Options
VTP Domains
typesh
Member Posts: 168
in CCNA & CCENT
Hey everyone, I am confused about some VTP Domain stuff.
The Odom book says (Page 19 of ICND2 Second Ed):
“The VTP domain name provides a design tool by which engineers can create multiple groups of VTP switches, called domains, whose VLAN configurations are autonomous. To do so, the engineer can configure one set of switches in on VTP domain and another set in another VTP domain, and the switches in the different domains will ignore each other’s VTP messages. VTP Domains allow engineers to break up the switched network into different administrative domains. For example, in a large buidling with a large IT staff, one division's IT staff might use a VTP domain name of Accounting, while another part of the IT staff might use a domain name of Sales, maintaining control of their configurations but still being able to forward traffic between divisions through the LAN infrastructure”
What does this refer to (having a really hard time picturing it)? Does this mean that switches connected directly to other switches (such as SW1—SW2—SW3—SW4), can be in different domains? I am not sure if that is correct because, from my understanding, switches need to have the same VTP Domain in order to pass VTP info.
Thank you.
Edit:
Unless... VTP domains must match in order to exchange VLAN info, but if the domains don't match, then the switch simply passes on the VTP update to a neighboring switch who may or may not have the matching domain name. Would that be correct? That way the same infrastructure can be used and only switches that the VTP Update was intended for are the ones that increment their revision number and update their vlan.dat.
The Odom book says (Page 19 of ICND2 Second Ed):
“The VTP domain name provides a design tool by which engineers can create multiple groups of VTP switches, called domains, whose VLAN configurations are autonomous. To do so, the engineer can configure one set of switches in on VTP domain and another set in another VTP domain, and the switches in the different domains will ignore each other’s VTP messages. VTP Domains allow engineers to break up the switched network into different administrative domains. For example, in a large buidling with a large IT staff, one division's IT staff might use a VTP domain name of Accounting, while another part of the IT staff might use a domain name of Sales, maintaining control of their configurations but still being able to forward traffic between divisions through the LAN infrastructure”
What does this refer to (having a really hard time picturing it)? Does this mean that switches connected directly to other switches (such as SW1—SW2—SW3—SW4), can be in different domains? I am not sure if that is correct because, from my understanding, switches need to have the same VTP Domain in order to pass VTP info.
Thank you.
Edit:
Unless... VTP domains must match in order to exchange VLAN info, but if the domains don't match, then the switch simply passes on the VTP update to a neighboring switch who may or may not have the matching domain name. Would that be correct? That way the same infrastructure can be used and only switches that the VTP Update was intended for are the ones that increment their revision number and update their vlan.dat.
Comments
-
Options
billscott92787
Member Posts: 933
Hey everyone, I am confused about some VTP Domain stuff.
The Odom book says (Page 19 of ICND2 Second Ed):
“The VTP domain name provides a design tool by which engineers can create multiple groups of VTP switches, called domains, whose VLAN configurations are autonomous. To do so, the engineer can configure one set of switches in on VTP domain and another set in another VTP domain, and the switches in the different domains will ignore each other’s VTP messages. VTP Domains allow engineers to break up the switched network into different administrative domains. For example, in a large buidling with a large IT staff, one division's IT staff might use a VTP domain name of Accounting, while another part of the IT staff might use a domain name of Sales, maintaining control of their configurations but still being able to forward traffic between divisions through the LAN infrastructure”
What does this refer to (having a really hard time picturing it)? Does this mean that switches connected directly to other switches (such as SW1—SW2—SW3—SW4), can be in different domains? I am not sure if that is correct because, from my understanding, switches need to have the same VTP Domain in order to pass VTP info.
Thank you.
Edit:
Unless... VTP domains must match in order to exchange VLAN info, but if the domains don't match, then the switch simply passes on the VTP update to a neighboring switch who may or may not have the matching domain name. Would that be correct? That way the same infrastructure can be used and only switches that the VTP Update was intended for are the ones that increment their revision number and update their vlan.dat.
That information is correct. The point they are trying to make is the fact that a Network Engineer/Administrator has the choice of breaking up a specific network into many domains, or they can build one big domain. In the scenarios,
One domain: All VTP configurations domain name will match, which will allow the switches to pass VTP information between one another.
Different domains: There will be some switches in one domain, and some in another, and so on. The ones that have matching domain names will share information, the different domain names, will not share information, they will ignore the VTP messages since their domain names do not match. -
Optionstypesh
Member Posts: 168
billscott92787 wrote: »they will ignore the VTP messages since their domain names do not match.
Thanks!
So they will pass the updates even though they ignorethem? -
Optionsbillscott92787
Member Posts: 933
Thanks!
So they will pass the updates even though they ignorethem?
Of course, how would the other switches that have the same VTP domain receive them if VTP messages were not being passed? IF the two switches are connected someway but have a different domain, they would just ignore the messages from the switch with the different VTP domain. -
Optionstypesh
Member Posts: 168
billscott92787 wrote: »Of course, how would the other switches that have the same VTP domain receive them if VTP messages were not being passed? IF the two switches are connected someway but have a different domain, they would just ignore the messages from the switch with the different VTP domain.
Ohhhh okay cool. I was thinking that a switch would only pass VTP updates to another switch IF that other switch had the same domain name. That's where I was getting confused... -
Options
networker050184
Mod Posts: 11,962 Mod
Ohhhh okay cool. I was thinking that a switch would only pass VTP updates to another switch IF that other switch had the same domain name. That's where I was getting confused...
A switch in server or client mode will not pass VTP messages for other domains regardless of VTP version. So, if you have the following set up VTP advertisement will not propagate from SW1 to SW3 (cisco1/2 are the VTP domain).cisco1 cisco2 cisco1 SW1-------------------SW2-------------------SW3
Also a transparent switch will only pass the udates if it has the same domain name in VTP version 1. If the transparent switch is in VTP version 2 it will pass the updates regardless of domain name.An expert is a man who has made all the mistakes which can be made. -
OptionsGT-Rob
Member Posts: 1,090
Interesting. So VTP domains have a physical limiting boundary? Ive never seen multiple VTP domains (rarely even see one) so Im not sure what the behavior would be.
-
Optionstypesh
Member Posts: 168
networker050184 wrote: »A switch in server or client mode will not pass VTP messages for other domains regardless of VTP version. So, if you have the following set up VTP advertisement will not propagate from SW1 to SW3 (cisco1/2 are the VTP domain).
cisco1 cisco2 cisco1 SW1-------------------SW2-------------------SW3
Also a transparent switch will only pass the udates if it has the same domain name in VTP version 1. If the transparent switch is in VTP version 2 it will pass the updates regardless of domain name.
Ohh I see. So if there are multiple switches in a large corporation (and client & server switches do not pass VTP updates for switches in another domain), how can you take advantage of multiple domains over the entire infrastructure (what Odom was referring to)? -
Optionsnetworker050184
Mod Posts: 11,962 Mod
You make sure all switches in a domain are either connected together or connected through a transparent switch with the same VTP domain or one running VTPv2.An expert is a man who has made all the mistakes which can be made.
-
Optionstypesh
Member Posts: 168
networker050184 wrote: »You make sure all switches in a domain are either connected together or connected through a transparent switch with the same VTP domain or one running VTPv2.
Nice! Thank so much. Had a hard time visualizing that. -
Options
dtlokee
Member Posts: 2,378 ■■■■□□□□□□
Something to keep in mind about VTP, its a L2 protocol and isn't really 'passed' by switches. It's received by a switch and processed much like a BPDU would be. The switch that processes it will decide what to do with the update, as Networker said in most cases the switch will ignore a VTP frame that does not have the same domain name as the switch. There are 2 exceptions to this:
1. if the switch is in VTP tranparent mode and all switches are running VTP version 2.
2. If the switch is currently in the 'null' VTP domain (the domain name is unconfigured) then the switch will begin using that VTP domain name.The only easy day was yesterday! -
Optionstypesh
Member Posts: 168
networker050184 wrote: »A switch in server or client mode will not pass VTP messages for other domains regardless of VTP version. So, if you have the following set up VTP advertisement will not propagate from SW1 to SW3 (cisco1/2 are the VTP domain).
cisco1 cisco2 cisco1 SW1-------------------SW2-------------------SW3
Also a transparent switch will only pass the udates if it has the same domain name in VTP version 1. If the transparent switch is in VTP version 2 it will pass the updates regardless of domain name.
Okay so I am trying this out with my home lab now.
The set up is just as networker050184 listed (including domain names):
SW1
SW2
SW3
SW1 is a VTP Server with Domain Name Cisco1
SW2 is a Transparent Switch with no domain name
SW3 is a VTP Client (tried server as well) with Domain Name Cisco1
The link between SW1 and SW2 has been hardcoded as a trunk on both switches.
The link between SW2 and SW3 has been hardcoded as a trunk on both switches.
Still, SW3 is not receiving VLAN updates from SW1.
I tried going on SW1 and adding a bunch of new VLANs, hoping that they would pass through SW2 since it is a Transparent Switch, and get to SW3 who would update its own vlan.dat since the domain name is the same as SW1.
Am I missing a step...?
My switches are 2950s.
Just double checked to make sure VTP ver2 is on. It is.
Edit:
Okay, so it appears that I was not missing a step.
SW3 did update its vlan.dat, but it took like 15 minutes. I was expecting it to be almost instant (or no more than a minute or so).
After about 15 mins, the update happened.
Does it normally take this long.....? -
Optionsnetworker050184
Mod Posts: 11,962 Mod
It shouldn't take 15 min, but it wouldn't be the first time I've seen something take longer than it should. The advertisements are sent every 5 minutes or triggered when a change is made.An expert is a man who has made all the mistakes which can be made.
-
Optionstypesh
Member Posts: 168
networker050184 wrote: »It shouldn't take 15 min, but it wouldn't be the first time I've seen something take longer than it should. The advertisements are sent every 5 minutes or triggered when a change is made.
Sounds good. It seems to be updating faster now. Thanks again!
