Now the we talked about the theory of VTP,
let’s see how to set it up in this topology
We
already created a Trunk links between Sw1 and Sw2
and also between Sw1 and Sw3, now let’s configure VTP on all of
the switches such that, if we were to add a Vlan let’s say the Switch Sw1, that newly created Vlan would be advertised over these Trunk
links and that newly created Vlan would be learned by the other Switches
in this example, let’s say that Sw1 and Sw2 are
gonna be in a Server Mode and Sw3 is gonna be a Client Mode, let’s begin our Configuration on Switch Sw1, first let’s set Sw1 to Server Mode and maybe it already be in a Server mode let’s just
confirm that and by being in Server Mode we gonna
be able to make changes to our local Vlan Database, let’s go to
Global Configuration mode an say
Ø Sw1(config)#vtp
mode server
Next let’s set the VTP Domain name, this is the Case-sensitive
Domain name.
Ø Sw1(config)#vtp
domain VTPDEMO
And also, set the Password, we can do that by
Ø Sw1(config)#vtp
password S3cret
It might also be a good idea to turn on VTP Pruning remember what
that does, it’s says if the far end Switch
doesn’t have any ports belonging to a particular Vlan, there is no need to send
traffic for that Vlan over the Trunk, however if we make a change to that far end Switch, maybe we do
assign a port to that Vlan, VTP is gonna recognize dynamically and start sending traffic for that Vlan
over the Trunk, that Vlan is no
longer gonna be Pruned, it truly simple to set this up, we just
say
Ø Sw1(config)#vtp
pruning
And let’s also hard code the Version of VTP that we want to run,
although we have Versions of 1, 2 and 3 available
many of our new higher end Switches, we might have some Switches on network that only support Versions 1 and 2
Well the
good news is Version 3 is backwards compatible
with Version 2 but personally i like to keep things consistent and i am just gonna configure these Switches for
VTP Version 2, we can do that by
Ø Sw1(config)#vtp
version 2
Let’s take
a look at the VTP configuration that we now have on Switch Sw1, to do that we
gonna give the command.
Ø Sw1#show
vtp status
This
is the main command we use when we dealing Verification
and Troubleshooting of VTP, it show that this Switch is capable of running VTP Versions 1 or 2 or 3 but
Ø Currently
the Version that were running is Version 2
Ø Our Domain
name is a VTPDEMO
Ø Pruning
is currently enabled
Ø Notice that we have a Hash Digest for the password we configured it’s an MD5 Hash rather than the Plain text password, that’s probably
good thing
Ø we can also see our Current Configuration Revision Number it’s 1
Ø And the number of
Existing Vlans we have right now 7
Now let’s
perform an identical configuration on Switch Sw2
Let’s go to
Switch Sw2
Ø Sw2(config)#vtp
mode Server
Ø Sw2(config)#vtp
domain VTPDEMO
Ø Sw2(config)#vtp
password S3cret
Ø Sw2(config)#vtp
pruning
Will make
sure that our Version is Version 2
Ø Sw2(config)#vtp
version 2
Let’s
go our Switch Sw3 now and do a nearly identical Configuration
but the difference is let’s make Switch Sw3 a Client Mode Switch,
we going to go to Global Configuration Mode and
let’s set the VTP mode to Client
Ø Sw3(config)#vtp
mode client
Ø Sw3(config)#vtp
domain VTPDEMO
Ø Sw3(config)vtp
password S3cret
Let’s
go back to Switch Sw1 and create a new Vlan and see that i newly created Vlan
gets advertised over to Switches Sw2 and Sw3, let’s go to Global Configuration
Mode and say
Ø Sw1(config)#vlan
300
Ø Sw1(config-vlan)#name
VTP_TEST
Ø Sw1(config-vlan)#exit
Now take a look at our local Vlan database
Ø Sw1#show
vlan brief
And we can see that we have Vlan’s 100, 200
and 300 that we created, no surprise that Vlan 300 is showing up because we
created on this Switch
Let’s also see for our Configuration Revision Number
got incremented when we did that.
Ø Sw1#show
vtp status
And
just a movement ago our Configuration Revision
number was 1, now it’s 2 we added
a Vlan and that incremented the Configuration Revision Number by 1,
let’s make sure that the Switches Sw2 and Sw3
know about the this newly created Vlan 300 (VTP_TEST)
Let’s go
over Switch Sw2 and do a
Ø Sw2#show
vlan brief
Yes, indeed
it have learned about Vlan 300 and if we do a
Ø Sw2#show
vtp status
We
should see a matching Configuration Revision
Number of 2, we should see
something very similar on Sw3, let’s do a
Ø Sw3#show
vlan brief
And we do see the newly created Vlan of 300 and if we
do
Ø Sw3#show
vtp status
We have now confirmed that thanks to VTP,
we are able to create a Vlan on One Switch and
have that Vlan propagated to the other Switches and now let’s
think about that Configuration Revision Number,
let’s say that i disconnected Switch Sw2 from
this topology when Switch Sw2 disconnected, i added some Vlans, deleting some Vlans and i modified some
Vlans maybe, each time i made a
change the Configuration Revision Number One up it got incremented by One, for every change i made, now what would happened
if i reintroduced that Switch into the topology
Ø it’s has
matching Domain Name
Ø it’s got
matching Password which means that it’s higher Configuration Revision number
would make its Vlan Database to most believable Vlan database all of the
Switches in the topology
And in the Vlan Databases are Switches Sw1 and Sw3 they would be wiped
out and replaced with this newly learned Vlan information from Switch Sw2,
we might do that accidently however, we might have a malicious user who did
such a thing intentionally which is the big reason that we want to have a Password assign to our VTP Domain, the moral
of the story is we need to be an extremely conscious
when we introducing the Switch into our topology, the safest
thing to do is to set the Configuration Revision Number for Switch that you
about to add to a topology, to set that
Configuration Revision number to 0 however, there is a lot of
confusion about how that works and i wanted to demonstrated for you.
Now what i am going to do is disconnecting the Switch Sw2 from Sw1, i am gonna disconnect that Trunk connection and i am gonna
make some changes on it, so did it has the higher Configuration Revision Number,
after i disconnected Switch Sw2, i made some
changes to its Vlan Database notice that if i do a
Ø Sw2#show
vtp status
It’s
Configuration Revision Number of 7 and if i take a look my Vlan database, let’s
do that a
Ø Sw2#show
vlan brief
You
will see that i didn’t have any longer a Vlan
100,200,300 but i have got couple of new Vlans that i just been adding or been
playing with this on my desk let say, that’s what the Vlan Database currently looks like for Switch Sw2 but it’s
disconnected so we good if i go back to Switch Sw1 and do a
Ø Sw1#show
vtp status
You can
see that it’s Configuration Revision Number is a 2,
it’s much lower than the what we have on a Sw2 and if i take a look at the Vlan Database, we do a
Ø Sw1#show
vlan brief
We have the Vlans that we had a few
movement ago, 100, 200 and 300 and
let’s say that after experimenting with Switch Sw2 and trying a few things
maybe upgrading the Cisco iOS on a Switch, i am
ready to reintroduce this Switch Sw2 into my topology.
Let’s say that i know about VTP and i know that with this higher
Configuration Revision Number of 7, i would blow away the existing Vlan
Databases on my Switches, here is common misconception many people think, to
prevent that happening i just set the Switch to Client mode and please make
sure that i am saying this is a misconception setting this to Client Mode is
not a solution, i am about to prove that to you but some people would
mistakenly say
Ø Sw2(config)#vtp
mode client
What harm
could client do, well we set the mode to a Client but if we take a look at VTP status
using
Ø Sw2#show
vtp status
That
didn’t reset my configuration Revision Number but i am client what harm could it do, let’s reconnect Switch Sw2 back into the Network.
I have now reconnected Switch Sw2 to the network,
let’s go over to Switch Sw1 and see if anything changed on Switch Sw1.
Ø Sw1#show
vlan brief
Oh
no! what happened Switch Sw1 had its Vlan
Database blown away, we are now
missing Vlans 100 and 200 and 300, now we have these 200 Odd Vlans that we didn’t want, Vlans 400 and 500,
what happened was we introduce Switch Sw2 on the
network, it had a matching Domain Name, it had a matching Password and it had a
higher Configuration Revision number and it wiped out the Vlan Databases on
Switch Sw1 and SW3, let’s confirm that on Sw3
Ø Sw3#show
vlan brief
Same problem here,
we have done some serious damage and i don’t want you to do that accidently in a production
network, so the question is how do we fix this?
How do we safely add a Switch into the topology, well we
would like to have the Configuration Revision Number set to a 0, i am gonna go
over and disconnect Switch Sw2 again, and with it disconnected, i am going to
repair our Vlan Databases on Switch Sw1 and Sw3, let’s go to Switch Sw1 and let’s
delete Vlan 400 and 500
Ø Sw1(config)#no
vlan 400
Ø Sw1(config)#no
vlan 500
Let’s put
back the Vlan we originally had, we had
Ø Sw1(config)#vlan
100
Ø Sw1(config-vlan)#name
ACCT
Ø Sw1(config-vlan)#exit
Ø Sw1(config)#vlan
200
Ø Sw1(config-vlan)#name
SALES
Ø Sw1(config-vlan)#exit
Ø Sw1(config)#vlan
300
Ø Sw1(config-vlan)#name
VTP_TEST
Ø Sw1(config-vlan)#exit
Ø Sw1#show
vlan brief
That
looks better, has this been advertised over to Switch Sw3, it should have been let
just confirm that, let do a
Sw3#show vlan brief
Things
are looking happy here as well, now back to
Switch Sw2, Switch Sw2 is now been disconnected from Sw1, before
introducing the Switch into the network, let’s
make Configuration Revision Number 0. How
do we do that, setting it to Client mode didn’t
help because a Client Mode Switch can originate and did originate VTP advertisements,
how do we set this to 0?
We toggle on and off Transparent Mode here what I mean, let’s go to Global Configuration Mode in Sw2
Ø Sw2#vtp
mode transparent
And in
transparent mode, let’s take a look at our VTP status.
Ø Sw2#show
vtp status
Our Configuration Revision Number is 0, interestingly
is, and now i can put it back to something else, i
could set it back to Server if i
wanted to
Ø Sw2#vtp
mode server
If we look at
our VTP status the Configuration Revision Number remains at 0,
until we start making changes to Vlan Database then
it would go up by 1 but now a Server Mode Switch and my Configuration Revision Number
is 0, it’s now safe to add this
back into the network.
Some people like
to take this step beyond this, beyond
just setting the Configuration Revision Number to a 0 some people like to also
wipe out the Vlan Database on a Switch before they added to the
network, if you did wanna do that remember that
Vlan Database is stored in a separate file in our Flash it’s called vlan.dat
We can just
delete that, if we want, we could say
Ø Sw2#delete
flash:vlan.dat
After
pressing the Enter it’s gonna be safe to
reconnect Switch Sw2 to the network and
it’s safe not because we delete the vlan.dat file
it’s safe because my Configuration Revision number is 0 let’s reconnect it
Switch
Sw2 is now been reconnected to the network and we
introduced it to safely because we had Configuration Revision number of 0 on that Switch let’s see what its current
VTP status is
Ø Sw2#show
vtp status
Look at this its Configuration Revision Number went from a 0 up to 12,
it now knows about the Vlans in our topology we can prove that with a
Ø Sw2#show
vlan brief
It
knows about Vlan 100,200 and 300, it no longer knows about 400 and 500 we
introduced the Switch with the Configuration
Revision Number of 0 and as a result we learned from a Switch Sw1 what the Vlan Database
should look like for this topology.
That’s
the look at how to Configure VTP and how we could safely add a Switch into an
existing Switch topology
Join
me on next session about Voice Vlan Theory
If You Like the Post. Don’t forget
to “Subscribe/Share/Comment”. Thank You.
How To Open The Casino - JT Hub
ReplyDeleteAfter you have reached the entrance and the slot, open 정읍 출장샵 the 광명 출장안마 doors. The slots can be 영주 출장마사지 purchased through the 군산 출장안마 player's direct link 구리 출장마사지 on the