Solved: Re: VTP Issue

NetworkGoats · ‎02-10-2021

I have a topology with a couple switches separated by a few routers, working within a practice lab in Web-UI of GNS3.

On both switches, I configured the interfaces leading to the routers as trunk ports using dot1Q encapsulation. I also set both to the same VTP domain with caps in mind, no VTP password, and both running VTP version 2.

Both are configured as servers still, but if you create a VLAN on either one and type exit, it will not show up on the other switch. Show VTP Status shows the revision numbers do match up. I know I'm missing something simple.

I have 2 PCs hanging off of the switches that are able to ping each other since they are still in VLAN1, so I know the connectivity is good.

TJ-20933766 · ‎02-11-2021

In most of my installs, we don't use VTP because there is the possibility of adding an old switch that doesn't have all the VLANs that are currently in use. Adding that switch to the environment without first having wiped the config may result in over writing the VLAN database for the whole campus causing a massive outage. Cisco even recommends not using VTP.

As for your question about VLANs in an organization with several branches in different cities, I use the same VLAN number at all the locations but they are not directly connected via Layer 2. So even though Site A has VLAN 10 and Site B also has VLAN 10, they are different subnets because I am routing the network.

View solution in original post

TJ-20933766 · ‎02-10-2021

"Both are configured as servers still"

That is the problem. There should be only one server and the rest of the switches should all be VTP clients. Once you change a switch to a client, you will no longer be able to create VLANs on that switch and you will get a message saying so if you even try. You will only create VLANs on the lone VTP server which will update all the VTP clients.

paul driver · ‎02-11-2021

Hello

@TJ-20933766 doesnt matter if both switches are vtp servers they will update each other which ever makes a change unless version 3 is running

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

TJ-20933766 · ‎02-11-2021

I was wrong on that. I had to read up on VTP again and test it in a lab. I did find a helpful resource for troubleshooting VTP that anyone reading this might find useful: https://www.cisco.com/c/en/us/support/docs/lan-switching/vtp/98155-tshoot-vlan.html#topic3

amikat · ‎02-10-2021

Hi,

Routers do not forward vtp packets unless they are configured as bridges or contain switching modules. I am referring to real world of course not commenting the GNS3 environment here.

Best regards,

Antonin

Georg Pauwen · ‎02-11-2021

Hello,

two VTP servers in GNS3 will update each other, but you need to set a VTP password. Not sure if that is a flaw in GNS3 and the IOSvL2 images (which I assume you are using, since as far as I recall there are no Dynamips switch images).

SW1

vtp mode server

vtp domain VTP

vtp password vtp

SW2

vtp mode server

vtp domain VTP

vtp password vtp

With these settings, you can create new Vlans on each server, and the other server will receive the new Vlans. Without a vtp password, there is an MD5 mismatch, so I suspect that the IOSvL2 image somehow puts a default password in there.

paul driver · ‎02-11-2021

@Georg Pauwen

I would say that no vtp password is required for two vtp servers to update each other, it would matter if either one was configured and the other wasnt but otherwise is shouldn’t effect the vtp advertisement between nodes

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

paul driver · ‎02-11-2021

Hello
@amikat is correct the switches sound like theyare separated via a rtr if so the summary/subset advertisments wont be forwarded between switches.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎02-11-2021

Very good point indeed !

You will have to bridge on the router to have VTP messages go across.

The GNS3 VTP password requirement still applies though...

paul driver · ‎02-11-2021

@

@Georg Pauwen wrote:

The GNS3 VTP password requirement still applies though...

Can you explain why you need a vtp password -Areyou saying this is anomolie in GNS3 or required in real world?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎02-11-2021

In which version of GNS3 and which IOSv version does this work (without a VTP password) when you tested this ?

I am using Cisco IOSvL2 15.2.4055 and GNS3 2.1.14. Maybe they fixed it in a different version/combination.

paul driver · ‎02-11-2021

Hello @Georg Pauwen

These forums nearly always realte to real world scenarios based on real hardware and the software running on them

However we all cannot afford or able to test against real kit so the next best solution would to test on lab simulation software such had GNS3 but their results should never be solidified and considered 100% valid.

In this instance switch’s software do vtp password authentication but they can work without it being enabled, So, if you are saying that two switchs running as vtp servers connected to each other require a vtp password to communicate and exchange vtp advertsments and you’ve based that solely on a gns3 simulation output then unfortunately it is incorrect, As on real hardware/software a vtp password isnt required.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎02-11-2021

I am lost to be honest and not sure what you are aiming at. OP clearly stated that this was a GNS3 simulation (see below). I never mentioned anything about 'real' switches.

--> I have a topology with a couple switches separated by a few routers, working within a practice lab in Web-UI of GNS3.

paul driver · ‎02-11-2021

Hello

@Georg Pauwen wrote:

I am lost to be honest and not sure what you are aiming at. OP clearly stated that this was a GNS3 simulation (see below). I never mentioned anything about 'real' switches.

Apologies for making myself clear, What i am trying to say is knowing the differance from a gns3 simulation to a the real thing.

The OP i guess now assumes that in the real world to get an vtp exchange between two vtp servers, a vtp password is required, when in reality it isnt required.

As i said these forums are based on real senarios not results from lab simualtion outputs., Even though lab simulations such a GNS3/CML,EVE.NG or even PT all are vital to testing

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎02-11-2021

Hello Paul,

--> The OP i guess now assumes that in the real world to get an vtp exchange between two vtp servers, a vtp password is required, when in reality it isnt required.

I have no idea what OP assumes. I was just mentioning an apparent bug in GNS3, as this was what OP stated he was using.

I think we should keep these internal discussions out of the actual community forum, as they don't add anything and just make the post unnecessarily long. Private message me if there is a misunderstanding.