I am redoing the network where I work and have been thinking heavily about either a transparent network or running server/client for VTP mode. I have read all the best practices telling me to use transparent. I have laid out the pros and cons but I still feel like server/client is the better way to go. The network setup that we have is 12 buildings in a town (I work for a school district) and 9 layer 3 switches throughout the district.
Thank you in advanced for your thoughts.
I'm a huge VTP Client/Server guy. Password protect it and make sure you have knowledgeable people installing your gear. Some of the pro's I like about it are; verifying your trunk links are working. If VTP propagates the VLANs to your client switches then you know your uplink/trunk is working appropriately. The other thing I like is the standardization. Adding VLANs per switch, there's more of a chance that you name a VLAN wrong, etc. More cosmetic sure, but it sure sucks when you look at your VLANs on a switch and it shows VLAN0008. If you want to be safe(r), crank your revision number up, add/delete a VLAN a couple times to get that revision number up there. Don't forget to enable pruning!
there are pros and cons of both (Transparent and Client-Server), In my view client-Server is better option. There is no need to worry too much about overwriting the vlan database when adding a new/old switch to the environment. You just to tighten up some controls like for example physical access, admin access, security and backup of vlan database.
Physical= who has access to comms rack etc..
admin= protect/limit administrator passwords, try using user based authentications, so you know who is responsible. ACS servers are excellant.
Security: vlan database can be password protected and i have always used this option and have never had any failure.
Backup= make a backup of vlan.dat file, it will come handy incase if you ever need it.
last thing in Client-server based model, you should always have at least 2 servers, in case if your 1 VTP server switch is failed, you have a server, and also it does not matter which VTP server switch you use to add/delete vlans, they will sync/update. You can also promote a client to be a server if needed as well as demote a VTP Server switch to be a client.
Hope this Helps