Hi Jon.  Thanks for the fast reply.

There are three campuses and the buildings on each campus connect to their respective core via L2 trunks.  There is a core on each campus.  The cores are interconnected with WAN links.

VLANS don't seem to be added often, but the same VLANS span the entire network (all three campuses).  Although some VLANS are specific to certain campuses and don't apply to the others.  In this case, would it be logical to have three VTP domains (one for each campus)?  Or can I have one domain and just filter out the few VLANS that only apply to a specific campus?

Thanks for any insight you can provide!

Sorry to ask more questions but you say some vlans span the all of the campuses.

Do you mean the same IP subnet ?

I ask because you say the cores are interconnected via WAN links which are usually L3 which would mean no VTP.

Can you just confirm.

Jon

The only subnets that span the entire campus are the L3 links between the campuses.  Each campus has their own subnets. 

Campus 1 = 10.0.X.X

Campus 2 = 10.2.X.X

Campus 3 = 10.22.X.X

Okay again I need some clarification.

You said in your last post but one that some vlans span all of the campuses but your last post suggests the links between each campus are L3 in which case that is not possible.

I am just trying to work out whether you can have a single VTP domain for everything or you need a VTP domain per campus.

I suspect it is the latter but need to make sure.

Jon

Sorry, it's hard for me to put all this into words. 

Most of the same vlans are found all over the network.  Like VLAN 5 is used universally for management.  But each campus has a different subnet they use for VLAN 5.  Campus 1 uses 10.0.5.X /24....Campus 2 uses 10.2.5.X /24...Campus 3 uses 10.9.5.X /24. 

The only subnet that is used universally throughout the entire campus are on the VLAN that traverses the WAN link (vlan 3010).  They are various /30 point to point links in the 192.168.169.X /24 subnet.  It seems that is the only subnet that is in common between the campuses.

I hope this makes sense.

Okay that makes sense.

There is no problem with reusing vlan IDs but you definitely don't want one VTP domain if you are doing this because the same vlan ID will be using a different IP subnet per campus.

So what you want is a VTP domain per campus rather than one per building by the sounds of it and that would make more sense if the same vlan per campus is present in multiple buildings in that campus.

Does that make sense ?

Jon

Yes that makes perfect sense.  You explained it very well =)  Thanks for that.

Now to my original question...

Is there any risk of losing the VLAN database by changing the VTP domain on each device to a new domain?  I'm just trying to get a feel for the risks of such a change in the environment.

I understand what you mean.   Just looking right now at the core for all of Campus #1...it does NOT have all the VLANS that the switches have at Campus #1. 

For instance, one of the buildings has Vlan 137 defined.  It is specific to that building.  The SVI is located on the VTP Server for that building's domain.  Vlan 137 isn't even on the central core for this campus.

Can I just add the missing vlans into the central core and keep the SVI's on the buildings MDF switch?

And yes, there will be a week of downtime for all of this during Spring Break coming up in a few weeks.

Apologies for the delay in responding, was a bit busy :)

Yes you need to add all the vlans to the core switch so that is has the full list and then propagate that to the clients.

If you can give me a quick example I can do a quick test in a lab to find the best way although it should be fairly simple.

So using your last post vlan 137 is on one of the switches but not the core switch.

How is that switch connected to the core, presumably a trunk, and is that trunk allowing all vlans across it ?

The thing you need to be careful about is the revision number which is why I would like to do a quick test.

Jon

No problem at all!  I appreciate your willingness to help.

That switch is connected to the core via a couple other switches in adjacent buildings.  They are all trunk links.  VLAN 137 does not traverse the trunks past this building, so the core is not even aware of its existence.

The trunk is only allowing one transit VLAN currently (vlan 3003).

So the trunk connecting to the core is only allowing vlan 3003 ?

If so it sounds as though they are actually routing between buildings using L3 SVIs instead of L3 routed ports.

So in terms of that switch there are no vlans that span the campus ?

Think we may need to look at this a bit further because the answer you gave is not what I expected to be honest.

Also the switch being connected to the core via other buildings is a bit surprising as well.

For the IP subnet associated with vlan 137 on the core switch can you do a "sh ip route <IP subnet>" and see if the next hop IP is the vlan 3003 IP on the switch with vlan 137 on it ?

Jon

Yes, the trunk connecting this particular building to the core is only allowing vlan 3003.

Yes, they are routing between buildings using L3 SVIs.

In terms of that switch, there are no vlans that span the campus.  Everything goes to the core and then routed from there.  Even the L3 SVI for Vlan3003 is a point-to-point link between the core and this particular building.

By the way, I was just discussing all of this with the head IT guy here and he thinks it would be easier to keep the current VTP domain setup.  Each building has their own ip subnet for everything (nothing is universal across the campus).

EDIT:  I missed the last part about running show ip route.  It says it goes via Vlan3003 to reach the SVI for Vlan137.