[c-nsp] VTP war stories (was Re: EoMPLS or VPLS loop prevention/storm control)
Paul Wozney
paul at wozney.ca
Wed Feb 9 17:28:16 EST 2011
I've seen VTP fail spectacularly.
A customer was using it on about 30 switches distributed to about 10-15
wiring closets. They had a temp student come in who wanted to learn about
networking, so the student copied the core switch configuration and deployed
it on a lab switch. The student decided to wipe the VLANs from this lab
switch and start from scratch.
When the lab switch was connected to the production network, its VTP
instance had the correct VTP password (as it was copied from the core
switch), but it had none of the VLANs required for the correct operation of
the network, and of course it had the higher revision number.
It was an innocent mistake, but it ended up to be a very bad day for
everyone involved and we've never used VTP for any other customer since that
day.
---
Paul Wozney
Network Consultant
phone: +1 604-629-9975
toll free: +1 866-748-0516
email: paul at wozney.ca
web: http://wozney.ca
On Wed, Feb 9, 2011 at 14:10, Martin Barry <marty at supine.com> wrote:
> $quoted_author = "Nick Hilliard" ;
> >
> > Also, don't use VTP unless you like living dangerously.
>
> Nick, that sounds like you have a good war story or three. Care to share?
>
> Can't say I've blown anything up with VTP ... yet. :-)
>
> cheers
> Marty
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list