From: Dwi C Taniel (dc@dwichandra.info)
Date: Fri Feb 23 2007 - 02:05:39 ART
Hi Lou and Jeff,
I agree with Lou, to force certain vlan to be allowed through certain
trunk must be well justified as you are forcing those vlans to
traveverse through certain trunk ports only (and maybe not another).
Thus if that particular trunk that only provides path access to
certain switch, you are going to break the VLAN member nodes into
several isolated network until the trunk carrying those VLANs can go
back up.
In using VTP client, yes, 64 VLANs is the 'jinx' that cought me up
thinking the VTP is not working in client-server mode.
It happen in the past when I was first introduced to VTP using Cat4k
and Cat6.5k (fresh from the oven at that time ;) )
Besides, if using VTP pruning would do the job, then why bother
manually fine tuning the VTP settings?
The trade off between those two are:
- With manual VTP fine tuning, you really controlling the actual VLANs
flowing through certain VTP link. This will also reduce the switch CPU
utilization as it just 'forced' to pass through certain trunk for
certain VLANs
- With VTP pruning, you will have less administrative overhad (tasks)
since you are giving it to the switch (and it's miraculous VTP/STP
algorithm to put into work). But, using this method, your switch CPU
tend to work more than the previous option.
If switch CPU is not much of a concern, then VTP pruning would be
better options.
Happy Friday everyone! :)
DC
On 02/23/2007, Lou Ioanni <louisccie_r_s@yahoo.com> wrote:
> I would say is good to use the allow statement if you know what you
> doing. If you using VTP server/client many switches can support 64
> vlans and if you do not use the allow statements and allow all vlans
> to go through you might experience network downtime.
>
> I had an experience where they were using the allow statement and
> someone just removed it and the whole network slowed down because
> switches could not support all vlans that went through. Especially
> they created another 200 vlans for NAC clean access that day too.
>
> Many get around this by using Transparent mode instead of
> server/client VTP mode.....especially if you have cores at L3 and no
> distribution L3 you should be carefull with using server/client
> mode...especially without allow statements.
>
> Thanks,
>
> Loizos Y.
> CCIE#10702 R & S
>
> Jeff Mullan <jmullan78@gmail.com> wrote:
> Folks,
> For example, if between a switch and router there are only 2 Vlans active (
> say vlan 10,11) vlan 10 being native and switch is a trunk port , do need to
> have the "switch port mode allowed vlan 10,11" command ? Ideally if we dont
> have it configured then the router will drop all vlans without tags 10,11
> but just wanted to find out from a best practice point of view ? Thanks !!
>
>
> interface FastEthernet0/6
> switchport trunk encapsulation dot1q
> switchport trunk native vlan 10
> switchport trunk allowed vlan 10,11 <=================
> switchport mode trunk
> end
>
> SW_1#
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
> ---------------------------------
> Expecting? Get great news right away with email Auto-Check.
> Try the Yahoo! Mail Beta.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
========
http://www.dwichandra.info
dc@dwichandra.info
--------
visit Transformers movie link at http://www.dwichandra.info/transformers
--------
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:48 ART