[c-nsp] VTP domain.

Steven.Glogger at swisscom.com Steven.Glogger at swisscom.com
Wed Feb 11 03:31:42 EST 2009


VTP transparent switches DO forward vtp messages (if using version 2). see:
"VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, in VTP version 2, transparent switches do forward VTP advertisements that they receive from other switches from their trunk interfaces. "

dont forget: the VTP domain can be learned if NO domain is given - the switch takes the first domain he sees in a VTP message.

make sure that you put switches in transparent mode if you want to prevent disasters. we all know that the highest revision number in a domain wins. a client can overwrite all other switches (incl. server) if the revision number is highter and if he has the same domain name.... 

vtp is evil as we all know ,-)

to remove the domain name just set another one. 

-steven


ps: your guide for any VTP questions:
http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.2_44_se/configuration/guide/swvtp.html 

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Mark Tinka
Sent: Wednesday, February 11, 2009 12:54 AM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] VTP domain.

On Wednesday 11 February 2009 03:02:41 am Keith wrote:

> The 3550 being replaced has no vtp domain name. Is it possible to 
> remove the vtp domain name without deleting the vlan.dat file? I have 
> looked over the TAC but see nothing really regarding removing a vtp 
> domain name. Lots about adding one, not about removing one.

No clear way to do this, today, without deleting the 'vlan.dat' file. Wish that could be fixed.

But like you and others have said, maintaining VTP Transparent mode will ensure it stays away from VTP.

We used to "manually" clear VTP domain names, but recently found a batch of switches that had them configured. It's too much work to clear that, but we just say "no" to VTP anyway.

Cheers,

Mark.


More information about the cisco-nsp mailing list