01-23-2009 06:18 AM - edited 03-06-2019 03:36 AM
I thought this would be very straight forward, but I guess not.
Currently the network I manage consists of 3 main sections with two 6500's for the dist layer, in each section, which in turn, have layer 3 connections to a set of 6500's acting as the core.
I inherited this network, and the person before me allowed layer 2 connections to span into the different sections and the entire building is one large VTP domain.
Because of the number of VLAN's on the network, I need to limit the scope of spanning tree and remove any unused VLAN's from the sections.
I have configured all the trunk ports to 'nonegotiate', to turn of DTP, but when I change the domain on the access layer (2960's), I loose connectivity to the servers behind the access switch, but still have connectivity the management VLAN.
I'm assuming I'm missing some sort of configuration on the 6500, so if anyone can point me in the right direction, that would be great.
Solved! Go to Solution.
01-24-2009 01:23 PM
Hi Steve,
yes, I believe to understand.
Without knowing the LAN topology details it's difficult to understand if it's really good to create more VTP domains in one L2 LAN.
It makes life quite complicated, I'd say.
If the number of STP instances were the main problem, I'd fix it with disabling (manual pruning) unnecessary VLANs from trunks.
I thought originally you were going to escape from VTP completely, i.e., use VTP transparent mode and configure all VLANs on each switch manually (or via some managemnt tool).
This is a way recommended by many consultants currently.
But I learnt something really new here:
1. VTP client saving the VLAN database (was not in the past when I was playing with VTP intensively, somebody told me about that already but I did not believe him)
2. The VTP pruning problem between two VTP domains - this is a really good point (deserving 5 points from me, too).
Thanks and good luck,
Milan
01-24-2009 02:23 PM
I am glad I was able to help.
We are only running 1 VTP domain in a L2 LAN. Although, we wanted to change the name of the domain in this LAN. So temporarily there were 2 management domains that needed to talk to each other in some way. That was our original issue. I can not think of a reason why you would really want to run 2 management domains in a L2 LAN. That would get very cumbersome and hard to manage fairly quickly.
We never wanted to skip out of VTP completely. There are just too many devices to manage to touch each one individually every time we make a VLAN change.
01-24-2009 02:52 PM
Well, I was working is such an environment 5 years ago.
There were several good reasons why to run 2 VTP domains:
- two departments administering LAN parts, only some VLANs spaning the whole LAN
- L2 connectivity was a must
- 2940s in one part of the LAN (changing itself to VTP transparent mode automatically when more than 8 VLANs configured).
Is your current VTP domain name so awful you have to go through this painful process of renaming?
BR,
Milan
01-24-2009 03:23 PM
Aah, yes that is a good point. I forgot about that being a good reason.
We changed our VTP domain because we have 3 switchblocks, and all of them used to have L2 connectivity. We are working on migrating our topology to a more functional one. So for security reasons and to prevent accidental VLAN database corruption, we are putting each section into its own VTP management domain.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide