Hi Peter,

because of a bad STP design and per VTP widely spreaded VLANs there are too much STP instances on some 2960 and 3560.

Because of this and because I don't want VLANs automatically created on the entire network I want to remove it.

Best regards,

Rene

Hello Rene,

Have you considered migrating to MSTP to reduce the number of STP instances? Perhaps that would be a better way of handling your network than selectively removing VLANs from your switches. Moreover, the 2960 and 3560 switches support VTPv3 that allows synchronization of both VLAN and MSTP configuration so the management would be easy in my opinion.

In any case, I see your point and while I would personally not choose the "VTP Transparent" option, it surely is a solution and if the VLANs are removed from your switches judiciously, it will work fine for you.

Best regards,

Peter

Hello Peter,

moving from PVST+ to MST needs a recalculation of the spanning tree so there is a downtime for about 30seconds for participating VLANs but I don't have a downtime window in the next days and I am not able to create new VLANs with PVST+ instances currently.

Best regards,

Rene

  Manually pruning vlans off the links on the 2960's and 3560's will eliminate the spanning tree instance problem ,  (switchport trunk allowed vlan xxx) . My guess is that you are allowing all across the links and this is where the problem is . If its not need on the link just manually prune it off .  It is best practice to do this anyway  so that the supervisor doesn't see all the broadcast and arping going on , just extra load on the cpu for vlans that are not even used on the switch.

Glen, Full ACK. That's exactly how I want to resolve the problem.

Thanx anyway,

Rene

Excuse me but I have one question.

What connection does VTP have with the selection of spanning-tree version?

VTP is simply a mechanism by which you can reduce the administrative overhead of configuring vlans on each and every switch within a L2 domain.

I think there is a indirect connection with the per-VLAN spanning-tree modes.

When you add a new VLAN which is needed somewhere in your domain on the VTP server, all the switches in the domain will have to add a spanning-tree instance for that VLAN, regardless if it that VLAN is needed (locally or downstream) or not. You can't reduce the number of ST instances with VTP pruning, you'll have to prune manually, which more or less eliminates the advantage of reducing administrative overhead.

Plus, in large LANs you often have 6k or 4k at the Core and 2k/3k at the access layer. The 2k/3k have a limitation of 128 (some even 64) ST instances but the platforms at the core are not aware of that. When you apply more than 128 VLANs, the new ones will be added on the 2k/3k as well but with spanning-tree disabled, which most probably ends up in a bridging loop.

Even with less than 128 VLANs the CPU consumption will be unnecessarily high.

Like stated by Peter, a migration to MSTP can be a solution in such scenarios and here is another connection with VTP, since v3 allowes you to distribute the main part of the MSTP configuration as well.

Regards

Rolf