{"id":72,"date":"2014-06-23T11:32:12","date_gmt":"2014-06-23T11:32:12","guid":{"rendered":"http:\/\/feralpacket.org\/?p=72"},"modified":"2015-01-03T11:19:22","modified_gmt":"2015-01-03T11:19:22","slug":"v5-written-and-lab-trunk-and-vtp-notes","status":"publish","type":"post","link":"https:\/\/feralpacket.org\/?p=72","title":{"rendered":"v5 Written and Lab: Trunk and VTP Notes"},"content":{"rendered":"

v5 Written:
\n2.1.d Implement and troubleshoot trunking
\n2.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning
\n2.1.d [ii] dot1Q
\n2.1.d [iii] Native VLAN
\n2.1.d [iv] Manual pruning<\/code><\/p>\n

v5 Lab:
\n1.1.d Implement and troubleshoot trunking
\n1.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning
\n1.1.d [ii] dot1Q
\n1.1.d [iii] Native VLAN
\n1.1.d [iv] Manual pruning<\/p>\n

Documentation:<\/p>\n

Catalyst 3750-X and 3560-X Software Configuration Guide, Release 15.0(1)SE,
\nChapter 15: Configuring VLANs, pgs. 15-14 to 15-32<\/p>\n

Catalyst 3750-X and 3560-X Software Configuration Guide, Release 15.0(1)SE,
\nChapter 16: Configuring VTP, pgs. 16-1 to 16-18<\/p>\n

Books:<\/p>\n

Cisco LAN Switching; Chapter 8: Trunking Technologies and Applications, pgs. 291 – 331<\/p>\n

CCIE Routing and Switching Exam Certification Guide 4th Ed; Chapter 2 Virtual LANs and VLAN Trunking, pgs. 42 – 62<\/p>\n

INE:<\/p>\n

A trunk is a point-to-point link between one or more Ethernet switch interfaces and another network device such as a router or switch.<\/p>\n

Trunkinng encapsulations:
\n– Inter-Switch Link (ISL) – Ciscro proprietary
\n– IEEE 802.1Q – industry standard<\/p>\n

Trunk negotiation is managed by the Dynamic Trunking Protocol (DTP)
\n– some network devices might forward DTP frames improperly, which could cause some misconfigurations
\n– for interfaces connected to devices that do not support DTP, disable DTP<\/p>\n

If you do not intend to trunk across a link, use:
\n– switchport mode access<\/p>\n

To enable trunking to a device that does not support DTP, use:
\n– switchport trunk encapsulation {isl|dot1q}
\n– switchport mode trunk
\n– switchport nonegotiate<\/p>\n

DTP is not supported on private-LAN ports or tunnel por
\nts<\/p>\n

Layer 2 interface modes:
\n– switchport mode access
\n– switchport mode dynamic auto
\n– switchport mode dynamic desirable
\n– switchport mode trunk
\n– switchport nonegotiate
\n– switchport mode dot1q-tunnel<\/p>\n

switchport mode access
\n– puts the interface into permanet non-trunking mode
\n– access port<\/p>\n

switchport mode dynamic auto
\n– makes the interface able to convert the linkg to a trunk link
\n– neighboring interface must be set to:
\n– trunk mode
\n– desirable mode<\/p>\n

switchport mode dynamic desirable
\n– makes the interface actively attempt to convert the link to a trunk link
\n– neighboring interface must be set to:
\n– trunk mode
\n– desirable mode
\n– auto mode<\/p>\n

switchport mode trunk
\n– puts the interface into permanent trunking mode
\n– negotiates to convert the neighboring interface into a trunk link<\/p>\n

switchport nonegotiate
\n– prevents the interface from generating DTP frames<\/p>\n

switchport mode dot1q-tunnel
\n– configures the interface as a tunnel (nontrunking) port to connect to an asymmetric link with an IEEE 802.1Q trunk port<\/p>\n

Ethernet trunk encapsulation types:
\n– switchport trunk encapsulation isl
\n– switchport trunk encapsulation dot1q
\n– switchport trunk encapsulation negotiate<\/p>\n

switchport trunk encapsulation negotiate
\n– the interface negotiates with the neighboring interface to become:
\n– ISL (preferred)
\n– dot1q<\/p>\n

The switch does not support Layer 3 trunks<\/p>\n

802.1Q trunks
\n– Cisco switches maintain one STP instance for each VLAN
\n– non-Cisco devices may support one STP instance for all VLANs<\/p>\n

If the Native VLAN for one end of a trunk link is different from the Native VLAN on the other end, spanning-tree loops might result<\/p>\n

Disabling STP on the Native VLAN can potentially cause spanning-tree loops<\/p>\n

By default, an interface on a switch is in Layer 2 mode<\/p>\n

Default Layer 2 Ethernet Interface VLAN Configuration:
\n– switchport mode dynamic auto
\n– switchport trunk encapsulation negotiate
\n– Allowed VLANs: 1 – 4094
\n– VLANs eligible for pruning: 2 – 1001
\n– Default VLAN (access ports): 1
\n– Native VLAN (for dot1q trunks): 1<\/p>\n

To use VTP, at least one trunk port is configured on the switch has to be connected to a trunk port on a second switch<\/p>\n

Trunk ports:
\n– cannot be a secure port
\n– cannot be a tunnel port
\n– for EtherChannel port groups, all interfaces must have the same configuration
\n– recommended that no more than 24 trunk ports in PVST mode
\n– recommended that no more than 40 trunk ports in MST mode
\n– switchport access vlan – specifies a default VLAN to be used if the interface stops trunking
\n– for 8021q, can received tagged and untagged (native VLAN) traffic<\/p>\n

conf t
\nint fa0\/1
\nswitchport trunk encapsulation {ils|dot1q|negotiate}
\nswitchport mode {dynamic {auto|desirable} | trunk}
\nswitchport access vlan<\/p>\n

show int fa0\/1 switchport
\nshow int fa0\/1 trunk
\nshow int trunk<\/p>\n

By default, a trunk port sends traffic to and receives traffic from all VLANs, 1 – 4094
\n– to restrict the traffic a trunk carries:
\n– switchport trunk allowed vlan remove<\/p>\n

conf t
\nint fa0\/1
\nswitchport trunk allowed vlan remove 2<\/p>\n

Cisco use to have a requirement that VLAN 1 always be enabled on every trunk link<\/p>\n

To reduce the risk of spanning-tree loops or storms, you can disable VLAN 1 on any individual trunk port by removing VLAN 1 from the allowed list
\n– the interface continues to send and receive management traffic
\n– CDP
\n– PAgP
\n– LACP
\n– DTP
\n– VTP<\/p>\n

The pruning-eligible list applies only to trunk ports
\n– each trunk port has its own eligibility list
\n– VTP pruning must be enabled for this to take effect
\n– VLANs that are pruning-ineligible receive flooded traffic
\n– the default VLANs allowed to be pruned are 2 – 1001<\/p>\n

conf t
\nint fa0\/1
\nswitchport trunk pruning vlan remove 2<\/p>\n

Native VLAN
\n– untagged traffic
\n– default VLAN 1
\n– the switch forwards all untagged traffic to the native VLAN
\n– can be assigned any VLAN ID<\/p>\n

conf t
\nint fa0\/1
\nswitchport trunk native vlan 2<\/p>\n

show int fa0\/1 switchport<\/p>\n

Load sharing divides the bandwidth between parallel trunks connecting switches
\n– use STP port priorities
\n– for links connected to the same switch
\n– use STP path costs
\n– for linkgs connected to the same switch or two different switches<\/p>\n

conf t
\nint fa0\/1
\nspanning-tree vlan 8-10 port-priority 16
\nint fa0\/2
\nspanning-tree vlan 3-6 port-priority 16<\/p>\n

conf t
\nint fa0\/1
\nspanning-tree vlan 2-4 cost 30
\nint fa0\/2
\nspanning-tree vlan 8-9 cost 30<\/p>\n

VLAN Trunking Protocol (VTP)
\n– Layer 2 protocol
\n– maintains VLAN configuration consistency by managing the addition, deletion, and renaming of VLANs on a network-wide basis
\n– default version is 1<\/p>\n

Cisco IOS 12.2(52)SE and later support VTPv3<\/p>\n

A VTP domain consists of one switch or several interconnected switches or switch stacks under the same administrative responsibility sharing the same VTP domain name<\/p>\n

By default, a switch is in the VTP no-management-domain state
\n– no VTP domain name is configured<\/p>\n

If a switch receives a VTP advertisement over a trunk line, it inherits the management domain name and the VTP configuration revision number<\/p>\n

Before adding a VTP client to a VTP domain, ALWAYS verify that its VTP configuration number is lower than the configuration revision number of the other switches in the VTP domain
\n– if you add a switch that has a higher revision numbeer, it can erase all VLAN information from the VTP server and VTP domain<\/p>\n

VTP modes:
\n– VTP server
\n– VTP client
\n– VTP transparent
\n– VTP off<\/p>\n

VTP server
\n– can create modify, and delete VLANS
\n– specify configuration parameters for the entire VTP domain
\n– advertise and synchronize VLAN configuration
\n– default mode for switches
\n– VLAN configuration is saved in NVRAM
\n– in version 1 and 2, cannot create private VLANs<\/p>\n

If a switch detects a failure while writing to NVRAM, the VTP mode automatically changes to client mode<\/p>\n

VTP client
\n– transmits and receives VTP updates on trunk links
\n– cannot create, modify, or delete VLANs
\n– in version 1 or 2, the VLAN configuration is not saved in NVRAM
\n– in version 3, the VLAN configuration is saved in NVRAM<\/p>\n

VTP transparent
\n– does not participate in VTP
\n– does not advertise VLAN configuration
\n– does not synchronize VLAN configuration based on received advertisements
\n– in version 2 and 3, VTP advertisements are forwarded through trunk links
\n– can create, modify, delete VLANs
\n– can create private VLANs
\n– VTP and VLAN configurations are saved to NVRAM and running-config<\/p>\n

VTP off
\n– functions in the same manner as a VTP transparent switch
\n– does not forward VTP advertisements on trunk links<\/p>\n

VTP adversitements
\n– sent periodically from each trunk line
\n– sent to a reserved multicast address<\/p>\n

VTP advertisements distribute the following information
\n– VTP domain name
\n– VTP configuration revision number
\n– update identity and update timestamp
\n– MD5 digest of VLAN configuration
\n– MTU for each VLAN
\n– Frame format
\n– VLAN IDs
\n– VLAN names
\n– VLAN types
\n– VLAN states
\n– additional VLAN configuration information
\n– in version 3, primary server ID, instance number, start index<\/p>\n

VTP version 2 features not in version 1:
\n– Token Ring support
\n– Unrecognized Type-Length-Value (TLV) support
\n– Version-Dependent Transparent Mode
\n– Consistency Checks<\/p>\n

VTP version 3 features not in version 1 or 2:
\n– enhanced authentication
\n– support for extended range VLAN (1006 – 4094) database propagation
\n– VTP pruning still applies only to VLANs 1 – 1005
\n– VLANs 1002 – 1005 are still reserved and cannot be modified
\n– support for private VLANs
\n– can propagate Multiple Spanning Tree (MST) protocol database information
\n– VTP primary server and VTP secondary servers
\n– in version 3 by default, all devices are secondary servers
\n– turn VTP on or off on a per-trunk<\/p>\n

VTP pruning increases the available network bandwidth by restricting flooded traffic
\n– disabled by default
\n– blocked unneeded flooded traffic to VLANs on trunk ports
\n– only VLANs included in the pruning-eligible list can be pruned, 2 – 1001 by default
\n– VLANs 1002 – 1005 and extended-range VLANs are pruning-ineligible
\n– if a VLAN is configured as pruning-ineligible, flooded traffic continues
\n– supported in all VTP versions<\/p>\n

Enabling VTP pruning on a VTP server enables pruning for the entire management domain<\/p>\n

VTP pruning is not designed to function in VTP transparent mode<\/p>\n

Default VTP configuration:
\n– VTP domain name: null
\n– VTP mode: server
\n– VTP version: 1
\n– MST database mode: transparent
\n– VTP version 3 server type: secondary
\n– VTP password: none
\n– VTP pruning: disabled<\/p>\n

conf t
\nvtp domain
\nvtp mode { client | server | transparent | off } { vlan | mst | unkown }
\nvtp password<\/p>\n

show vtp status<\/p>\n

conf t
\nvtp password [ hidden | secret ]
\nvtp primary-server [ vlan | mst | force ]
\nvtp version { 1 | 2 | 3 }
\nvtp pruning<\/p>\n

show vtp password
\nshow vtp status
\nshow vtp counters
\nshow vtp devices [ conflict ]
\nshot vtp interface fa0\/1<\/p>\n

When the VTP primary server is configured, it starts a takeover operation<\/p>\n

When you enable VTP version on a switch, every VTP version 2 capable switch in the VTP domain enables version 2
\n– VTP version 3 must be manually configured on each switch
\n– VTP version 1 and VTP version 2 are not interoperable in the same VTP domain<\/p>\n

Configuring VTP version 3 on a per-port basis:<\/p>\n

conf t
\nint fa0\/1
\nvtp<\/p>\n

show vtp status<\/p>\n

To reset the configuration revision number, change the VTP domain name to something else and then change it back to the original VTP domain name<\/p>\n","protected":false},"excerpt":{"rendered":"

v5 Written: 2.1.d Implement and troubleshoot trunking 2.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning 2.1.d [ii] dot1Q 2.1.d [iii] Native VLAN 2.1.d [iv] Manual pruning v5 Lab: 1.1.d Implement and troubleshoot trunking 1.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning 1.1.d [ii] dot1Q 1.1.d [iii] Native VLAN 1.1.d [iv] Manual pruning Documentation: Catalyst 3750-X and 3560-X […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[30,11,17,18],"class_list":["post-72","post","type-post","status-publish","format-standard","hentry","category-ccie","tag-ccie","tag-route-switch","tag-trunk","tag-vtp"],"_links":{"self":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/72","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=72"}],"version-history":[{"count":2,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/72\/revisions"}],"predecessor-version":[{"id":230,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/72\/revisions\/230"}],"wp:attachment":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=72"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=72"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=72"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}