I was very tempted to address this post, but I wanted to see if
others would catch the problem. I think what exists here is
confusion about abilities of a switch versus best recommended
design practices. Any switch that is capable of VTP is capable
of using one of three modes: transparent, server, or client.
Which one you use is driven by your design requirements.
If you do not want dynamic creation of VLANs to occur within a
switching domain, you probably want to use transparent mode on
all switches. If you want an automated method of creating,
modifying, and deleting VLANs, than you need to use either
client or server mode. Unlike the original poster, I will
recommend that you have a "primary server" and a "backup
server." Both are configured as a VTP server, but only the
primary is used unless it is brought down for maintenance, in
which case the secondary is used. All other switches in the
domain should be VTP clients and any switch that joins the
domain should have its configuration revision number set to
zero first before joining the domain (along with a number of
other configuration steps!). As the original poster did
mention, VTP domains are case sesitive. As a convention, I
always stick to lower case characters whenever possible in
networking.
I would also take exception with the design
requirements/capabilities of the VTP server. My recommendation
would be to use one of your two distribution switches as a
primary and use the other as a secondary. I make this
recommendation for several reasons. If your switching domain
has a lot of VLANs, you don't want to overwhelm a CAT 1900 with
this responsibility. Secondly, if you lose the trunk to an
access switch which is your VTP server, you may have
discontinuities in your domain due to the fact that your access
switches are single points of failure(this assumes that you
wrongfully attempt to add VLANs via VTP from another switch).
OTOH, if your disribution switch goes down, your layer 2
connectvity is only briefly interrupted while spanning tree
reconverges. You can easily continue VTP operations on your
secondary server while you troubleshoot, repair, and bring your
primary VTP server back on line.
As far as using VTP versions 1 or 2, you may not have a
choice. If you have legacy switches in your network that do
not use VTP version 2, you will need to revert to VTP version
1. You may want to give this link a checkout to see when you
might want to use VTP version 2 an when you *have* to use
version 2:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_
4_2/config/vlans.pdf
here for the IOS based stuff:
http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_3
5xu/scg/kivlan.pdf
HTH,
Paul Werner
> Subject: RE: VTP Domain, (again)
>
> Incorrect. All switches in a domain can act as servers.
> Where did you get your info?
>
> - -----Original Message-----
> Subject: Re: VTP Domain, (again)
>
>
> Only one switch in a domain can act as the server. All
> others must be clients. The recommendation to set up
> the 'biggest' switch as a server is OK, however, it is
> not really necessary. If it works out, the server
> should be the switch closest to the center of the VTP
> domain. This will usually have the best/most
> connections to the rest of the domain, which will
> provide the best, central administration point. I
> would also recommend that you standardize on all lower
> case or all upper case for the VTP domain name, and
> that you actively set version two assuming that all
> devices in the domain support it.
>
> I will note that I know quite a few administrators who
> have just gone to transparent mode and forgo VTP. This
> seems to be because they've been burned, especially in
> the 3.x version of CatOS, which did have some bugs.
> I'd recommend using it, but make sure you follow the
> rules.
________________________________________________
Get your own "800" number
Voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
