[c-nsp] Blocking VTP
Daniel Hooper
dhooper at emerge.net.au
Wed Apr 23 03:46:25 EDT 2008
You can take away the VTP hassle .. change switch manufacturer :)
Foundry gear looks hot these days.
-Dan
> -----Original Message-----
> From: Skeeve Stevens [mailto:skeeve at skeeve.org]
> Sent: Wednesday, 23 April 2008 3:33 PM
> To: 'Gert Doering'; Daniel Hooper
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] Blocking VTP
>
> I can't believe there isn't:
>
> int blah0/0
> vtp block in/out
>
>
>
> ...Skeeve
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Gert Doering
> Sent: Wednesday, 23 April 2008 5:16 PM
> To: Daniel Hooper
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Blocking VTP
>
> Hi,
>
> On Wed, Apr 23, 2008 at 01:55:54PM +0800, Daniel Hooper wrote:
> > ... I
> > really need to start running VTP across our network as we've got far
> to
> > many VLAN's and way to many switches to be logging into to provision
> a
> > new customer or VLAN ...
>
> Don't use VTP.
>
> We run a medium-sized data center with a huge bunch of switches and
> about 300 active VLANs.
>
> With some advance planning ("which trunks need what ranges of VLANs
> pre-configured? which VLANs need to be pre-configured on what
boxes?")
> and documentation ("what needs to be done to set up X"), this is quite
> manageable. Usually, a new VLAN does not need touching more than 3
> boxes,
> and that's way better than a single VTP accident.
>
> Been there, seen the smoking wreck...
>
> gert
>
> --
> USENET is *not* the non-clickable part of WWW!
>
> //www.muc.de/~gert/
> Gert Doering - Munich, Germany
> gert at greenie.muc.de
> fax: +49-89-35655025
> gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list