Why do enterprises not use VTP?
boxerboy1168
Member Posts: 395 ■■■□□□□□□□
in CCNA & CCENT
Reading the CCENT Wendell Odom edition (which I love) in preparation for the CCENT and I am in the VLAN part of the book where he states the he will only briefly cover VTP and that it isn't used very much in enterprise architecture.
What's up with that?
If it's not necessary for the test should I spend much time toying with it and what's wrong with VTP?
Ack, the title is basically 5th grade engrish, forgive I just got off work.
What's up with that?
If it's not necessary for the test should I spend much time toying with it and what's wrong with VTP?
Ack, the title is basically 5th grade engrish, forgive I just got off work.
Currently enrolling into WGU's IT - Security Program. Working on LPIC (1,2,3) and CCNA (and S) as long term goals and preparing for the Security+ and A+ as short term goals.
Comments
-
Legacy User Unregistered / Not Logged In Posts: 0 ■□□□□□□□□□I don't know about the current version but back in the day the ccna exam had a few vtp questions. Yes learn it, learn whats good about it and learn whats bad about it. Most places would have it set to transparent which is best practice. I have some seen older networks have vtp enabled so it is still out there.
Basically the reason why people don't use it because if someone installs a preprogrammed switch on the network without realizing it was preprogrammed with vtp set at the default setting which is vtp server. If that newly installed switch has a higher revision number then the other switches it can overwrite vlan information that is currently in production and you run into a situation that your production switch stopped working because it lost the vlans that were originally configured. -
boxerboy1168 Member Posts: 395 ■■■□□□□□□□so an enterprise typically uses either L3 switches our router on a stick to route between VLANs rather than a trunking protocol?
Also can I assume that most enterprises are using 1 VLAN per switch if that's the case or that doesn't really matter?Currently enrolling into WGU's IT - Security Program. Working on LPIC (1,2,3) and CCNA (and S) as long term goals and preparing for the Security+ and A+ as short term goals. -
Cisco Inferno Member Posts: 1,034 ■■■■■■□□□□VTP is not a trunking protocol.
People need to realize it.
DTP is one though.
I would call VTP more of a "VLAN Database Convergence" protocol.2019 Goals
CompTIA Linux+[ ] Bachelor's Degree -
hurricane1091 Member Posts: 919 ■■■■□□□□□□No one uses VTP because one mistake and your network is wrecked. Not worth the "convenience" basically.
-
Cisco Inferno Member Posts: 1,034 ■■■■■■□□□□boxerboy1168 wrote: »so an enterprise typically uses either L3 switches our router on a stick to route between VLANs rather than a trunking protocol?
Also can I assume that most enterprises are using 1 VLAN per switch if that's the case or that doesn't really matter?
Most companies use Layer 3 switches for routing between VLANs. VTP does not ROUTE.
Routing is Layer 3.
I also cannot understand your question. Why would we use 1 VLAN per switch?2019 Goals
CompTIA Linux+[ ] Bachelor's Degree -
boxerboy1168 Member Posts: 395 ■■■□□□□□□□Heard that on a CBT Nugget or something I forget where I heard that.
Yeah I get that it doesn't route but if you have traffic between switches that's not being passed through a vlan trunk then it has to be route correct?
So if I have 2 switches and 2 vlans I have to use a router or layer 3 switch in order for communication to occur between let's say.. vlan 10 right? How else can 2 switches communicate with each other without a trunk port or L3 routing having multiple VLANs?Currently enrolling into WGU's IT - Security Program. Working on LPIC (1,2,3) and CCNA (and S) as long term goals and preparing for the Security+ and A+ as short term goals. -
MitM Member Posts: 622 ■■■■□□□□□□boxerboy1168 wrote: »So if I have 2 switches and 2 vlans I have to use a router or layer 3 switch in order for communication to occur between let's say.. vlan 10 right? How else can 2 switches communicate with each other without a trunk port or L3 routing having multiple VLANs?
If you have even 1 switch, if there are multiple vlans (multiple subnets) on that switch, you'll need a router or L3 switch to pass traffic between those subnets.
As far as VTP, in VTP version 1 & 2, it was too easy to mistakenly overwrite the vlan database, causing a network outage. I use VTP in production, but version 3. -
boxerboy1168 Member Posts: 395 ■■■□□□□□□□ahhhh ok different versions...Currently enrolling into WGU's IT - Security Program. Working on LPIC (1,2,3) and CCNA (and S) as long term goals and preparing for the Security+ and A+ as short term goals.
-
ccnpninja Member Posts: 1,010 ■■■□□□□□□□in VTP v3 I think, if my SWITCH memory is not corrupted, you can define a sole VTP server that is allowed to send VTP adverts.my blog:https://keyboardbanger.com
-
stlsmoore Member Posts: 515 ■■■□□□□□□□hurricane1091 wrote: »No one uses VTP because one mistake and your network is wrecked. Not worth the "convenience" basically.
Yup, speaking from experience. Nothing like taking out a call center during peak hours because you had to implement a switch ASAP in a VTP environment. Not only does VTP revision number matters the version differences between switches can cause headaches as well.
If the new switch is using VTP Ver. 2 in an existing VTP Ver. 1 environment it can take over as the server...at least that's what happened to me lol.My Cisco Blog Adventure: http://shawnmoorecisco.blogspot.com/
Don't Forget to Add me on LinkedIn!
https://www.linkedin.com/in/shawnrmoore -
MitM Member Posts: 622 ■■■■□□□□□□The concern with VTP version 2 is even if you introduce a switch in client mode, if the revision number is higher, it will cause an overwrite of the vlan database
in VTP v3, you define a "Primary" server, and only that server can add vlans. -
networker050184 Mod Posts: 11,962 ModNetworking historically has been a field that shies away from anything done automatically in my experience. Hell it took years and years before a lot of people let go of hard coding speed and duplex. Some still won't!
There is inherent risk with anything that happens automatically of course, VTP included, but proper controls can mitigate that risk. In most modern networks VLAN provisioning is usually done by some automated fashion (which comes with it's own set of risks) other than VTP though. Or preferably, L2 domains are shrunk as small as possible so pushing the same VLANs to a large number of devices shouldn't be necessary.An expert is a man who has made all the mistakes which can be made.