Layer 2 Protocol Tunneling (GBPT)
If a Service Provider separates sections of your network, you can use Layer 2 protocol tunneling to tunnel CDP, Spanning Tree Protocol (STP), and VLAN Trunking Protocol (VTP) frames across the SP’s cloud. This is called Generic Bridge PDU Tunneling (GBPT). Frames from the above control protocols are encapsulated as they enter the SP’s network on a tunnel port, and de-encapsulated when they exit that network.
Troubleshooting Trunking
Troubleshooting trunking links happens mostly at the physical and datalink layers. Start with the most basic assumptions and work your way “up” the OSI model. It is important to show that physical layer connectivity is present, before moving on to, for instance before trying to troubleshoot IP problems.
- Are both sides of the link in the correct trunking mode?
- Is the same trunk encapsulation on both sides?
- If 802.1Q, is the same native VLAN on both sides?
- Are the same VLANs permitted on both sides?
VLAN Trunking Protocol (VTP)
VTP is a protocol that runs over trunk links and synchronizes the VLAN databases of all switches in the VTP domain. A VTP domain is an administrative group—all switches within that group must have the same VTP domain name configured or they do not synchronize databases.
VTP works by using Configuration Revision numbers and VTP advertisements:
- All switches send out VTP advertisements every five minutes, or when there is a change to the VLAN database (when a VLAN is created, deleted, or renamed).
- VTP advertisements contain a Configuration Revision number. This number is increased by one for every VLAN change.
- When a switch receives a VTP advertisement, it compares the Configuration Revision number against the one in its VLAN database.
- If the new number is higher, the switch overwrites its database with the new VLAN information, and forwards the information to its neighbor switches.
- If the number is the same, the switch ignores the advertisement.
- If the new number is lower, the switch replies with the more up-to-date information contained in its own database.
VTP Switch Roles
A switch can be a VTP:
- Server—The default VTP role. Servers can create, delete, and rename VLANs. They originate both periodic and triggered VTP advertisements and synchronize their databases with other switches in the domain.
- Client—Clients cannot make VLAN changes. They originate periodic VTP advertisements and synchronize their databases with other switches in the domain.
- Transparent—It can create, delete, and rename VLANs, but its VLANs are only local. It does not originate advertisements or synchronize its database with any other switches. It forwards VTP advertisements out its trunk links, however.
VTP Pruning
By default, switches flood broadcasts, multicasts, and unknown unicasts across trunk links. Suppose a host in VLAN 10 on Switch B sends a broadcast. Hosts in VLAN 10 on Switch C need to see that broadcast, but Switch A has no ports in VLAN 10, so it doesn’t need to receive the broadcast traffic.
Enabling VTP pruning causes the switch to keep track of VLAN port assignments in its downstream switches. The switch then sends flooded traffic only on trunks toward switches that have ports assigned to the VLAN originating the traffic. It prunes flooded traffic from all other trunks. VTP pruning increases the available bandwidth by preventing unnecessary traffic on trunk links.
There are two versions of VTP: Version 1 and Version 2. To use Version 2, all switches in the domain must be capable of using it. Configure one server for Version 2, and the information is propagated through VTP.
Version 2 has the following added features:
- It supports Token Ring VLANs.
- Transparent switches pass along messages from both versions of VTP.
- Consistency checks are performed only when changes are configured through the CLI or SNMP.
Configuring VTP
VTP configuration is done at the global config mode. To configure the switch’s VTP mode:
(config)#vtp {server | client |transparent}
To configure the VTP domain name:
(config)#vtp domain name
To configure a VTP password (all switches in the domain must use the same password):
(config)#vtp password password
To configure the switch to use VTP Version 2:
(config)#vtp version 2
To enable pruning:
vtp pruning
To specify which VLANs are to be pruned:
(config-if)#switchport trunk pruning vlan {add | except | none | remove} vlan-list [,vlan[,vlan[,,,]]
Verifying and Monitoring VTP
To get basic information about the VTP configuration, use show vtp status. The example shows the default settings:
Troubleshooting VTPThe following are some common things to check when troubleshooting problems with VTP:
- Make sure you are trunking between the switches. VTP is sent only over trunk links.
- Make sure the domain name matches on both switches (name is case sensitive).
- If the switch is not updating its database, make sure it is not in transparent mode.
- If using passwords, make sure they all match. To remove a password, use no vtp password.
Adding a New Switch to a VTP Domain
Adding a new switch in client mode does not prevent it from propagating its incorrect VLAN information. A server synchronizes to a client if the client has the higher configuration revision number. You must reset the revision number back to 0 on the new switch. The easiest way to do this is to change the domain name. Then change it back to the correct one, and attach the switch to the network.
No comments:
Post a Comment