Showing results for 
Search instead for 
Did you mean: 
Join Customer Connection to register!

VTPv3 use cases! Recommendations

Hello All

We are concidering deploying VTPv3 in our switched enviroment. This enviroment is seperated into several individual trees all connecting to individual PE routers. That is the Layer2 domain stops at the PE.

It is my understanding that in VTPv3 you configure a primary server switch, this switch is the only one capable of updating other switches.

So if a new switch is introduced into the tree and this switch has a revision number higher than that on the server, then NO changes are porpagated through out the network. The new switch is configured according the VLANs defined on the server.

I would like to hear of any problems people have experienced with VTP -?

I'm told that running VTP can introduce as many problems as it can solve.....?

What is your experince in operating a VTP domain?

What is the do's and dont's?

All comments are appreciated!!!





I'm not a big expert on this bussines but here you are my opinion:

I think, nowdays, Cisco has started recommending, as a best practice, to implement L3 features in the access layer (avoiding STP for HA purposes as long as it's slower than using the load balance features in dynamic routing protocols). From this point of view VTP server/client modes becomes less important since VLAN should be local to the switch block in the access layer, therefore there is no so need to propagate all of them to other switches.

Nevertheless, although to follow best practices is a good advice, you cannot always implement all of them since every company is a world. I use VTP (server/client modes) in some of the sites where I work and I find it useful.

It's true that you must be take care, specially installing new switches in a production environment, above all if they are switches which have been reused and they can keep old configurations. A good practice, in this case, it's reset always the version number of the VTP configuration before you plug the switch into the network (I think that it's just enough if you change the VTP mode to transparent although there's other ways to do it too). If you don't reset it you're taking a risk since even the switch is configured as 'client' it could overwrite all VTP configuration of the rest of switches in the network (if it's revision number of the VTP configuration is higher than the other ones').

I think version 3 has a lot of improvements. It's the version that I configure always I need to run VTP in my network. It's version 2 compatible and I haven't had any problem until now. It has many advantages but i'd like to emphasize this:

- You need to run the command 'vtp primary' and type the VTP password in order to make changes in the VLAN database (maybe it's more time-consuming but it's more secure too).

Of course there are other important features too: it supports MST database propagation, extended range VLANs propagation, private VLANs propagation, option to turn VTP on or off on a per-trunk (per-port) basis and so on.

One thing that I'd like testing further it's to check what happens with MST convergence when you make many changes in the MST configuration (add or delete VLANs from the instance mappings) and you're using VTPv3 in order to propagate the changes. Maybe someone who have "played" more with all this stuff can tell us,

Best regards