How to configure VLANs with different VTP modes?
We are going to show how VLANs are created in VTP server and propagated to other switches and how to stop the propagation, if required.
Cisco Switches Triangle
The switches are in a triangle with switchA as root of the STP and configured with hostnames and ip addresses allowing us to remotely access them via telnet. All switch port connections between switches are using an ISL trunk and are configured using the port default.
interface FastEthernet0/1 switchport mode dynamic desirable ! interface FastEthernet0/2 switchport mode dynamic desirable
switchA#sh spanning-tree VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address 000f.2323.6800 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 000f.2323.6800 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 19 128.11 P2p Fa0/2 Desg FWD 19 128.12 P2p Fa0/30 Desg FWD 19 128.30 P2p switchA#
All switches at default are in vtp mode SERVER with the domain as NULL.
This mode enables us to configure a VLAN from any switch. Telneting into switchA we can verify the vlans presently configured and it’s VTP status.
switchA#sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 <-----Output Omitted-----> switchA#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 VTP Operating Mode : Server VTP Domain Name : VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 1.1.1.1 on interface Vl1 (lowest numbered VLAN interface found)
Further, we can verify that across the remaining switches.
switchB#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 VTP Operating Mode : Server VTP Domain Name : VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 1.1.1.2 on interface Vl1 (lowest numbered VLAN interface found) switchB#
switchC#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 VTP Operating Mode : Server VTP Domain Name : VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 1.1.1.2 on interface Vl1 (lowest numbered VLAN interface found) switchC#
Back on switch A, we configure a VTP domain 7M and see that it is advertised down the trunk links between the switches. Switches with a NULL VTP domain automagically associate to the VTP domain 7M that is now advertised by switchA.
switchA#conf t switchA(config)#vtp domain 7M Changing VTP domain name from NULL to 7M switchA(config)#end switchA#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 VTP Operating Mode : Server VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0xCE 0x1A 0xF6 0xDC 0x15 0x5A 0x6D 0x13 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 1.1.1.1 on interface Vl1 (lowest numbered VLAN interface found) switchA#[/color-box]
switchB#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 VTP Operating Mode : Server VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD *** MD5 digest checksum mismatch on trunk: Fa0/11 *** Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 1.1.1.2 on interface Vl1 (lowest numbered VLAN interface found)
switchC#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 VTP Operating Mode : Server VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD *** MD5 digest checksum mismatch on trunk: Fa0/12 *** Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 1.1.1.3 on interface Vl1 (lowest numbered VLAN interface found)
When we add a VLAN, VLAN 2, to the a vtp server switch, such as switchA, the configuration revision number is updated. This update is advertised down trunk links to other switches and forwarded by them as long as the switches are in the same VTP domain, 7M.
switchA(config)#vlan 2
switchA(config-vlan)#name Sales
switchA(config-vlan)#exit
switchA(config)#exit
switchA#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/47, Fa0/48, Gi0/1, Gi0/2
<-----Output Omitted----->
2 Sales active
<-----Output Omitted----->
switchA#sh vtp status
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 1
Maximum VLANs supported locally : 1005
Number of existing VLANs : 6
VTP Operating Mode : Server
VTP Domain Name : 7M
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40
Configuration last modified by 1.1.1.1 at 3-1-93 01:00:45
Local updater ID is 1.1.1.1 on interface Vl1 (lowest numbered VLAN interface found)
switchA#
Now, lets look at how the VTP advertisement is handled by the other switches in VTP domain 7M. Switches B and C compare the VTP configuration revision number and see their number is 0 and the new 1. Both switches B and C are out of sync with a lower configuration revision number and update their VLAN database with the newly created Sales VLAN, VLAN 2, introduced in the VTP update from switch A.
switchB#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/47, Fa0/48, Gi0/1, Gi0/2
<-----Output Omitted----->
2 Sales active
<-----Output Omitted----->
switchB#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 1 Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 VTP Operating Mode : Server VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40 Configuration last modified by 1.1.1.1 at 3-1-93 01:00:45
SwitchC shows changes with the VTP update from SwitchA.
switchC#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/47, Fa0/48, Gi0/1, Gi0/2
<-----Output Omitted----->
2 Sales active
<-----Output Omitted----->
switchC#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 1 Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 VTP Operating Mode : Server VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40 Configuration last modified by 1.1.1.1 at 3-1-93 01:00:45
If we change Switch B to a vtp client, it will no longer allow us to make VLAN modifications
switchB(config)#vtp mode client Setting device to VTP CLIENT mode. switchB(config)#vlan 3 %VTP VLAN configuration not allowed when device is in CLIENT mode. switchB(config)#
switchB(config)#no vlan 2
%VTP VLAN configuration not allowed when device is in CLIENT mode.
switchB(config)#
So back to Switch A, our vtp server, to add Accounting VLAN, VLAN 3.
switchA(config)#vlan 3
switchA(config-vlan)#name Accounting
switchA(config-vlan)#exit
switchA(config)#exit
switchA#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
<-----Output Omitted----->
2 sales active
3 Accounting active
switchA#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Server VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40 Configuration last modified by 1.1.1.1 at 3-1-93 01:12:45 Local updater ID is 1.1.1.1 on interface Vl1 (lowest numbered VLAN interface found)
We will see the VTP update from Switch A for the VLAN 3 update the other switches, as long as they are in VTP server or client mode.
switchB#sh vlanVLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 <-----Output Omitted-----> 2 sales active 3 Accounting active switchB#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Client VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40 Configuration last modified by 1.1.1.1 at 3-1-93 01:12:45switchC#sh vlanVLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4<-----Output Omitted----->2 sales active 3 Accounting active switchC#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Client VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40 Configuration last modified by 1.1.1.1 at 3-1-93 01:12:45 [/color-box]We can also change Switch C to vtp transparent, which basically turns off VTP. After we add VLAN 4, it does not get advertised to Switches A and B.
switchC(config)#vtp mode transparent Setting device to VTP TRANSPARENT mode. switchC(config)#vlan 4 switchC(config-vlan)#name Engineering switchC(config-vlan)#end switchC#sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 2 Sales active 3 Accounting active 4 Engineering activeswitchC#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 8 VTP Operating Mode : Transparent VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0xFF 0x6E 0x55 0x2C 0x17 0xB5 0xD1 0x28 Configuration last modified by 1.1.1.3 at 3-1-93 01:15:48[/color-box]
Switches A and B will not see a VTP advertisement, and not update their VLAN databases.
switchA#sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4<-----Output Omitted----->2 sales active 3 Accounting activeswitchA#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Server VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40 Configuration last modified by 1.1.1.1 at 3-1-93 01:12:45 Local updater ID is 1.1.1.1 on interface Vl1 (lowest numbered VLAN interface found)switchB#sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4<-----Output Omitted----->2 sales active 3 Accounting activeswitchB#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Client VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40 Configuration last modified by 1.1.1.1 at 3-1-93 01:12:45If we delete VLAN 3 from switch A, switch B will update it's VLAN database. Switch C being in transparent will ignore the update for it's own VLAN database, but will propagate the VTP advertisement .
switchA(config)#no vlan 3 switchA(config)#end switchA#sh vlan VLAN Name Status Ports---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4<-----Output Omitted----->2 sales activeswitchA#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 3 Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 VTP Operating Mode : Server VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40 Configuration last modified by 1.1.1.1 at 3-1-93 01:15:23 Local updater ID is 1.1.1.1 on interface Vl1 (lowest numbered VLAN interface found)switchB#sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4<-----Output Omitted----->2 sales activeswitchB#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 3 Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 VTP Operating Mode : Client VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x98 0x57 0x80 0xE2 0x29 0x91 0x2F 0x40 Configuration last modified by 1.1.1.1 at 3-1-93 01:15:23switchC#sh vlan VLAN Name Status Ports---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 2 Sales active 3 Accounting active 4 Engineering activeswitchC#sh vtp status VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 8 VTP Operating Mode : Transparent VTP Domain Name : 7M VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0xFF 0x6E 0x55 0x2C 0x17 0xB5 0xD1 0x28 Configuration last modified by 1.1.1.3 at 3-1-93 01:15:48In summary, VTP modes define how switches propagate and update their VLAN database.
- Server
Advertises updates and can create, modify and delete VLANS and saves VLAN database locally.
- Client
Propagates VTP advertisements from Servers or Clients, does not save VLAN database locally.
- Transparent
Does not care what the other switches are doing and basically acts as if it is not part of the VTP domain but propagates VTP advertisements.
Cisco CLI commands
-
show vlan
-
show vtp status
-
vtp domain <string>
-
vtp mode server | client | transparent
-
vlan <number>
Comments
No comment yet.