Configuring VLAN Trunking Protocol (VTP)

0
0
Configuring VLAN Trunking Protocol (VTP)

All Cisco switches are configured to be VTP servers by default. To configure VTP, first, you have to configure the domain name you want to use. And of course, once you configured the VTP information on a switch, you need to verify it.

When you create the VTP domain, you have a bunch of options, including setting the domain name, password, operating mode, and pruning capabilities of the switch. Use the vtp global configuration mode command to set all this information. In the following example, we’ll set S1 switch to vtp server, the VTP domain to Lammle, and the VTP password to add:

S1#config t
S1#(config)#vtp mode server
Device mode already VTP SERVER
S1(config)#vtp domain lammle
Changing VTP domain name from null to Lammle
S1(config)#vtp password todd
Setting device VLAN database password to todd
S1(config)#do show vtp password
VTP password: todd
S1(config)#do show vtp status
VTP version: 2
Configuration revision: 0
Maximum VLANs supported locally: 255
Number of existing VLANs: 8
VTP operating mode: server
VTP domain name: Lammle
VTP V2 mode: disabled
VTP Pruning mode: disabled
VTP traps generation: disabled
MD5 digest: 0x15 0x54 0x88 0xF2 0x50 0xD9 0x03 0x07
Configuration last modified by 192.168.24.6 at 3-14-93 15:47:32

Local updater ID is 192.168.24.6 on interface VII (lowest numbered VLAN interface found)

Please make sure you remember that all switches are set to VTP server mode by default, and if you want to change any VLAN information on a switch, you absolutely must be in VTP server mode. After you configure the VTP information, you can verify it with the show vtp command as shown in the preceding output. The preceding switch output shows the VTP domain, the VTP password, and the switch’s mode.

Before we move forward to configuring the Core and the S2 switch with VTP information, take a minute to reflect on the fact that the show vtp status output shows that the maximum number of VLANs supported locally is only 255. Since you can create over 1000 VLANs on a switch, this seems like it would definitely be a problem if you have more than 255 switches and you’re using VTP. And, well, yes, it is problem if you are trying to configure the 256th VLAN on a switch, you’ll get a nice little error message stating that there are not enough hardware resources available, and then it will shut down the VLAN and the 256th VLAN will show up in suspended state in the output of the show vlan command. Not so good!

Let’s go to the Core and S2 switches and set them into the Lammle VTP domain. It is very important to remember that the VTP domain name is case sensitive! VTP is not forgiving one to tiny small mistakes and it just won’t work.

Core#config t
Core(config)#vtp mode client
Setting device to VTP CLIENT mode
Core(config)#vtp domain Lammle
Changing VTP domain name from null to Lammle
Core(config)#vtp password todd
Setting device VLAN database password to todd
Core(config)#do show vtp status
VTP version: 2
Configuration revision: 0
Maximum VLANs supported locally: 1005
Number of existing VLANs: 8
VTP operating mode: server
VTP domain name: Lammle
VTP V2 mode: disabled
VTP Pruning mode: disabled
VTP traps generation: disabled
MD5 digest: 0x2A 0x6B 0x22 0x17 0x04 0x4F 0xB8 0xC2
Configuration last modified by 192.168.10.19 at 3-1-93 03:13:16

Local updater ID is 192.168.10.19 on interface VII (the first interface found)

S2#config t
S2(config)#vtp mode client
Setting device to VTP CLIENT mode
S2(config)#vtp domain Lammle
Changing VTP domain name from null to Lammle
S2(config)#vtp password todd
Setting device VLAN database password to todd
S2(config)#do show vtp status
VTP version: 2
Configuration revision: 0
Maximum VLANs supported locally: 1005
Number of existing VLANs: 8
VTP operating mode: server
VTP domain name: Lammle
VTP V2 mode: disabled
VTP Pruning mode: disabled
VTP traps generation: disabled
MD5 digest: 0x02 0x11 0x18 0x4B 0x36 0xC5 0xF4 0x1F
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

Nice now that all our switches are set to the same VTP domain and password, the VLANs 1 created earlier on the S1 switch should be advertised to the Core and S2 VTP client switches. Let’s take a look using the show vlan brief command on the Core and S2 switch:

Core#sh vlan brief
VLAN name                  Status                   ports
1 default                  active                    Fa0/1, Fa0/2, Fa0/3, Fa0/4, 
                                                     Fa0/9, Fa0/10, Fa0/11, Fa0/12, 
                                                     Fa0/13, Fa0/14, Fa0/15, Fa0/16, 
                                                     Fa0/17, Fa0/18, Fa0/19, Fa0/20, 
                                                     Fa0/21, Fa0/22, Fa0/23, Fa0/24, 
                                                     Gi0/1, Gi0/2
2 sales                    active    
3 marketing                active     
4 accounting               active
    [output cut]
S2#sh vlan bri
VLAN name                  Status                   ports
1 default                  active                   Fa0/3, Fa0/4, Fa0/5, Fa0/6, 
                                                    Fa0/7, Fa0/8, Gi0/1, 
2 sales                    active  
3 marketing                active
4 accounting               active  
[output cut]

The VLAN database that we created on the S1 (2960) switch earlier in this article was uploaded to the Core and S2 switch via VTP advertisements. VTP is a great way to keep VLAN naming consistent across the switched network. We can now assign VLANs to the ports on the Core and S1 switches and they’ll communicate with the hosts in the same VLANs on the S1 switch across the trunked ports between switches.

Troubleshooting VTP

You connect your switches with crossover cables, the lights go green on both ends, and you’re up and running! Yeah in a perfect world, right? Don’t you wish it was that easy? Well, actually it pretty much is without VLANs, of course. But if you’re using VLANs and you definitely should be then you need to use VTP if you have multiple VLANs configured in your switched network.

But here there be monsters: if VTP is not configured correctly, it (surprise!) will not work, so you absolutely must be capable of troubleshooting VTP. Let’s take a look at a couple of configurations and solve the problems. Study the output from the two following switches.

SwitchA#sh vtp status
VTP version: 2
Configuration revision: 0
Maximum VLANs supported locally: 64
Number of existing VLANs: 7
VTP operating mode: server
VTP domain name: RouterSim
VTP V2 mode: disabled
VTP Pruning mode: disabled
VTP traps generation: disabled
switchB#sh vtp status
VTP version: 2
Configuration revision: 1
Maximum VLANs supported locally: 64
Number of existing VLANs: 7
VTP operating mode: server
VTP domain name: GlobalNet
VTP V2 mode: disabled
VTP Pruning mode: disabled
VTP traps generation: disabled

So what’s happening with these two switches? Why won’t they share VLAN information? At first glance, it seems that both servers are in VTP server mode, but that’s not the problem. Servers in VTP server mode will share VLAN information using VTP. The problem is that they’re in two different VTP domains. Switch A is in VTP domain Router Sim and Switch B is in VTP domain Global Net. They will never share VTP information because the VTP domain names are configured differently.

Now that you know how to look for common VTP domain configuration errors in your switches, let’s take a look at another switch configuration:

switchB#sh vtp status
VTP version: 2
Configuration revision: 1
Maximum VLANs supported locally: 64
Number of existing VLANs: 7
VTP operating mode: client
VTP domain name: Todd
VTP V2 mode: disabled
VTP Pruning mode: disabled
VTP traps generation: disabled

There you are just trying to create a new VLAN on switch C and what do you get for your trouble? A loathsome error! Why can’t you create a VLAN on switch C? well, the VTP domain name isn’t the important thing in this example. What is critical here is the VTP mode. The VTP mode a client, and a  VTP client cannot create, delete, add, or change VLANs, remember?

VTP clients only keep the VTP database in RAM, and that’s not saved to NVRAM. So, in order to create a VLAN on this switch, you’ve got to make the switch a VTP server first.

Here’s what will happen when you have to precede VTP configuration

switch(config)#vlan 50
VTP VLAN configuration not allowed when device is in CLEINT mode
So to fix this problem, here’s what you need to do:
switch(config)#vtp mode server
setting device to VTP server mode
switchC(config)#vlan 50
switch(config-vlan)#

wait, we are not done. Now take a look at the output from these two switches and determine why Switch B is not receiving VLAN information from Switch A.

switchA#sh vtp status
VTP version: 2
Configuration revision: 4
Maximum VLANs supported locally: 64
Number of existing VLANs: 7
VTP operating mode: server
VTP domain name: GlobalNet
VTP V2 mode: disabled
VTP Pruning mode: disabled
VTP traps generation: disabled
switchB#sh vtp status
VTP version: 2
Configuration revision: 14
Maximum VLANs supported locally: 64
Number of existing VLANs: 7
VTP operating mode: server
VTP domain name: GlobalNet
VTP V2 mode: disabled
VTP Pruning mode: disabled
VTP traps generation: disabled

You may be tempted to say it’s because they’re both VTP servers, but that is not the problem. All your switches can be servers and they can still share VLAN information. As a matter of fact, Cisco actually suggests that all switches stay VTP servers and that you just make sure the switch you want to advertise VTP VLAN information has the highest revision number. If all switches are VTP servers, then all of the switches will save the VLAN database. But switch B isn’t receiving VLAN information from switch A because switch B has a higher revision number than switch A. it’s very important that you recognize this problem.

There are a couple of ways to go about resolving this issue. The first thing you could do is to change the VTP domain name on switch B to another name, then set it back to GlobalNet, which will reset the revision number to zero (0) on switch B.

The second approach would be to create or delete VLANs on switch A until the revision number passes the revision number on switch B. we didn’t say the second way was better, we just said it’s another way to fix it!