Re: VTP in datacenter

dominic.caron · ‎01-13-2009

Hi!

Is it wise to use VTP in a datacenter or is there security or stability issues?

Jon Marshall · ‎01-13-2009

Dominic

You may well get a few different answers. A lot depends on how active your data centre is in terms of

1) switches being added/removed

2) vlans being added removed

Personally i would look to use VTP transparent in a DC if at all possible. It mitigates against the risk of wiping out the existing vlan database, and vlans only end up on switches where you want them and hence STP is limited in it's diameter.

This is assuming a L2 access/server layer to a L3 distro/core layer.

But there is nothing inherently wrong with VTP server/client in a DC, make sure you use a password though and prune/allow vlans on your trunk links.

Jon

dominic.caron · ‎01-13-2009

My fisrt delivery is a 4948-10G access layer. I have to integrate a few nexus 5020 in 2 month and 40 more +2x 7000 in 12 month.

I did not find anything about VTP in the 5000 documentation. Is it supported? . If not, I wont be going with vtp support.

Jon Marshall · ‎01-13-2009

Dominic

Not familiar with Nexus switches but quick look at configuration doc for 5000 series -

"Note VLAN Trunking Protocol (VTP) mode is OFF. VTP BPDUs are dropped on all interfaces of a Cisco Nexus 5000 Series switch, which partitions VTP domains if other switches have VTP turned on."

Also had a look at 7000 series configuration guide and it seems they only support VTP transparent at the moment.

Jon