From: Godswill Oletu (oletu@inbox.lv)
Date: Mon Oct 16 2006 - 21:58:47 ART
Scott,
All that the text of that book you paraphrased is saying is that, there is
no magical command like 'no vtp' or the like to disable VTP. If you can do
something else that will result in the absence or non-operation of VTP that
is liken to disabling it, then you have essentially disabled it and enabling
transparent mode will do that.
Godswill Oletu
CCIE #16464 (R&S).
----- Original Message -----
From: "Scott Smith" <hioctane@gmail.com>
To: "Godswill Oletu" <oletu@inbox.lv>
Cc: "Victor Cappuccio" <cvictor@protokolgroup.com>; "Jordan Gottlieb"
<thelieber@gmail.com>; "CharlesB" <cbalik@adelphia.net>; "Adam Frederick"
<AFrederick@homefederalbank.com>; <ccielab@groupstudy.com>
Sent: Monday, October 16, 2006 9:41 AM
Subject: Re: Disabling VTP
> A paraphrased quote from Cisco LAN Switching.
>
> "you cannot disable VTP, the only option is to use transparent mode"
>
> So if the task is only asking for you to disable VTP and DTP isn't
> mentioned I would use transparent mode and not mess with DTP. Just my
> .02 :-)
>
> --
> Scott
> CCIE #17040 (R&S)
>
>
> On 10/16/06, Godswill Oletu <oletu@inbox.lv> wrote:
> > As Victor has stated, setting the trunking mode to 'nonegoatiate' and
> > configuring VTP transparent mode is the best option. There has been a
thread
> > on this in the past, check the archives.
> >
> > Filtering with an ACL at best will only prevent VTP from working, it
will
> > not disable it.
> >
> > HTH
> >
> > Godswill Oletu
> > CCIE #16464 (R&S)
> >
> >
> > ----- Original Message -----
> > From: "Victor Cappuccio" <cvictor@protokolgroup.com>
> > To: "'Jordan Gottlieb'" <thelieber@gmail.com>; "'CharlesB'"
> > <cbalik@adelphia.net>
> > Cc: "'Adam Frederick'" <AFrederick@homefederalbank.com>;
> > <ccielab@groupstudy.com>
> > Sent: Monday, October 16, 2006 12:32 AM
> > Subject: RE: Disabling VTP
> >
> >
> > > Hi Erez, Congratulations on your Digits!!
> > >
> > > But back to the post.
> > >
> > > DTP have something to do with VTP
> > >
> > > From the same link you sent
http://www.cisco.com/warp/public/473/21.html
> > > Says "
> > > Dynamic Trunking Protocol (DTP) sends the VTP domain name in a DTP
packet.
> > > Therefore, if you have two ends of a link that belong to different VTP
> > > domains, the trunk does not come up if you use DTP. In this special
case,
> > > you must configure the trunk mode as on or nonegotiate, on both sides,
in
> > > order to allow the trunk to come up without DTP negotiation agreement.
> > > "
> > >
> > > I would agree with Adam here, In setting the Switch to Transparent to
> > avoid
> > > sending VTP Messages over the trunk ports.
> > >
> > > Please look at the following output in detail, I would not think that
the
> > > mac access-list idea could work, but I would test that out tomorrow
with a
> > > couple of real 3550, since I'm playing now with Dynamips with an IOS
of a
> > > 3640 with a NM-16ESW.
> > >
> > > Sw2(vlan)#vtp server
> > > Setting device to VTP SERVER mode.
> > > Sw2(vlan)#
> > > *Mar 1 00:04:16.155: VTP LOG RUNTIME: Transmit vtp summary, domain
CISCO,
> > > rev 0
> > > , followers 1
> > > MD5 digest calculated = 00 31 17 6B 64 9D 1A 91 56 96 10 B4 FF 9D
FC 23
> > >
> > > Sw2(vlan)#vtp transparent
> > > Setting device to VTP TRANSPARENT mode.
> > > Sw2(vlan)#vtp server
> > > Setting device to VTP SERVER mode.
> > > Sw2(vlan)#
> > > *Mar 1 00:04:39.855: VTP LOG RUNTIME: Transmit vtp summary, domain
CISCO,
> > > rev 0
> > > , followers 1
> > > MD5 digest calculated = 00 31 17 6B 64 9D 1A 91 56 96 10 B4 FF 9D
FC 23
> > > Sw2(vlan)#
> > >
> > >
> > > Please see that the time the First VTP Summary Message was send out
was
> > > 00:4:16 and I configured the switch to be in VTP Transparent mode for
a
> > > short while and set it back to VTP Server. See the VTP summary now
being
> > > sent out (0.4.39)
> > >
> > > Congratulations again,
> > > Saludos,
> > > Victor.-
> > >
> > >
> > > -----Mensaje original-----
> > > De: nobody@groupstudy.com [mailto:nobody@groupstudy.com] En nombre de
> > Jordan
> > > Gottlieb
> > > Enviado el: Domingo, 15 de Octubre de 2006 11:32 p.m.
> > > Para: CharlesB
> > > CC: Adam Frederick; ccielab@groupstudy.com
> > > Asunto: Re: Disabling VTP
> > >
> > > From http://www.cisco.com/warp/public/473/21.html"
> > >
> > > VTP packets are sent in either Inter-Switch Link (ISL) frames or in
IEEE
> > > 802.1Q (dot1q) frames. These packets are sent to the destination MAC
> > address
> > > 01-00-0C-CC-CC-CC with a logical link control (LLC) code of Subnetwork
> > > Access Protocol (SNAP) (AAAA) and a type of 2003 (in the SNAP header).
> > >
> > > You should be able to configure a Name MAC Extended ACL filter. (
> > >
> >
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225see/scg/swacl
> > > .htm#wp1177176)
> > > this on the respective port. I have not tried this...But I believe it
> > will
> > > probably work.
> > >
> > > I must caution people not to confuse DTP with VTP. The switchport
> > > nonegotiate command is a DTP disable command (nothing to to with VTP).
> > >
> > > Hope this helps. BTW... I passed my lab a week ago this past
Thursday in
> > > San Jose. Hope this input (and future to come) helps repay some of
> > benifit
> > > I have obtained from this board.
> > >
> > > Erez Jordan Gottlieb
> > > CCIE #17010
> > >
> > >
> > >
> > > On 10/15/06, CharlesB <cbalik@adelphia.net> wrote:
> > > >
> > > > I assume since VTP runs on the trunks ports, getting the interface
out
> > of
> > > > trunk mode would solve the issue.
> > > >
> > > > sw1#sh vtp cou
> > > > sw1#sh vtp counters
> > > > VTP statistics:
> > > > Summary advertisements received : 0
> > > > Subset advertisements received : 0
> > > > Request advertisements received : 0
> > > > Summary advertisements transmitted : 0
> > > > Subset advertisements transmitted : 0
> > > > Request advertisements transmitted : 0
> > > > Number of config revision errors : 0
> > > > Number of config digest errors : 0
> > > > Number of V1 summary errors : 0
> > > >
> > > >
> > > > VTP pruning statistics:
> > > >
> > > > Trunk Join Transmitted Join Received Summary advts
> > received
> > > > from
> > > >
non-pruning-capable
> > > > device
> > > > ---------------- ---------------- ----------------
> > > > -------------------------
> > > > --
> > > > Fa0/13 0 0 0
> > > > Fa0/14 0 0 0
> > > > Fa0/15 0 0 0
> > > > Fa0/24 0 0
> > 0------------------>
> > > > check it out
> > > >
> > > >
> > > >
> > > >
> > > > s1#interface FastEthernet0/24
> > > > switchport mode dynamic desirable
> > > >
> > > >
> > > >
> > > > Since it is in desirable mode, it negotiates the trunk status wit
the
> > > > other
> > > > link, but if it is a switchport, the vtp counters does not list it
> > > > anymore.
> > > >
> > > > sw1(config)#inter fas0/24
> > > > sw1(config-if)#sw
> > > > sw1(config-if)#switchport mode acc
> > > > sw1(config-if)#end
> > > > sw1#sh
> > > > 10w2d: %SYS-5-CONFIG_I: Configured from console by conssh vtp
counters
> > > > VTP statistics:
> > > > Summary advertisements received : 0
> > > > Subset advertisements received : 0
> > > > Request advertisements received : 0
> > > > Summary advertisements transmitted : 0
> > > > Subset advertisements transmitted : 0
> > > > Request advertisements transmitted : 0
> > > > Number of config revision errors : 0
> > > > Number of config digest errors : 0
> > > > Number of V1 summary errors : 0
> > > >
> > > >
> > > > VTP pruning statistics:
> > > >
> > > > Trunk Join Transmitted Join Received Summary advts
> > received
> > > > from
> > > >
non-pruning-capable
> > > > device
> > > > ---------------- ---------------- ----------------
> > > > -------------------------
> > > > --
> > > > Fa0/13 0 0 0
> > > > Fa0/14 0 0 0
> > > > Fa0/15 0 0 0
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf
Of
> > > > Adam Frederick
> > > > Sent: Sunday, October 15, 2006 6:15 PM
> > > > To: ccielab@groupstudy.com
> > > > Subject: Disabling VTP
> > > >
> > > >
> > > > ?
> > > > Group
> > > >
> > > > I am working on a practice lab that utilizes 2x3550's & calls for
> > > > disabling
> > > > VTP on the fastethernet interfaces. I have searched and searched
and
> > > > haven't seen that it is possible to disable VTP on a per-interface
> > basis,
> > > > is
> > > > this correct? I think the solution is to change VTP to transparent
> > since
> > > > the gigabit ports are not being utilized at all in the practice
> > > > lab. Could
> > > > someone confirm this?
> > > >
> > > > Thanks,
> > > > Adam
> > > >
> > > >
This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:05 ART