Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 759
  • Last Modified:

VTP Across Redundant WAN Links?

Hi all,

I have a VTP domain implemented and functional at our company HQ.  We have a small satellite office that is connected by two WAN links.  First, there is a 45 Mbps MPLS/VPN connection over the internet as the primary method of communication.  Then there is a 9 Mbps Multilink Point to Point connection as a backup method of communication via a separate provider.

Up until now, there has been no need for VLANs at the satellite office but I have been tasked with not only extending VTP to the satellite office, but ensuring that there will be functionality regardless of which link is being used.

This is something I've never done before so I was hoping someone here could lead me in the right direction.  I've read various documents but I was afraid the redundancy and difference in link types complicates things.

Thanks in advance for any input that you can provide!
0
Z-P-M
Asked:
Z-P-M
  • 5
  • 4
2 Solutions
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
If the MPLS/WAN is a routed connection (different subnets at each site) then you cant run VTP since it is a l2-protocol. Your solution then is to ask the WAN-provider to un multiple vrf:s. However, if the MPLS/WAN is a l2-connection (they can be!) then you need to make sure that the wan-provider transits untagged packets aswell as this is required to make VTP work.

/Kvistofta
0
 
Z-P-MAuthor Commented:
Ah, makes sense.  Any advice on the point-to-point link?
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
What do you mean? I dont understand your question...

/Kvistofta
0
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

 
Z-P-MAuthor Commented:
I have contacted the ISP regarding the VTP communication over the MPLS link.  But what about the point-to-point link where I control the router on each end?  What can I do over that connection to enable VTP communication over that link?
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
Is the p2p-link layer2? I guess not, because it is usually not (even if it can be!). That is, do you have the same IP subnet at both sides of the link? The fact that you say "routes" indicates that it is a routed l3-connection and then there is no way for you to run VTP.

/Kvistofta
0
 
Z-P-MAuthor Commented:
Oh, okay.  I heard there was a way to do it by creating sub-interfaces on the routers and a bridge group, but I just don't quite understand all the specifics.
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
Yes, but that requires you to re-do your entire network topology since you will build a l2-link to connect the sites. It is both ugly and tricky. Another way to do it is to tunnel everything over l2tpv3 but it is also quite tricky and most of the times its easier to rebuild the link to a l2-connection provided by a mpls-carrier.

If it is only for VTP, that is to make it easier for you to create vlans in many switches I would recommend a management tool (like Kiwi Cat Tools) that can provision configuration changes for you.

/Kvistofta
0
 
Z-P-MAuthor Commented:
Awesome, thanks for all of the information!
0
 
Z-P-MAuthor Commented:
This answered my questions regarding VTP.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now