VTP domain question

Andy White · ‎04-18-2012

Hello,

I've just gone to a site an they have setup VTP on their switches and are having VTP mismatch errors, I can see why as they domain names are all wrong. Anyway what i noticed was that all their switches were setup as server mode and in a VTP domain. What is the point of using server mode and VTP domains everywhere? I normally have a server and client setup.

Just need to get my head round this.

Thanks

acampbell · ‎04-18-2012

Andy,

Once you have the VTP all up and stable I suppose the only benefit of running all switches as server would be the ease of access to add/remove VLANS. So much for security.

But I am with you.

Either all transparent or

a couple of key switches as server the rest client.

Regards

Alex

Regards, Alex. Please rate useful posts.

Joseph W. Doherty · ‎04-18-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

What is the point of using server mode and VTP domains everywhere?  I normally have a server and client setup.

Technically, under-the-covers, a VTP server and client are one and the same (i.e. they can both update other VTP servers/clients). Above-the-covers, VTP servers allow us to make VLAN configuration changes and the VTP servers do not.

If we limit a VTP domain to only having one VTP server, we avoid the race condition of two VTP servers sending VLAN configuration revisions at the same time that don't agree.

Andy White · ‎04-18-2012

Thanks, I've corrected the vtp mismatch, but noticed that if I created a new vlan on one switch didn't appear on the other server switches when I ran "sh vlan bri" should it?

Thanks

jszapipes · ‎04-18-2012

Just because you set a switch to act as VTP server doesnt necessarily mean it is the server. The true VTP server will be based on the switch with the highest configuration revision number....this number increases every time you make a vlan change. Also, make sure your running the same VTP version on all switches in the VTP domain.

jp

Joseph W. Doherty · ‎04-18-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Also, make sure your running the same VTP version on all switches in the VTP domain.

I recall VTP version should be reflect in "server" change (like auto pruning), but you should first insure all devices are capable of same version (when using V2 or V3).

glen.grant · ‎04-18-2012

If vtp is actually working then the vtp revision number should be the same across all devices whether server or client . Sounds like something is still incorrect if they are not synced. Yes all vlans created should be propagated and should be the same across all devices if the vtp config is correct and working properly.

acampbell · ‎04-18-2012

Hi,

I am with Glen. {+5 G)

The VTP revision number should consistant throughout the VTP domain.

I still think that the best practise is to run server mode on a few key switches and client on the rest.

Even better to use a vtp password aswell for security.

Regards

Alex

Regards, Alex. Please rate useful posts.

Joseph W. Doherty · ‎04-18-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Andy White wrote:

Thanks, I've corrected the vtp mismatch, but noticed that if I created a new vlan on one switch didn't appear on the other server switches when I ran "sh vlan bri" should it?

Thanks

It should but there are several conditions for that to happen. VTP domains have to match (or device starts with null VTP domain). Devices need to be server or client mode. VTP passwords need to match (NB: I recommend as a manual configuration that helps insure your device is in the correct VTP domain). VTP must be communicated between switches.