1 / 75

Ch 2 Scaling Networks

Ch 2 Scaling Networks. CIS 187 CCNP SWITCH Multilayer Switched Networks Rick Graziani. VTP (VLAN Trunking Protocol): Introduction. Rick Graziani Cabrillo College graziani@cabrillo.edu. Managing VLANs. Creating VLANs Manually. S1# configure terminal S1( config )# vlan 10

bnorthern
Download Presentation

Ch 2 Scaling Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ch 2 Scaling Networks CIS 187 CCNP SWITCH Multilayer Switched Networks Rick Graziani

  2. VTP (VLAN Trunking Protocol): Introduction Rick Graziani Cabrillo College graziani@cabrillo.edu

  3. Managing VLANs

  4. Creating VLANs Manually S1# configure terminal S1(config)# vlan10 S1(config-vlan)# name HR S1(config-vlan)# exit S1(config)# interface fastethernet 0/2 S1(config-if)# switchport mode access S1(config-if)# switchport access vlan10 VLAN name is optional Single host attached, not another switch (trunk) • Ports on a switch are manually assigned (CLI) to a VLAN. • If you assign an interface to a VLAN that does not exist, the new VLAN is created for you. VLAN 10 assigned to the port

  5. VTP(VLAN Trunking Protocol) is a Layer 2 protocol that maintains VLAN configuration consistency by managing the additions, deletions, and name changes of VLANs across networks. • An early step towards network automation. • Not without its detractors. • Switches transmit VTP messages only on 802.1Q.

  6. Step 1. An administrator adds a new VLAN definition on the VTP server. • Step 2. VTP propagates the VLAN information to all VTP switches in the VTP domain. • Step 3. Each VTP client switch synchronizes its configuration to incorporate the new VLAN data.

  7. VTP Modes • Server mode is the default • In VTP Version 3, there is a concept of a primary server and a secondary server. VTP Version 3 is not within the scope • Extended VLANs (1006-4094) require the switch to be in VTP Transparent mode

  8. VTP Versions • ThreeVTP versions: V1, V2, V3. • Default is version 1 (our focus)

  9. VTP Pruning • By default, a trunk connection carries traffic for all VLANs in the VTP management domain. • Broadcasts from red VLAN are not forwarded to Switches 3, 5, and 6, because traffic for the red VLAN has been pruned on the links indicated on Switches 2 and 4.

  10. VTP Authentication • VTP domains can be secured by using the VTP password feature. • It is important to make sure that all the switches in the VTP domain have the same password and domain name; otherwise, a switch will not become a member of the VTP domain.

  11. VTP (VLAN Trunking Protocol): Introduction Rick Graziani Cabrillo College graziani@cabrillo.edu

  12. VTP: Basic Configuration Rick Graziani Cabrillo College graziani@cabrillo.edu

  13. Configuring VTP • Step 1. Enter global configuration mode: Switch# configure terminal • Step 2. Configure the VTP mode as server (default server): Switch(config)# vtp mode [server | client | transparent] • Step 3. (Optional) Configure the domain name (default NULL): Switch(config)# vtp domain domain_name • Step 4. (Optional) Enable VTP version 2: Switch(config)# vtp version 2 • Step 5. (Optional) Specify a VTP password: Switch(config)# vtp password password_string • Step 6. (Optional) Enable VTP pruning in the management domain: Switch(config)# vtppruning

  14. VTP Configuration Example

  15. S1(config)# vtpmode server S1(config)# vtpdomain VTP-DOMAIN-1 S1(config)# vtp password cisco12345 ------ S2(config)# vtpmode client S2(config)# vtpdomain VTP-DOMAIN-1 S2(config)# vtppassword cisco12345 ----- S3(config)# vtpmode client S3(config)# vtpdomain VTP-DOMAIN-1 S3(config)# vtppassword cisco12345

  16. S1# show vtp status VTP Version capable : 1 to 3 VTP version running : 1 VTP Domain Name : VTP-DOMAIN-1 VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : aabb.cc00.5600 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Feature VLAN: -------------- VTP Operating Mode : Server Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 ! Default VLANs 1, 1002-1005 Configuration Revision : 0 MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59

  17. S2# show vtp status VTP Version capable : 1 to 3 VTP version running : 1 VTP Domain Name : VTP-DOMAIN-1 VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : aabb.cc00.6300 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 0.0.0.0 (no valid interface found) Feature VLAN: -------------- VTP Operating Mode : Client Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 Configuration Revision : 0

  18. S3# show vtp status VTP Version capable : 1 to 3 VTP version running : 1 VTP Domain Name : VTP-DOMAIN-1 VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : aabb.cc00.6400 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Feature VLAN: -------------- VTP Operating Mode : Client Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 Configuration Revision : 0

  19. Configuringand Verifying VLANs

  20. Configure VLANs on the VTP Server

  21. Verify that the VTP Clients Have Received the New VLAN Information

  22. Still need to configure VLANs on Interfaces S2# configure terminal S2(config)# interface fastethernet 0/11 S2(config-if)# switchport mode access S2(config-if)# switchport access vlan10 S2(config-if)# end S1#

  23. S1# show vtp status VTP Version capable : 1 to 3 VTP version running : 1 VTP Domain Name : VTP-DOMAIN-1 VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : aabb.cc00.5600 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Feature VLAN: -------------- VTP Operating Mode : Server Maximum VLANs supported locally : 1005 Number of existing VLANs : 8 ! VLANs 10,20,30 1, 1002-1005 Configuration Revision : 0 MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59

  24. VTP: Basic Configuration Rick Graziani Cabrillo College graziani@cabrillo.edu

  25. VTP: Messages Rick Graziani Cabrillo College graziani@cabrillo.edu

  26. NOTE: Whenever you add, delete, or change (name) a VLAN on a VTP server, it increments the configuration revision number and a summary advertisement is sent. VTP Messages VTP Domain = Cisco VTP Mode = Server Config Rev = 2 VLANs = 1, 2, 3 VTP Domain = Cisco VTP Mode = Server Config Rev = 0 VLANs = 1 Summary • VTP Summary advertisements • By default, sent every five-minutes. • Inform adjacent switches of the current VTP domain name and the configuration revision number. • Receiving switch compares the VTP domain name to its own VTP domain name. • If the name is different, the switch simply ignores the packet. • Same or Different? • If the name is the same, the switch then compares the configuration revision to its own revision. • If its own configuration revision is higher or equal, the packet is ignored. • Own Config Rev higher or equal than sender’s? • Otherwise, it is lower and a VTPAdvertisement Request is sent. Same No, it is lower

  27. VTP Messages VTP Domain = Cisco VTP Mode = Server Config Rev = 0 VLANs = 1 VTP Domain = Cisco VTP Mode = Server Config Rev = 0 VLANs = 1 2 2 2, 3 2, 3 Summary Subset • VTP Subset advertisements • Sent in response to a VTP Advertisement Request • Also, sent whenever there is a change to VLAN information on a VTP server. • First the server sends a VTP Summary Advertisement • Then the server sends a VTP Subset Advertisement • One or several subset advertisements follow the summary advertisement. • A subset advertisement contains a list of VLAN information.

  28. VTP Domain = null VTP Mode = Server Config Rev = 0 VLANs = 1 VTP Domain = null VTP Mode = Server Config Rev = 0 VLANs = 1 No Trunks Configured • Let’s take a look at VTP Messages and Server, Client and Transparent Switches. • By default all switches are VTP Servers. VTP Domain = null VTP Mode = Server Config Rev = 0 VLANs = 1

  29. VTP Domain = null VTP Mode = Server Config Rev = 0 VLANs = 1 VTP Domain = null VTP Mode = Transparent Config Rev = 0 VLANs = 1 • Switch B is now a Client • Switch C is now Transparent • VLAN servers maintain a list of all VLANs in NVRAM. • Client cannot add, delete or rename VLANs. • Client does not store VLAN information in NVRAM. • If a client reboots it loses VLAN information and relying on a VTP server to restore the information. VTP Domain = null VTP Mode = Client Config Rev = 0 VLANs = 1

  30. VTP Domain = null VTP Mode = Server Config Rev = 0 VLANs = 1 VTP Domain = null VTP Mode = Transparent Config Rev = 0 VLANs = 1 • Transparent mode switches must have their VLANs configured manually. • Does not participate in VTP or advertise their VLANs. • Ideal for switches with VLANs which should be local to that switch. VTP Domain = null VTP Mode = Client Config Rev = 0 VLANs = 1

  31. VTP Domain = null VTP Mode = Server Config Rev = 0 VLANs = 1 VTP Domain = null VTP Mode = Transparent Config Rev = 0 VLANs = 1 Cisco 2 2, 3 • VTP server: • Domain Name configured as Cisco • VLANs 2 and 3 added • Config Rev increased to 2 (one for each VLAN added) VTP Domain = null VTP Mode = Client Config Rev = 0 VLANs = 1

  32. VTP Domain = Cisco VTP Mode = Server Config Rev = 2 VLANs = 1, 2, 3 VTP Domain = null VTP Mode = Transparent Config Rev = 0 VLANs = 1 • VTP works only over trunk links. • Switch A (Server) sends summary advertisement over trunk links on VLAN 1 • Includes Domain and Revision Number • Multicast 01-00-0C-CC-CC-CC • Switch B updates its Domain • Because of the higher revision number in the Summary, B replies with Advertisement Request • Switch A sends a VTP Subset advertisement Switch B updates its VLAN configuration revision number and VLANs. (May be preceeded by another Summary advertisement.) Cisco VTP Domain = null VTP Mode = Client Config Rev = 0 VLANs = 1 2 1, 2, 3

  33. VTP Domain = Cisco VTP Mode = Server Config Rev = 2 VLANs = 1, 2, 3 VTP Domain = null VTP Mode = Transparent Config Rev = 0 VLANs = 1 Cisco 1, 2, 3, 4, 5, 6 • VTP advertisements sent to Transparent switch. (Shown together) • Switch C does not make any changes based on these advertisements. • Now, lets say Switch C is configured with: • Domain name Cisco • VLANs 2, 3, 4, 5, 6 • Even though in same domain, Switch C does not advertise these VLANs to other switches. • The Configuration Revision number remains at 0 even when VLAN configuration is changed. • Transparent switches will relay VTP messages it receives to other switches if it is in the same domain or in a null domain (let take a look…). VTP Domain = Cisco VTP Mode = Client Config Rev = 2 VLANs = 1, 2, 3

  34. Relays VTP Advertisements VTP Domain = Cisco VTP Mode = Transparent Config Rev = 0 VLANs = 1, 2, 3, 4, 5, 6 VTP Domain = Cisco VTP Mode = Server Config Rev = 2 VLANs = 1, 2, 3 No changes to Rev or VLANs Cisco VTP Domain = null VTP Mode = Client Config Rev = 0 VLANs = 1 2 1, 2, 3 • VTP Client Switch D added to the network. • Switch A (Server) sends summary advertisement over trunk links on VLAN 1 • Switch D updates its Domain • Replies with Advertisement Request • Switch A sends a VTP Subset advertisement Switch D updates its VLAN configuration revision number and VLANs VTP Domain = Cisco VTP Mode = Client Config Rev = 2 VLANs = 1, 2, 3

  35. VTP: Messages Rick Graziani Cabrillo College graziani@cabrillo.edu

  36. VTP: Common VTP Issue Rick Graziani Cabrillo College graziani@cabrillo.edu

  37. What happens when Client/Server enters with higher Configuration Revision number? VTP Domain = West VTP Mode = Server Config Rev = 10 VLANs = 1, 10, 11, 12, 20, 21, 22, 30 VTP Domain = West VTP Mode = Client (or Server) Config Rev = 13 VLANs = 1, 20, 21, 22, 30 13 • Both switches are in the same domain. • Switch C can be Client OR Server • Switch C has Higher Configuration Revision number • Even if Switch C is a Client when enters VTP domain it will overwrite Switch A’s VLAN information because it has higher Configuration Revision number.

  38. How to make sure switch has Lower Config Rev: VTP Mode VTP Domain = West VTP Mode = Server Config Rev = 10 VLANs = 1, 10, 11, 12, 20, 21, 22, 30 VTP Domain = West VTP Mode = Client Config Rev = 16 VLANs = 1 Transparent Client 10 0 1, 10, 11, 12, 20, 21, 22, 30 Not all VTP Messages shown • Setting a switch to Transparent mode reset the configuration to 0. • Then set it back to Client or Server. SwitchC(config)# vtp mode ? client Set the device to client mode. server Set the device to server mode. transparent Set the device to transparent mode. SwitchC(config)#

  39. How to make sure switch has Lower Config Rev: VTP Domain VTP Domain = West VTP Mode = Server Config Rev = 16 VLANs = 1, 10, 11, 12, 20, 21, 22, 30 VTP Domain = West VTP Mode = Client Config Rev = 16 VLANs = 1 West East 0 16 1, 10, 11, 12, 20, 21, 22, 30 Not all VTP Messages shown • Changing the Domain Name on a switch will reset the configuration to 0. • Then set it back to the correct Domain Name. SwitchC(config)# vtp domain West Changing VTP domain name from East to West

  40. VTP: Common VTP Issue Rick Graziani Cabrillo College graziani@cabrillo.edu

  41. DTP (Dynamic Trunking Protocol): Introduction Rick Graziani Cabrillo College graziani@cabrillo.edu

  42. Switch Ethernet Port Type VLANs 10, 20 VLANs 10, 20 Fa0/1 Fa0/1 S1 S2 • Switch Ethernet ports can be set to: • Access port: Non-trunking port used to connect to end-devices. • Trunking:Trunking port to carry VLAN information to another switch. • By default, Cisco Layer 2 switch ports want to trunk.

  43. VLAN Trunks • IEEE 802.1Q: An industry-standard trunking method

  44. Access Port S1(config-if) #switchport mode access • Forces the link into access port. • It will never become a trunk! Connect a host, server, printer, …

  45. Dynamic Trunking Protocol - DTP DTP DTP DTP • By default, many Cisco switches have Dynamic Trunking Protocol (DTP) enabled. • DTP is a Cisco proprietary protocol that negotiates trunking parameters between switches. • Operates on a point-to-point basis only, between network devices. • Designed to make interconnecting switches with VLANs easier (an early step towards automation).

  46. DTP Trunking Modes S1(config-if)# switchport mode ? access Set trunking mode to ACCESS unconditionally dynamic Set trunking mode to dynamically negotiate access or trunk mode trunk Set trunking mode to TRUNK unconditionally S1(config-if)# switchport mode dynamic ? auto Set trunking mode dynamic negotiation parameter to AUTO desirable Set trunking mode dynamic negotiation parameter to DESIRABLE S1(config-if)# switchport mode dynamic

  47. S1(config-if)# switchport mode ? Dynamic Trunking Protocol (DTP) • Access- Puts the interface into permanent non-trunking mode and negotiates to convert the link into a non-trunk link. The interface becomes a non-trunk interface even if the neighboring interface does not agree to the change. • Trunk- Puts the interface into permanent trunking mode and negotiates to convert the link into a trunk link. The interface becomes a trunk interface even if the neighboring interface does not agree to the change. • Nonegotiate- Puts the interface into permanent trunking mode but prevents the interface from generating DTP frames. You must configure the neighboring interface manually as a trunk interface to establish a trunk link. Use this mode when connecting to a device that does not support DTP. • Dynamic desirable - Makes the interface actively attempt to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode. • Dynamic auto - Makes the interface willing to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk or desirable mode. This is the default mode for all Ethernet interfaces in Cisco IOS.

  48. Non-trunking by default How the port was configured. How the is operating. S2# show interfaces fastethernet 0/21 switchport Name: Fa0/21 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) VLANs 10, 20 VLANs 10, 20 Fa0/1 Fa0/1 S2 S1 Dynamic auto Dynamic auto • Ports on the on some series of switches are set to dynamic auto by default. • Does not trunk if both sides default to dynamic auto • This results in the interface being in access mode (non-trunking)

  49. DTP (Dynamic Trunking Protocol): Introduction Rick Graziani Cabrillo College graziani@cabrillo.edu

  50. DTP: Trunk or No Trunk? Rick Graziani Cabrillo College graziani@cabrillo.edu

More Related