10 Replies Latest reply: Nov 7, 2019 10:30 PM by Parvesh RSS

    VTP Pruning

    Michal P

      Hello!

      During studying about VTP I've got a question about pruning. Unfortunately I can't check it with Packet Tracer. What about when we e.g. we send ARP broadcast from PC2 to search PC1 and we have enabled pruning. Unluckily we used on Switch1 only VLAN 20. Following pruring mechanizm we shouldn't get broadcast to Switch1, going forward we can't find PC1 because it can't get through Switch1 to Switch3. What do you think about it?

       

        • 1. Re: VTP Pruning
          Ing_Percy

          Hi!

           

          The VTP pruning will be effective in the connections between Switch0 - Switch2 - Switch4. In this case, the traffic for vlan 20 doesn't pass through these connections because no hosts in vlan 20. Now, you can have connectivity between PC1 and PC2 (in the same vlan 10). All switches in your topology will have the same vlans (10 and 20) through VTP server.

           

          Regards!

          • 2. Re: VTP Pruning
            Michal P

            Thanks for getting in touch!

             

            I know that they will have the same vlans and the connection between Switch0 and Switch4 will be ok. But I have in mind when pruning is ON switch3 shoudn't get ARP broadcast to the PC1 from PC2 because Switch1 don't have any port in VLAN 10. This packet shoudn't be let throught the pruring.

            • 3. Re: VTP Pruning
              Ing_Percy

              Hi!

               

              Your Switch3 and Switch1 learn both vlans 10 and 20, but because of trunking the switch1 learns the mac address of PC1, for that reason, there is a detection of mac-address of device in vlan 10, for that reason, it can't be pruned.

               

              In case of Switch2 is similar, because of the trunking, it learns the mac-address of PC2 in vlan 10 and for that reason, it can't be pruned in vlan 10, the prune is apply in vlan 20 because, there aren't mac-addresses learned in vlan 20.

               

              Regards!

              • 4. Re: VTP Pruning
                Michal P

                Thanks very much for your response!

                • 5. Re: VTP Pruning
                  Ing_Percy

                  Hi!

                   

                  Here is another example that could help you

                  vtp-pruned.JPG

                  Regards!

                  • 6. Re: VTP Pruning
                    Michal P

                    I have seen that picture before. But without VLAN spliting.

                     

                    Thanks again!

                    • 7. Re: VTP Pruning
                      Steven Davidson

                      I don't think it has anything to do with whether or not Switch1 is learning mac addresses.  The decision to prune or not to prune doesn't relate to mac address learning as far as I know.  If a switch has a port in a forwarding state for a given VLAN then it will request that VLAN.  The reason why it would still work, with pruning enabled and even though Switch1 doesn't have any end stations attached to VLAN 10, is because Switch3 does have end stations attached to VLAN 10.  Therefore Switch3 will request VLAN 10 from Switch1.  Because Switch1 now has to forward VLAN 10 down to Switch3, Switch1 also has something attached to VLAN 10....Switch3!  So Switch1 now has to ask Switch0 for VLAN 10.  If you look at a pcap of the messages you'll see that it is just a VTP message that includes a byte per every 8 VLANs with a bit set to 1 if the VLAN is required and 0 if it is not.

                      • 8. Re: VTP Pruning
                        Ing_Percy

                        Hi!

                         

                        For clearing, I explained the process of communication between PC1 and PC2 with the corresponding learning of mac addresses in the switches. I don't explain the specific procedure of VTP pruning applied in switches. In spanish I could explain better, but here is a good blog that explain about VTP pruning:

                         

                        VTP Pruning

                        Vlan Trunking Protocol offers one more interesting feature called: PRUNING. It allows the switches to communicate over trunks which VLAN traffic should not be sent down from the upstream switch. Consider the Pic. 3 below:

                        VTP-Pruning.png

                        If SW1 is sending broadcast from VLAN 10, the frames will be flooded out of all active ports in VLAN 10 as well as the trunking ports. Recall, that the ports in the trunking mode are multi VLAN ports allowing ALL of them by default (VLANs 1-4094). SW2 receives the broadcast from VLAN 10, on its interface F0/13, but then realizes, that currently there are NO members of VLAN 10 connected to any of its ports.

                         

                        When VTP Pruning is enabled, SW2 will inform SW1 (pic. 3), that it does not want to receive traffic from VLAN 10. Should you connect at least one host to VLAN 10 to SW2 though, it will send another request, that VLAN 10 be on longer pruned on SW1 trunk port F0/13. It happens automatically without any further configuration.


                        Source: Lesson 18 - VTP and VLAN Quiz | Abi Paudel's

                         

                        Sincerely, I didn't see VTP applies in real switches in companies of my country. but It is important learning for the current CCNA R&S exam. You can continue investigating with captures using Wireshark as Steven mentioned to verify in real devices or GNS3.

                         

                        Regards!

                        • 9. Re: VTP Pruning
                          Michal P

                          ing_percy

                           

                          Thank You guys a lot for spending time until I got know well pruning.

                           

                          Regards!

                          • 10. Re: VTP Pruning
                            Parvesh

                            Michal P wrote:

                            we used on Switch1 only VLAN 20. Following pruring mechanizm we shouldn't get broadcast to Switch1,

                            Using a particular vlan on switch still allows trunks with all vlans. That means switch1 will receive the packets for all vlans. 

                             

                            Switch 1 and Switch 3 - still have vlan 10 allowed and a PC connected, it should allow the communication. The job is to simply ingress tagged traffic from switch0 and pass it to switch3 over trunks. Default is to allow all vlans. But switch1 must have the vlan 10 on it. PT lab can help.

                             

                            Michal P wrote:

                            going forward we can't find PC1 because it can't get through Switch1 to Switch3. What do you think about it?

                             

                            Switch1 must have vlan 10 on it.

                             

                            Thanks Ing_Percy and Steven for descriptive explanation.