2.5 Configure, verify, and troubleshoot interswitch connectivity

Thanks for keep on reading on my blog post. I really appreciate it. We are now going to move with topics:

2.5.a Trunk ports
2.5.b Add and remove VLANs on a trunk
2.5.c DTP, VTP (v1&v2), and 802.1Q
2.5.d Native VLAN

2.5a Trunk ports

 

dsdsds

I have another network that shows switch truncated to another switch. What are trunk ports? Those are ports that connects one switch to another switch connected by a crossover cable.

What is the problem that solves by trunk port?

Trunk port is just a term to identify ports but VTP is the protocol that solves a problem.

Problem: implementing VLANs on each switches.

It maybe easy if we only have 5 switches, 20 switches or 50 switches. What if we are managing a huge corporation that let us manage 1000 switches  and we are going to add a number of vlans for that.

Solution: VTP

VTP is a Cisco proprietary protocol that let us used automation of VLAN propagation

Advantage: Easier to manage VLANs

Disadvantage: May ruin your network,( i’ll explain it later)

VTP MODES

  1. Server–> can add , delete and manage VLANs and forward VTP updates.

One important factor that we need to consider is the configuration revision# that we can verify using show

 show vtp status command

Switch#show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)

XZX.png

Always remember the default configuration:

VTP: enabled by default; cannot be turned off

VTP mode: server by default

Lemme explain how VTP works? Server which is the SW0 will send VTP updates out to his trunk ports. The VTP updates content is what you see on the show vtp status. Let us say that all client switches has configuration revision # of zero and server sends vtp updates with configuration revision of 1. Switch 1 as a client will do the following:

2.Client–> cannot add, delete, modify VLAN but can forward VTP update

If SW1 as a client receives a vtp update with higher configuration revision,it will

Step1 : delete his vlan.dat

Step 2: Saves the vtp update and completely overwrite the vlan database of SW1 by the VTP updates

So SW1 as a server will have a replicate of the vtp status of the SW0 as client. SW1 will forward VTP update to SW2 and SW2 as a client will do the same process as SW1 do. SW2 will forward vtp update to SW3 and SW3 will overwrite his database with the VTP update fowarded by SW2.

As a summary, any changes in vlan on a a server can be replicated in all other switches.

***************

How can VTP  ruin your network?

If VTP can solve vlan management then this protocol must be our best friend but can be our best enemy. Let’s say for example we have to add a new switch in the network and that switch that we added is just a refurbished switch because the company would like to save bucks but added new employees. The best practice that we need to do is to check the flash.

Flash is where you will see your start up configuration and database. If router has NVRAM wherein it stores the start-up configuration, switch has flash. The thing here is that when someones says that I have already restore the switch to its default configuration, only the start-up configuration will be deleted and not the vlan database. VLAN database includes the configuration revision #.

If the newly connected refurbished switch is added in the network without deleting the VLAN database, and that switch has higher configuration revision#, then vtp updates will be sent even though that switch is a client. Imagine if on the original network, you have 15 VLANS and then you added a new switch with higher configuration revision# and it has only 2 VLANS. So from 15 VLANs to 2 VLANS, it will be a ruined network.

3. Transparent Mode

I told you that VTP mode is enabled by default and cannot be turned off. With having that major shortcoming of VTP, some would like to disable VTP but it cannot be turned off.

Transparent mode is the mode that can be used for this. It forwards VTP update but never implements VTP update on its configuration. Like your nerd classmate who never practice copying to others, you cannot rely to him but once leakage has been sent to him, he will never copy  it but will passed to the needy others.

2.5.b Add and remove VLANs on a trunk

And how to configure VTP:

First let us assign VLANs on SW0

3456.PNG

VLAN 10 –> Fa 0/1, Fa 7/1,

VLAN 20 –> Fa 2/1, Fa3/1, Fa 6/1

VLAN 30 –> Fa 1/1, Fa 4/1, Fa 5/1

So we have to add VLAN configuration first only in SW0

en
conf t
vlan 10
name ENGINEERING
vlan 20
name ACCOUNTING
vlan 30
name SALES
exit

en
conf t
int range fa 0/1, fa 7/1
switchport access vlan 10
switchport mode access
exit

en
conf t
int range fa 2/1, fa 3/1, fa 6/1
switchport access vlan 20
switchport mode access
exit
en
conf t
int range fa 1/1, fa 4/1, fa 5/1
switchport access vlan 30
switchport mode access
exit

verifying:

zxcv

VTP configuratio

@SW0 as server

conf t
vtp mode server
! to configure the vtp mode
vtp domain CISCO
! to configure domain name
vtp password CISCO
!to configure password cisco
interface range fa 0/1

! choose only the ports included as trunk port
switchport mode trunk

! to enable port as trunk port

@SW1 as client

en
conf t
vtp mode client
vtp domain CISCO
vtp password CISCO
interface range f0/1, fa 1/1
switchport mode trunk
exit
@SW2
en
conf t
vtp mode client
vtp domain CISCO
vtp password CISCO
interface range fa 0/1, fa 1/1
switchport mode trunk
exit

@SW3

en
conf t
vtp mode client
vtp domain CISCO
vtp password CISCO
interface range fa 0/1
switchport mode trunk

Verifying

3sa

5sa

We should take note that on VTP, only the vlan and name would be replicated and not the port assignments:

So we must add port configuration which is added on sw0
en
conf t
int range fa 0/1, fa 7/1
switchport access vlan 10
switchport mode access
exit

en
conf t
int range fa 2/1, fa 3/1, fa 6/1
switchport access vlan 20
switchport mode access
exit
en
conf t
int range fa 1/1, fa 4/1, fa 5/1
switchport access vlan 30
switchport mode access
exit

verifying:

aaaaaa

zda

Note: That as much as I wanted to post all the show command results this will lead to longer blog post

As a summary: VTP is a great help for VLAN management

There will be a part two for this!

*******************************END OF BLOG*************************

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s