[c-nsp] Turning off vtp multicasts

Vinny Abello vinny at tellurian.com
Thu Sep 1 20:44:59 EDT 2005


Ahh, good to know. My switches only support up to v2. If it's 
supported on Bobs platform, it looks like he has to upgrade.

At 08:21 PM 9/1/2005, Robert Crowe wrote:
>VTP version 3 supports the functionality you are looking for.
>
>
>- Rob
>
>-----Original Message-----
>From: cisco-nsp-bounces at puck.nether.net
>[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Vinny Abello
>Sent: Thursday, September 01, 2005 7:59 PM
>To: Bob Tinkelman; cisco-nsp at puck.nether.net
>Subject: Re: [c-nsp] Turning off vtp multicasts
>
>Hi Bob,
>
>          I could be mistaken, but I believe VTP is globally on or off on
>Cisco switches (ones I've used anyway). I've never seen a way to control it
>on a per port basis. I haven't ever setup VTP on a 3550 but I did a quick
>look over some things on my switches and it looks like you're going to be
>stuck with setting VTP to transparent (disabling it) on the switch if you
>have any hope of connecting to NYIIX. Our switch on NYIIX has VTP in
>transparent mode as well. Like I said, I could be wrong. I don't have a 3550
>to look at. I'd be interested in any solutions there are just out of
>curiosity. I've only actually setup VTP on one stack of switches on our
>network where it was semi-useful.
>
>By the way, I think "switchport block multicast" only blocks unknown
>multicast packets to prevent flooding of a VLAN for which the mac address of
>a device has timed out in the arp table or is not in the table at all. Same
>with "switchport block unicast" if I remember correctly (but for unicast
>traffic).
>
>At 06:01 PM 9/1/2005, Bob Tinkelman wrote:
> >I have a WS-C3550-12G running c3550-i5k2l2q3-mz.121-20.EA1.bin.
> >(Yes, I know; that's a bit stale, but the switch has been up and
> >running for over 16 months.)
> >
> >We are trying to connect one of its ports to a peering switch.
> >The engineer managing the peering switch has complained to us that our
> >switch is emitting vtp multicasts.
> >
> >An example is included at the end of this email.
> >
> >We want to continue running vtp on this router but, to comply with this
> >request, would like to surpress any vtp multicasts on this particular
> >port.
> >
> >I reached the point where I was just changing various config options
> >(not quite at random) hoping to find one that would make a difference.
> >At the moment, the config looks like this:
> >
> >   | switch1.nycmnycz#sho run int g0/1
> >   | Building configuration...
> >   |
> >   | Current configuration : 265 bytes
> >   | !
> >   | interface GigabitEthernet0/1
> >   |  description nyiix
> >   |  switchport access vlan 101
> >   |  switchport mode access
> >   |  switchport block multicast
> >   |  no cdp enable
> >   |  spanning-tree portfast
> >   |  spanning-tree bpdufilter enable
> >   |  spanning-tree bpduguard enable
> >   |  spanning-tree guard none
> >   | end
> >
> >
> >Any suggestions or pointers to appropriate documentation would be much
> >appreciated.
> >--
> >Bob Tinkelman <bob at tink.com>
> >ISPnet, Inc.    718.464.4747
> >
> >
> >
> >=========problem-packet================================================
> >=====
> >
> >SW-NYIIX2#RX-JC-FORMAT filter[1] 181-23:01:34 (03241800)
> >00: 2cac 0f8f 5010 0001-0000 0000 f773 000c  FID     = 2cac
> >10: 0100 0ccc cccc 0009-442f 6581 0060 aaaa  Offset  = 10
> >20: 0300 000c 0111 2101-114a 0001 000f 4348  VLAN    = 1(0001)
> >30: 4b30 3631 3856 3053-4e00 0200 0947 6930  CAM     = 0(00000,00000*2)
> >Pri CPU MON PriTag MVID PType US BRD DAV SAV DPV SV ER TXA SAS Tag SRC Size
> >0   0   0   0      0    f     0  1   0   1   0   0  0  0   0   0   1/1
>110
> >
> >=========problem-packet================================================
> >===== _______________________________________________
> >cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >https://puck.nether.net/mailman/listinfo/cisco-nsp
> >archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>Vinny Abello
>Network Engineer
>Server Management
>vinny at tellurian.com
>(973)300-9211 x 125
>(973)940-6125 (Direct)
>PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0  E935 5325 FBCB 0100 977A
>
>Tellurian Networks - The Ultimate Internet Connection
>http://www.tellurian.com (888)TELLURIAN
>
>"Courage is resistance to fear, mastery of fear - not absence of fear" --
>Mark Twain
>
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/


Vinny Abello
Network Engineer
Server Management
vinny at tellurian.com
(973)300-9211 x 125
(973)940-6125 (Direct)
PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0  E935 5325 FBCB 0100 977A

Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com (888)TELLURIAN

"Courage is resistance to fear, mastery of fear - not absence of 
fear" -- Mark Twain



More information about the cisco-nsp mailing list