Quản trị mạng - Chapter 4: Vtp

1Chapter 4: VTP CCNA Exploration 4.0 Học viện mạng Bach Khoa - Website: www.bkacad.com 2 Overview • Học viện mạng Bach Khoa - Website: www.bkacad.com 3 VTP Concepts Học viện mạng Bach Khoa - Website: www.bkacad.com 4 The VLAN Management Challenge Học viện mạng Bach Khoa - Website: www.bkacad.com 5 VTP • VTP allows a network manager to makes changes on a switch that is configured as a VTP server. • Basically, the VTP server distributes and synchronizes VLAN information to VTP-enabled switches throughout the switched network, which minimizes the problems caused by incorrect configurations and configuration inconsistencies. • VTP stores VLAN configurations in the VLAN database called vlan.dat. Học viện mạng Bach Khoa - Website: www.bkacad.com 6 VTP • VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of VLANs on a network-wide basis. • VTP minimizes misconfigurations and configuration inconsistencies that can cause several problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. • (www.cisco.com) VLAN Trunk Protocol (VTP) reduces administration in a switched network. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. VTP is a Cisco-proprietary protocol that is available on most of the Cisco Catalyst series products. Học viện mạng Bach Khoa - Website: www.bkacad.com 7 VTP Học viện mạng Bach Khoa - Website: www.bkacad.com 8 Benefits of VTP Học viện mạng Bach Khoa - Website: www.bkacad.com 9 VTP Domain • VTP Domain -Consists of one or more interconnected switches. • All switches in a domain share VLAN configuration details using VTP advertisements. • A router or Layer 3 switch defines the boundary of each domain. Học viện mạng Bach Khoa - Website: www.bkacad.com 10 VTP mode Học viện mạng Bach Khoa - Website: www.bkacad.com 11 VTP mode • VTP Server-VTP servers advertise the VTP domain VLAN information to other VTP-enabled switches in the same VTP domain. – VTP servers store the VLAN information for the entire domain in NVRAM. – The server is where VLAN can created, deleted, or renamed for the domain. • VTP Client-VTP clients function the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client. – A VTP client only stores the VLAN information for the entire domain while the switch is on. – A switch reset deletes the VLAN information. – You must configure VTP client mode on a switch. • VTP Transparent-Transparent switches forward VTP advertisements to VTP clients and VTP servers. – Transparent switches do not participate in VTP. – VLANs that are created, renamed, or deleted on transparent switches are local to that switch only. Học viện mạng Bach Khoa - Website: www.bkacad.com 12 Extra: VTP mode • Server—In VTP server mode, you can create, modify, and delete VLANs and specify other configuration parameters, such as VTP version and VTP pruning, for the entire VTP domain. VTP servers advertise their VLAN configuration to other switches in the same VTP domain and synchronize their VLAN configuration with other switches based on advertisements received over trunk links. VTP server is the default mode. • Client—VTP clients behave the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client. • Transparent—VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements, but transparent switches do forward VTP advertisements that they receive out their trunk ports in VTP Version 2. • Off (configurable only in CatOS switches)—In the three described modes, VTP advertisements are received and transmitted as soon as the switch enters the management domain state. In the VTP off mode, switches behave the same as in VTP transparent mode with the exception that VTP advertisements are not forwarded. Extra: VTP mode Học viện mạng Bach Khoa - Website: www.bkacad.com 13 Học viện mạng Bach Khoa - Website: www.bkacad.com 14 VTP pruning Học viện mạng Bach Khoa - Website: www.bkacad.com 15 VTP advertisement • VTP Advertisements -VTP uses a hierarchy of advertisements to distribute and synchronize VLAN configurations across the network. Học viện mạng Bach Khoa - Website: www.bkacad.com 16 Test your knowledge Học viện mạng Bach Khoa - Website: www.bkacad.com 17 VTP Operation Học viện mạng Bach Khoa - Website: www.bkacad.com 18 Default VTP configuration Default VTP configuration Học viện mạng Bach Khoa - Website: www.bkacad.com 19 Học viện mạng Bach Khoa - Website: www.bkacad.com 20 Default VTP configuration • VTP Version -Displays the VTP version the switch is capable of running. By default, the switch implements version 1, but can be set to version 2. • Configuration Revision -Current configuration revision number on this switch. You will learn more about revisions numbers in this chapter. • Maximum VLANs Supported Locally -Maximum number of VLANs supported locally. • Number of Existing VLANs -Number of existing VLANs. • VTP Operating Mode -Can be server, client, or transparent. Học viện mạng Bach Khoa - Website: www.bkacad.com 21 Default VTP configuration • VTP Domain Name -Name that identifies the administrative domain for the switch. • VTP Pruning Mode -Displays whether pruning is enabled or disabled. • VTP V2 Mode -Displays if VTP version 2 mode is enabled. VTP version 2 is disabled by default. • VTP Traps Generation -If you enable this feature, it causes an SNMP message to be generated every time a new VTP message is sent. • MD5 Digest -A 16-byte checksum of the VTP configuration. – (The VTP password that you configure is translated by algorithm into a 16-byte word (MD5 value) that is carried in all summary-advertisement VTP packets) • Configuration Last Modified -Date and time of the last configuration modification. Displays the IP address of the switch that caused the configuration change to the database. Default hash value Học viện mạng Bach Khoa - Website: www.bkacad.com 22 VTP Domains • VTP allows you to separate your network into smaller management domains to help reduce VLAN management. • An additional benefit of configuring VTP domains is that it limits the extent to which configuration changes are propagated in the network if an error occurs. Học viện mạng Bach Khoa - Website: www.bkacad.com 23 VTP Domain Name Propogation Học viện mạng Bach Khoa - Website: www.bkacad.com 24 VTP Frame Structure • VTP message types: 1. Summary advertisements 2. Subset advertisement 3. Advertisement requests 4. VTP join messages Học viện mạng Bach Khoa - Website: www.bkacad.com 25 VTP message content Học viện mạng Bach Khoa - Website: www.bkacad.com 26 VTP Revision Number • The configuration revision number is a 32-bit number that indicates the level of revision for a VTP frame. • The default configuration number for a switch is 0. • Each time: – Add or remove a VLAN, assign or change name of vlan – Change VTP version – Enable or disable prunning the configuration revision number is incremented. • Each VTP device tracks the VTP configuration revision number that is assigned to it. • Note: – A VTP domain name change does not increment the revision number. Instead, it resets the revision number to zero. Học viện mạng Bach Khoa - Website: www.bkacad.com 27 Extra: Reset a Revision Number to Zero – Disable trunking – Change the VTP domain name – Change the new domain name back to the original name – Re-enable trunking. • OR – switch# delete flash:vlan.dat – switch# reload • OR – sw(config)# vtp mode transparent Học viện mạng Bach Khoa - Website: www.bkacad.com 28 VTP Advertisements Học viện mạng Bach Khoa - Website: www.bkacad.com 29 Summary Advertisements or Client Học viện mạng Bach Khoa - Website: www.bkacad.com 30 Summary Advertisements • The VTP version is either 1 or 2. • Code indicates which of the four VTP message types is included—here, 0x01 or type 1. • Followers indicates how many VTP subset advertisement messages (type 2) follow the summary advertisement frame. The value can range from 0 to 255; 0 indicates that no subset advertisements follow. A Catalyst transmits the subset advertisement only if there is a change in the system or as a response to an advertisement request. • MgmtD Len specifies the length of the VTP domain name. • Management Domain Name specifies the VTP domain name. • The Configuration Revision Number field is 32 bytes. • The Updater Identity is the IP address of the last switch that incremented the configuration revision. • Update Timestamps are the date and time of the last increment of the configuration revision. • MD5 Digest consists of a message-digest hash- a function of the VTP password and the VTP header contents (excluding the MD5 Digest field). If the receiving Catalyst hash computation does not match, the packet is discarded Học viện mạng Bach Khoa - Website: www.bkacad.com 31 Subset Advertisements • Code is 0x02 for subset advertisement (type 2). • Seq-Number represents the sequence number of the packet in the stream of subset advertisements following a summary advertisement. The sequence starts with 1. The receiving Catalyst uses this value to ensure that it receives all subset advertisements. If it does not receive all of the subsets, it requests a resend, starting with a specific subset advertisement. Học viện mạng Bach Khoa - Website: www.bkacad.com 32 Subset Advertisements • VLAN-info fields each contain the following information: – The VLANs status (active or suspended) – VLAN-Type (Ethernet, Token Ring, FDDI, or otherwise) – VLAN-Name Len – Length of the VLAN name – ISL VLAN-ID – VLAN number of this named VLAN – MTU size – Maximum frame size supported for this VLAN – 802.10 Index – SAID value used if the frame passed over an FDDI trunk – VLAN-name – The VTP subset advertisement lists this information for each individual VLAN, including default VLANs. Học viện mạng Bach Khoa - Website: www.bkacad.com 33 Request Advertisements • Code is 0x03 for advertisement request (type 3). – The VTP domain name has been changed – The switch receives a summary advertisement with a higher configuration revision number than its own – A subset advertisement message is missed for some reason – The switch has been reset Học viện mạng Bach Khoa - Website: www.bkacad.com 34 Action 4.2.4 Học viện mạng Bach Khoa - Website: www.bkacad.com 35 VTP Modes Overview Học viện mạng Bach Khoa - Website: www.bkacad.com 36 VTP Mode Comparisions • VTP servers: – Create, modify, and delete VLAN and VLAN configuration parameters for the entire domain. – VTP servers save VLAN configuration information in the switch NVRAM. – VTP servers send VTP messages out to all trunk ports. • VTP clients: – Cannot create, modify, or delete VLAN information. – This mode is useful for switches lacking memory to store large tables of VLAN information. – The only role of VTP clients is to process VLAN changes and send VTP messages out all trunk ports. • VTP transparent mode: – Forward VTP advertisements but ignore information contained in the message. – Not modify its database when updates are received – Not send out an update indicating a change in its VLAN status. – Only forwarding VTP advertisements, VTP is disabled on a transparent switch. Học viện mạng Bach Khoa - Website: www.bkacad.com 37 VTP Pruning • VTP pruning prevents unnecessary flooding of broadcast information from one VLAN across all trunks in a VTP domain. • VTP pruning permits switches to negotiate which VLANs are assigned to ports at the other end of a trunk and, hence, prune the VLANs that are not assigned to ports on the remote switch. • Pruning is disabled by default. VTP pruning is enabled using the vtp pruning global configuration command. • You need to enable pruning on only one VTP server switch in the domain. Học viện mạng Bach Khoa - Website: www.bkacad.com 38 VTP Pruning Học viện mạng Bach Khoa - Website: www.bkacad.com 39 VTP Pruning Học viện mạng Bach Khoa - Website: www.bkacad.com 40 VTP Pruning- Activity 4.2.5.4 Học viện mạng Bach Khoa - Website: www.bkacad.com 41 Configure VTP Học viện mạng Bach Khoa - Website: www.bkacad.com 42 VTP Configuration Guidelines Học viện mạng Bach Khoa - Website: www.bkacad.com 43 Topology example Học viện mạng Bach Khoa - Website: www.bkacad.com 44 Confirm Detail Học viện mạng Bach Khoa - Website: www.bkacad.com 45 Configure Domain Name Học viện mạng Bach Khoa - Website: www.bkacad.com 46 Configure Version Học viện mạng Bach Khoa - Website: www.bkacad.com 47 Add Vlans and Trunks Học viện mạng Bach Khoa - Website: www.bkacad.com 48 Enable Vtp Client Mode Học viện mạng Bach Khoa - Website: www.bkacad.com 49 Verify VTP Status Học viện mạng Bach Khoa - Website: www.bkacad.com 50 Confirm VTP Operation Học viện mạng Bach Khoa - Website: www.bkacad.com 51 Configure Access Ports Học viện mạng Bach Khoa - Website: www.bkacad.com 52 Extra: VTP Pruning Học viện mạng Bach Khoa - Website: www.bkacad.com 53 Troubleshooting VTP Connections Học viện mạng Bach Khoa - Website: www.bkacad.com 54 Troubleshooting VTP Connections Học viện mạng Bach Khoa - Website: www.bkacad.com 55 Incompatible VTP Versions- VTP Password Issues Học viện mạng Bach Khoa - Website: www.bkacad.com 56 Incorrect VTP Domain Name Học viện mạng Bach Khoa - Website: www.bkacad.com 57 Switches Set to VTP Client Mode • It is possible to change the operating mode of all switches to VTP client. By doing so, you lose all ability to create, delete, and manage VLANs within your network environment. • Because the VTP client switches do not store the VLAN information in NVRAM, they need to refresh the VLAN information after a reload. Học viện mạng Bach Khoa - Website: www.bkacad.com 58 Incorrect Revision Number Học viện mạng Bach Khoa - Website: www.bkacad.com 59 Incorrect Revision Number Học viện mạng Bach Khoa - Website: www.bkacad.com 60 Managing VLANs on a VTP Server Học viện mạng Bach Khoa - Website: www.bkacad.com 61 Managing VLANs on a VTP Server Học viện mạng Bach Khoa - Website: www.bkacad.com 62 Summary • Configure trunk links • Switch SERVER: – (config)# vtp version {1 |2} – (config)# vtp domain {name} – (config)# vtp password {password} – (config)#vtp mode server Học viện mạng Bach Khoa - Website: www.bkacad.com 63 • Switch CLIENT: – (config)# vtp version {1 |2} – (config)# vtp domain {name} – (config)# vtp password {password} – (config)#vtp mode client Học viện mạng Bach Khoa - Website: www.bkacad.com 64 • SW2#debug sw-vlan vtp events Học viện mạng Bach Khoa - Website: www.bkacad.com 65