VTP Pruning Removing Active VLAN from Trunk
Presenting Symptom
A trunk port between two switches stops carrying traffic for a specific VLAN, even though the VLAN is configured on both switches and the trunk is up.
Network Context
This scenario occurs in a small enterprise campus network with two Cisco Catalyst 2960 switches running IOS 15.0. VTP version 2 is configured with a VTP domain 'CAMPUS' and VTP pruning enabled. The network has multiple VLANs, and the trunk link between the switches is configured as a 802.1Q trunk. The problem is observed when a new VLAN is added to the VTP database on the VTP server, but the trunk port on the client switch does not forward traffic for that VLAN.
Diagnostic Steps
Check trunk status and allowed VLAN list
show interfaces trunkPort Mode Encapsulation Status Native vlan Gi0/1 on 802.1q trunking 1 Port Vlans allowed on trunk Gi0/1 1-1005 Port Vlans allowed and active in management domain Gi0/1 1-100 Port Vlans in spanning tree forwarding state and not pruned Gi0/1 1-100
Look at the 'Vlans allowed and active in management domain' line. If the VLAN in question is missing from this list, it may be pruned by VTP pruning. Compare with 'Vlans allowed on trunk' to see if the VLAN is allowed but pruned.
Verify VTP status on both switches
show vtp statusVTP Version : 2 Configuration Revision : 10 Maximum VLANs supported locally : 1005 Number of existing VLANs : 10 VTP Operating Mode : Server VTP Domain Name : CAMPUS VTP Pruning Mode : Enabled VTP V2 Mode : Enabled VTP Traps Generation : Disabled MD5 digest : 0x12 0x34 0x56 0x78 ... Configuration last modified by 0.0.0.0 at 3-1-93 00:00:00 Local updater ID is 0.0.0.0 (no valid interface found)
Check that VTP pruning is enabled on both switches. Also note the configuration revision number; if it is higher on the server, the client should synchronize. If pruning is enabled, VTP will automatically prune VLANs that are not active on any port in the VTP domain.
Check VLAN database on the client switch
show vlan briefVLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi0/2, Gi0/3 10 Sales active 20 Engineering active 30 Marketing active 100 NewVLAN active
Verify that the VLAN in question (e.g., VLAN 100) exists and is active on the client switch. If the VLAN is not present, VTP may not have propagated it, or the client may be in transparent mode. If the VLAN is present but not assigned to any access port, VTP pruning will remove it from the trunk.
Check which VLANs are pruned on the trunk
show interfaces trunkPort Vlans allowed on trunk Gi0/1 1-1005 Port Vlans allowed and active in management domain Gi0/1 1-100 Port Vlans in spanning tree forwarding state and not pruned Gi0/1 1-100
Focus on the 'Vlans in spanning tree forwarding state and not pruned' line. If the VLAN is missing from this list but present in the 'allowed and active' list, it is being pruned by VTP pruning. This indicates that no access port on the client switch is assigned to that VLAN.
Root Cause
VTP pruning is enabled on the VTP domain, and the VLAN in question (e.g., VLAN 100) is not assigned to any access port on the client switch. VTP pruning automatically removes VLANs from trunk links if they have no active ports in the VLAN on the downstream switch, to conserve bandwidth. This is a normal behavior of VTP pruning, but it can be mistaken for a misconfiguration if the engineer expects the VLAN to be forwarded across the trunk even without local ports.
Resolution
Verification
After assigning VLAN 100 to an access port, verify that the trunk now includes VLAN 100 in the pruned list: show interfaces trunk Expected output: Port Vlans in spanning tree forwarding state and not pruned Gi0/1 1-100, 100 Also verify that traffic for VLAN 100 can pass the trunk by pinging a device in VLAN 100 across the trunk.
Prevention
["Understand that VTP pruning automatically removes VLANs from trunks if no active ports exist in that VLAN on the downstream switch. Plan VLAN assignments accordingly.","Use VTP transparent mode or disable VTP pruning if you need to forward all VLANs across trunks regardless of local port assignments.","Document VLAN-to-port mappings to avoid unexpected pruning behavior."]
CCNA Exam Relevance
On the CCNA 200-301 exam, VTP pruning is a topic that may appear in troubleshooting scenarios or multiple-choice questions. The exam tests understanding of how VTP pruning works and its impact on trunk VLAN lists. A typical question might show a 'show interfaces trunk' output and ask why a VLAN is missing from the forwarding list. The key fact is that VTP pruning removes VLANs from trunks when no active ports exist in that VLAN on the downstream switch.
Exam Tips
Remember that VTP pruning only affects VLANs that are not active on any port in the downstream switch; it does not affect VLANs that are allowed but pruned.
On the exam, look for the 'Vlans in spanning tree forwarding state and not pruned' line in 'show interfaces trunk' output to identify pruned VLANs.
Know that disabling VTP pruning globally or per trunk can resolve the issue, but the recommended practice is to assign the VLAN to a port if it needs to be forwarded.
Commands Used in This Scenario
show interfaces trunk
Displays trunk interface status, allowed VLANs, and pruning information for all trunk ports on a Cisco switch, used to verify trunking configuration and VLAN membership.
show vlan brief
Displays a summary of all VLANs configured on the switch, including VLAN ID, name, status, and ports, used to quickly verify VLAN configuration and port assignments.
Test Your CCNA Knowledge
Practice with scenario-based questions to prepare for the CCNA 200-301 exam.
Practice CCNA Questions