VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol, as I already said VTP is used to share the VLAN configuration with other switches and maintain consistency throughout that network but information will be passed only if the switch is connected with fast Ethernet or higher ports and also it must be trunk links.7
if you are not familiar with VTP versions 1 and 2 please click the link
here https://www.internetworks.in/2018/12/vlan-trunking-protocol-vtp.html
VTP version 3 has features of the VTP primary server the primary server is able to create, delete, and modify VLANs. The secondary server can relay process and save only. VTP version 3 supports the Extended VLANs range (1006 – 4094). And also supports Private VLANs, RSPAN VLANs, and MST. VTP version 3 is compatible with version 2, but not with version 1. VTP version 3 is protected against data overwrites its ability to fix the configuration revision number higher updating. VTP version 3 has more secure methods for authentication of clear text or hidden password protection.
let's configure VTP version 3: - https://youtu.be/D0t29ZdO09I?si=GofAD3lfK61IsiS1
Topology: -
Goal: -
- Configure the topology as per the diagram.
- configure trunk Dot1q as per the topology
- configure VTP domain name will be internetworks
- configure version 3
- configure password ccie123
- Hide the password
- configure LAYER-3-switch-1 primary server VLAN
- Configure VLAN 10,20,30,40,50,60,70,80 and 90 on LAYER-3-switch-1 and make sure the rest of the domain switches synchronize this data.
- configure the extended range of VLAN 2000,2001 on LAYER-3-switch-1 and make sure the rest of the domain switches synchronize this data.
- configure MSTP on LAYER-3-switch-2 and make sure the rest of the switches synchronize this information.
configure trunk Dot1q as per the topology
LAYER-3-switch-1(config)#interface range gigabitEthernet 0/0-2
LAYER-3-switch-1(config-if-range)#switchport trunk encapsulation dot1q
LAYER-3-switch-1(config-if-range)#switchport mode trunk
LAYER-3-switch-1(config-if-range)#exit
LAYER-3-switch-1(config)#do show int trunk
Port Mode Encapsulation Status Native vlan
Gi0/0 on 802.1q trunking 1
Gi0/1 on 802.1q trunking 1
Gi0/2 on 802.1q trunking 1
LAYER-3-switch-2(config)#interface range gigabitEthernet 0/0-2
LAYER-3-switch-2(config-if-range)#switchport trunk encapsulation dot1q
LAYER-3-switch-2(config-if-range)#exit
LAYER-3-switch-2(config)#end
LAYER-3-switch-2#show interface trunk
Port Mode Encapsulation Status Native vlan
Gi0/0 desirable 802.1q trunking 1
Gi0/1 desirable 802.1q trunking 1
Gi0/2 desirable 802.1q trunking 1
SW-L-3-SWITCH-1(config)#interface range gigabitEthernet 0/0-3
SW-L-3-SWITCH-1(config-if-range)#switchport trunk encapsulation dot1q
SW-L-3-SWITCH-1(config-if-range)#switchport mode trunk
SW-L-3-SWITCH-1(config-if-range)#exit
SW-L-3-SWITCH-1#show interface trunk
Port Mode Encapsulation Status Native vlan
Gi0/0 on 802.1q trunking 1
Gi0/1 on 802.1q trunking 1
Gi0/2 on 802.1q trunking 1
Gi0/3 on 802.1q trunking 1
SW-L-3-SWITCH-2(config)#interface range gigabitEthernet 0/0-3
SW-L-3-SWITCH-2(config-if-range)#switchport trunk encapsulation dot1q
SW-L-3-SWITCH-2(config-if-range)#switchport mode trunk
SW-L-3-SWITCH-2(config-if-range)#exit
SW-L-3-SWITCH-2(config)#end
SW-L-3-SWITCH-2#show interface trunk
Port Mode Encapsulation Status Native vlan
Gi0/0 on 802.1q trunking 1
Gi0/1 on 802.1q trunking 1
Gi0/2 on 802.1q trunking 1
Gi0/3 on 802.1q trunking 1
switch1#show interface trunk
Port Mode Encapsulation Status Native vlan
Et0/0 auto n-802.1q trunking 1
switch2#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Et0/3 auto n-802.1q trunking 1
switch3#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Et0/3 auto n-802.1q trunking 1
switch4#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Et0/0 auto n-802.1q trunking 1
configure VTP domain name will be internetworksconfigure version 3configure password ccie123
LAYER-3-switch-1(config)#vtp domain internetworks
Changing VTP domain name from CISCO-vIOS to internetworks
*Sep 14 10:06:59.039: %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to internetworks.
LAYER-3-switch-1(config)#vtp password ccie123
Setting device VTP password to ccie123
LAYER-3-switch-1(config)#vtp version 3
VTP version is already in V3.
LAYER-3-switch-1(config)#end
LAYER-3-switch-1#show vtp status
VTP Version capable : 1 to 3
VTP version running : 3
VTP Domain Name : internetworks
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0ca8.8a78.0000
Feature VLAN:
--------------
VTP Operating Mode : Transparent
Number of existing VLANs : 8
Number of existing extended VLANs : 0
Maximum VLANs supported locally : 4096
LAYER-3-switch-2(config)#vtp domain internetworks
*Sep 14 10:07:24.374: %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to internetworks.
LAYER-3-switch-2(config)#vtp password ccie123
Setting device VTP password to ccie123
LAYER-3-switch-2(config)#vtp version 3
*Sep 14 10:07:31.777: %SW_VLAN-6-OLD_CONFIG_FILE_READ: Old version 2 VLAN configuration file detected and read OK. Version 3 files will be written in the future.
LAYER-3-switch-2(config)#exit
LAYER-3-switch-2#show vtp status
VTP Version capable : 1 to 3
VTP version running : 3
VTP Domain Name : internetworks
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0cdd.bbf1.0000
Feature VLAN:
--------------
VTP Operating Mode : Transparent
Number of existing VLANs : 8
Number of existing extended VLANs : 0
Maximum VLANs supported locally : 4096
(Configure the rest of the switches)
Hide the password
LAYER-3-switch-1#show vtp password
VTP Password: ccie123
LAYER-3-switch-1(config)#vtp password ccie123 hidden
Setting device VTP password
LAYER-3-switch-1(config)#end
LAYER-3-switch-1#show vtp password
VTP Password: F4273A1766CD9B39D578AD8004F68BA0
LAYER-3-switch-2#show vtp password
VTP Password: ccie123
LAYER-3-switch-2(config)#vtp password ccie123 hidden
Setting device VTP password
LAYER-3-switch-2(config)#end
LAYER-3-switch-2#show vtp password
VTP Password: F4273A1766CD9B39D578AD8004F68BA0
configure LAYER-3-switch-1 primary server VLAN
LAYER-3-switch-1(config)#vtp mode server
Setting device to VTP Server mode for VLANS.
LAYER-3-switch-1(config)#exit
LAYER-3-switch-1#vtp primary vlan
This system is becoming primary server for feature vlan
Enter VTP Password:
No conflicting VTP3 devices found.
Do you want to continue? [confirm]
*Sep 14 10:16:49.913: %SW_VLAN-4-VTP_PRIMARY_SERVER_CHG: 0ca8.8a78.0000 has become the primary server for the VLAN VTP feature
LAYER-3-switch-1#show vtp status
VTP Version capable : 1 to 3
VTP version running : 3
VTP Domain Name : internetworks
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0ca8.8a78.0000
Feature VLAN:
--------------
VTP Operating Mode : Primary Server
Number of existing VLANs : 9
Number of existing extended VLANs : 0
Maximum VLANs supported locally : 4096
Configuration Revision : 1
Primary ID : 0ca8.8a78.0000
Primary Description : LAYER-3-switch-1
MD5 digest : 0x6A 0x12 0x0E 0x94 0xFF 0xFD 0xFB 0x80
0x78 0x12 0x30 0x8B 0x9F 0xFB 0xCA 0x0B
Configure VLAN 10,20,30,40,50,60,70,80 and 90 on LAYER-3-switch-1 and make sure the rest of the domain switches synchronize this data.
configure the extended range of VLAN 2000,2001 on LAYER-3-switch-1 and make sure the rest of the domain switches synchronize this data.
LAYER-3-switch-1(config)#vlan 10,20,30,40,50,60,70,80,90
LAYER-3-switch-1(config-vlan)#end
LAYER-3-switch-1#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/3, Gi1/0, Gi1/1, Gi1/2
Gi1/3, Gi2/0, Gi2/1, Gi2/2
Gi2/3, Gi3/0, Gi3/1, Gi3/2
Gi3/3
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
40 VLAN0040 active
50 VLAN0050 active
60 VLAN0060 active
70 VLAN0070 active
80 VLAN0080 active
90 VLAN0090 active
100 VLAN100 active
200 VLAN0200 active
300 VLAN0300 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
LAYER-3-switch-1(config)#vlan 2000-2001
LAYER-3-switch-1(config-vlan)#end
LAYER-3-switch-1#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/3, Gi1/0, Gi1/1, Gi1/2
Gi1/3, Gi2/0, Gi2/1, Gi2/2
Gi2/3, Gi3/0, Gi3/1, Gi3/2
Gi3/3
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
40 VLAN0040 active
50 VLAN0050 active
60 VLAN0060 active
70 VLAN0070 active
80 VLAN0080 active
90 VLAN0090 active
100 VLAN100 active
200 VLAN0200 active
300 VLAN0300 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
2000 VLAN2000 active
2001 VLAN2001 active
LAYER-3-switch-2>show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/3, Gi1/0, Gi1/1, Gi1/2
Gi1/3, Gi2/0, Gi2/1, Gi2/2
Gi2/3, Gi3/0, Gi3/1, Gi3/2
Gi3/3
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
40 VLAN0040 active
50 VLAN0050 active
60 VLAN0060 active
70 VLAN0070 active
80 VLAN0080 active
90 VLAN0090 active
100 VLAN100 active
200 VLAN0200 active
300 VLAN0300 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
2000 VLAN2000 active
2001 VLAN2001 active
configure MST on LAYER-3-switch-2 and make sure the rest of the switches synchronize this information.
LAYER-3-switch-2(config)#vtp mode server mst
Setting device to VTP Server mode for MST.
LAYER-3-switch-2(config)#end
LAYER-3-switch-2#vtp primary mst
This system is becoming primary server for feature mst
Enter VTP Password:
No conflicting VTP3 devices found.
Do you want to continue? [confirm]
*Sep 15 06:37:47.591: %SW_VLAN-4-VTP_PRIMARY_SERVER_CHG: 0cdd.bbf1.0000 has become the primary server for the MST VTP feature
LAYER-3-switch-2#show vtp status
VTP Version capable : 1 to 3
VTP version running : 3
VTP Domain Name : internetworks
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0cdd.bbf1.0000
Feature VLAN:
--------------
VTP Operating Mode : Client
Number of existing VLANs : 17
Number of existing extended VLANs : 2
Maximum VLANs supported locally : 4096
Configuration Revision : 3
Primary ID : 0ca8.8a78.0000
Primary Description : LAYER-3-switch-1
MD5 digest : 0xA3 0x83 0x75 0x30 0xCA 0x45 0x54 0xAE
0xCC 0xB7 0x5C 0xC1 0xCF 0x95 0x7C 0x7D
Feature MST:
--------------
VTP Operating Mode : Primary Server
Configuration Revision : 2
Primary ID : 0cdd.bbf1.0000
Primary Description : LAYER-3-switch-2
MD5 digest : 0x75 0x23 0xCB 0xFB 0x81 0x50 0x64 0x55
0xBB 0x1D 0xED 0x16 0xF6 0xF6 0x7A 0x78
Feature UNKNOWN:
--------------
VTP Operating Mode : Transparent
LAYER-3-switch-1(config)#vtp mode client mst
Setting device to VTP Client mode for MST.
LAYER-3-switch-1(config)#end
LAYER-3-switch-2(config)#spanning-tree mst configuration
LAYER-3-switch-2(config-mst)#name internetworks.in
LAYER-3-switch-2(config-mst)#revision 1
LAYER-3-switch-2(config-mst)#instance 1 vlan 50,60
LAYER-3-switch-2(config-mst)#instance 2 vlan 70,80
LAYER-3-switch-2(config-mst)#exit
LAYER-3-switch-2(config)#end
LAYER-3-switch-2#show spanning-tree mst configuration
Name [internetworks.in]
Revision 1 Instances configured 3
Instance Vlans mapped
-------- ---------------------------------------------------------------------
0 1-49,51-59,61-69,71-79,81-4094
1 50,60
2 70,80
-------------------------------------------------------------------------------
LAYER-3-switch-1#show spanning-tree mst configuration
% Switch is not in mst mode
Name [internetworks.in]
Revision 1 Instances configured 3
Instance Vlans mapped
-------- ---------------------------------------------------------------------
0 1-49,51-59,61-69,71-79,81-4094
1 50,60
2 70,80
-------------------------------------------------------------------------------
LAYER-3-switch-1#show vtp status
VTP Version capable : 1 to 3
VTP version running : 3
VTP Domain Name : internetworks
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0ca8.8a78.0000
Feature VLAN:
--------------
VTP Operating Mode : Server
Number of existing VLANs : 17
Number of existing extended VLANs : 2
Maximum VLANs supported locally : 4096
Configuration Revision : 3
Primary ID : 0ca8.8a78.0000
Primary Description : LAYER-3-switch-1
MD5 digest : 0xA3 0x83 0x75 0x30 0xCA 0x45 0x54 0xAE
0xCC 0xB7 0x5C 0xC1 0xCF 0x95 0x7C 0x7D
Feature MST:
--------------
VTP Operating Mode : Client
Configuration Revision : 3
Primary ID : 0cdd.bbf1.0000
Primary Description : LAYER-3-switch-2
MD5 digest : 0x02 0x84 0xD9 0x4F 0x8F 0xD9 0xB2 0x4B
0x02 0xA0 0xA8 0x6B 0xD0 0xD1 0x6E 0x92
Feature UNKNOWN:
--------------
VTP Operating Mode : Transparent
No comments:
Post a Comment