Wednesday, 19 December 2018

VLAN Trunking Protocol (VTP)




Let’s understand VTP with an example when you have a network with 30 switches and 50 VLANs. Normally you have to configure each and every switch separately and create VLANs on each and every switch in your network. Yes it’s a time consuming task so here comes VTP (VLAN Trunking Protocol) to help us. VTP will help us to create VLANs on one switch and all the other remaining switches will synchronize themselves. VTP manages the addition, deletion and renaming of VLAN  across the network from a focal point of control.





VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol, as I already said VTP is used to share the VLAN configuration with other switches and maintain consistency throughout that network but information will be passed only if the switch is connected with fast Ethernet or higher ports and also it must be trunk links.

VTP modes:

Server mode is a default mode and  have full control over VLAN, it can creation, deletes and modifies VLANs configuration and synchronizes VLAN configurations, server mode which is by default mode it can sends and forwards advertisements

Client mode this mode doesn’t store its VLAN configuration information in the NVRAM. Instead, it learn from the server each time when its boots up.  VTP client mode do not allow administrator to create, delete, and modify any VLAN configurations, client mode is able to forwards advertisements and its synchronize VLAN configurations but as I said, client mode do not save VLAN configuration in NVRAM.


Transparent mode is can add VLAN, modify and as well it’s delete also VLAN configuration locally transparent mode does not synchronize VLAN configurations. It forward advertisements and this mode saves its VLANs configuration in NVRAM.

Revision number

VTP switch use an index called the VTP configuration revision number to keep track of the most recent information. The VTP advertisement process always starts with configuration revision number 0. When subsequent change is made on VTP server, the revision number is incremented before the advertisements are sent.


Note: before adding a switch to an existing VTP domain, make sure your switch has VTP Revision number is set 0 before adding in to network. For best practice change switch VTP transparent mode and then back to server mode, change the switch VTP domain name to a non-exist VTP domain and then change it back to original name.

VTP version:-

There are three VTP versions are available:-

VTP version 1 supports only one VTP domain. VTP version 1 check for domain name, if VTP domain matches then only its forward VTP messages. Its do not support token ring VLAN.


VTP version 2 support multiple VTP domain , its check for consistency, every time when new information is added but the major difference between version 1 and 2 is version 2 support Token ring VLAN.

VTP version 3 is having feature of VTP primary server the primary server is able to create, delete, and modify VLANs. Secondary server can relay and process and save only. VTP version 3 is support Extended VLANs range (1006 – 4094). And also support Private VLANs, RSPAN VLANs, and Support MST. VTP version 3 is compatible with version 2, but not with version 1. VTP version 3 is protect against data overwrites its able to fix the configuration revision number higher updating. VTP version 3 has more secure methods for authentication of clear text or hidden password protection.


Let see the configuration.


Topology:-




Goal:
  • configure the topology as per the diagram. 
  • configure trunk links as per the diagram.
  • configure VTP version 2 as per the topology and verify it 
  • create VLANs on server and verify it on client and transparent.




sw-1client(config)#interface gigabitEthernet 1/0/1
sw-1client(config-if)#switchport trunk encapsulation dot1q
sw-1client(config-if)#switchport mode trunk
sw-1client(config-if)#exit

sw-2server(config)#interface gigabitEthernet 1/0/1
sw-2server(config-if)#switchport trunk encapsulation dot1q
sw-2server(config-if)#switchport mode trunk
sw-2server(config-if)#exit


sw-2server(config)#interface gigabitEthernet 1/0/2
sw-2server(config-if)#switchport trunk encapsulation dot1q
sw-2server(config-if)#switchport mode trunk

sw-2server(config-if)#exit

sw-3transparent(config)#interface gigabitEthernet 1/0/1
sw-3transparent(config-if)#switchport trunk encapsulation dot1q
sw-3transparent(config-if)#switchport mode trunk
sw-3transparent(config-if)#exit

sw-3transparent(config)#interface gigabitEthernet 1/0/2
sw-3transparent(config-if)#switchport trunk encapsulation dot1q
sw-3transparent(config-if)#switchport mode trunk
sw-3transparent(config-if)#exit


sw-4client(config)#interface gigabitEthernet 1/0/1
sw-4client(config-if)#switchport trunk encapsulation dot1q
sw-4client(config-if)#switchport mode trunk

sw-4client(config-if)#exit

(we have configured trunk links between the switches)

 sw-1client#show interfaces trunk
Port          Mode          Encapsulation   Status         Native vlan
Gig1/0/1    on             802.1q               trunking           1

Port Vlans allowed on trunk
Gig1/0/1 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1

Port Vlans in spanning tree forwarding state and not pruned
Gig1/0/1 1



sw-2server#show interfaces trunk
Port             Mode          Encapsulation    Status   Native vlan
Gig1/0/1       on                  802.1q          trunking     1
Gig1/0/2       on                  802.1q          trunking     1

Port Vlans allowed on trunk
Gig1/0/1 1-1005
Gig1/0/2 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1
Gig1/0/2 1

Port Vlans in spanning tree forwarding state and not pruned
Gig1/0/1 1


Gig1/0/2 1

sw-3transparent#show interfaces trunk
Port         Mode           Encapsulation     Status         Native vlan
Gig1/0/1  on                    802.1q            trunking           1
Gig1/0/2  on                    802.1q            trunking           1

Port Vlans allowed on trunk
Gig1/0/1 1-1005
Gig1/0/2 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1
Gig1/0/2 1

Port Vlans in spanning tree forwarding state and not pruned
Gig1/0/1 1
Gig1/0/2 1


sw-4client#show interfaces trunk
Port         Mode           Encapsulation  Status    Native vlan
Gig1/0/1   on                 802.1q          trunking       1


Port Vlans allowed on trunk
Gig1/0/1 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1

Port Vlans in spanning tree forwarding state and not pruned

Gig1/0/1 1
sw-1client(config)#vtp domain internet
Changing VTP domain name from NULL to internet

sw-1client(config)#vtp password internetworks
Setting device VLAN database password to internetworks

sw-1client(config)#vtp version 2
sw-1client(config)#vtp mode client
Setting device to VTP CLIENT mode.


sw-1client(config)#exit

sw-2server(config)#vtp domain internet
sw-2server(config)#vtp password internetworks
Setting device VLAN database password to internetworks

sw-2server(config)#vtp version 2
sw-2server(config)#vtp mode server
Device mode already VTP SERVER.

                                                                                      (server mode is  a default mode)
sw-2server(config)#exit

sw-3transparent(config)#vtp domain internet
.sw-3transparent(config)#vtp password internetworks
sw-3transparent(config)#vtp version 2
sw-3transparent(config)#vtp mode transparent
Setting device to VTP TRANSPARENT mode.


sw-3transparent(config)#exit


sw-1client#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0001.9602.DC00
Configuration last modified by 0.0.0.0 at 3-1-93 01:31:37

Feature VLAN :
--------------
VTP Operating Mode : Client
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 3
MD5 digest : 0x60 0x44 0x82 0xBB 0xDF 0x2A 0x50 0x67

0xC5 0x9E 0x78 0x39 0x55 0x44 0x65 0x58


sw-2server#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0009.7C30.9B00
Configuration last modified by 0.0.0.0 at 3-1-93 01:31:37
Local updater ID is 0.0.0.0 (no valid interface found)

Feature VLAN :
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 3
MD5 digest : 0x60 0x44 0x82 0xBB 0xDF 0x2A 0x50 0x67

0xC5 0x9E 0x78 0x39 0x55 0x44 0x65 0x58


sw-3transparent#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0001.C7D1.B600
Configuration last modified by 0.0.0.0 at 3-1-93 01:31:37

Feature VLAN :
--------------
VTP Operating Mode : Transparent
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 0
MD5 digest : 0x36 0xD0 0x36 0xEB 0x4C 0xC4 0x8D 0x2E

0xAB 0xA6 0xDA 0xAD 0x97 0x37 0x4A 0xB9
( you can see the revision number is 0 the reason is the switch is  VTP transparent mode)

sw-4client#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 00D0.BAA6.DA00
Configuration last modified by 0.0.0.0 at 3-1-93 00:07:21


Feature VLAN :
--------------
VTP Operating Mode : Client
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 2
MD5 digest : 0x0F 0x76 0x3F 0x32 0xAB 0x02 0x87 0x25

0x4C 0x4A 0xB4 0xF2 0x10 0xBB 0x14 0x69

(lets create vlans on server and verify it)

sw-2server(config)#vlan 10
sw-2server(config-vlan)#name HR
sw-2server(config-vlan)#exit

sw-2server(config)#vlan 20
sw-2server(config-vlan)#name SALES
sw-2server(config-vlan)#exit


sw-2server(config)#vlan 30
sw-2server(config-vlan)#name MARKETING
sw-2server(config-vlan)#exit

sw-2server(config)#VLAN 40
sw-2server(config-vlan)#name INFO-TECH

sw-2server(config-vlan)#exit

from switch 1 (VTP client mode)





from switch 2 (VTP mode server)



from switch 3 (VTP mode transparent)
{from the above output you can see there is no synchronize the reason is this switch is configure transparent mode. but the transparent mode switch can forward the VLAN information. in our case its forward the vlan information to our switch 4 (sw-4 client). you can configure VLAN on transparent mode switch locally.}



from switch 4 (VTP mode client)

(lets configure VLAN on transparent mode switch)

sw-3transparent(config)#vlan 10
sw-3transparent(config-vlan)#name SALES
sw-3transparent(config-vlan)#exit

sw-3transparent(config)#vlan 20
sw-3transparent(config-vlan)#name HR
sw-3transparent(config-vlan)#exit

sw-3transparent(config)#vlan 30
sw-3transparent(config-vlan)#name MARKETING
sw-3transparent(config-vlan)#exit


sw-3transparent(config)#vlan 40
sw-3transparent(config-vlan)#name INFO-TECH

sw-3transparent(config-vlan)#exit

from switch 3 (VTP  transparent mode)


(in the next section we will see the configuration of VTP version 3)

 


 


Instagram

Facebook


Twitter



LINKEDIN








at
Labels:

3 comments:

Glenn M Tembo said...

Thank you very much this has helped me a lot. I am trying to do self study and you are helpful. I want to do cisco and still familiarising myself

3 March 2019 at 22:44
Unknown said...

Thank you this is very helpfull.

8 March 2019 at 08:27
Mario said...

Thank you very much

18 April 2019 at 17:31

Post a Comment

Subscribe to: Post Comments (Atom)

What is Switch Port Analyzer SPAN, RSPAN? How to configure SPAN and RSPAN?

   What are SPAN and RSPAN? Cisco Catalyst Switches have a feature called SPAN (Switch Port Analyzer). This feature is used for directing ...