Vlan Trunking Protocol

advantages of VTP:
-dynamic trunk configuration when vlans are added to the network
-dynamic reporting of added vlans across a network

Terminology
vtp domain : switches in the same vtp domain share the same vlan configuration details using vtp advertisements. a router defines the boundary of a domain
vtp modes : a switch can be configured in one of the three modes:
-Server, vtp servers advertise vlan configuration to other vtp-enabled switches in the same domain. VTP SERVERS STORE THE VLAN CONFIGURATION IN NVRAM. at the server is where the vlan can be created, deleted or renamed.
-Client, function the same way as servers, but clients could not create, delete or rename vlans. clients also only store the vlan configuration while the switch on.
-Transparent, transparent switches don't participate in vtp. transparent switches don't store vlans advertised by servers. however, they do advertise / forward vtp advertisement that they receive. vlans can be created, renamed or deleted and local only to that switch.
vtp pruning : VTP-pruning restricts packets from passing to an interfce to a switch that doesn't have the same vlan as the packets come frome. this can save some bandwidth
vtp revision number : each switch running VTP keep track of a revision number. the revision number is a 32-bit and starts from 0. the revision number will determine wether the information received is more recent than the current one or not. everytime a change occure, the revision number is incremented. (a domain name change doesn't increment the revision number but reset it to 0)

VTP Default Settings
version = 1 (vtp has 3 version 1, 2, 3. only one version allowed in a domain)
domain name = null (means no domain)
mode = server
config revision = 0
vlans = 1

when a VTP first starts, by default there are 5 vlans created in a switch.

when a VTP server switch is given a domain name, it will propagate the domain name to all switches for us.

you can reset the revision number of a switch by changin its domain name.

the command "show vtp status" will give you information about the running vtp in the switch. such as the domain name, version number, vtp mode, revision number, vlans information, etc.

the command "show vtp counters" will show you information about how many each information is sent or received.

VTP ONLY COMMUNICATES ON TRUNK PORT

VTP ONLY LEARNS ABOUT NORMAL-RANGE VLANs (vlan ids of 1 to 1005)

VTP DOMAIN NAMES ARE CASE SENSITIVE

VLAN CREATED BEFORE ENABLING VTP WILL BE REMOVED

************
VTP messages
************
VTP messages are encapsulated within an ethernet frame which then encapsulated in trunking protocol (either 802.1Q or ISL). the vtp message (header and message) is at the data portion of the frame. VTP ADVERTISEMENTS ARE SENT PERIODICALLY. VTP sends advertisement to a reserved multicast address which is 01-00-0C-CC-CC-CC.

VTP header - fields and size varies but always contains domain name, domain name length, version, message type, revision number.

VTP message - VTP domain name, md5 digest, updater identity and timestamp message was sent.
for each vlan, the message contains:
-VLAN ID
-VLAN name
-VLAN type
-VLAN state
-additional VLAN configuration information

Type of advertisements
Inside each message there's a field that tells which type the message is.

Summary advertisments :
  • are sent every 5 minutes by VTP server or client to inform other switches in the domain of the current revision number and also the domain name.
  • sent immediately after a change occur.
  • there is a followers field that indicates that this summary is followed by subset advertisement. code for this type is 0x01.

Subset advertisements :
contain vlan information. triggered by:
  • creating / deleting a vlan
  • suspanding / activating a vlan
  • changing the name of a vlan
  • changing the MTU of the vlan
it may take some subset advertisements to fully update the vlan configuration. there is a seq-number field that tells the sequence of packets, starts with 1. the code for this type is 0x02.


Request advertisements :
a request is sent to a VTP server if:
  • domain name has been changed.
  • the switch received a summary with revision number higher than its own.
  • a subset advertisement is missed for some reasons.
  • the switch has been reset.
when a VTP server received a request, it reponds by sending a summary advertisement and then a subset advertisement. the type for this message is 0x03.


***********
VTP pruning
***********
when vtp pruning is enabled on a switch, it reconfigures the trunk link based on which ports are configured with which vlans.

essentialy, if you want to enable pruning in your network, configuring the vtp pruning at the vtp servers is enough.

vtp pruning only prunes vlan pruning-eligle. vlans 2 - 1001 are pruning-eligible by default. vlan pruning-eligibles can be changed.

pruning cannot be done to vlans which pruning-ineligible. those vlans are 1 and 1002-1005

*****************
VTP configuration
*****************
To be noticed when configuring VTP servers:
  • confirm that default settings are present.
  • always reset the configuration revision number.
  • configure at least 2 vtp servers in the network. because only on servers we can configure vlans, if one down we still have the other one.
  • if you set a password for vtp information, ensure that all switches is configured with the same password. switches without password or wrong password reject VTP advertisements.
  • BY DEFAULT A CISCO SWITCH DOESN'T IMPLEMENT ANY PASSWORD.
  • create vlan after you've enabled VTP on the vtp server, because vlan created before vtp enabled, are removed.
  • ensure all switches run the same vtp protocol version.

To be noticed when configuring vtp clients:
  • confirm that default settings are present.
  • verify vtp status. confirm that vlans has been updated and revision number is changed.
  • configure access port, you still need to assign ports to existing VLANs.


(at global configuration)
Configure VTP Domain
vtp domain word

Configure VTP mode
vtp mode word

Configure password
vtp password password

Configure version
vtp version number

word : a string
password : a string used as a password


*********
Common error in configuring VTP
  • protocol version mismatch. vtp version is incompatbile with different version.
  • password mismatch / not set on every switch.
  • different domain name. to solve this only configure domain name on VTP servers, because VTP servers will propagate the domain name to all other switches.


REMEMBER, BECAUSE BOTH VTP SERVERS AND CLIENTS SEND SUMMARY ADVERTISEMENT, BOTH CAN HAVE ITS VLAN CONFIGURATION RUINED WHEN A SERVER / CLIENT RECEIVED A SUMMARY ADVERTISEMENT WITH HIGHER REVISION NUMBER, IT WILL REQUEST FOR VLAN INFORMATION (SUBSET ADVERTISEMENTS) AND CONFIGURE ITS OWN VLAN CONFIGURATION (NO MATTER IF THE SENDING SWITCHES IS A CLEINT AND THE REQUESTING IS A SERVER). ALWAYS RESET THE REVISION NUMBER OF A SWITCH BEFORE ADDING IT TO THE NETWORK.

0 comments:

top