Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2763
Views
15
Helpful
18
Replies

VTP Domain - Server renames other servers?

Go to solution
joealbergo
Level 1
Level 1

‎05-28-2010 11:28 AM - edited ‎03-06-2019 11:19 AM

I was doing some reading in my Cisco Academy Training - Chapter 4 of the Switching Fundamentals and they are going over VTP.

It showed an example where 3 VTP Server's existed. All 3 switches connected - and that all three are VTP Servers (not clients) - -The S1 VTP Server was able to send out the VTP Domain name (Cisco) to replace "null" entries on other VTP Domain Servers.

I was just trying to understand how that is possible? I thought that only Clients could be sent information and instructions.

Why would there be 3 VTP Servers on one network? The example did not make sense....

Of course I am sure I might have overlooked something -- hope to hear from anyone who can help. Thank you in advance - your knowledge is appreciated.

-Joe

Labels:
0 Helpful
18 Replies 18

Go to solution
joealbergo
Level 1
Level 1
In response to Jon Marshall

‎05-28-2010 04:16 PM

Jon

So getting back to VLAN's -

Once I reach my first L3 Router - that is my boundry?

Basically outside of that router VLAN's are different.

S1>------S2>------S3>-------R1>----------S3>----S2>-----S1>

VLAN1-VLAN2-VLAN3-------------|---------VLAN4-VLAN5-VLAN6

These VLAN's are not going to be able to communicate outside the R1 boundry?

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to joealbergo

‎05-28-2010 04:24 PM 

joealbergo wrote:
Jon
So getting back to VLAN's -
Once I reach my first L3 Router - that is my boundry?
Basically outside of that router VLAN's are different.
S1>------S2>------S3>-------R1>----------S3>----S2>-----S1>
VLAN1-VLAN2-VLAN3-------------|---------VLAN4-VLAN5-VLAN6
These VLAN's are not going to be able to communicate outside the R1 boundry?

Joe

Correct. In your example R1 & R2 form a limit to vlans. So even if it was vlan1-vlan2-vlan3 on both sides they would not be the same vlans.

Bear in mind when you say they can't communicate with each other over a L3 boundary, that is they can't communicate at L2. Obviously devices in vlan 2 for example could communicate with devices in vlan 5 from your above example by routing between the sites.

Jon

0 Helpful

Go to solution
joealbergo
Level 1
Level 1
In response to Jon Marshall

‎05-28-2010 07:44 PM

The VTP Domain traffic is at layer 2 on the switches -

So VTP traffic is not sent across.

The layer 3 Router will allow data between the VLAN's because it will re-route the data back to the VLAN's going through the Router's Sub Ethernet Interfaces.

Switches - sending traffic from one VLAN to OTHER VLAN's (with different ID's) must use a Router.

A Router will receive the traffic from VLAN 30 with the desination to VLAN 20 -

The Router will re-tag the data and send it back with the destination tag of VLAN 20.

The proper switch and VLAN receives that then?

I hope I am still with you - but speak on brother, speak on wise one.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to joealbergo

‎05-29-2010 04:23 AM 

joealbergo wrote:
The VTP Domain traffic is at layer 2 on the switches -
So VTP traffic is not sent across.
The layer 3 Router will allow data between the VLAN's because it will re-route the data back to the VLAN's going through the Router's Sub Ethernet Interfaces.
Switches - sending traffic from one VLAN to OTHER VLAN's (with different ID's) must use a Router.
A Router will receive the traffic from VLAN 30 with the desination to VLAN 20 -
The Router will re-tag the data and send it back with the destination tag of VLAN 20.
The proper switch and VLAN receives that then?
I hope I am still with you - but speak on brother, speak on wise one.

Joe

Not sure about the "wise one"

Some examples will help with this but first a few key points.

1) a vlan is a L2 concept only. To forward packets within the same vlan mac-addresses are used as the destination address.

2) 99% of the time there is a 1-1 relationship between a L2 vlan and a L3 IP subnet.

3) To send data from one vlan to another vlan you do indeed need a L3 device, either a router or a L3 switch.


vlans 5/6 -> sw1 -> L2 trunk -> R1 -> routed link -> R2 -> L2 trunk -> sw2 -> vlans 7/8

in the above R1 and R2 are using 802.1q subinterfaces on their LAN interfaces. The link between R1 & R2 is a simple routed link. sw1 & sw2 are L2 switches.

vlan 5 = 192.168.5.0/24
vlan 7 = 192.168.6.0/24

H1 = 192.168.5.10
H2 = 192.168.6.10

H1 sends a packet to H2

1) H1 knows it is on network 192.168.5.0 because it knows it's address and it knows it subnet mask.
2) H1 compares H2's IP address with it's own subnet mask and works out that H2 is on the 192.168.6.0 network. Because the networks do not match H1 needs to send the packet to it's default-gateway which is the subinterface for vlan 5 on R1.
3) Assuming H1 has the mac-address of R1's vlan 5 subinterface it sends the frame out of it's NIC.
4) sw1 receives the packet on a port allocated to vlan 5, sees the destination IP is for R1 vlan 5 subinterface, also sees that is via a trunk so adds an 802.1q tag identifying this frame to be in vlan 5 and sends it to R1.
5) R1 receives the frame, strips the tag, lookups the destination IP, realises it has to send it to R2.
6) Assuming R1 has R2's L2 address it sends it to R2.
7) R2 does a lookup on the destination IP, sees it is on a directly connected subinterface, adds a vlan tag and sends it to sw2.
8) sw2 strips the tag and sends it to H2.

Note that vlan tags were only relevant between the L2 switch and the LAN interfaces of the routers. When the packet was routed between R1 & R2 there was no vlan tag and in fact there was no real concept of a vlan. The reason i specified R2's L2 address in point 6) above was that the routed link could be across ethernet in which case it would be a mac-address but it could also be frame-relay using DLCIs, ATM using VPI/VCIs etc..

Next example is a setup you are far more likely to see in production networks -

vlans 5/6 -> sw1 -> L2 trunk -> sw2 -> routed link -> R1 -> routed link -> R2 -> routed link -> sw3 ->  L2 trunk -> sw4 -> vlans 7/8

sw1 and sw4 are still L2 only switches.
sw2 and sw3 are L3 switches which are now responsible for routing between vlans.
R1 and R2 are not now using subinterfaces and are not running 802.1q.

If H1 sends a packet to H2 it's pretty much the same process as above except that the vlan tagging only takes place between the switches in either sites. When the routers receive the frames on their LAN interfaces there is no vlan tagging at all.

In both the above examples each site would have it's own VTP domain and there would be no communication between the 2 domains. You could if you wanted give them the same name and it would make no difference ie. they would still be independant VTP domains with no communication between each other. Note also that in the above examples the vlan numbers are different in each site but you could if you wanted use the same vlan numbers in each site. This does not make them the same vlan ie. a host in vlan 5 in site1 is not in the same vlan as a host in vlan 5 in site2.

What you can't do is have a vlan in site1 using the same IP subnet as a vlan in site2 and then expect them to be able to communicate with each other. Because you cannot route to the same subnet. You can switch within the same subnet but not route within the same subnet.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card