cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1111
Views
8
Helpful
16
Replies

vtp and vlans

carl_townshend
Spotlight
Spotlight

Hi all

I have a quick few questions

With vtp, is the default mode server? if so If I plug another switch in the network will it have any effect or do they need to be in the same domain before anything happens? I have heard that its best to just use transparent everywhere.

Also with vlan trunking, is it best to manually prune vlans on the uplinks?

cheers

Carl

16 Replies 16

Roberto Salazar
Level 8
Level 8

With vtp, is the default mode server?

>>Yes.

if so If I plug another switch in the network will it have any effect or do they need to be in the same domain before anything happens?

>>The switches have to exchange VTP, they need to be in same domain to exchange VTP. And trunk have to be formed between them to exchange VTP.

I have heard that its best to just use transparent everywhere.

>>What you heard is true.

Also with vlan trunking, is it best to manually prune vlans on the uplinks?

>>IT is better to clear the vlans that does not need to propagate to the other switch across the trunk.

are they in a domain by default? if they are in a null domain by default, does this mean the switches will see each others vtp info or does a domain need to be set before they advertise vtp ?

By default, no damin name is set.

Domain name must be set in order to pass vtp info.

True, by default no domain name is set. However, if you connect a switch with a null domain to an active VTP domain via a trunk, the new switch will inherit the domain name and configuration from the active VTP domain. If you connect a switch with a different VTP domain name configured, VTP information (Vlans) will not be propagated.

Mohamed Sobair
Level 7
Level 7

Hi,

1- With VTP the default mode is Server.

2- If u plug another Switch to the Network, its recommended to change the VTP mode to transparent mode to prevent merging all Switches config by the new switch. a Switch with Higher Revision number becomes the update VTP Server.

3- The prunning doesnt happen per uplink or port, the Prunning has to be set in by the VTP domain to eleminate unnecessary broadcast traffic.

HTH

Mohamed

Mohamed

Hope you can help.

I was also wondering if it is necessary to prune vlans if you are not routing vlans?

Routing really has no effect on pruning. Pruning is strictly to minimize your layer two traffic between layer two devices over trunk ports.

So even if you are not routing your vlans, it could still be possible to pass on broadcast storms on your switches from unneeded vlans.

thanks

So it is good practice to prune on all trunks?

I would say yes, especially if you have a large number of vlans or vlans that need to be protected, e.g. sensitive data vlans. The question, and this is a matter of preference, is how you want to prune.

1) As Mohammed stated:

"switch(config)#vtp pruning"

This must be done on the vtp server and the switch itself controls what vlan broadcast traffic is passed on. This should be enabled. Make sure your switches meet the requirements as stated by Cisco, there are a few caveats.

2) On top of the above method, you can also deploy the method i suggested. Pruning on the uplinks is a way of manually making it impossible for the vlans to be passed on. This is done with the "switchport trunk allowed vlan vlanxxx" command. An example of when you may want to do this is if you have a user and a server vlan in the same vtp domain and you never want server vlan traffic to reach the switches that users plug into.

HTH,

Justin

Thanks again

I don't quite have a handle on the vtp domain name and reversions to attempt any changes along those lines.

As it stands right now I have one switch that is the server and all others are clients. And I use one domain name.

I always create vlans on the server switch and allow vtp to take care of business.

However the manual method for pruing that you advocate makes perfect sense. I was already using the allow paramenter on trunks connected to AP's but I did not realize that this was "manual pruning." Thanks

My recommendation for you is do a "show vtp status" on your switches. Make sure the vtp version is the same on all of them and make sure pruning is enabled. This gives you a good start if these are the same.

Do some research on "switchport trunk allowed" and see if it is something that you can benefit from. It may not be worth the administrative overhead to deal with it for your organization.

I am not familiar with "allow parameter". Is this setup in a GUI? I dont think this has anything to do with VTP.

I checked a sample number of switches and they have the following:

KBCOH1RD4SW3#sh vtp st

VTP Version : 2

Configuration Revision : 28

Maximum VLANs supported locally : 1005

Number of existing VLANs : 24

VTP Operating Mode : Client

VTP Domain Name : jergens

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Enabled

MD5 digest : 0xB9 0x0E 0x32 0x29 0x93 0x0D 0x25 0x58

Configuration last modified by 10.49.1.60 at 1-21-09 20:25:22

As you can see I do not have pruning enabled nor V2 enabled.

What is the effect of enabling pruning on the server switch? And enabling V2?

Is it disruptive?

John,

Both of these changes SHOULD not be disruptive, but I personally would not make a configuration change like this during production hours, but rather in a maintenance window, unless broadcast storms are slamming your switches and affecting network performance or something like that.

Do you have any monitoring tools to check bandwidth usage on your switches? If so, check them out and see how they look. If you have plenty of bandwidth on your trunk lines, this should be a low priority and done during non-peak hours, in my opinion.

Thanks for all the help

If you ever in Cincinnati OH look me up.

I buy you a few beer!

FYI

The whole reason I have been investigating vtp and pruing is because we have had something like a storm several times over the past two weeks. I was trying to minimize any potential impact.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco