Compare cert salaries and plan your next career move
notgoing2fail wrote: » The transparent switchB is well, transparent.... SwitchB has VLAN 71 created, otherwise this entire lab would fail.
mikej412 wrote: » What do you mean by fail? The host attached to Switch A in VLAN 71 wouldn't be able to ping the host attached to Switch C in VLAN 71?
Selfmade wrote: » have you read this?Understanding VLAN Trunk Protocol (VTP) - Cisco Systems
peanutnoggin wrote: » Since you have all three routers with VLAN71, there is no pruning (on VLAN71) taking place. Pruning is just preventing the switch from receiving VLAN packets for VLANs that do not belong to that switch. e.g. If your switch A&C are in server/client mode respectively, and you eliminated VLAN71 on switch B, the broadcast would only go to switch C via the trunk because switch B wouldn't have any hosts in VLAN71. I hope this helps. -Peanut
notgoing2fail wrote: » I don't believe that is the case though. If VLAN 71 doesn't exist on Switch B (the transparent switch), I cannot get ANY communications whatsoever between Switch A and Switch C.
notgoing2fail wrote: » Basically when the transparent switch does not have VLAN 71, then all hosts in Switch C are dead in the water. Is that how it's suppose to work?
peanutnoggin wrote: » As long as you have trunk links, then you'll still have communications. VTP transparent mode just means that your switch will not advertise its vlan database and it will also ignore updates sent to him. If I'm not mistaking, the a transparent switch will still forward the vtp advertisements and a trunk should not be affected. Since the trunk is not affected, switch B shouldn't stop forwarding packets because its in transparent mode.
Forsaken_GA wrote: » Not when pruning is involved. Cisco specifically says the following of VTP transparent and pruning: VTP pruning is not designed to function in VTP transparent mode. If one or more switches in the network are in VTP transparent mode, you should do one of these: •Turn off VTP pruning in the entire network. •Turn off VTP pruning by making all VLANs on the trunk of the switch upstream to the VTP transparent switch pruning ineligible.
Forsaken_GA wrote: » And even when you take VTP out of the picture entirely, just having a trunk link doesn't mean the switch is going to pass along info for frames tagged for vlans it doesn't know about. Let me give you an example - Here's the progression of connections: [Distribution Switch] -> [Access Layer Switch] -> [Another Access Layer Switch] Ok, so you've got them daisy chained. There's a trunk between the Distribution switch and the Access Layer Switch, and there's another trunk between the Access Layer Switch and Another Access Layer Switch. Distribution switch has vlan's 5 through 20 on it. The Access Layer Switch has vlans 10 through 20 on it. The Another Access Layer Switch has hosts in Vlans 5 and 20. I manually define which vlans are allowed on trunks. Now, I define Vlans 5 and 20 as allowed on the trunk betwen ALS and AALS, and I add vlan 5 to the vlans allowed on the Distribution to ALS trunk. AALS will only receive frames in vlan 20. Why? because vlan 5 doesn't exist on ALS. The second I issue the command vlan 5 on ALS, AALS starts populating it's cam with MAC's from vlan 5. In order to pass the vlan on the trunk, the switch has to have that vlan configured, even if it doesn't have any ports in it
notgoing2fail wrote: » I got the impression that there was some side effect of pruning
notgoing2fail wrote: » Exactly. If the transparent switch doesn't also have VLAN 71, all the hosts on VLAN 71 on Switch C are isolated...
mikej412 wrote: » Wouldn't you consider that a pretty drastic side effect of enabling pruning when you've got a transparent switch stuck in you hierarchical switch structure and it drops traffic that downstream switches would like to receive?
Forsaken_GA wrote: » Not when pruning is involved. Cisco specifically says the following of VTP transparent and pruning: VTP pruning is not designed to function in VTP transparent mode. If one or more switches in the network are in VTP transparent mode, you should do one of these: •Turn off VTP pruning in the entire network. •Turn off VTP pruning by making all VLANs on the trunk of the switch upstream to the VTP transparent switch pruning ineligible. And even when you take VTP out of the picture entirely, just having a trunk link doesn't mean the switch is going to pass along info for frames tagged for vlans it doesn't know about. Let me give you an example - Here's the progression of connections: [Distribution Switch] -> [Access Layer Switch] -> [Another Access Layer Switch] Ok, so you've got them daisy chained. There's a trunk between the Distribution switch and the Access Layer Switch, and there's another trunk between the Access Layer Switch and Another Access Layer Switch. Distribution switch has vlan's 5 through 20 on it. The Access Layer Switch has vlans 10 through 20 on it. The Another Access Layer Switch has hosts in Vlans 5 and 20. I manually define which vlans are allowed on trunks. Now, I define Vlans 5 and 20 as allowed on the trunk betwen ALS and AALS, and I add vlan 5 to the vlans allowed on the Distribution to ALS trunk. AALS will only receive frames in vlan 20. Why? because vlan 5 doesn't exist on ALS. The second I issue the command vlan 5 on ALS, AALS starts populating it's cam with MAC's from vlan 5. In order to pass the vlan on the trunk, the switch has to have that vlan configured, even if it doesn't have any ports in it
notgoing2fail wrote: » Yes this is exactly the scenario that I am experiencing!!! I have yet to simulate the ill effects of pruning but I guess I'll just have to save that for another day....
Forsaken_GA wrote: » Erm, yes you have Having your vlans partitioned because of VTP pruning is something widely considered an 'ill effect'
notgoing2fail wrote: » I don't understand that comment? What do you mean by having the vlans partitioned?
Forsaken_GA wrote: » Well the idea is for switch a to be able to communicate with switch c within the same vlan right? To appear logically as one whole Instead, you have two halves, ie, your vlan is partitioned. This is not something that would generally be considered a good thing. Unless the hosts on switch A think the hosts on switch C are a bunch of bungholes and don't want to talk to them anyway.
Compare salaries for top cybersecurity certifications. Free download for TechExams community.
