Re: Remove VTP

Beaurr · ‎07-15-2021

networkingHello,

We are currently using VTP, with a VTP domain, on the core switch in server mode, and the other switches are in client mode.
Everything is working fine.

Our infrastructure has around 60 switches.
3850 for the core and 2960 for access

But my boss asks me to study the removal of the VTP on our infrastructure.

The fact of passing the configuration in transparent mode? but in this case, are the VLAN.dat of the switches kept?
If so, what is the procedure?
switch the access switches (which are in client) to transparent first then the core switch after, switch it from server to transparent?
Will this cause a production problem?

balaji.bandi · ‎07-15-2021

I do not see any issue here, remove VTP from environment.

convert Client First VTP Client to VTP Transparent, if required create VLAN required Locally.

make sure you already added all the VLAN in Trunk so it should be any issue.

then move VTP Server to Transparent - so VTP Server removed here.

i do not see any issue, but being production environment, suggest to do in change or maintenance window cover yourself.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Leo Laohoo · ‎07-15-2021

conf t
 vtp mode off
end

marce1000 · ‎07-15-2021

>....But my boss asks me to study the removal of the VTP on our infrastructure.

Tell your boss not advisable on a production network, but good question to ask/debate (need for vtp) in design of a new network (e.g.)

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

paul driver · ‎07-15-2021

Hello

@Beaurr wrote:

Everything is working fine.....

my boss asks me to study the removal of the VTP on our infrastructure.

Why is he asking?

If you regular create/delete new vlans and there is need to propergate these changes throughout those 60 devices then i would say keep it.

If you wish to not use it then you can turn it off without any disruption to the network.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Giuseppe Larosa · ‎07-15-2021

Hello @Beaurr ,

as an alternative to removing VTP you should consider moving to VTP version 3. It eliminates all the security concerns of previous versions and it can be a valid tool to help moving to MST if the number of VLANs is high (C2960 may have a limit on number of STP instances they can run at the same time)

When you move a switch from client mode to transparent mode it keeps the current VLAN database.

So there is no impact in migration itself , but there is later if you need to create a new VLAN you will need to do it on all switches in the path between core and access switches that have clients in the new VLAN and eventually you will need to update the list of allowed VLANs on trunks both sides ( this is the only way to avoid to waste resources in STP instances when using PVST or Rapid PVST).

Hope to help

Giuseppe

Joseph W. Doherty · ‎07-15-2021

"When you move a switch from client mode to transparent mode it keeps the current VLAN database."

BTW (with personal experience) true when moving to "off" mode.

Also BTW, there are improvements with VTPv3 (as noted by Giuseppe), but there are practices with VTPv1/2 that make "zapping" all your VLAN less likely and/or improve "security". For the former, change management can also assist.