Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Proper Order of Configuration?

I need to setup VLANs, VTP, and EtherChannels. I have 2 3560G-24 port switches. Is there a particular order that I need to configure these features? For example, should I setup the EtherChannel first (which will be used as a trunk between the two switches) and then setup the VTP domain and then the VLAN or does it really matter what I setup first? Based on what I am reading, (having not done this is a while), if I establish the EtherChannel on switch 1, the config should automatically transfer to switch 2 because the ports will autonegotiate and recognize that an EtherChannel has been established. Is this correct?

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Proper Order of Configuration?

Hello James,

you need a working L2 trunk between the two switches in order to have VTP messaged to flow from server(s) to client(s)

if you have little experience I would suggest a divide and conquer approach:

first I would setup a L2 trunk between the two switches

then you configure both for VTP one as server and one as client (or server to be noted)

you create all the vlans you need

you check correct propagation of vlans on second switch with

sh vtp status

sh vlan

STP woth

sh spanning-tree summary

later you can use other two links to configure an etherchannel between the two

the end result should be that the etherchannel bundle is preferred by STP for all vlans and the first link used is blocked on one side for each vlan

the advantage is that you don't put all together but you build on previous steps

Hope to help

Giuseppe

27 REPLIES

Re: Proper Order of Configuration?

James,

If you need to configure VLANs, VTP and EtherChannels, I would suggest this order.

1. Configure VTP

2. Configure all the VLANs on the VTP server so they will propagate to all switches

3. Configure the EtherChannels

Keep in mind:

You can have one or more VTP servers (for redundancy) and all will synchronize to the switch with the highest revision number.

Configure a VTP password for security and to avoid accidental synchronizations.

All VLANs will be propagated to all switches, but you still need to log into the other switches to assign the correct ports to the correct VLANs.

The EtherChannel can be configured statically or using LACP or PAgP.

Hope to help.

Federico.

Hall of Fame Super Silver

Re: Proper Order of Configuration?

Hello James,

you need a working L2 trunk between the two switches in order to have VTP messaged to flow from server(s) to client(s)

if you have little experience I would suggest a divide and conquer approach:

first I would setup a L2 trunk between the two switches

then you configure both for VTP one as server and one as client (or server to be noted)

you create all the vlans you need

you check correct propagation of vlans on second switch with

sh vtp status

sh vlan

STP woth

sh spanning-tree summary

later you can use other two links to configure an etherchannel between the two

the end result should be that the etherchannel bundle is preferred by STP for all vlans and the first link used is blocked on one side for each vlan

the advantage is that you don't put all together but you build on previous steps

Hope to help

Giuseppe

New Member

Re: Proper Order of Configuration?

OK, I think it would make sense then to just configure the EtherChannel first to establish the trunk.

Re: Proper Order of Configuration?

giuslar,

Just for my learning, do you see something not correct from my suggestion?

Thank you,

Federico.

Hall of Fame Super Silver

Re: Proper Order of Configuration?

Hello Federico,

nothing wrong in what you have written, probably is better to configure VTP first, many times our answers don't get the right remarks

personally I prefer to build step by step, so I would add the etherchannel later for example to see STP in action and so on.

I've assumed that original poster hasn't great experience, so I've suggested a step by step path as a way to learn about different aspects.

I may have misunderstood totally original poster and he might be looking for an optimized procedure.

Hope to help

Giuseppe

Hall of Fame Super Blue

Re: Proper Order of Configuration?

vegas5882010 wrote:

OK, I think it would make sense then to just configure the EtherChannel first to establish the trunk.

James

Just to clarify. As Giuseppe says create a trunk first because without this your vlans won't propogate. Only after creating the trunk and ensuring that all vlans are present on both switches should you move onto the etherchannel.

Federico - nothing wrong with your instructions as far as i can see except i think Giuseppe just wanted to emphasise that without a trunk VTP etc. doesn't work.

Jon

New Member

Re: Proper Order of Configuration?

OK, that makes sense. I wil create a trunk between the switches and go from there. Although, I know how to create EtherChannels so creating a separate trunk may not be a helpful step. But, will consider it.

New Member

Re: Proper Order of Configuration?

So this is the trunk configuration using port 24 on each switch.

ISCSI1#sh int gigabitethernet0/24
GigabitEthernet0/24 is up, line protocol is up (connected)
  Hardware is Gigabit Ethernet, address is 1c17.d325.d918 (bia 1c17.d325.d918)
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:28, output 00:00:01, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     134 packets input, 21926 bytes, 0 no buffer
     Received 65 broadcasts (63 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 63 multicast, 0 pause input
     0 input packets with dribble condition detected
     476 packets output, 51854 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out
ISCSI1#show run int gigabitethernet0/24
Building configuration...

Current configuration : 108 bytes
!
interface GigabitEthernet0/24
switchport trunk encapsulation isl
switchport mode dynamic desirable
end

ISCSI1#

Make sense so far? How do I know that the trunk is actually working? I have configured nothing else so far. Although I need to change the MTU for the switch because it is being used solely for iSCSI and the recommendation is for MTU of 9014.

Re: Proper Order of Configuration?

James,

This is a personal comment.

I prefer to configure the EtherChannel manually instead of relying on LACP or PAgP.

To do this:

interface GigabitEthernet0/24

switchport trunk encapsulation dot1q
switchport mode trunk

On both sides.

Also, ISL is not used anymore, you may want to use 802.1q instead.

To check the trunk, do ''sh interface trunk''

Federico.

Hall of Fame Super Blue

Re: Proper Order of Configuration?

Federico

I prefer to configure the EtherChannel manually instead of relying on LACP or PAgP.

I think you mean configure the trunk as on rather than use DTP ?  I agree, i would configure the trunk on as well as DTP simply adds to the time taken to bring things up. Of course to turn off DTP you also need to add "switchport nonegotiate" to the interface configuration.

Jon

New Member

Re: Proper Order of Configuration?

SCSI2#sh int trunk

Port        Mode             Encapsulation  Status        Native vlan
Gi0/24      desirable        802.1q         trunking      1

Port        Vlans allowed on trunk
Gi0/24      1-4094

Port        Vlans allowed and active in management domain
Gi0/24      1

Port        Vlans in spanning tree forwarding state and not pruned
Gi0/24      1
ISCSI2#

this is switch two.

What should the mode be? I chose dynamic desirable, but is that correct?

New Member

Re: Proper Order of Configuration?

I am getting a MD5 checksum mismatch?

ISCSI2#sh vtp status
VTP Version capable             : 1 to 3
VTP version running             : 1
VTP Domain Name                 : iscsi_hchb
VTP Pruning Mode                : Disabled
VTP Traps Generation            : Disabled
Device ID                       : 1c17.d325.df80
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

Feature VLAN:
--------------
VTP Operating Mode                : Client
Maximum VLANs supported locally   : 1005
Number of existing VLANs          : 5
Configuration Revision            : 0
MD5 digest                        : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
                                    0x56 0x9D 0x4A 0x3E 0xA5 0x69 0x35 0xBC
*** MD5 digest checksum mismatch on trunk: Gi0/24 ***
ISCSI2#

Re: Proper Order of Configuration?

James,

I think that an MD5 mismatch relates to a problem with the VTP password.

Have you configured the same VTP password on all server/clients?

Also, the trunk should be on on both sides to avoid using DTP as jon said.

Set the trunk to on on both sides with the command: switchport mode trunk

Federico.

Hall of Fame Super Silver

Re: Proper Order of Configuration?

Hello James,

>> *** MD5 digest checksum mismatch on trunk: Gi0/24 ***

yes you have a mismatch, copy from configuration of first device to configuration of the second it is easy to make a small error

be also aware that after changes to MD5 password it make take some time to synchronize.

again, MD5 could be added later to VTP configuration I recommend to go step by step.

note:

when using DTP if the two switches think of being part of different VTP domains they will not form a functioning trunk.

Hope to help

Giuseppe

Hall of Fame Super Blue

Re: Proper Order of Configuration?

vegas5882010 wrote:


this is switch two.

What should the mode be? I chose dynamic desirable, but is that correct?

The mode is up to you. Dynamic desirable runs DTP which negotiates at either end to become a trunk link. As mentioned previously you can simply type - "switchport mode trunk" which means you permanently turn on the trunk. You would also then add  "switchport nonegotiate" to turn off DTP.

I personally usually configure them as on but it's a matter of preference really.

Jon

New Member

Re: Proper Order of Configuration?

OK, understood. This is all good stuff...thanks for the help. I switched it back to switchport mode trunk and also switchport nonegotiate to handle the DTP issue. Still showing the mismatch though.

Re: Proper Order of Configuration?

Issue a ''sh vtp password'' on both switches.

If you don't get the same output, that's what you need to correct.

Federico.

New Member

Re: Proper Order of Configuration?

I issued a show vtp password on both switches and both are not set. Yet, I still have an MD5 checksum error.

Re: Proper Order of Configuration?

James,

Make sure that both switches (VTP server and VTP client) are configured with the same VTP password and domain.

The commands:

vtp password

vtp domain

vtp mode

Also, make sure that the link between both switches is a trunk and that it shows up/up when doing ''sh interface x/x''

Federico.

New Member

Re: Proper Order of Configuration?

So now I have a misconfigured switch....Cannot get into it anymore. None of my passwords are working. How do I reset this and reload

the IOS?

As I said, it's been a long while since I have configured this kind of stuff.

Re: Proper Order of Configuration?

New Member

Re: Proper Order of Configuration?

I figured out a way around it. I just restarted the switch and it brought me back into the initial configuration dialog. I

decided to completely wipe out both switches and start from scratch. I will not put a password on the vtp domain and let's see if I can get this trunk to work.

New Member

Re: Proper Order of Configuration?

When I setup the vtp domain, do I need to configure it on both switches or just the primary switch and then it will propagate over the trunk? I guess the second switch will need to be manually configured for vtp client.

Re: Proper Order of Configuration?

If you configure one switch as the VTP server with a domain name, the domain name will propagate across the trunks to other switches (which they don't have a domain name yet configured for VTP).

However, it's better to manually configure the domain name manually on every switch.

Also, you need to log into the VTP client switch to configure it as VTP client (and set the domain).

To avoid this domain propagation, you can create a VTP password.

Federico.

New Member

Re: Proper Order of Configuration?

I established the vtp domain on switch 1 and then I went to switch 2 and it showed the vtp domain correctly. So that means that it propagates automatically. MD5 checksum was fine. I put no passwords on the vtp domain. I then changed switch 2 to vtp client and then it showed the MD5 error again.

New Member

Re: Proper Order of Configuration?

MD5 checksum error disappeared. ? Strange.

Anyway, everything seems to be ok for now. Will proceed with creating the VLANs we need and assigning the necessary ports.

Is there any reason to use vtp version 3? Using 1 now.

What about vtp pruning?

Your help has been most appreciated!

New Member

this is an old thread at this

this is an old thread at this point, but I came across it, so others may have as well.

See: http://www.networknoob.net/2012/11/ccnp-vtp-and-etherchannel/
Possibly the client got out of sync with the server? Creating and deleting a vlan might have resolved the issue, by forcing a VTP update.

843
Views
0
Helpful
27
Replies
CreatePlease to create content