RE: Stop VTP updates

From: Keane, James (James.Keane@agriculture.gov.ie)
Date: Mon Nov 29 2004 - 14:40:59 GMT-3

• Next message: adeolu@sympatico.ca: "Re: RE: Stop VTP updates"
• Previous message: ccie2be: "New Cisco Press book on IPv6"
• Maybe in reply to: john_t_mathai@hotmail.com: "Stop VTP updates"
• Next in thread: ccie2be: "Re: Stop VTP updates"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Good Analogy Larry -
even though we havent resolved the issue feel like I understand this much better now !

I suppose we shouldnt deviate

Maybe use a mac acl on the port for those packets !

http://www.cisco.com/warp/public/473/21.html

will blocking 01-00-0c-cc-cc-cc cause other problems? Well at least you have stopped the vtp updates

(please leave, you have failed your lab ... LOL!!)

Anybody any better ideas to stop VTP updates from entering a port ?

-----Original Message-----
From: Larry Roberts [mailto:groupstudy@american-hero.com]
Sent: 29 November 2004 16:16
To: Georg Pauwen
Cc: Keane, James; vishalp@fasttelco.net; groupstudy@users.hotpop.com;
john_t_mathai@hotmail.com; ccielab@groupstudy.com
Subject: Re: Stop VTP updates

Using pruning will not stop VTP updates about Vlans from propagating, it
will only stop data on those VLAN's that are prune eligible from being
passed.

To use a rather bad analogy, think of VTP as an OSPF LSA.
Each switch needs to have a correct view of the network as it exists,
regardless of whether it needs the VLAN traffic itself.

When you filter LSA's, you only prevent them from being installed into
your routing table, you don't stop other routers from hearing about them
  from youre flooding of the LSA's. ( assuming they are downstream )

When you Prune VLAN's, you still need to know which VLAN's exist, as
does your neighbors, you just dont need traffic that exists on the VLAN.

What your trying to accomplish is to have each switch have a different
view of the network which is a BAD thing. VTP overhead is very minimal,
especially between a couple of large scale switches. As long as the
second 6509 doesn't have any ports in this VLAN, and you have enabled
VLAN pruning on the link, traffic for that VLAN will be restricted to
the initial 6509.

Is this part of a lab task, or do you have a real world problem ?

Just curious as to the reasoning on trying to stop VTP updates.

Larry

Georg Pauwen wrote:
> Hello,
>
> since VLANs 1 and 1002-1005 cannot be pruned, even with pruning VTP
> traffic will pass over the trunk links.
> So if it is not pruning or VTP transparent, how can VTP updates be
> stopped ? I guess putting the ports in static access mode is not the
> right answer, but it would solve the problem...
>
> Regards,
>
> Georg
>
>> From: "Keane, James" <James.Keane@agriculture.gov.ie>
>> Reply-To: "Keane, James" <James.Keane@agriculture.gov.ie>
>> To: "Vishal B Patel" <vishalp@fasttelco.net>, "mmj"
>> <groupstudy@users.hotpop.com>, <john_t_mathai@hotmail.com>,
>> <ccielab@groupstudy.com>
>> Subject: RE: Stop VTP updates
>> Date: Mon, 29 Nov 2004 08:37:03 -0000
>>
>> Without getting too picky
>>
>> 'Is there a way of preventing vtp updates on the switch ports apart from
>> configuring the switch in vtp transparent mode ?'
>>
>> Transparent mode will pass updates between switches and ports but just
>> wont 'heed/use' them itself on its VTP domain
>>
>> eg
>>
>> s1 ---- s2 ----- s3
>>
>> s1 will see vtp updates from s3, s2 will see the updates but doesnt
>> updates and passes them on.
>>
>>
>> I hope my understanding is correct, if not please let me know !!!
>>
>>
>> -----Original Message-----
>> From: Vishal B Patel [mailto:vishalp@fasttelco.net]
>> Sent: 29 November 2004 06:33
>> To: 'mmj'; john_t_mathai@hotmail.com; ccielab@groupstudy.com
>> Subject: RE: Stop VTP updates
>>
>>
>> Hi,
>>
>> Well I have enabled VTP pruning between two 6500
>>
>> And there some VLANs which don't existing on both the 6500 but
>> only on
>> one 6500.
>>
>> Still when I give show vlan on the 6500s I get the details of all the
>> VLANs
>> existing both the switches.
>>
>> Do I have to do something more for stopping the VTP updates , I have
>> a ISL
>> trunk between these two switches.
>>
>> Thanks
>>
>> Vishal
>>
>> -----Original Message-----
>> From: mmj [mailto:groupstudy@users.hotpop.com]
>> Sent: Sunday, November 28, 2004 6:56 PM
>> To: john_t_mathai@hotmail.com; ccielab@groupstudy.com
>> Subject: RE: Stop VTP updates
>>
>>
>> John,
>>
>> Maybe pruning VTP packets when no end-user ports are alive downstream?
>>
>> vtp {domain domain-name | password password | pruning ....
>>
>> pruning
>> Enable pruning in the VTP administrative domain. VTP pruning causes
>> information about each pruning-eligible VLAN to be removed from VTP
>> updates
>> if there are no stations belonging to that VLAN.
>>
>> Martijn
>>
>> -----Oorspronkelijk bericht-----
>> Van: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Namens
>> john_t_mathai@hotmail.com
>> Verzonden: vrijdag 12 november 2004 15:46
>> Aan: ccielab@groupstudy.com
>> Onderwerp: Stop VTP updates
>>
>>
>> Is there a way of preventing vtp updates on the switch ports apart from
>> configuring the switch in vtp transparent mode ?
>>
>> John
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> **********************************************************************
>> *********** Department of Agriculture and Food ***************
>>
>> The information contained in this email and in any
>> attachments is confidential and is designated solely
>> for the attention and use of the intended recipient(s).
>> This information may be subject to legal and professional
>> privilege. If you are not an intended recipient of
>> this email, you must not use, disclose, copy,
>> distribute or retain this message or any part of it.
>> If you have received this email in error, please
>> notify the sender immediately and delete all copies of
>> this email from your computer system(s).
>> **********************************************************************
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
>
> _________________________________________________________________
> MSN Hotmail : antivirus et antispam intigris
> http://www.msn.fr/newhotmail/Default.asp?Ath=f
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: adeolu@sympatico.ca: "Re: RE: Stop VTP updates"
• Previous message: ccie2be: "New Cisco Press book on IPv6"
• Maybe in reply to: john_t_mathai@hotmail.com: "Stop VTP updates"
• Next in thread: ccie2be: "Re: Stop VTP updates"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:51 GMT-3