• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Cisco's VTP: VLAN Trunking Protocol

R

randal

Golden Member
I have seen VTP implemented in a couple places a lot of places with no VTP implemented. I'm looking for people's pros, cons and experiences with it. We're looking at building out a couple floors of a building, and the network design is firing up and we have 2 staunchly opposed groups - those folks who say VTP will make life 1000x easier, and those who say that it is terrible.

Using VTP will make things easier due to centralized management. Don't have to login to a ton of switches and add vlans to the vlan database, no manual vlan configuration anywhere - all of it is done in one place.

The Anti-VTP folks warn about someone plugging in VTP-enabled device with a higher revision number taking down the entire network. I don't see why people would be allowed to plug in a random managed switch (port security, anyone?), but this is apparently a big deal.

I'm hit or miss. I've used both and admittedly, VTP seems to make things a lot easier management wise, but I'm OK without it as long as the documentation is OK. Thoughts?
 
use VTP in the core/server farm area where you probably are trunking from the server farm access switches to the core.

Transpent everywhere else.

In best practices design only the access layer contains contains the VLAN. And then at the distriburtion layer you have your two ports that feed the access layer (this are in the access layer VLAN)

The vlan isn't used anywhere else as best practices call for only a single VLAN (or two if using voice) in a single access closet. Distribution to the core is all done by layer3 ports (no spanning-tree, no trunking allowed).

As far as somebody plugging a VTP switch in server mode (domain would have to be the same as well) is a valid concern - it has happened and will cause you a world of hurt if it does.

But VTP version 3 alleviates this problem.
 
If VTP works for your type of setup, and you won't be using so many VLANs that you don't want populated to all switches.. then I say use it.. Pick you central switches to be the server(s) and absolutely set a password.. You can avoid the problems the skeptics have.

 
You must log in or register to reply here.

TRENDING THREADS

Back
Top