RE: Disabling VTP

From: Victor Cappuccio (cvictor@protokolgroup.com)
Date: Mon Oct 16 2006 - 01:32:50 ART

• Next message: Godswill Oletu: "Re: Disabling VTP"
• Previous message: Brian Dennis: "RE: IWEB-RS/Internetwork Expert LAB 6 9.2"
• Maybe in reply to: Adam Frederick: "Disabling VTP"
• Next in thread: Godswill Oletu: "Re: Disabling VTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Erez, Congratulations on your Digits!!

But back to the post.

DTP have something to do with VTP

From the same link you sent http://www.cisco.com/warp/public/473/21.html
Says "
Dynamic Trunking Protocol (DTP) sends the VTP domain name in a DTP packet.
Therefore, if you have two ends of a link that belong to different VTP
domains, the trunk does not come up if you use DTP. In this special case,
you must configure the trunk mode as on or nonegotiate, on both sides, in
order to allow the trunk to come up without DTP negotiation agreement.
"

I would agree with Adam here, In setting the Switch to Transparent to avoid
sending VTP Messages over the trunk ports.

Please look at the following output in detail, I would not think that the
mac access-list idea could work, but I would test that out tomorrow with a
couple of real 3550, since I'm playing now with Dynamips with an IOS of a
3640 with a NM-16ESW.

Sw2(vlan)#vtp server
Setting device to VTP SERVER mode.
Sw2(vlan)#
*Mar 1 00:04:16.155: VTP LOG RUNTIME: Transmit vtp summary, domain CISCO,
rev 0
, followers 1
   MD5 digest calculated = 00 31 17 6B 64 9D 1A 91 56 96 10 B4 FF 9D FC 23

Sw2(vlan)#vtp transparent
Setting device to VTP TRANSPARENT mode.
Sw2(vlan)#vtp server
Setting device to VTP SERVER mode.
Sw2(vlan)#
*Mar 1 00:04:39.855: VTP LOG RUNTIME: Transmit vtp summary, domain CISCO,
rev 0
, followers 1
   MD5 digest calculated = 00 31 17 6B 64 9D 1A 91 56 96 10 B4 FF 9D FC 23
Sw2(vlan)#

Please see that the time the First VTP Summary Message was send out was
00:4:16 and I configured the switch to be in VTP Transparent mode for a
short while and set it back to VTP Server. See the VTP summary now being
sent out (0.4.39)

Congratulations again,
Saludos,
Victor.-

-----Mensaje original-----
De: nobody@groupstudy.com [mailto:nobody@groupstudy.com] En nombre de Jordan
Gottlieb
Enviado el: Domingo, 15 de Octubre de 2006 11:32 p.m.
Para: CharlesB
CC: Adam Frederick; ccielab@groupstudy.com
Asunto: Re: Disabling VTP

From http://www.cisco.com/warp/public/473/21.html"

VTP packets are sent in either Inter-Switch Link (ISL) frames or in IEEE
802.1Q (dot1q) frames. These packets are sent to the destination MAC address
01-00-0C-CC-CC-CC with a logical link control (LLC) code of Subnetwork
Access Protocol (SNAP) (AAAA) and a type of 2003 (in the SNAP header).

You should be able to configure a Name MAC Extended ACL filter. (
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225see/scg/swacl
.htm#wp1177176)
this on the respective port. I have not tried this...But I believe it will
probably work.

I must caution people not to confuse DTP with VTP. The switchport
nonegotiate command is a DTP disable command (nothing to to with VTP).

Hope this helps. BTW... I passed my lab a week ago this past Thursday in
San Jose. Hope this input (and future to come) helps repay some of benifit
I have obtained from this board.

Erez Jordan Gottlieb
CCIE #17010

On 10/15/06, CharlesB <cbalik@adelphia.net> wrote:
>
> I assume since VTP runs on the trunks ports, getting the interface out of
> trunk mode would solve the issue.
>
> sw1#sh vtp cou
> sw1#sh vtp counters
> VTP statistics:
> Summary advertisements received : 0
> Subset advertisements received : 0
> Request advertisements received : 0
> Summary advertisements transmitted : 0
> Subset advertisements transmitted : 0
> Request advertisements transmitted : 0
> Number of config revision errors : 0
> Number of config digest errors : 0
> Number of V1 summary errors : 0
>
>
> VTP pruning statistics:
>
> Trunk Join Transmitted Join Received Summary advts received
> from
> non-pruning-capable
> device
> ---------------- ---------------- ----------------
> -------------------------
> --
> Fa0/13 0 0 0
> Fa0/14 0 0 0
> Fa0/15 0 0 0
> Fa0/24 0 0 0------------------>
> check it out
>
>
>
>
> s1#interface FastEthernet0/24
> switchport mode dynamic desirable
>
>
>
> Since it is in desirable mode, it negotiates the trunk status wit the
> other
> link, but if it is a switchport, the vtp counters does not list it
> anymore.
>
> sw1(config)#inter fas0/24
> sw1(config-if)#sw
> sw1(config-if)#switchport mode acc
> sw1(config-if)#end
> sw1#sh
> 10w2d: %SYS-5-CONFIG_I: Configured from console by conssh vtp counters
> VTP statistics:
> Summary advertisements received : 0
> Subset advertisements received : 0
> Request advertisements received : 0
> Summary advertisements transmitted : 0
> Subset advertisements transmitted : 0
> Request advertisements transmitted : 0
> Number of config revision errors : 0
> Number of config digest errors : 0
> Number of V1 summary errors : 0
>
>
> VTP pruning statistics:
>
> Trunk Join Transmitted Join Received Summary advts received
> from
> non-pruning-capable
> device
> ---------------- ---------------- ----------------
> -------------------------
> --
> Fa0/13 0 0 0
> Fa0/14 0 0 0
> Fa0/15 0 0 0
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Adam Frederick
> Sent: Sunday, October 15, 2006 6:15 PM
> To: ccielab@groupstudy.com
> Subject: Disabling VTP
>
>
> ?
> Group
>
> I am working on a practice lab that utilizes 2x3550's & calls for
> disabling
> VTP on the fastethernet interfaces. I have searched and searched and
> haven't seen that it is possible to disable VTP on a per-interface basis,
> is
> this correct? I think the solution is to change VTP to transparent since
> the gigabit ports are not being utilized at all in the practice
> lab. Could
> someone confirm this?
>
> Thanks,
> Adam
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Adam Frederick
> Sent: Sunday, October 15, 2006 6:15 PM
> To: ccielab@groupstudy.com
> Subject: Disabling VTP
>
>
> ?
> Group
>
> I am working on a practice lab that utilizes 2x3550's & calls for
> disabling
> VTP on the fastethernet interfaces. I have searched and searched and
> haven't seen that it is possible to disable VTP on a per-interface basis,
> is
> this correct? I think the solution is to change VTP to transparent since
> the gigabit ports are not being utilized at all in the practice
> lab. Could
> someone confirm this?
>
> Thanks,
> Adam
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Godswill Oletu: "Re: Disabling VTP"
• Previous message: Brian Dennis: "RE: IWEB-RS/Internetwork Expert LAB 6 9.2"
• Maybe in reply to: Adam Frederick: "Disabling VTP"
• Next in thread: Godswill Oletu: "Re: Disabling VTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:05 ART