VLAN on 3750
in [Cisco]
|
Prev: VPN Client 5.01 Ports
Next: Smartnet
From: bavien on 21 Apr 2008 23:58 On Apr 17, 12:41 pm, Merv <merv.hr...(a)rogers.com> wrote: > On Apr 17, 7:36 am, Trendkill <jpma...(a)gmail.com> wrote: > > > > > > > On Apr 17, 2:09 am, Merv <merv.hr...(a)rogers.com> wrote: > > > > > is there anything wrong (not sure if possible) with setting up 5 vlans > > > > (vlan 1,2,3,4,5) on the first 2950 switch and just 2 vlans (vlan 1,6) > > > > on the second 2950 switch? There will be a trunk between 3750 to each > > > > of the 2950. > > > > Perfectly fine AFAIK > > > > Do yourself a favour and avoid the use of VTP; manually configure the > > > VLANs in use on each switch. > > > > Also ditch DTP > > > > Use the command "switchport trunk allowed vlan [allowed vlans] " on > > > the trunk ports on the 3750 > > > and configure the VLANS in the command that are on each of the 2950's > > > > Enable CDP on trunk ports; disable on all other ports > > > > interface <> > > > description Switch Trunk > > > switchport trunk encapsulation dot1q > > > switchport trunk allowed vlan [allowed vlans] > > > switchport mode trunk > > > switchport nonegotiate > > > cdp enable > > > Is there any other reason you are suggesting avoiding VTP beyond the > > obvious 'gotcha' with deploying switches w/ higher revision numbers? > > While most environments are heading towards distributed layer 3 where > > trunking is a thing of the past (except between access pairs), I still > > know of tons of companies running very large layer 2 networks. While > > VTP does have a major gotcha that should be well-known to any network > > designer/engineer, I don't necessarily agree that avoiding it > > altogether is the answer, particularly for companies with decent sized > > network groups (multiple engineers doing different things). Who wants > > to maintain updating vlan names on every switch in a 50 switch > > datacenter? Additionally, what stops you from then using the same > > number more than once if you have strict pruning guidelines which can > > cause issues if they ever need to be extended. I suppose you could > > make the update part of the process of trunking out and/or removing > > pruning, but just seems like an unnecessary headache. > > > Perhaps I am missing something major since its early AM, but its not > > the first time i have seen that advice and wondered. > > the OP with a small network is best to avoid all the benefits of > VTP ;-)) > > from Cisco best practice doc > > http://www.cisco.com/en/US/products/hw/switches/ps700/products_white_... > > " > There are pros and cons to the VTP ability to make changes easily on a > network. Many enterprises prefer a cautious approach and use VTP > transparent mode for these reasons: > > This practice encourages good change control because the requirement > to modify a VLAN on a switch or trunk port must be considered one > switch at a time. > > VTP transparent mode limits the risk of an administrator error, such > as accidental deletion of a VLAN. Such errors can impact the entire > domain. > > VLANs can be pruned from trunks down to switches that do not have > ports in the VLAN. This results in frame flooding to be more bandwidth- > efficient. Manual pruning also has a reduced spanning-tree diameter. > See the Dynamic Trunking Protocol section for more information. A per- > switch VLAN configuration also encourages this practice. > > There is no risk of the introduction into the network of a new switch > with a higher VTP revision number that overwrites the entire domain > VLAN configuration. > > Cisco IOS Software VTP transparent mode is supported in Campus Manager > 3.2, which is part of CiscoWorks2000. The earlier restriction that > requires you to have at least one server in a VTP domain has been > removed. > > "- Hide quoted text - > > - Show quoted text - Thanks |