I've previously run under the assumption that a VTP transparent switch will relay VTP frames as long as it is in the same domain as the VTP frame it receives. If there's a mismatch then the frame is discarded. Well, this is still true, but there's a third scenario that I hadn't ever really considered before: the domain is set to NULL.
Simple set up tonight: 3 switches all in a row. I am using etherchannels simply because of what I said above with getting my fingers back into shape through repetition of config-lets.
Sw1 is my transparent switch, the other two are both servers. I have Sw2 and SW3 set with a VTP domain of "cisco" and Sw1 with a NULL domain:
Sw1(config)#do sh vtp stat
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Transparent
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Sw2(config)#do sh vtp stat
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs : 8
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xA6 0x03 0xA2 0x2E 0xA7 0x99 0x24 0x82
Configuration last modified by 0.0.0.0 at 3-1-93 00:24:06
Local updater ID is 0.0.0.0 (no valid interface found)
Sw3#sh vtp stat
VTP Version : running VTP1 (VTP2 capable)Now we enable debugging on Sw1 so we can see what's happening:
Configuration Revision : 2
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x6D 0x9E 0x49 0xAD 0x7D 0x40 0xCA 0x50
Configuration last modified by 0.0.0.0 at 3-1-93 00:23:00
Local updater ID is 0.0.0.0 (no valid interface found)
Sw1#debug sw-vlan vtp events
vtp events debugging is on
Sw1#debug sw-vlan vtp packet
vtp packets debugging is on
Sw1#
And let's create ourselves a VLAN on Sw2 shall we?
Sw2(config)#vlan 10
Sw2(config-vlan)#name TEN
Sw2(config-vlan)#exit
Sw2(config)#
What do we all think just happened? Well if you're smarter than me you said that Sw3 now has the VLAN. You'd also be right.
Sw3#sh vlan brie | i TEN
10 TEN active
I was, simply put, confused as all hell at this point. I do not have consistent VTP domains in my switches, but yet Sw1 did relay the VTP frame. Proof!
*Mar 1 00:09:19.192: VTP LOG RUNTIME: Relaying packet received on trunk Po12 - in TRANSPARENT MODE (nc = false)Well at least the switch tells me that it's doing something that I don't expect. That makes that part easier. So what gives here? Has my reality just come crashing down?
No my cherished reader, the walls of reality are still holding solid. You see, it would appear that we just found a little caveat to the rule with a VTP transparent switch forwarding frames for other VTP domains. A VTP transparent switch will forward ALL frames for EVERY domain if its own domain is set to NULL.
See, you do learn something new everyday :)
And to just make sure I'm not going totally insane I'll set the domain on Sw1:
Sw1(config)#vtp dom ccie
Changing VTP domain name from NULL to ccie
Sw1(config)#end
Sw1#
*Mar 1 00:10:12.670: %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to ccie.
And create another VLAN on Sw2.:
Sw2(config)#vlan 30
Sw2(config-vlan)#name THIRTY
Sw2(config-vlan)#exit
Watching the debug on Sw1:
*Mar 1 00:10:25.051: VTP LOG RUNTIME: Dropping packet received on trunk Po12 - not in domain cisco
And a final verification on Sw3:
Sw3#sh vlan brie | i THIRTY
Sw3#
No comments:
Post a Comment