VTP6.1 # UNDERSTAND AND EXPLAINED OF VIRTUAL TRUNKING PROTOCOL (VTP) :
Cisco layer 2 protocols manage the addition, deletion and renaming of VLANs on a network-wide basis when you configure a new VLAN on one VTP switch (Server), the VLAN is distributed through all switches in the domain. Reduces to need the same configure of VLAN everywhere available on most of the Cisco Catalyst Family products. Inotherword, VTP allows a network manager to configure a switch so that it will propagate VLAN configuration to other switches in the network. VTP store VLAN configuration in the VLAN database called vlan.dat
Benefit: VLAN Trunking Protocol reduces administrator in a switched network. Minimizes the problems caused by incorrect configuration and configuration inconsistencies.
VLAN Trunking Protocol reduces administrator in a switched network. Minimizes the problems caused by incorrect configuration and configuration inconsistencies.
Modes:
- SERVER: Default mode sends VLAN information to other switches (You can create, modify and delete the vlan’s and specify other configuration parameters).
- CLIENT: Receives VLAN information and forwards it to other switches (You can’t create, change and delete vlan’s on VTP client).
- TRANSPARENT: Forward VTP traffic but do not originate or use it. They can have their own VLANs not shared with other switches.
6.2 # VTP MESSAGE IN DETAIL
VTP packet are sent in either Inter-Switch Link (ISL) frames or in IEEE 802.1Q (Dot1q) frames. These packets are sent to the destination MAC address 01-00-0C-CC-CC with a Logical Link Control (LLC) code of Sub Network Access Protocol (SNAP) and a type of 2003 (in the SNAP header). This is the format of a VTP packet that is encapsulated in ISL frames:
Switch# show vtp status
- Statement of Revision number:
It is a 32 bit number that indicates the level of revision for a VTP packet. Each device tracks the VTP configuration revision number that is assigned to it. Each time that it makes a VLAN change in a VTP device, the configuration revision is incremented by one. In order to reset the configuration revision of a switch, change the VTP domain mane and then change the mane back to the original name.
- Statement of VLAN 1002 – 1005 used for:
The catalyst OS of the day reserved the ethernet VLAN-ID 1002 – 1005 in the software so that there would be default vlan of the FDDI (Fibers Distributed Data Interface) and Token ring interface to belong and then be bridge into the ethernet Vlans (Because routing was to expansive and very slow to be used). The server has isolated in VLAN – 1 and VLAN- 5 is a department with its own departmental servers and VLAN – 2, 3, 4 separated users into functional group.
- Statement of VTP traps generation:
If you enable this feature, it causes an SNMP message will be generated at every time a new VTP message is sent. And SNMP engine ID is generated automatically but is not display or stored in the running configuration. You can display the default or configured engine ID by using Switch #show snmp engine id
- Statement of MD5 digest:
It is the message-digest algorithm is a formerly widely used cryptographic hash function that produces a 128 bit hash value. As it can be seen the major advantages of DIGEST-MD5 are : -
Prevent user password being sent across the internet via clear text. Provide message integrity and confidentially protection after authentication. Apparently, the disadvantages are not trivial.
# Configuration command for VTP routing
| Server switch | Client switch |
|---|---|
| Switch (config) #vtp mode server Switch (config) #vtp domain ssm.in Switch (config) #vtp password xyz@123 Switch (config) #interface fastethernet 0/24 Switch (config-if) #switchport mode trunk Switch (config-if) #no shutdown Switch (config-if) # exit |
Switch (config) #vtp mode client Switch (config) #vtp domain ssm.in Switch (config) #vtp password xyz@123 Switch (config) #interface fastethernet 0/24 Switch (config-if) #switchport mode trunk Switch (config-if) #no shutdown Switch (config-if) # exit |
| Transparent switch Switch (config) #vtp mode transparent | |
6.3 # TOPOLOGY FOR VTP WITH DYNAMIC HOSTING
1) Configuration of multilayer (3560-24PC)
Switch >enable
Switch #configure terminal
Switch (config) #no ip domain lookup
!
Switch (config) #hostname Multilayer
!
Multilayer (config) #enable secret mother!123
!
Multilayer (config) #line vty 0 4
Multilayer (config-line) #password xyz@123
Multilayer (config-line) #login
Multilayer (config-line) #exec-timeout 5 0
Multilayer (config-line) #exit
!
Multilayer (config) #line vty 0 4
Multilayer (config-line) #transport input ssh
Multilayer (config-line) #end
Multilayer (config) #username Prabhjot
Multilayer (config-if) #ip domain-name ssm.in
Multilayer (config-if) #crypto key generate rsa
Multilayer (config-if) #ip ssh version 1/2
Multilayer (config-if) #ip ssh timeout 90 authentication-retries 2
Multilayer (config-if) #exit
!
Multilayer (config) #vtp mode server
Multilayer (config-if) #vtp domain ssm.in
Multilayer (config-if) #vtp password xyz@123
Multilayer (config-if) #vtp version 2
Multilayer (config-if) #exit
!
Multilayer (config) #ip routing
!
Multilayer (config) #vlan 10
Multilayer (config-vlan) #name Admin
Multilayer (config-vlan) #exit
Multilayer (config) #vlan 20
Multilayer (config-vlan) #name Level 2
Multilayer (config-vlan) #exit
Multilayer (config) #vlan 30
Multilayer (config-vlan) #name Level 3
Multilayer (config-vlan) #exit
!
Multilayer (config) #interface vlan 10
Multilayer (config-if) #ip address 10.27.107.1 255.255.255.240
Multilayer (config-if) #no shutdown
Multilayer (config-if) #description “Vlan 10 ip address”
Multilayer (config-if) #exit
Multilayer (config) #interface vlan 20
Multilayer (config-if) #ip address 10.27.107.33 255.255.255.192
Multilayer (config-if) #no shutdown
Multilayer (config-if) #description “Vlan 20 ip address”
Multilayer (config-if) #exit
Multilayer (config) #interface vlan 30
Multilayer (config-if) #ip address 10.27.107.65 255.255.255.192
Multilayer (config-if) #no shutdown
Multilayer (config-if) #description “Vlan 30 ip address”
Multilayer (config-if) #exit
!
Multilayer (config) #ip dhcp pool Admin
Multilayer (dhcp-config) #network 10.27.107.1 255.255.255.240
Multilayer (dhcp-config) #default-router 10.27.107.1
Multilayer (dhcp-config) #dns–server 10.27.107.6
Multilayer (dhcp-config) #description “It is dhcp pool for vlan 10”
Multilayer (dhcp-config) #exit
Multilayer (config) #ip dhcp pool Level 2
Multilayer (dhcp-config) #network 10.27.107.33 255.255.255.192
Multilayer (dhcp-config) #default-router 10.27.107.33
Multilayer (dhcp-config) #dns–server 10.27.107.6
Multilayer (dhcp-config) #description “It is dhcp pool for vlan 20”
Multilayer (dhcp-config) #exit
Multilayer (config) #ip dhcp pool Level 3
Multilayer (dhcp-config) #network 10.27.107.65 255.255.255.192
Multilayer (dhcp-config) #default-router 10.27.107.65
Multilayer (dhcp-config) #dns–server 10.27.107.6
Multilayer (dhcp-config) #description “It is dhcp pool for vlan 30”
Multilayer (dhcp-config) #exit
!
Multilayer (config) #interface Fastethernet 0/24
Multilayer (config-if) #switchport trunk encapsulation dot1q
Multilayer (config-if) #switchport mode trunk
Multilayer (config-if) #switchport trunk allowed vlan all
Multilayer (config-if) #no shutdown
Multilayer (config-if) #description “It is trunk-port for vlan’s Switch”
Multilayer (config-if) #exit
!
Multilayer (config) #^Z
Multilayer #write memory
Destination filename [startup-config]?
Building configuration………..
2) Configuration of multilayer (2950-24)
Switch >enable
Switch #configure terminal
Switch (config) #no ip domain lookup
!
Switch (config) #hostname Switch_2
!
Switch (config) #enable secret xyz!123
!
Switch (config) #line vty 0 4
Switch (config-line) #password xyz@123
Switch (config-line) #login
Switch (config-line) #exec-timeout 5 0
Switch (config-line) #exit
!
Switch (config) #line vty 0 4
Switch (config-line) #transport input ssh
Switch (config-line) #end
Switch (config) #username Prabhjot
Switch (config-if) #ip domain-name ssm.in
Switch (config-if) #crypto key generate rsa
Switch (config-if) #ip ssh version 1/2
Switch (config-if) #ip ssh timeout 90 authentication-retries 2
Switch (config-if) #exit
! Switch (config) #vtp mode client
Switch (config-if) #vtp domain ssm.in
Switch (config-if) #vtp password xyz@123
Switch (config-if) #vtp version 2
Switch (config-if) #exit
!
Switch (config) #interface Fastethernet 0/1
Switch (config-if) #switchport mode access
Switch (config-if) #switchport access vlan 10
Switch (config-if) #no shutdown
Switch (config-if) #description “It is access-port for vlan 10”
Switch (config-if) #exit
Switch (config) #interface Fastethernet 0/2
Switch (config-if) #switchport mode access
Switch (config-if) #switchport access vlan 20
Switch (config-if) #no shutdown
Switch (config-if) #description “It is access-port for vlan 20”
Switch (config-if) #exit
Switch (config) #interface Fastethernet 0/3
Switch (config-if) #switchport mode access
Switch (config-if) #switchport access vlan 30
Switch (config-if) #no shutdown
Switch (config-if) #description “It is access-port for vlan 30”
Switch (config-if) #exit
!
Switch (config) #interface Fastethernet 0/24
Switch (config-if) #switchport mode trunk
Switch (config-if) #switchport trunk allowed vlan all
Switch (config-if) #no shutdown
Switch (config-if) #description “It is trunk-port for vlan’s Multilayer”
Switch (config-if) #exit
!
Switch (config) #^Z
Switch #write memory
Destination filename [startup-config]?
Building configuration………..[ok]
!
Troubleshooting:
Q. Which command to show the vtp status?
Switch #show vtp status
Q. Which command to show the vtp password?
Switch #show vtp password
Q. Which command to show the vlan’s IP?
Switch #show ip interface vlan 10
Q. How to configure vtp mode on a port?
Switch (config) #interface fastethernet 0/1
Switch (config) #vtp
Switch (config) #end
Q. Which command to show the vtp counter status?
Switch #show vtp-counters
Q. Which command to show the ip dhcp binding?
Switch #show ip dhcp binding
Q. Which command to show the arp status?
Switch #show ip arp
Q. How to disable vtp mode on a port?
Switch (config) #interface fastethernet 0/1
Switch (config) #no vtp
Switch (config) #end
Q. To view the useful and helpful command for dhcp server (If port will not access the dhcp information)?
Switch (config) #interface fastethernet 0/1
Switch (config-if) #ip helper-address dhcp ip
Be updated into yourself and improve lives through DIT
){kind=link}
0 Comments