Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

vtp mode change

Just want tinbe 100% sure..if I Chang my switch configurations to vtp mode off will they keep their current clans? Have only 4 switches and would rather manually manage vlan changes. They are all currently set to client mode.

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions

vtp mode change

1. You should be backing up your switch configs on a regular basis.

2. You should have a document stored offline which lists ALL your VLAN ID's, their corresponding names and Routable IP addresses.

3. You should be using security features like BPDUGuard and setting all host ports to be Access only to prevent rogue Cisco switches from being plugged in and Trunks forming.

If for some reason somebody was able to plug a Cisco switch into your network and it had the same Revision Number, VTP Domain and Password......and the port was able to form a trunk then there is potential for it to overwrite your Vlan database throughout your VTP domain.

These days, this is highly unlikely if you take the correct precautions as mentioned above. VTP updates are only sent through Trunk ports so all switchports should be 'Switchport Mode Access' unless that have been statically set to be a Trunk port as required.

6 REPLIES
VIP Purple

vtp mode change

hello

The easiest way is set   the vtp mode to transparent on all switches.

conf t

vtrp mode transparent

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please don't forget to rate any posts that have been helpful. Thanks.
Hall of Fame Super Blue

vtp mode change

Chris

Just to add to Paul's response. If you use VTP transparent then when you change to VTP transparent the vlans should be written to the running config so you will not lose them.

Jon

Community Member

vtp mode change

Side question. If someone to plugged in a switch to my network that had the same domain and password and higher revision...and it deleted some of my vlans, a simple quick fix would be to check the running config of a port that was set to inactive, as its vlan would still be listed, then recreate that vlan?

VIP Purple

Re: vtp mode change

Hello

If you had change the vtp mode of these 4 switches to transparent mode  and a new switch was added with the specifics you have stated then no vlans would be deleted/added to any of these switches, As switches in transparent mode only forward vtp advertisements and do not act upon them so synchronisation of their vtp database isn't initiated.

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please don't forget to rate any posts that have been helpful. Thanks.

vtp mode change

1. You should be backing up your switch configs on a regular basis.

2. You should have a document stored offline which lists ALL your VLAN ID's, their corresponding names and Routable IP addresses.

3. You should be using security features like BPDUGuard and setting all host ports to be Access only to prevent rogue Cisco switches from being plugged in and Trunks forming.

If for some reason somebody was able to plug a Cisco switch into your network and it had the same Revision Number, VTP Domain and Password......and the port was able to form a trunk then there is potential for it to overwrite your Vlan database throughout your VTP domain.

These days, this is highly unlikely if you take the correct precautions as mentioned above. VTP updates are only sent through Trunk ports so all switchports should be 'Switchport Mode Access' unless that have been statically set to be a Trunk port as required.

Community Member

vtp mode change

Side question, with regard to backups, I've been doing the following for my DR documentation....am I missing anything?

SW 3750 STACK

sh ver

sh boot

sh env all

sh inv

sh switch detail

sh cdp nei

sh vlan

sh interfaces

sh interfaces status

sh interfaces trunk

sh ip eigrp neighbors

sh ether-channel detail

sh ip int bri

sh run

SW 4500

sh ver

sh bootflash:

sh env status

sh inv

sh module

sh power

sh cdp nei

sh vlan

sh interfaces

sh interfaces status

sh interfaces trunk

sh ip eigrp neighbors

sh ether-channel detail

sh ip int bri

sh run

ROUTER 2800

sh ver

sh flash:

sh env all

sh inv

sh cdp nei

sh vlans

sh int

sh int status

sh ip int bri

sh ip eigrp nei

sh run

ASA 5520

sh ver

sh inv

sh module all

sh vlan

sh interface detail

sh interface ip bri

sh run

Would you recommend any other settings/commands to capture.

256
Views
0
Helpful
6
Replies
CreatePlease to create content