VTP Mode Change from Server to Transparent VLANs Disappear
I did some looking around the forums and found what I think might explain the behavior we ran across today, but I wanted to ask the experts to see if we are on the right track. Here is what we saw:
We had a 3550 switch and a 3745 router. Both of the units were set to VTP mode "server". Their domain setting was identical and everything was working fine. A co-worker accidentally changed the mode of the 3550 to "transparent" (thought he was connected to a different switch) and on the 3745 we lost VLAN 800 as soon as the change was made. On the 3550 we lost VLAN 900. Both VLANs were present on both units prior to the accidental change. Ironically, when I ran the "show vtp status" command on the 3745 (after the change of the 3550 to transparent mode) it clearly indicated that the last update/change came from the 3550 at the exact time it was changed from "server" mode to "transparent" mode. So, the change actually resulted in an update of some sort.
My question is the following: If both units were in "server" mode, by changing one of them to transparent (in our case the 3550) why/how could the VLANs just disappear from the switch/router? The only post I could find in the forums indicated that if the VLAN that was lost (let's say VLAN 900 on the 3550) that it would have been pushed/learned when added to the 3745. So VLAN 900 was added on the 3745, pushed/learned by the 3550 via VTP and then lost when the mode was changed to "transparent". Is this the case/behavior that we would expect?
We are trying to understand the behavior as we have run across a number of other switches that are set to "server" mode and we want to make sure we don't run into these issues again. We were able to manually add the missing VLANs to both units and were back up and running before long, but it did cause quite a scare. Okay, thank you so much for your help!!!
Re: VTP Mode Change from Server to Transparent VLANs Disappear
Thats a bit strange.. How many VLANs were defined on the 3550 and 3745 and how many were lost ? Normally when you change the vtp mode from server to transparent, you should not lose any vlan info.. did the config register reset to ZERO after you changed it to transparent mode ?
Does the 3745 router have ethernet modules for you to run VTP on them ?
Best practice when you do vtp changes are:
1) to document the network with the vlan information on each switch on your network (since you are migrating to transparent).. with client server, it will automatically broadcast, and hence you might not need to document vlans on each switch.. since you know your network well, make sure you have a document with switchname and vlans associated on it, just to make sure
2) have one vtp domain name on the LAN network.. some places i have seen switches either with no domain names (default) or arbitary names
3) have vtp passwords on all switches.. just to avoid the network breaking with a switch introduced on the network (may be with default configs, but with higher config register number)...
4) good to see you moving to transparent.. if you can manage vlans on your network, "transparent"is the way to go...
5) Did you see any other logs on the router/switch (show log) to see what else could be the issue?
Trying to recall, but is it a recommended practice to put the VTP server, if only one exists, into transparent mode when no new vlan configuration is being added? That is, as an added defense against something causing the server to be 'tricked' into deleting its vlan info because it thinks it got a newer update, typical scenario a new switch in default server mode as mentioned.... We had that happen several times. We have now gone to version 3, which I believe is supposed to prevent that...
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...