defect.ch - Wiki

User Tools

Site Tools

You are here: defect.ch - Wiki » Operating Systems » IOS » vlan.dat Internals
os:ios:vlan.dat

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
os:ios:vlan.dat [2016-11-15 23:52] rootos:ios:vlan.dat [2023-01-04 17:45] (current) Manuel Frei
Line 1: Line 1:
-====== vlan.dat ======+====== vlan.dat Internals ======
  
-FIXME under construction...+I wrote a Python module/utility to parse vlan.dat files: https://github.com/frei-style/vlandat 
 + 
 +This page shows some information about the reverse engineering. 
 + 
 +===== About the File ===== 
 +On Cisco IOS the VLAN and VTP information is stored in the VLAN database. This database is represented as the file vlan.dat. 
 + 
 +<code> 
 +Switch#dir flash:/vlan.dat 
 +Directory of flash:/vlan.dat 
 + 
 +    2  -rwx        1164  Nov 19 2016 23:15:21 +02:00  vlan.dat 
 + 
 +27998208 bytes total (14103040 bytes free) 
 +</code> 
 + 
 +Some facts about the file: 
 +  * It stores between 4 (1, 1002-1005) and 1005 VLANs. If there are more, the configuration goes to the config file. 
 +  * If VTP mode is defined as transparent in the database and the config file and if the domain name matches, the VLAN information in the vlan.dat is ignored. 
 +  * vlan.dat is the default name. It can be changed with //vtp file <filename>//
 + 
 + 
 +Links: 
 +  * [[http://www.cisco.com/c/en/us/support/docs/switches/catalyst-2940-series-switches/109304-manage-vlandat.html|Managing vlan.dat in Cisco Catalyst Switches Running Cisco IOS Software]] 
 + 
 + 
 +===== Influence of VTP Configuration ===== 
 + 
 +>In VTP Server Mode, switch "saves VLAN configuration information in a file named vlan.dat in flash memory." 
 + 
 +>In VTP Client Mode, switch saves "VLAN information in RAM only, not stored in NVRAM or FLash memory; must be repopulated from a VTP server if switch is power-cycled." 
 + 
 +>In VTP Transparent Mode, switch saves VLAN configuration in NVRAM. 
 + 
 +//-- SWITCH (642-813) Student Guide Volume I//
  
 ===== Structure ===== ===== Structure =====
 +
 +There is no guarantee that the information in the following table is correct. It's based on some information I found on the internet and was extended by my own research and experiments.
 +
  
 ^ Offset ^ Bytes ^ Type    ^ IOS Name                 ^ Values ^ Notes                ^ ^ Offset ^ Bytes ^ Type    ^ IOS Name                 ^ Values ^ Notes                ^
Line 12: Line 49:
 | 00a    | 32    | string  | VTP Domain Name          | ascii, 0-32 chars | -                    | | 00a    | 32    | string  | VTP Domain Name          | ascii, 0-32 chars | -                    |
 | 02a    | 2     | :?:     | :?:                      | ? | | | 02a    | 2     | :?:     | :?:                      | ? | |
-| 02c    | 4     | int     | Configuration Revision   | <nowiki>0-2^31</nowiki> | <del>this may is only 4 bytes, like in the VTP network package</del> |+| 02c    | 4     | int     | Configuration Revision   | <nowiki>0-2^31</nowiki> | <del>this may is only 4 bytes, like in the VTP network package</del> //Max revision number is 2,147,483,648then counter will reset back to zero// -- [[https://www.coursehero.com/file/p6k41no/Max-revision-number-is-2147483648-then-counter-will-reset-back-to-zero-VLAN/|source]] |
 | 030    | 4     | int     | Local updater ID          | IP address        | | 030    | 4     | int     | Local updater ID          | IP address        |
 | 034    | 4     | int     | Last update on            | vlan interface with lowest number. :?: this may is only 2 bytes | | 034    | 4     | int     | Last update on            | vlan interface with lowest number. :?: this may is only 2 bytes |
Line 43: Line 80:
 | 0d9    | 1     | char    | Backup CRF Mode | 0 (disabled), 1 (enabled) | type must be trcrf | | 0d9    | 1     | char    | Backup CRF Mode | 0 (disabled), 1 (enabled) | type must be trcrf |
 | 0da    | 1     | char    | Remote SPAN | 0 (disabled), 1 (enabled) | | | 0da    | 1     | char    | Remote SPAN | 0 (disabled), 1 (enabled) | |
-| 0db    | 1     | char    | :?:         | :?:  | :?: I have no idea. I changed the value to 1 and 2 but I didn't notice some differences on the switch with the show command. |+| 0db    | 1     | char    | :?:         | :?:  | :?: I have no idea. I changed the value to 1 and 2 but I didn't notice any differences on the switch with the show command. |
 ^ Following Stuff is yet unknown ^^^^^^ ^ Following Stuff is yet unknown ^^^^^^
 | ...    | :?:   | :?:     | :?: | :?: | :?: Looks like garbage, will be harder to figure that out. | | ...    | :?:   | :?:     | :?: | :?: | :?: Looks like garbage, will be harder to figure that out. |
  
-//The initial data for this table is from a blog post of Chris Welsh ([[https://rednectar.net/2010/12/06/decoding-vlan-dat/|decoding vlan.dat]]). Thank you.//+//The initial data for this table is from a blog post of Chris Welsh ([[https://rednectar.net/2010/12/06/decoding-vlan-dat/|decoding vlan.dat]]).//
  
 +
 +
 +===== Information in IOS =====
 +
 +Here will be shown, how the information in the VLAN database can be displayed with IOS commands.
 +
 +==== VLAN Information ====
 +
 +<code>
 +affe#sh vl
 +
 +VLAN Name                             Status    Ports
 +---- -------------------------------- --------- -------------------------------
 +1    default                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4, 
 +                                                Gi1/0/22, Gi1/0/23, Gi1/0/25, Gi1/0/26
 +3    VLAN0003                         active
 +5    VLAN0005                         active
 +50   Affe                             active
 +52   Banane                           active    Gi1/0/13, Gi1/0/14
 +915  Entensuppe                       active
 +1002 fddi-default                     act/unsup
 +1003 token-ring-default               act/unsup
 +1004 fddinet-default                  act/unsup
 +1005 trnet-default                    act/unsup
 +
 +VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
 +---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
 +1    enet  100001     1500  -      -      -        -    -        0      0
 +
 +VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
 +---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
 +3    enet  100003     1500  -      -      -        -    -        0      0
 +5    enet  100005     1500  -      -      -        -    -        0      0
 +50   enet  100050     1500  -      -      -        -    -        0      0
 +52   enet  100052     1500  -      -      -        -    -        0      0
 +915  enet  100915     1500  -      -      -        -    -        0      0
 +1002 fddi  101002     1500  -      -      -        -    -        0      0
 +1003 tr    101003     1500  -      -      -        -    srb      0      0
 +1004 fdnet 101004     1500  -      -      1        ieee -        0      0
 +1005 trnet 101005     1500  -      -      1        ibm  -        0      0
 +
 +
 +Remote SPAN VLANs
 +------------------------------------------------------------------------------
 +
 +
 +Primary Secondary Type              Ports
 +------- --------- ----------------- ------------------------------------------
 +
 +
 +</code>
 +
 +==== VTP Configuration / Status ====
 +
 +<code>
 +affe#sh vtp status
 +VTP Version capable             : 1 to 3
 +VTP version running             : 1
 +VTP Domain Name                 : ENTENSUPPE
 +VTP Pruning Mode                : Disabled
 +VTP Traps Generation            : Disabled
 +Device ID                       : a2a3.2b63.ef21
 +Configuration last modified by 192.168.2.230 at 10-21-16 16:41:50
 +Local updater ID is 192.168.1.200 on interface Vl1 (lowest numbered VLAN interface found)
 +
 +Feature VLAN:
 +--------------
 +VTP Operating Mode                : Server
 +Maximum VLANs supported locally   : 255
 +Number of existing VLANs          : 42
 +Configuration Revision            : 321
 +MD5 digest                        : 0x00 0x11 0x22 0x33 0x44 0x55 0xE4 0x66
 +                                    0x77 0x88 0x99 0xAA 0xBB 0xCC 0xDD 0xEE
 +</code>
 +
 +----
 +----
 +----
 +----
  
 ==== Notes About Missing Parts ==== ==== Notes About Missing Parts ====
Line 54: Line 170:
 === Garbage === === Garbage ===
  
-There is some garbage at the end of the file. Marco Rizzi ([[http://rizzitech.blogspot.ch/2010_08_01_archive.html|Playing with vlan.dat]]) assumes, that it's additional information about FDDI/Token Ring vlans. I think he's right.+There is some garbage at the end of the file. Marco Rizzi ([[http://rizzitech.blogspot.ch/2010_08_01_archive.html|Playing with vlan.dat]], the blog post was deleted unfortunately. It's available via Web Archive: [[https://web.archive.org/web/20150115040419/http://rizzitech.blogspot.com/2010/08/playing-with-vlandat.html|WebArchive]]) assumes, that it's additional information about FDDI/Token Ring vlans. I think he's right.
  
 I deleted the vlan.dat and reloaded the switch to get this clean config: I deleted the vlan.dat and reloaded the switch to get this clean config:
Line 226: Line 342:
  
  
-===== Information in IOS ===== 
- 
-==== VLAN Information ==== 
- 
-<code> 
-affe#sh vl 
- 
-VLAN Name                             Status    Ports 
----- -------------------------------- --------- ------------------------------- 
-1    default                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4,  
-                                                Gi1/0/22, Gi1/0/23, Gi1/0/25, Gi1/0/26 
-3    VLAN0003                         active 
-5    VLAN0005                         active 
-50   Affe                             active 
-52   Banane                           active    Gi1/0/13, Gi1/0/14 
-915  Entensuppe                       active 
-1002 fddi-default                     act/unsup 
-1003 token-ring-default               act/unsup 
-1004 fddinet-default                  act/unsup 
-1005 trnet-default                    act/unsup 
- 
-VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2 
----- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 
-1    enet  100001     1500  -      -      -        -    -        0      0 
- 
-VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2 
----- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 
-3    enet  100003     1500  -      -      -        -    -        0      0 
-5    enet  100005     1500  -      -      -        -    -        0      0 
-50   enet  100050     1500  -      -      -        -    -        0      0 
-52   enet  100052     1500  -      -      -        -    -        0      0 
-915  enet  100915     1500  -      -      -        -    -        0      0 
-1002 fddi  101002     1500  -      -      -        -    -        0      0 
-1003 tr    101003     1500  -      -      -        -    srb      0      0 
-1004 fdnet 101004     1500  -      -      1        ieee -        0      0 
-1005 trnet 101005     1500  -      -      1        ibm  -        0      0 
- 
- 
-Remote SPAN VLANs 
------------------------------------------------------------------------------- 
- 
- 
-Primary Secondary Type              Ports 
-------- --------- ----------------- ------------------------------------------ 
- 
- 
-</code> 
- 
-==== VTP Configuration / Status ==== 
- 
-<code> 
-affe#sh vtp status 
-VTP Version capable             : 1 to 3 
-VTP version running             : 1 
-VTP Domain Name                 : ENTENSUPPE 
-VTP Pruning Mode                : Disabled 
-VTP Traps Generation            : Disabled 
-Device ID                       : a2a3.2b63.ef21 
-Configuration last modified by 192.168.2.230 at 10-21-16 16:41:50 
-Local updater ID is 192.168.1.200 on interface Vl1 (lowest numbered VLAN interface found) 
- 
-Feature VLAN: 
--------------- 
-VTP Operating Mode                : Server 
-Maximum VLANs supported locally   : 255 
-Number of existing VLANs          : 42 
-Configuration Revision            : 321 
-MD5 digest                        : 0x00 0x11 0x22 0x33 0x44 0x55 0xE4 0x66 
-                                    0x77 0x88 0x99 0xAA 0xBB 0xCC 0xDD 0xEE 
-</code> 
  
  
os/ios/vlan.dat.1479250340.txt.gz · Last modified: 2016-11-15 23:52 by root