[c-nsp] Turning off vtp multicasts

Robert Crowe rocrowe at cisco.com
Thu Sep 1 20:21:13 EDT 2005 

VTP version 3 supports the functionality you are looking for. 


- Rob

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Vinny Abello
Sent: Thursday, September 01, 2005 7:59 PM
To: Bob Tinkelman; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Turning off vtp multicasts

Hi Bob,

         I could be mistaken, but I believe VTP is globally on or off on
Cisco switches (ones I've used anyway). I've never seen a way to control it
on a per port basis. I haven't ever setup VTP on a 3550 but I did a quick
look over some things on my switches and it looks like you're going to be
stuck with setting VTP to transparent (disabling it) on the switch if you
have any hope of connecting to NYIIX. Our switch on NYIIX has VTP in
transparent mode as well. Like I said, I could be wrong. I don't have a 3550
to look at. I'd be interested in any solutions there are just out of
curiosity. I've only actually setup VTP on one stack of switches on our
network where it was semi-useful.

By the way, I think "switchport block multicast" only blocks unknown
multicast packets to prevent flooding of a VLAN for which the mac address of
a device has timed out in the arp table or is not in the table at all. Same
with "switchport block unicast" if I remember correctly (but for unicast
traffic).

At 06:01 PM 9/1/2005, Bob Tinkelman wrote:
>I have a WS-C3550-12G running c3550-i5k2l2q3-mz.121-20.EA1.bin.
>(Yes, I know; that's a bit stale, but the switch has been up and 
>running for over 16 months.)
>
>We are trying to connect one of its ports to a peering switch.
>The engineer managing the peering switch has complained to us that our 
>switch is emitting vtp multicasts.
>
>An example is included at the end of this email.
>
>We want to continue running vtp on this router but, to comply with this 
>request, would like to surpress any vtp multicasts on this particular 
>port.
>
>I reached the point where I was just changing various config options 
>(not quite at random) hoping to find one that would make a difference.  
>At the moment, the config looks like this:
>
>   | switch1.nycmnycz#sho run int g0/1
>   | Building configuration...
>   |
>   | Current configuration : 265 bytes
>   | !
>   | interface GigabitEthernet0/1
>   |  description nyiix
>   |  switchport access vlan 101
>   |  switchport mode access
>   |  switchport block multicast
>   |  no cdp enable
>   |  spanning-tree portfast
>   |  spanning-tree bpdufilter enable
>   |  spanning-tree bpduguard enable
>   |  spanning-tree guard none
>   | end
>
>
>Any suggestions or pointers to appropriate documentation would be much 
>appreciated.
>--
>Bob Tinkelman <bob at tink.com>
>ISPnet, Inc.    718.464.4747
>
>
>
>=========problem-packet================================================
>=====
>
>SW-NYIIX2#RX-JC-FORMAT filter[1] 181-23:01:34 (03241800)
>00: 2cac 0f8f 5010 0001-0000 0000 f773 000c  FID     = 2cac
>10: 0100 0ccc cccc 0009-442f 6581 0060 aaaa  Offset  = 10
>20: 0300 000c 0111 2101-114a 0001 000f 4348  VLAN    = 1(0001)
>30: 4b30 3631 3856 3053-4e00 0200 0947 6930  CAM     = 0(00000,00000*2)
>Pri CPU MON PriTag MVID PType US BRD DAV SAV DPV SV ER TXA SAS Tag SRC Size
>0   0   0   0      0    f     0  1   0   1   0   0  0  0   0   0   1/1
110
>
>=========problem-packet================================================
>===== _______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net 
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/


Vinny Abello
Network Engineer
Server Management
vinny at tellurian.com
(973)300-9211 x 125
(973)940-6125 (Direct)
PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0  E935 5325 FBCB 0100 977A

Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com (888)TELLURIAN

"Courage is resistance to fear, mastery of fear - not absence of fear" --
Mark Twain

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list