Tuesday, 16 May 2017

Setup VTP (VLAN Trunking Protocol) on Cisco Devices

VTP (VLAN Trunking Protocol) is a way of distributing VLAN information across multiple switches in your network. Although VLAN's are local to each switch using VTP enables you a quick and painless way of adding, removing and modifying VLAN's.

VTP (of course) will only work on trunked ports - however by default all VLAN information

There are three modes (only 2 in VTP version 1 and 2) in VTP version 3:

server: This is the authoritative node that decides which VLANs will be created, deleted etc.

client: This mode listens and relays VTP messages - however is unable to add / delete VLANs from the domain.

transparent: This mode ignores incoming VTP messages - however does pass them on to neighbours.

off: This mode (only available in version 3) completely ignores VTP messages.

On switch one (the vtp server) we will define our domain:

vtp domain mydomain.internal

and the VTP version - along with the mode:

vtp version 3
vtp mode server

We can also (optionally) set a password with:

vtp password xyz

To review our configuration we should run:

do show vtp status

Here we can also identify which VTP revision number we are on.

Now on the second (VTP client) switch - we'll sort out the domain and version again:

vtp domain mydomain.internal

Note: If you do not specify a VTP domain (null by default) and the switch receives a VTP message - it will automatically configure the switch with the messages VTP domain!

Important: Ensure that the VTP server (Switch 1) has all of the relevant VLAN's that are already configured on Switch 2 - otherwise these will be lost and the links will go down when VTP is turned on!

Important: Before we go any further we need to ensure that Switch 2's VTP revision number is not higher than that of Switch 1 - otherwise this could be disastrous! This is because Switch 1 will think Switch 2 has a newer configuration and overwrite it's own VLAN database (vlan.dat).

However this typically won't happen with new switches - but if it's already in use you should check the revision number with:

do show vtp status

and if it's higher (or the same as) Switch 1 we'll need to reset the revision number by putting the switch's VTP instance into transparent mode:

vtp mode transparent

and then into the desired mode:

vtp mode server

or

vtp mode client

If all goes to plan you should typically not have any downtime on your trunks - however with anything like this I'd strongly recommend scheduling a maintenance period!

Tip: If you wish to disable VTP on an interface (this will prevent inbound VTP messages reaching the switch interface) you can issue:

int gix/y
no vtp

Or if you are connecting another switch and want to ensure that it does not join the VTP domain you can issue:

vtp mode off

0 comments:

Post a comment