[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 565
  • Last Modified:

Configure VLANs on Cisco Switches

Hello all:
I’m trying to figure out how to create 3 VLANs and which VTP mode should I choose for this implementation.
Should I do VTP Pruning or Transparent? Or Server for the Core Switch?

I will accept expert suggestions.
At the end what I’m trying to achieve is to have a smooth VLAN implementation/configuration and a healthy network.

What I have in mind.
Thanks in advance.
0
Katrach0
Asked:
Katrach0
  • 12
  • 9
  • 2
  • +1
2 Solutions
 
Don JohnstonInstructorCommented:
Some people like VTP, others don't.

For your environment (8 switches), I don't see it as a huge benefit... Unless you're adding and deleting VLANs on a constant basis.

I would go with transparent mode and simply create the VLANs on the switches manually. Then remove VLANs from the trunks as needed.

Then again, I'm not a fan of VTP anyway. :-)
0
 
Katrach0System AdminAuthor Commented:
Got you jajajajjajaja So transparent for all switches, including the core....
Which commands would you use for the Core server when it comes to creating the VLANs and also for the rest of the switches?
0
 
Don JohnstonInstructorCommented:
vlan x (where x is the vlan number)
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
Katrach0System AdminAuthor Commented:
How would you configure that, when it comes to the vlan creation? or any other things you would apply?
0
 
fgasimzadeCommented:
I would go with manual vlan creation as well, VTP is good for 20+ switches environments

conf t

vlan x
name vlan_name

where x is Vlan number

vlan_name - description, like Data, Voice, etc

By default all vlans are members of the trunk. If you want to changes this, you can add the following command to the trunk port

conf t
interface fa0/24
switchport trunk allowed vlan add x,y,z

where x,y,z - vlans you want on trunk ports
0
 
Mohammed RahmanCommented:
VTP - All switches by default are configured as VTP servers, unless they are configured as clients or transparent. As the network is not complex and easily manageable, I would also suggest you to avoid VTP.

VTP Server - can add and delete VLANs across same VTP domain and update database.
VTP Client - cannot add and delete VLANs across same VTP domain but it can update database its database if it senses any changes made to VLANs
VTP Transparent - can add and delete VLANs and doesn't update its database.

If you plan to implement VTP (makes tasks little easier) - you can set One switch as Server and remaining as Clients. So that the changes can be made only through server, avoiding administrative problems.

Also, VTP pruning requires all the switches to be in server mode. If you are sure that the environment will be managed by people with good knowledge (you can then take the VTP route)

You might be aware that; VTP gives you a way to preserve bandwidth by configuring it to reduce the amount of broadcasts, multicasts, and unicast packets. VTP pruning enabled switches sends broadcasts only to trunk links that actually must have the information and used on trunk connections to dynamically remove VLANs not active between the two switches.

Since the network is relatively small, I assume there will not be much of unnecessary broadcasts, multicasts, and unicast packets. Would suggest you to use the server/client model. Make core switch the server and all others as clients.

How to create VLANs

Switch#conf t
Switch(config)#VLAN 10
Switch(config-vlan)#name STAFF
Switch(config-vlan)#exit
Switch(config)#VLAN 20
Switch(config-vlan)#name CAMERAS
Switch(config-vlan)#exit
Switch(config)#VLAN 100
Switch(config-vlan)#name LAB
Switch(config-vlan)#exit

Now, you will have to move the switch ports to desired VLANs

Switch(config)#interface fa x/x
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access VLAN X  (X - the Vlan to which you want to assign the port to)

For TRUNKs

In order to make the port trunk, encapsulation must be set.

Switch(config)#interface gi x/x
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#switchport mode trunk

In order to implement VTP, all the switches should have common Domain Name (domain name is case sensitive)

On Core Switch
Switch(config)#vtp domain Katrach0  (anything off your choice)
Switch(config)#vtp mode server
Switch(config)#vtp password password (anything of your choice)

Remaining switches as clients
Switch(config)#vtp domain Katrach0  (anything off your choice)
Switch(config)#vtp mode client
Switch(config)#vtp password password (anything of your choice)
0
 
Katrach0System AdminAuthor Commented:
I will work on this, and when I finish I will get back here.

Question for you.
On Core Switch
Switch(config)#vtp domain Katrach0  (anything off your choice)
Switch(config)#vtp mode server
Switch(config)#vtp password password (anything of your choice)

Remaining switches as clients
Switch(config)#vtp domain Katrach0  (anything off your choice)
Switch(config)#vtp mode client
Switch(config)#vtp password password (anything of your choice)

With this configuration, should I keep something in mind?
Like for example if someone brings a new switch in and just put it in the network, will anything happen?
0
 
Don JohnstonInstructorCommented:
Like for example if someone brings a new switch in and just put it in the network, will anything happen?

New? As in "unconfigured"? Then no. nothing will happen. The VLAN database will not appear in the new switch until:

A) A link to an existing switch is a trunk (either manually configured or through DTP).
B) The domain name is assigned to the new switch (either manually or by the new switch learning it).
C) The new switch is manually configured with the new password.
0
 
Katrach0System AdminAuthor Commented:
Got it.

Now with this:
Remaining switches as clients
Switch(config)#vtp domain Katrach0  (anything off your choice)
Switch(config)#vtp mode client
Switch(config)#vtp password password (anything of your choice)

Will these switches learn the VLAN database from the server? or do I have to type them in manually?
0
 
Don JohnstonInstructorCommented:
That's the whole point of VTP. The VLAN database is maintained only on the servers. All the clients will learn the VLAN database from the server or neighboring clients if they're not directly connected to the server.
0
 
Katrach0System AdminAuthor Commented:
donjohnston thanks, as of right now, I'm playing with 3 switches and following everything you've told me...
I will keep playing with this then in 2 or 3 weeks will put it on production.

Again, thanks for all your help. Will keep you updated how everything goes.
0
 
Katrach0System AdminAuthor Commented:
I did this:
On Core Switch
Switch(config)#vtp domain Katrach0  (anything off your choice)
Switch(config)#vtp mode server
Switch(config)#vtp password password (anything of your choice)

Remaining switches as clients
Switch(config)#vtp domain Katrach0  (anything off your choice)
Switch(config)#vtp mode client
Switch(config)#vtp password password (anything of your choice)


And VLANs I created on Core switch do not appear on Client Switches.
0
 
Don JohnstonInstructorCommented:
post the output of a "show int trunk" on the server and client switches. And indicate which ports connect to which switches in question.

Also post the output of a "show vtp status" for the switches in question.
0
 
Katrach0System AdminAuthor Commented:
Core SwitchClient Switch
0
 
Don JohnstonInstructorCommented:
You didn't indicate what ports are used to connect these two switches. Assuming g024 on the core is connected to g0/2 on the client, the only problem I see is that the revision number on the server is at zero. It will need to be greater than that.

So go to the server and create a VLAN (any VLAN, doesn't matter) and then you'll see the VLAN database propagate to the client.
0
 
Katrach0System AdminAuthor Commented:
You're correct, Core is on Gig 24 and Client is on Gig 2.

I already have 3 vlans created on Core Switch.
0
 
Don JohnstonInstructorCommented:
Doesn't matter how many you have. The VTP revision number is currently at zero. Until it is incremented, there will be no propagation of the VLAN database to the clients.

Create a new VLAN and exit config mode.  If you want, you can then delete the VLAN. But until you do this, it's not going to work.
0
 
Katrach0System AdminAuthor Commented:
Genius!!!!!!!

It works!!!

 donjohnston Thanks, I think I'm OK from here, I understand this a little bit more now, before I accept the solution provided by you, do you have any tip for me, I mean I want this to work, I don''t want surprises down the road...
0
 
Don JohnstonInstructorCommented:
Well, like I said at the outset. I'm not a huge fan of VTP.  All it takes is a minor slip up and you've wiped every VLAN from every switch.

But the way I explain it in class is that VTP is like a power saw. A very helpful tool, but if you don't stay on your toes, it can hurt you. :-)

The number one rule with VTP is to NEVER connect a new switch if the revision number isn't zero (or at least less than the current revision number of the existing switches).
0
 
Katrach0System AdminAuthor Commented:
"The number one rule with VTP is to NEVER connect a new switch if the revision number isn't zero (or at least less than the current revision number of the existing switches)."

How do I avoid/prevent this?
0
 
Don JohnstonInstructorCommented:
Before you connect a new switch, issue a "show vtp status" and insure the revision number is zero. If it's not, change the mode from whatever it is to transparent and then change it to what you want it to be.

config t
vtp mode trans
vtp mode client
end
0
 
Katrach0System AdminAuthor Commented:
Got it...

Again donjohnston I really appreciate your time for helping me on this. All credits goes to you..

Regards, from DC.

Gracias.
0
 
Katrach0System AdminAuthor Commented:
This got the job done.
0
 
Mohammed RahmanCommented:
@Katrach0: I am sorry that I was a little away from experts-exchange and could not answer your queries.
@donjohnston: Thanks a tonne for carrying out this so smooth.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 12
  • 9
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now