Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8202
Views
10
Helpful
10
Replies

VTP best practice

griffp
Level 1
Level 1

‎03-10-2005 12:30 AM - edited ‎03-02-2019 10:05 PM

What is the recommended way to configure VTP on a LAN?

I have 250 2900XL/3500XL/2950s and 4 6509/5500s running 12 VLANs.

Should the 6509/5500s be configured as VTP servers and the rest as transparent, with newly installed switches only configured as clients to pick up the existing VLANs and then set in transparent mode?

Or do I manually enter any required VLANs on each end of the trunk? Would there be a problem if, say,

VLAN 9 had a different name and/or SAID to VLAN 9 on the other end of the trunk?

Will changing the VTP mode of the existing active switches cause any problems?

Labels:
0 Helpful
10 Replies 10

milan.kulik
Level 10
Level 10

‎03-10-2005 12:55 AM

Hi,

how is VTP used in your network currently?

If you are building a new network, you should decide if to use VTP at all.

If yes, then I'd recommend configuring your 6509/5500s as VTP servers and the other low-end switches as clients. Just be careful about "VTP bomb", i.e. doublecheck VTP revision number is lower on the new switch than the current one in your production network (best practice: change VTP domain name to "something_else" and back to "your_VTP_domain" on the new switch - this will change the revision number to zero on the new switch).

But I don't understand your idea "newly installed switches only configured as clients to pick up the existing VLANs and then set in transparent mode".

What's the advantage? Your transparent switches would lose any VLAN change made in the future...

If you decide not to use VTP, you need to manually enter any required VLANs on each switch.

VLAN name is only an info field and can be different on the other trunk side then.

Changing the VTP mode of the existing active switches should not cause any problems - neither VLANs nor revision number will change. The only difference is: VTP server saves the VLAN info to nvram while client should not (but in reality some clients do, too, depending on IOS/CatOS version).

If you decide to run some switches as VTP servers/clients and other as transparent, be careful with trunks: trunk negotiation requires the same VTP domain/password on both trunk sides. I.e., configure trunks as nonegotiate in this case.

There are also some differences between VTP ver 1 and 2 (see http://www.cisco.com/warp/customer/473/103.html#vlan_trunking_protocol)

Even VTP ver 3 is available currently.

Regards,

Milan

griffp
Level 1
Level 1
In response to milan.kulik

‎03-10-2005 01:18 AM

"But I don't understand your idea "newly installed switches only configured as clients to pick up the existing VLANs and then set in transparent mode".

What's the advantage? Your transparent switches would lose any VLAN change made in the future... "

The idea behind this was that VTP clients don't save VLAN info in NVRAM, transparent mode does.

0 Helpful

milan.kulik
Level 10
Level 10
In response to griffp

‎03-10-2005 01:38 AM

I'm 90% sure XL switches do save VLAN info to vlan.dat flash file which is available even after the switch was disconnected from network and reloaded.

You just don't see VLAN definitions in config, but you don't lose the VLAN info, it's still available.

Regards,

Milan

0 Helpful

griffp
Level 1
Level 1
In response to milan.kulik

‎03-10-2005 02:08 AM

OK, thanks.

Currently the LAN (which I inherited) has a mixture of VTP domains/modes. I would like to clean it up but am unsure of which way to go. Do I use the VTP client/server model or use VTP transparent throughout the LAN?

There is not a need to add/delete VLANs on a regular basis, but there are a lot of switches (up to 250) to configure when any changes are required.

0 Helpful

Kevin Dorrell
Level 10
Level 10
In response to griffp

‎03-10-2005 02:39 AM

I would go four for servers and 250 clients, as I suggested in my other posting.

Kevin Dorrell

Luxembourg

0 Helpful

griffp
Level 1
Level 1
In response to Kevin Dorrell

‎03-10-2005 03:10 AM

Kevin,

I am leaning towards your suggestion of client/server. It was just that elsewhere some people have recommended not using VTP at all because of the problems it can cause.

0 Helpful

milan.kulik
Level 10
Level 10
In response to griffp

‎03-10-2005 03:13 AM

I agree with Kevin, I would go to your 4 big switches configured as servers and the rest as clients in one VTP domain.

Just decide which VTP version and password to use (need to be the same on all switches).

I'd start with the 1 big switch, check it is a VTP server in my required VTP domain and do some changes (create a new VLAN, e.g.) on it to get his revision number the highest in the network.

Then I'd check the remaining 3 big switches for synchronizing (the same domain name and rev. number).

If some of them are not synchronized, check the domain name and password.

If all synchronized, check that all are servers. If not, change the VTP mode to server on them.

Then make the neighbour low-end switches to VTP clients. Check the synchronization on them.

Etc., etc.

Don't forget:

1. You need trunking connection for VTP info to pass to a neighbour switch.

2. It can take up to 10 minutes to synchronize.

3. Trunk will not be negotiated between two switches in different VTP domains (or password missconfigured in the same domain).

4. I'd recommend doing this changes in a maintenance time in your production network.

Good luck,

Milan

Kevin Dorrell
Level 10
Level 10
In response to milan.kulik

‎03-10-2005 02:38 AM

Milan,

You are right.

Two weeks ago, I thought I understood VTP. The last two weeks have thrown up all sorts of questions that make me doubt that. That's what I like about NetPro, the challenge.

I took a 2950 out of the cupboard, and looked at its VTP. It was running VTP client, revision 22. I looked at my production network and saw it was at revision 36. I connected the 2950, and saw its revision go up to 36. I then disconnected the link, and reloaded the 2950. It came up running VTP client at revision 36. So it had silently saved the VLAN configuration.

The date on the vlan.dat file was invalid because it updated it before it had a chance to set the clock from NTP.

This behavior seems to be at odds with the classic (practice) exam question about which VTP modes save the VLAN configuration in NVRAM and which do not. (OK, pedantically it does not save it in NVRAM, it saves it in flash, but you know what I mean.)

I presume the 2900XL and the 2950 behave in the same way.

Kevin Dorrell

Luxembourg

0 Helpful

Kevin Dorrell
Level 10
Level 10

‎03-10-2005 01:03 AM

If you have only 12 VLANs, then you should not have any problems with the limitations of the smaller switches.

I would limit the number of VTP servers to four or maybe even to two. How many different STP topologies do you have? I have two distribution switches, and two STP topologies (rooted on each distribution switch). In my case, the VTP servers are on the two STP roots.

I would configure the rest of the switches as VTP clients. If they are aleady synchronised with the domain, (look at the configuration version nulber), and if they are all connected to the distribution switches using trunks, there should be no problem to change them from servers to clients on-the-fly. I would leave them all as clients unless you are in danger of going over the 64 VLAN limit.

It seems that your network is exactly what VTP is designed for.

Kevin Dorrell

Luxembourg

griffp
Level 1
Level 1
In response to Kevin Dorrell

‎03-10-2005 04:28 AM

Milan, Kevin,

Thanks to both. I think I will go with the suggested client/server model. Just need to figure out the best time to do the changes.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card