Friday 15 June 2012

How to Configure Cisco VTP – VLAN Trunk Protocol



In a previous post I explained how to configure VLANs on Cisco Switches. That was a simple scenario with just two switches connected with a trunk port and having shared VLANs belonging to both switches. Now, imagine the situation where you need to manage a huge Layer 2 switched network with tens or hundreds of switches and with VLANs spread across all switches in the network. This would be a daunting task for any network administrator as he would have to connect on all switches and add or remove VLANs accordingly every time a new vlan is required in the network.

The Cisco Vlan Trunk Protocol (VTP) is a proprietary protocol available on all Cisco Catalyst switches and is designed to reduce the administration complexity and effort of managing many Layer 2 switches. Basically you select one switch in the network (usually a central switch) and configure it to be the VTP Server of the network. All other switches are configured as VTP Clients. Now, all VLAN administration is done on the VTP Server switch only. If you add a new VLAN on the VTP server switch, this configuration change is propagated on all VTP client switches which automatically add this VLAN to their database. Similarly, by deleting a VLAN on the server, all client switches delete that VLAN from their database.

A Cisco switch can be configured to operate in three VTP modes:
  • VTP Server Mode – This is the default mode for switches. A VTP server switch can add, modify and delete VLANs for the whole VTP domain.
  • VTP Transparent Mode – In this mode, the switch does not participate in the VTP domain. The switch passes VTP messages transparently to other switches but it does not synchronize its VLAN database according to these VTP messages.
  • VTP Client Mode – This is the mode that you configure all switches that you need to have them synchronize their VLAN database according to the VTP server database.

Caution: Because VTP Server is the default mode, whenever you connect a new switch in the network, you need to make sure that you configure this switch as VTP Client BEFORE connecting it to the network. This is to avoid the situation where a new switch connected might take the role of the VTP Server for the whole domain and since its VLAN database is still empty, it will cause all other switches in the network to delete all their VLANs.

Another important precaution is to configure also a password for the VTP domain, so that any new switch connected must have the domain password configured by the administrator before participating in the domain.

*********************************************************************************************************************
Configuration:
********************************************************************************************************************* 
VTP Server Switch:
! Configure first a name for the VTP domain
Vtp-server(config)# vtp domain mynetworkvtpname
! Configure the switch in server mode
Vtp-server(config)# vtp mode server
! Configure a password for the domain
Vtp-server(config)# vtp password vtp123


VTP Client Switch:
! Configure first a name for the VTP domain
Vtp-client(config)# vtp domain mynetworkvtpname
! Configure the switch in client mode
Vtp-client (config)# vtp mode client
! Configure the domain password in order to be able to participate
Vtp-client(config)# vtp password vtp123


**********************************************************
**********************************************************




No comments:

Post a Comment