Extending a VLAN between different VTP domains

Unanswered Question
Oct 3rd, 2007
User Badges:

Hi, I have two sites connected via fiber (10km apart). SiteB uses SiteA for it's WAN (internet) connection. They both have different VLANs on either side of the connection. I want to bring another building online at SiteB, but connect it on vlan 200 from SiteA. Is there a way to extend vlans across sites with different VTP domains, perhaps by routing them. See diagram for topology.


Cheers

M



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Edison Ortiz Wed, 10/03/2007 - 14:39
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You can't extend your Layer2 topology over the WAN if the remote location does not have the same VTP domain.


The same logic applies if you were to add a switch in your local site and this switch has a different VTP domain. Would the switch receive the VTP database from your environment ? The answer is no.


You should think about your design as if you were to add a new set of switches in your local site.


Looking at your diagram, I recommend implementing Layer3 links between sites and configure a dynamic routing protocol to advertise the Vlans from each location.


For instance:


SiteA-r1


interface g0/2

no switchport

ip address 10.10.226.33 255.255.255.252


router eigrp 100

network 10.10.226.33 0.0.0.0

redistribute connected route-map CONNECTED->EIGRP metric 1 1 1 1 1

no auto-summary


route-map CONNECTED->EIGRP

match interface Vlan100 Vlan200 Vlan300 Vlan400


SiteB-s1


interface g1/0/1

no switchport

ip address 10.10.226.34 255.255.255.252


interface port-channel 1

no switchport

ip address 10.10.226.37 255.255.255.252


interface f1/0/24

no switchport

channel-group 1 mode desirable


interface f1/0/22

no switchport

channel-group 1 mode desirable



router eigrp 100

network 10.10.226.34 0.0.0.0

network 10.10.226.37 0.0.0.0

redistribute connected route-map CONNECTED->EIGRP metric 1 1 1 1 1

no auto-summary


route-map CONNECTED->EIGRP

match interface Vlan500 Vlan600 Vlan700 Vlan800


SiteB-r1



interface port-channel 1

no switchport

ip address 10.10.226.38 255.255.255.252


interface f0/0

no switchport

channel-group 1 mode desirable


interface f0/1

no switchport

channel-group 1 mode desirable



router eigrp 100

network 10.10.226.38 0.0.0.0

no auto-summary



HTH,



mduhra Wed, 10/03/2007 - 15:19
User Badges:

Thanks for the quick response.


Forgot to mention the customer is actually running OSPF as the routing protocol and IP's on the different networks are pingable.


Could I possibly create another vtp domain at SiteB and call it "SiteA", will it propagate properly if routing is setup?


What I'm worried about is are there any potential issues having vlan 200 at both sites.


Sorry, L3 background is still a bit limited.


Cheers!

Edison Ortiz Wed, 10/03/2007 - 15:28
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You can use OSPF as the dynamic routing protocol, I don't see a problem with that.


You can't create multiple VTP domains in a switch. You can change the VTP domain on SiteB to SiteA and it will overwrite SiteB's Vlans (500-800) since SiteA has a higher revision number.


I much prefer you go with the L3 point-to-point and leave each location with their own L2 Vlans. With L3 Point-to-Point, you don't have to worry about STP or someone creating/deleting Vlans that may affect a remote site.

Francois Tallet Wed, 10/03/2007 - 15:39
User Badges:
  • Gold, 750 points or more

I'm confused by the worry about VTP in particular. You can have bridging even without VTP interaction. Sure, a trunk will not negotiate automatically between different VTP domains, but that's about all the nasty effect that VTP (or the lack of) can have on your setup;-) If vlan 200 exist on both sides and you want to bridge over your WAN, it does not matter whether vlan 200 was declared using VTP or not. The real concern (as the previous poster mentioned) is whether you want to extend your L2 domain over your WAN imo.

Regards,

Francois

Actions

This Discussion