VTP Version 3

richardfinnie · ‎05-07-2010

Hi All,

We currently have a VTP client/server environment running VTP version 2. I want to move this environment to VTP version 3 for additional security as well as extended vlan support. Is there any caveats to moving to this? Should I expect a large network outage during the conversion?

My environment currently consists of:

2 Catalyst 4506's running in our core (don't laugh, this will be upgraded to 6509's later this year)

A variety of 2950's, 2960's, 3560's and 3750E's as our access and distribution layers.

Thanks all for your assistance.

Rick

rahurao · ‎05-07-2010

Hi Richard,

VTP version 3 provides the following enhancements to previous VTP versions: 

*     Support for extended VLANs.
*     Support for the creation and advertising of private VLANs. 
*     Improved server authentication.
*     Protection from the "wrong" database accidentally being inserted into a VTP domain. 
*     Interaction with VTP version 1 and VTP version 2. 
*     Provides the ability to be configured on a per-port basis.
*     Provides the ability to propagate the VLAN database andother databases.

 

I believe that there should not be any issues in the migration.

 

 

http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.3and8.4glx/configuration/guide/vtp.html#wp1039329



HTH 

Rahul

richardfinnie · ‎05-07-2010

Thanks for the information.

It looks like the document references CatOS. Is this supported on the 4500's running an IOS image? (I have been only able to find the document referencing the 6500's).

The migration looks like it is as easy as specifying "vtp version 3" on our 4500's (acting as VTP servers) and then just migrating our access switches over time. However, I have learned from the past that if things look to easy, they are probably going to break a lot of things

jbrenesj · ‎05-07-2010

VLAN Trunking Protocol version 3 (VTPv3)

12.2(50)SG

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps4324/product_bulletin_c25_513357_ps9695_Products_Bulletin.html

Configuring VLANs, VTP, and VMPS

Catalyst 4500 Series Switch Software Configuration Guide, 12.2(50)SG

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/50sg/configuration/guide/vlans.html#wp1052658

HTH

rahurao · ‎05-07-2010

Hi Rick,

Yes it is supported for the 4500 IOS and here is the link for undertsnading and configuring the same:

http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst4500/12.2/52sg/configuration/guide/vlans.html#wp1052658

I hope this helps

Rahul

richardfinnie · ‎05-11-2010

I am a little confused by the article, since it states under VTP configuration guidelines and restrictions:

"All network devices in a VTP domain must run the same VTP version"

but then prior states that:

"When a VTP version 3 device on a trunk port receives messages from a VTP version 2 device, it will send a scaled-down version of the VLAN database on that particular trunk in a VTP version 2 format. A VTP version 3 device will not send out VTP version 2 formatted packets on a trunk port unless it first receives VTP version 2 packets on that trunk"

"Even when a VTP version 3 device detects a VTP version 2 device on a trunk port, it will continue to send VTP version 3 packets in addition to VTP version 2 packets, to allow co-existence of two kinds of neighbors off the trunk"

So when implementing VTP version 3, do you need to convert all devices to V3 or can you have V2 devices in the same VTP domain, contrary to the first statement above?

esomarriba · ‎11-05-2010

The functional base in VTP version 3 is left unchanged from VTP version 2, so backward compatibility is built in. It is possible, on a per link basis, to automatically discover and support VTP version 2 devices. VTP version 3 is not possible with Cisco 2950 platform, if you want to use the latest VTP version you need to upgrade your hardware.