Configuring VTP and VLANs on Cisco switches =========================================== Public domain ******************************************************************************** ### Concepts **VLAN:** A virtual local area network, virtual LAN or VLAN, is a group of hosts with a common set of requirements that communicate as if they were attached to the same broadcast domain, regardless of their physical location. A VLAN has the same attributes as a physical local area network (LAN), but it allows for end stations to be grouped together even if they are not located on the same network switch. VLAN membership can be configured through software instead of physically relocating devices or connections. (Wikipedia) **Trunk:** A trunk link carries multiple VLANs through a single network link through the use of a "trunking protocol". (Wikipedia) **802.1Q:** To allow for multiple VLANs on one link, frames from individual VLANs must be identified by a "trunking protocol". The most common and preferred method, IEEE 802.1Q adds a tag (4 bytes) to the Ethernet frame header, labeling it as belonging to a certain VLAN. (Wikipedia) **Native VLAN:** If a switch receives untagged frames on a trunkport, they are assumed to be part of the vlan that are designated on the switchport as the native vlan. **VTP:** VLAN Trunking Protocol (VTP) is a Layer 2 messaging protocol that propagates the definition of VLANs on the whole local area network. To do this, VTP carries VLAN information to all the switches in a VTP domain. VTP only works over trunk links. This includes Inter-Switch Link(ISL), IEEE 802.1q, and LAN emulation (LANE) trunks. (Wikipedia) **VTP Server:** The VTP Server can add, delete or rename VLANS. It also advertises the domain name, The VLAN configuration and configuration revision number to all other switches in the VTP domain. It maintains a list of all VLANS in the domain in NVRAM and can retrieve this information even if switch reset occurs. The advertisements is sent to a special destination multicast MAC address 01-00-0C-CC-CC-CC. **VTP CLient:** A VTP Client can not add, delete or rename VLANS. It maintains a list ot all VLANS in the domain, but does not store them. **VTP Transparent:** A VTP Transparent switch must have its VLANS configured manually. Changes to VLAN configuration are not propagated to other switches. It will still relay VTP messages over its trunk links to other switches if it is in the same VTP domain or in a null VTP domain. **VTP Pruning:** VTP pruning increases network available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to reach the destination devices. Without VTP pruning, a switch floods broadcast, multicast, and unknown unicast traffic across all trunk links within a VTP domain even though receiving switches might discard them. (Cisco) ******************************************************************************** ### Monitoring VTP show vtp status show vtp counters ### Configuring VTP Server configure terminal vtp domain SW_DOMAIN1 vtp password 123456 vtp mode server vtp pruning end ### Resetting the VTP configuration revision number on clients show vtp status ! Write down the domain name. ! Write down the configuration revision number. configure terminal vtp domain TEMPNAME end show vtp status configure terminal ! Restore original domain name. vtp domain domain-name end ### Configuring VTP Client configure terminal vtp domain SW_DOMAIN1 vtp password 123456 vtp mode client end ### Checking defined VLANs show vlan show vlan brief ### Checking vlan database (vlan.dat) show flash ### Checking trunks show running-config interface gigabitEthernet 1/0/1 show interfaces gigabitEthernet 1/0/1 switchport show interfaces gigabitEthernet 1/0/1 trunk show interfaces trunk ### Configuring trunk ports configure terminal interface range gigabitEthernet 1/0/1 - 4 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiate no shutdown end ### Configuring access ports configure terminal interface range fastEthernet 1/0/1 - 48 switchport mode access no cdp enable end ### Creating VLANs - old way enable vlan database vlan 100 name USERS apply end ### Creating VLANs - new way configure terminal vlan 100 name USERS end ### Assigning ports to VLANs configure terminal interface fastEthernet 1/0/1 switchport mode access no cdp enable switchport access vlan 100 end ### Configuring management VLAN configure terminal ! Disable default VLAN 1 interface vlan 1 no ip address shutdown exit ! Create new VLAN 2 for management vlan 2 name MANAGEMENT exit ! Assigin IP address to management VLAN 2 interface vlan 2 ip address 172.31.0.1 255.255.255.0 no shutdown end ### Configuring native VLAN configure terminal ! Create new VLAN 3 for native VLAN use vlan 3 name NATIVE exit ! Configuring VLAN 3 as native on trunk ports interface range gigabitEthernet 1/0/1 - 4 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiate switchport trunk native vlan 3 no shutdown end ### Control what VLANs can pass through trunk ports configure terminal interface range gigabitEthernet 1/0/1 - 4 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiate switchport trunk native vlan 3 switchport trunk allowed 10,20,30 no shutdown end ### Clearing switch config write erase delete flash:vlan.dat ******************************************************************************** _BY: Pejman Moghadam_ _TAG: vlan, trunk, vtp_ _DATE: 2012-02-01 23:03:08_