Untitled document

CCIE Routing & Switching v5 Workbook -

CCIE R&S v5 Advanced Technology Labs -

LAN Switching

VTP Domain

A Note On Section Initial Configuration Files: You must load the

initial configuration files for the section, named Basic Layer2

Switching, which can be found in

CCIE R&S v5 Topology Diagrams

& Initial Configurations

. Reference the Virtual Routers & Physical

Switches Diagram to complete this task.

Task

Configure all inter-switch links on SW2, SW3, and SW4 to be in dynamic auto state.

Configure all inter-switch links on SW1 to be in dynamic desirable state.

Configure SW2 as a VTP server in the domain named CCIE.

Configure SW1, SW3, and SW4 as VTP clients in the domain CCIE.

Authenticate VTP messages using the string of VTPPASS.

Configure VLANs 5, 7, 8, 9, 10, 22, 43, 58, 67, 79, and 146 on SW2.

For verification, ensure that SW1, SW3, and SW4 learn about these new VLANs

through VTP.

Configuration

SW1:

vtp domain CCIE

vtp mode client

vtp password VTPPASS

!

interface range FastEthernet0/19 - 24

switchport mode dynamic desirable

SW2:

vtp domain CCIE

vtp password VTPPASS

vlan 5,7,8,9,10,22,43,58,67,79,146

!

interface range FastEthernet0/19 - 24

switchport mode dynamic auto

SW3:

vtp domain CCIE

vtp mode client

vtp password VTPPASS

!

interface range FastEthernet0/19 - 24

switchport mode dynamic auto

SW4:

vtp domain CCIE

vtp mode client

vtp password VTPPASS

!

interface range FastEthernet0/19 - 24

switchport mode dynamic auto

Verification

VLAN Trunking Protocol (VTP) can be used in the Ethernet domain to simplify the

creation and management of VLANs, but it does not dictate the traffic flow of VLANs

or the actual port assignments to VLANs. The first step in running VTP is to ensure

that the switches are trunking with each other (it can be ISL or 802.1q; VTP runs

over both). Next, the VTP domain name is configured, and all other switches without

domain names configured will dynamically learn the domain name. VTP password is

optional but it cannot be learned through VTP because it is not sent in VTP

messages; an MD5 hash is sent instead, so it must be manually configured on all

devices. Finally, the VLAN definitions are created on the VTP server.

To verify this configuration, compare the output of the

show vtp status

command on

all devices in the domain. If the domain name, the number of existing VLANs, and

the Configuration Revision Number match, the domain is converged. If

authentication is configured, the MD5 digest field should be compared as well.

SW1#show vtp status

VTP Version capable

: 1 to 3

VTP version running

: 1VTP Domain Name: CCIE

VTP Pruning Mode

: Disabled

VTP Traps Generation

: Disabled

Device ID

: 000a.b832.3580

Configuration last modified by 0.0.0.0 at 3-1-93 02:36:18

Feature VLAN:

--------------VTP Operating Mode

:Client

Maximum VLANs supported locally

: 1005Number of existing VLANs: 16

Configuration Revision

: 1

MD5 digest

: 0xD2 0x47 0xDC 0xAD 0x66 0xEE 0x31 0x42

0xEF 0x6E 0x13 0x4B 0xD4 0x1C 0x37 0x65

!

!SW2#show vtp status

VTP Version capable

: 1 to 3

VTP version running

: 1VTP Domain Name: CCIE

VTP Pruning Mode

: Disabled

VTP Traps Generation

: Disabled

Device ID

: 001c.576d.4a00

Configuration last modified by 0.0.0.0 at 3-1-93 02:36:18

Local updater ID is 0.0.0.0 (no valid interface found)

Feature VLAN:

--------------VTP Operating Mode

:Server

Maximum VLANs supported locally

: 1005Number of existing VLANs: 16

Configuration Revision

: 1

MD5 digest

: 0xD2 0x47 0xDC 0xAD 0x66 0xEE 0x31 0x42

0xEF 0x6E 0x13 0x4B 0xD4 0x1C 0x37 0x65

!

!SW3#show vtp status

VTP Version capable

: 1 to 3

VTP version running

: 1VTP Domain Name: CCIE

VTP Pruning Mode

: Disabled

VTP Traps Generation

: Disabled

Device ID

: 001d.45cc.0580

Configuration last modified by 0.0.0.0 at 3-1-93 02:36:18

Feature VLAN:

--------------VTP Operating Mode

:Client

Maximum VLANs supported locally

: 1005Number of existing VLANs: 16

Configuration Revision

: 1

MD5 digest

: 0xD2 0x47 0xDC 0xAD 0x66 0xEE 0x31 0x42

0xEF 0x6E 0x13 0x4B 0xD4 0x1C 0x37 0x65

!

!SW4#show vtp status

VTP Version capable

: 1 to 3

VTP version running

: 1VTP Domain Name: CCIE

VTP Pruning Mode

: Disabled

VTP Traps Generation

: Disabled

Device ID

: 001c.576d.3d00

Configuration last modified by 0.0.0.0 at 3-1-93 02:36:18

Feature VLAN:

--------------VTP Operating Mode

:Client

Maximum VLANs supported locally

: 1005Number of existing VLANs: 16

Configuration Revision

: 1

MD5 digest: 0xD2 0x47 0xDC 0xAD 0x66 0xEE 0x31 0x42

0xEF 0x6E 0x13 0x4B 0xD4 0x1C 0x37 0x65

The output of

show vtp status

confirms that the VTP password has been correctly

configured on all switches, because the same MD5 digest has been computed on all

devices, but the password can be verified separately.

SW1#show vtp password

VTP Password:VTPPASS

!

!SW2#show vtp password

VTP Password:VTPPASS

!

!SW3#show vtp password

VTP Password:VTPPASS

!

!SW4#show vtp password

VTP Password:VTPPASS

The commands

show vlan

and

show vlan brief

can also be compared to ensure

that the VLAN numbers and names properly propagated throughout the VTP

domain.

SW1#show vlan brief

VLAN NameStatus Ports

---- -------------------------------- --------- -------------------------------

1defaultactive Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Gi0/1, Gi0/25 VLAN0005

active7

VLAN0007

active8

VLAN0008

active9

VLAN0009

active10

VLAN0010

active22

VLAN0022

active43

VLAN0043

active58

VLAN0058

active67

VLAN0067

active79

VLAN0079

1002 fddi-default

act/unsup

1003 token-ring-default

act/unsup

1004 fddinet-default

act/unsup

1005 trnet-default

act/unsup

!

!SW2#show vlan brief

VLAN NameStatus Ports

---- -------------------------------- --------- -------------------------------

1defaultactive Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Gi0/1, Gi0/25 VLAN0005

active7

VLAN0007

active8

VLAN0008

active9

VLAN0009

active10

VLAN0010

active22

VLAN0022

active43

VLAN0043

active58

VLAN0058

active67

VLAN0067

active79

VLAN0079

active

146 VLAN0146active

1002 fddi-default

act/unsup

1003 token-ring-default

act/unsup

1004 fddinet-default

act/unsup

1005 trnet-default

act/unsup

!

!SW3#show vlan brief

VLAN NameStatus Ports

---- -------------------------------- --------- -------------------------------

1defaultactive Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/21, Fa0/22

Fa0/23, Fa0/24, Gi0/1, Gi0/25 VLAN0005

active7

VLAN0007

active8

VLAN0008

active9

VLAN0009

active10

VLAN0010

active22

VLAN0022

active43

VLAN0043

active58

VLAN0058

1002 fddi-default

act/unsup

1003 token-ring-default

act/unsup

1004 fddinet-default

act/unsup

1005 trnet-default

act/unsup

!

!SW4#show vlan brief

VLAN NameStatus Ports

---- -------------------------------- --------- -------------------------------

1defaultactive Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/23, Fa0/24, Gi0/1, Gi0/25 VLAN0005

active7

VLAN0007

active8

VLAN0008

active9

VLAN0009

active10

VLAN0010

active22

VLAN0022

active43

VLAN0043

active58

VLAN0058

active67

VLAN0067

active79

VLAN0079

active

1002 fddi-default

act/unsup

1003 token-ring-default

act/unsup

1004 fddinet-default

act/unsup

1005 trnet-default

act/unsup