cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1288
Views
10
Helpful
5
Replies

Switching Infrastrucuture with VTP (Concept questions)

jamesallen36
Level 1
Level 1

Hi yall,

Many years back I used to configure a Cisco basic switch and router for branch offices. Well now I am going to have to implement an entire switching infrastructure for a 7 floor building. I have been doing a lot of research but a couple things conceptually are not jiving with me.

From my reading, I believe that I would like to setup a VTP server on a core switch and then rest as VTP clients. I feel pretty clear on how to set the VTP modes, domain name, passwords, etc and also that I need to create a trunk port for multiple VLANs to communicate on both ends of each uplink.

What I don't quite grasp when referencing some people's sample configs is where do you set the IP of the switch that you would connect via telnet? I see some people setting IPs on the specific VLANs but if that is the case and VTP syncs the VLAN information, would that be the same IP assigned to the VLAN or different on each switch?

Is it still necessary to configure a designated port (no switchport command) to an IP to manage the switch?

These are probably some basic and stupid questions but thanks in advance to anyone who is game to help me understand.

Thanks - James

5 Replies 5

IcebergTitanic
Level 1
Level 1

Typically the IP for VLAN1 is your management interface. The IP addresses for the various VLANs are used as the default gateways to the computers within those VLANs.

So for example, VLAN1 ip = 10.10.0.1 then you would telnet to that for your switch config.

VLAN 10  ip = 10.10.10.1, you would have computers on that VLAN with 10.10.10.xxx addresses, using 10.10.10.1 as their gateway address, if you're doing L3 routing on the switch.

And no, don't need the dedicated port nowadays as far as I know.

Thanks Dan!

So if I am understanding you correctly...

For the management interface, I would do the following -

interface Vlan1

description management VLAN

ip address 10.10.0.1 255.255.248.0

no shut

(This IP would be unique to this switch only and accessible via telnet)

And then VLAN settings from the VTP Server, I would do the following -

Enabling VTP

vtp mode server

vtp version 2

vtp domain mydomain

vtp password vtppassword

Making VLANs

interface Vlan10

description Dogface

ip address 10.10.10.1 255.255.248.0

ip helper-address 10.10.1.72

ip helper-address 10.10.1.73

no shut

(This IP would be the same in the VLAN database of all of the VTP clients as it is the gateway for all hosts residing on that VLAN)

Then I would have to make a trunk port that allows this VLAN.

Am I pretty close?   :-)  

Yeah, mostly. A little clarification on your understanding of VTP....

VTP doesn't care about the IP addresses. All it does is tell the other switches about the existence of the VLANs, so that they can trunk them appropriately, and so that you don't have to manually define them all. They won't receive anything about IP addresses.

On a related note, I think you might also have to actually define the VLANs separately from the VLAN interface. My memory is foggy, as the procedure varies from device to device, but you may actually have to use a separate command for making the VLANs.

On old switches, it would have been something like vtp database and then vlan 10 DATAVLAN etc

For example, on a 2950 switch:

enable

config t

vlan 5

name DATA

exit

vlan 10

name SERVERS

exit

vtp mode server

vtp domain MYDOMAIN

vtp password MYPASSWORD

int vlan5

desc DATA VLAN

ip address 10.10.5.1 255.255.255.0

no shut

So you see, the first part creates the VLANs in the internal VLAN database, which is distributed with VTP. It also allows switchports to access that vlan. Even without creating the vlan interface itself, you could still have separate VLANs that would operate as layer-2 switches.

The VLAN interface with an IP address allows you to direct traffic to the vlan based on ip addresses.


Hi  James,

I would add some thoughts on this point.

Create management vlan different from vlan1. Connect to your devices using SSH, not though Telnet if possible.

Best regards,

Alex

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco