This can be potentially dangerous if you reuse a switch where the VTP domain name remains default or the VTP domain name is the same. If the revision number on this switch is higher than the server then it will overwrite all your VLAN settings and potentially bring down your network.
Even if you wipe a switch with a that was a prior VTP server it still retains its revision number.
Note: VTP operate on revision numbers, a server with a higher revision number always win.
This has personally happened to me luckily there were only two switches affected.
A switch from a different site was wiped with intentions of using it for my imaging station, the revision number on this switch was higher than the VTP server on site, so it overwrote the VLAN database on all switches belonging to the VTP domain. Which in turn brought down the network.
Steps that should be taken when deploying a VTP implementation.
- Always name you VTP domains different at each location
- Always set a VTP password (this can be something as simple as 123)
- Whenever you config a new switch always set it to transparent or client depending on your plan for deployment.
VTP mode
There are there modes VTP can operate in
- Server - there can be multiple servers each server will push out changes to all clients (default mode for all switches)
- Client - you can not create a VLAN on a switch in client mode, VLAN will be pushed out by a switch in server mode
- Transparent - gives a switch the ability to operate independently of a VTP server.
Configuring VTP
VTP can be configured in a few simple steps, since VTP is in server mode by default in this example we will configure the domain and password, and set a switch to client mode.
First lets configure the domain and password
We will be setting the domain to VTP.com and the password to 1234
Note: the VTP domain can be any domain you like does not have to be an existing domain, this domain is used only for your VTP servers and client
Next we will set our second switch up as a VTP client and join it to the VTP domain
That's it we've set up VTP, just ensure the ports between the switch are set up as trunk ports. Now lets see VTP in action
First we will see which VLANs are on sw2 (the VTP client)
Now we will create a VLAN on sw1 and let it push out to sw2.
Note: correction name VTP-example there can not be any spacing between a VLAN name.
Now we can see that it has replicated, the process happens instantaneously before you get a chance to save your config the changes have already replicated to the client.
We will be setting the domain to VTP.com and the password to 1234
Note: the VTP domain can be any domain you like does not have to be an existing domain, this domain is used only for your VTP servers and client
Next we will set our second switch up as a VTP client and join it to the VTP domain
That's it we've set up VTP, just ensure the ports between the switch are set up as trunk ports. Now lets see VTP in action
First we will see which VLANs are on sw2 (the VTP client)
Now we will create a VLAN on sw1 and let it push out to sw2.
Note: correction name VTP-example there can not be any spacing between a VLAN name.
Now we can see that it has replicated, the process happens instantaneously before you get a chance to save your config the changes have already replicated to the client.
No comments:
Post a Comment