VLAN number displays specific information about that VLAN on the router. Output from the command includes the VLAN ID, router subinterface, and protocol information. The show spanning-tree command displays the spanning-tree topology known to the router. This command will show the STP settings used by the router for a spanning-tree bridge in the router and switch network. The first part of the show spanning-tree output lists global spanning tree configuration parameters, followed by those that are specific to given interfaces. Bridge Group 1 is executing the IEEE compatible Spanning-Tree Protocol. The following lines of output show the current operating parameters of the spanning tree: Bridge Identifier has priority 32768, address 0008.e32e.e600
Configured hello time 2, Max age 20, forward delay 15 The following line of output shows that the router is the root of the spanning tree: We are the root of the spanning tree. Key information from the show spanning-tree command creates a map of the STP network. The debug sw-vlan packets command displays general information about VLAN packets received but not configured to support the router. VLAN packets that the router is configured to route or switch are counted and indicated when using the show sw-vlan command.

---

Content 8.3 Troubleshooting VLANs 8.3.5 VLAN troubleshooting scenarios Proficiency at troubleshooting switched networks will be achieved after the techniques are learned and are adapted to the company needs. Experience is the best way of improving troubleshooting skills.Three practical VLAN troubleshooting scenarios referring to the most common problems will be described. Each of these scenarios contains an analysis of the problem to then solving the problem. Using appropriate specific commands and gathering meaningful information from the outputs, the progression of the troubleshooting process can be completed. Scenario 1: A trunk link cannot be established between a switch and a router. When having difficulty with a trunk connection between a switch and a router, be sure to consider the following possible causes:

1. Make sure that the port is connected and not receiving any physical-layer, alignment or frame-check-sequence (FCS) errors. This can be done with the show interface command on the switch.
2. Verify that the duplex and speed are set properly between the switch and the router. This can be done with the show int status command on the switch or the show interface command on the router.
3. Configure the physical router interface with one subinterface for each VLAN that will route traffic. Verify this with the show interface IOS command. Also, make sure that each subinterface on the router has the proper encapsulation type, VLAN number, IP address, and subnet mask configured. This can be done with the show interface or show running-config IOS commands.
4. Confirm that the router is running an IOS release that supports trunking. This can be verified with the show version command.

Scenario 2: VTP is not correctly propagating VLAN configuration changes. When VTP is not correctly affecting configuration updates on other switches in the VTP domain, check the following possible causes:

1. Make sure the switches are connected through trunk links. VTP updates are exchanged only over trunk links. This can be verified with the show int status command.
2. Make sure the VTP domain name is the same on all switches that need to communicate with each other. VTP updates are exchanged only between switches in the same VTP domain. This scenario is one of the most common VTP problems. It can be verified with the show vtp status command on the participating switches.
3. Check the VTP mode of the switch. If the switch is in VTP transparent mode, it will not update its VLAN configuration dynamically. Only switches in VTP server or VTP client mode update their VLAN configuration based on VTP updates from other switches. Again, use the show vtp status command to verify this.
4. If using VTP passwords, the same password must be configured on all switches in the VTP domain. To clear an existing VTP password, use the no vtp password password command on the VLAN mode.

Scenario 3: Dropped packets and loops. Spanning-tree bridges use topology change notification Bridge Protocol Data Unit packets (BPDUs) to notify other bridges of a change in the spanning-tree topology of the network. The bridge with the lowest identifier in the network becomes the root. Bridges send these BPDUs any time a port makes a transition to or from a forwarding state, as long as there are other ports in the same bridge group. These BPDUs migrate toward the root bridge. There can be only one root bridge per bridged network. An election process determines the root bridge. The root determines values for configuration messages, in the BPDUs, and then sets the timers for the other bridges. Other designated bridges determine the shortest path to the root bridge and are responsible for advertising BPDUs to other bridges through designated ports. A bridge should have ports in the blocking state if there is a physical loop. Problems can arise for internetworks in which both IEEE and DEC spanning-tree algorithms are used by bridging nodes. These problems are caused by differences in the way the bridging nodes handle spanning tree BPDU packets, or hello packets, and in the way they handle data. In this scenario, Switch A, Switch B, and Switch C are running the IEEE spanning-tree algorithm. Switch D is inadvertently configured to use the DEC spanning-tree algorithm. Switch A claims to be the IEEE root and Switch D claims to be the DEC root. Switch B and Switch C propagate root information on all interfaces for IEEE spanning tree. However, Switch D drops IEEE spanning-tree information. Similarly, the other routers ignore Router D's claim to be root. The result is that in none of the bridges believing there is a loop and when a broadcast packet is sent on the network, a broadcast storm results over the entire internetwork. This broadcast storm will