private vlans, extended vlans, transparent mode vs. vtp version 3

I recall having to choose between setting a VTP server into transparent mode or setting it to version 3 when configuring private vlans or extended vlans.

Either solution will work, but is there a Cisco best practice or a reason to choose one over the other?

My net scouring can be summed up as:

Using v2 Tranparent Mode
Pros:
Can still forward advertisements to v2 servers around it if it remains in v2. (v3 is interoperable with v2, but Cisco claims "best results" are achieved in a homogeneous environment of all v3).
Cons:
Does not advertise the private vlans or extended vlans.

Using VTP Version 3
Pros:
Supports and advertises the private and extended vlans
Cons:
Possible interoperability issues (as alluded to above)?
Switches in the environment may not be V3 capable.

I'm leaning towards Transparent mode for private vlan configuration (since we probably care less about advertising those) and V3 for extended vlans (since we probably do want to advertise those).

I'd love some thoughts.

Find more posts tagged with

Comments

phantasm

For Private VLANs you need to set VTP mode to Transparent. Be careful with your wording. You're calling it "VTP Server transparent mode". That's incorrect. VTP has three modes; server, client and transparent.

In the case of Private VLANs Transparent mode must be used. VTPv3 is used when you need to use extended VLANs (VLANs whose numbers are between 1006 and 4094.

Lastly, if you wanted to use Private VLANs and VLANs above 1006 you would use both VTP mode Transparent and VTPv3.

smcclenaghan

Thanks, phantasm, I really appreciate the advice.

A few quick questions, WHY must transparent mode be used for private vlans? I thought V3 supports private vlans in any mode. Is this incorrect? If I have VTP v3 set as the primary server, I can't create a private vlan there? (I would love to lab this, but none of my 2950 or 3750 support vtp v3). If you have to use transparent mode for VTP v3, then I don't see how v3 supports private vlans any better than v2.

Also, I looked for my typo about VTP server transparent mode, but I don't think I said that. I said this: "VTP server into transparent mode", meaning to change the mode. Frankly though, my sanity is decreasing with each read of a Cisco question or fact, so even after rereading my post a few times, I'm still not sure if I typed that or not

phantasm

Sorry. I need to back track on this. It's been awhile since I've studied Private VLANs. If you're planning to use Private VLANs and you want VTP to carry the information then you must use VTPv3 throughout the switching infrastructure you want the PVLAN information carried through.

If you're using VTPv2 then you need to set the VTP mode to Transparent because it does not support PVLANs. In this scenario you would have to manually trunk the primary and secondary VLANs to each switch you want them on.

VTP Version 3 - Cisco

Private VLANs Revisited

smcclenaghan

Okay, thanks again for your insight, phantasm.

Unfortunately it remains a little unclear whether (if we're asked on the CCNP exam for example) to choose between VTP 2 transparent mode, or VTP v3, which is best for private vlans.

I suppose transparent mode will be my choice since it requires configuration on that switch only.

phantasm

smcclenaghan wrote: »

Okay, thanks again for your insight, phantasm.

Unfortunately it remains a little unclear whether (if we're asked on the CCNP exam for example) to choose between VTP 2 transparent mode, or VTP v3, which is best for private vlans.

I suppose transparent mode will be my choice since it requires configuration on that switch only.

Which is best? That's not really a valid question since both answers are correct. The answer to "Which is best" is what your network requirements dictate. Cisco won't test you on your own network.

smcclenaghan

Without violating NDA, lets just say that it's come up on an exam.