From: Mike Williams (ccie2be@swbell.net)
Date: Sat May 03 2003 - 13:04:36 GMT-3
Bob,
Not true. The information in a VTP client can overwrite the information
in a VTP domain if it's configuration revision number is higher.
When a given switch receives a VTP update, it doesn't know nor care if
that VTP update came from a client or a server. It only cares about the
configuration revision number. If the conf. rev. number in the VTP
update is higher that the one it currently has, it will assimilate the
information in the VTP update.
The only real difference between a VTP client and server is that you can
create/modify/delete VLANs on a VTP server and not on a client. Other
than that, a VTP client can wreck your production network so fast, it'll
leave your head spinning.
Just a couple of months ago, a co-worker of mine setup a 2950 switch in
his cubicle. We are on the LAN (in a particular VLAN) that also touches
our Data Center's network. So when he connected the switch (fresh out
of the box) it learned the VTP domain and VLAN information from the
closet switch (because be connected it to a port in his cube) which in
turn was the VTP domain information and VLAN info for the data center.
It also took on the configuration revision number. Upon setting up the
switch, he specifically went in and made this 2905 a client while
configuring it. Later, he powered down the switch, and took it to one
of our hospitals, put it in one of the closets, connected it and powered
it up. Well, (although we have changed it since then), the hospital
used the same VTP domain name as the building with our Data Center. Not
2 minutes later, we were getting a call from our co-worker at the data
center that all of the hospital's VLAN interfaces were down in OpenView.
Upon quick investigation, we saw that every switch in the hospital had
their VLANs configured exactly as the building with the Data Center (and
all VLANs unique to the hospital no longer existed). My friend told me
"I put the switch in client mode before installing it", so I told him
the story about how the VTP config. rev. number, etc etc, and it was a
good lesson learned by him. He'll never make that mistake again.
Feel free........ Give this a try:
1) Setup a switch at you desk (not connected to your production network)
2) Give this switch the same VTP domain name as your production network
(and authentication, etc if needed)
3) Make changes (while in VTP server mode) until your revision number is
higher than your production network, making sure that your VLANs don't
match your production network
4) Put the switch in VTP client mode
5) Toss that baby into your production network and watch the sparks fly
=)
Mike W.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Robert L. DuBell
Sent: Saturday, May 03, 2003 5:29 AM
To: kym blair; gitsyoung@yahoo.co.jp; ccielab@groupstudy.com
Subject: RE: VTP domain name -- important
Kym,
If the server is in Client Mode it will not modify the VLAN
information of the other switches. If it was in Server Mode and was put
in production then there would be a problem for sure.....but you're safe
if you put it in production in client mode....Bob
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
kym blair
Sent: Friday, May 02, 2003 11:29 PM
To: gitsyoung@yahoo.co.jp; ccielab@groupstudy.com
Subject: Re: VTP domain name -- important
Tom,
You asked a very interesting question. Suppose you have a live network
and all the switches are in domain "CCIE". One or two of the switches
are in Server Mode (so you can add and remove VLANs). Over a few
months, you have added and removed VLANs so that the CCIE Domain is at
Revision 8 (all switches will show same Revision number as they learn
the VLANs).
Now, suppose you have a new switch that you practice with in your lab.
You configure it for Domain "CCIE", and add and remove practice vlans
for a few days (so you are at Revision 12), then set it to Client Mode.
You are still in Domain CCIE, Revision 12, Client Mode.
Now you attach this "Client" to the production network. Whoooa ... all
the switches will forget their real VLANs and learn the Client's VLANs
because
it has the highest Rev number. Recovering from this accident can be
very
serious because all the port assignments will be lost; it may be easy to
type all the lost VLANs back into the vlan database, but it will be hard
remembering which ports were assigned to each VLAN!
EXCEPTION: any switch configured in Transparent Mode will not learn the
new VLANs, and will not lose their VLANs.
SOLUTION: before attaching a switch to a production network, check what
Rev number the new switch is in. If it is higher than the production
network, change the domain name to something else (e.g., "TEST"), exit
(sot the change is applied), then change it back (e.g., "CCIE"). Then
verify it has lowered the Rev number to "0".
HTH, Kym
>From: Tom Young <gitsyoung@yahoo.co.jp>
>Reply-To: Tom Young <gitsyoung@yahoo.co.jp>
>To: ccielab@groupstudy.com
>Subject: VTP domain name
>Date: Sat, 3 May 2003 11:00:21 +0900 (JST)
>
>Some work was found in cisco homepage as blow,
>
>"If a switch has no VTP domain name configured, it will receive the VTP
>domain name from an attached switch through the trunk port (if one is
>available). The switch configuration defaults to a
>VTP server, without a VTP domain name. When a new set of
>Catalysts are connected by a trunk, you
>only need to configure the VTP domain name on one switch.
>The other switches will be notified of
>the VTP domain name through the first summary
>advertisement."
>
>But if I had set the vtp domain name in two switchs with
>TWO diffirent name , which one will be advertised?
>
>Thanks alot
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! BB is Broadband by Yahoo! http://bb.yahoo.co.jp/
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:36 GMT-3