Run VTP or Not in a new Network Setup

Unanswered Question
Oct 21st, 2008
User Badges:

We're in the process of setting up new data center and thinking about not running VTP. I was curious to see what other are doing. We had a large L2 network with lots of VLAN and 3560s as top of the rack switches and had lots of issues because of people not prunning properly and running out of STP instances on these small switches. now that we're setting up new VSS env, we're thinking about not running VTP at all. Any input comments will be appreciated. Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Tue, 10/21/2008 - 23:29
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

It really boils down to management issues if you do not run VTP or you run all switches in VTP transparent mode. Once the data centre has been setup how often do you think you will need to add or delete existing vlans ?

Not running VTP server/client mode is more secure and in a data centre that is often important in those environments. And there is always the possibility with server/client mode of overwriting the existing vlan database.

As for running out of STP instances if you have that many vlans you may well want to look into MST which would significantly cut down on the number of instances in your environment. A lot depends on your topology layout.

Having said all that i have run server/client in data centres with no problems.


glen.grant Wed, 10/22/2008 - 03:24
User Badges:
  • Purple, 4500 points or more

You probably ran into stp instance problems because you allowed all vlans across your trunks. If you had "manually" pruned , "not vtp pruning" off the unneeded vlans you would not have run into this .People tend to just do "switchport mode trunk" then never manually prune anything off so the switch has to create a stp instance for every vlan that is allowed on that trunk . It depends on how many switches are involved and if you feel you have to have a given vlan across many switches or not then this gets time consuming and server/.client works well. We have run 2950's in a server /client setup where we have maybe had 90 vlans on the server and the 2950 only supports 64 but if you manually prune unneeded vlans from crossing that trunk it works fine. If you are only going to have like 4or 5 switches in your environment then transparent might be adequate.

singh.andy Wed, 10/22/2008 - 08:04
User Badges:

We prune on the trunks, but that does not mean that VTP client will not get that VLAN in it's database. 65th vlan (in 2950s case) will not run spanning tree on these switches and you have to make sure it's pruned off of the trunks or you'll have a loop. If you run VTP transparent, the low end switches won't get the newley created vlan at all.

Joseph W. Doherty Wed, 10/22/2008 - 04:13
User Badges:
  • Super Bronze, 10000 points or more

You're thinking VSS and you have 3560s. You might also consider doing more routing in lieu of VLANs spanning everywhere.

singh.andy Wed, 10/22/2008 - 07:59
User Badges:

we thought about that as well...there some requirements like vmotion etc that require L2


This Discussion