VLAN on 3750
in [Cisco]
|
Prev: VPN Client 5.01 Ports
Next: Smartnet
From: bavien on 17 Apr 2008 01:06 1 - 3750 Layer 3 switch 2 - 2950 switches is there anything wrong (not sure if possible) with setting up 5 vlans (vlan 1,2,3,4,5) on the first 2950 switch and just 2 vlans (vlan 1,6) on the second 2950 switch? There will be a trunk between 3750 to each of the 2950. Any thoughts? BV
From: Doug McIntyre on 17 Apr 2008 01:46 bavien(a)gmail.com writes: >1 - 3750 Layer 3 switch >2 - 2950 switches >is there anything wrong (not sure if possible) with setting up 5 vlans >(vlan 1,2,3,4,5) on the first 2950 switch and just 2 vlans (vlan 1,6) >on the second 2950 switch? There will be a trunk between 3750 to each >of the 2950. No, nothing wrong. If you trunked in and out of a 2950, you'd have to setup the VLANs that land on that switch, as well as all the VLANs that pass through the 2950 even if they don't land on that switch. But that doesn't sound like thats the case here, the 2950's only need to know about the VLANs they handle.
From: Merv on 17 Apr 2008 02:09 > is there anything wrong (not sure if possible) with setting up 5 vlans > (vlan 1,2,3,4,5) on the first 2950 switch and just 2 vlans (vlan 1,6) > on the second 2950 switch? There will be a trunk between 3750 to each > of the 2950. Perfectly fine AFAIK Do yourself a favour and avoid the use of VTP; manually configure the VLANs in use on each switch. Also ditch DTP Use the command "switchport trunk allowed vlan [allowed vlans] " on the trunk ports on the 3750 and configure the VLANS in the command that are on each of the 2950's Enable CDP on trunk ports; disable on all other ports interface <> description Switch Trunk switchport trunk encapsulation dot1q switchport trunk allowed vlan [allowed vlans] switchport mode trunk switchport nonegotiate cdp enable
From: Trendkill on 17 Apr 2008 07:36 On Apr 17, 2:09 am, Merv <merv.hr...(a)rogers.com> wrote: > > is there anything wrong (not sure if possible) with setting up 5 vlans > > (vlan 1,2,3,4,5) on the first 2950 switch and just 2 vlans (vlan 1,6) > > on the second 2950 switch? There will be a trunk between 3750 to each > > of the 2950. > > Perfectly fine AFAIK > > Do yourself a favour and avoid the use of VTP; manually configure the > VLANs in use on each switch. > > Also ditch DTP > > Use the command "switchport trunk allowed vlan [allowed vlans] " on > the trunk ports on the 3750 > and configure the VLANS in the command that are on each of the 2950's > > Enable CDP on trunk ports; disable on all other ports > > interface <> > description Switch Trunk > switchport trunk encapsulation dot1q > switchport trunk allowed vlan [allowed vlans] > switchport mode trunk > switchport nonegotiate > cdp enable Is there any other reason you are suggesting avoiding VTP beyond the obvious 'gotcha' with deploying switches w/ higher revision numbers? While most environments are heading towards distributed layer 3 where trunking is a thing of the past (except between access pairs), I still know of tons of companies running very large layer 2 networks. While VTP does have a major gotcha that should be well-known to any network designer/engineer, I don't necessarily agree that avoiding it altogether is the answer, particularly for companies with decent sized network groups (multiple engineers doing different things). Who wants to maintain updating vlan names on every switch in a 50 switch datacenter? Additionally, what stops you from then using the same number more than once if you have strict pruning guidelines which can cause issues if they ever need to be extended. I suppose you could make the update part of the process of trunking out and/or removing pruning, but just seems like an unnecessary headache. Perhaps I am missing something major since its early AM, but its not the first time i have seen that advice and wondered.
From: Merv on 17 Apr 2008 13:41
On Apr 17, 7:36 am, Trendkill <jpma...(a)gmail.com> wrote: > On Apr 17, 2:09 am, Merv <merv.hr...(a)rogers.com> wrote: > > > > > > is there anything wrong (not sure if possible) with setting up 5 vlans > > > (vlan 1,2,3,4,5) on the first 2950 switch and just 2 vlans (vlan 1,6) > > > on the second 2950 switch? There will be a trunk between 3750 to each > > > of the 2950. > > > Perfectly fine AFAIK > > > Do yourself a favour and avoid the use of VTP; manually configure the > > VLANs in use on each switch. > > > Also ditch DTP > > > Use the command "switchport trunk allowed vlan [allowed vlans] " on > > the trunk ports on the 3750 > > and configure the VLANS in the command that are on each of the 2950's > > > Enable CDP on trunk ports; disable on all other ports > > > interface <> > > description Switch Trunk > > switchport trunk encapsulation dot1q > > switchport trunk allowed vlan [allowed vlans] > > switchport mode trunk > > switchport nonegotiate > > cdp enable > > Is there any other reason you are suggesting avoiding VTP beyond the > obvious 'gotcha' with deploying switches w/ higher revision numbers? > While most environments are heading towards distributed layer 3 where > trunking is a thing of the past (except between access pairs), I still > know of tons of companies running very large layer 2 networks. While > VTP does have a major gotcha that should be well-known to any network > designer/engineer, I don't necessarily agree that avoiding it > altogether is the answer, particularly for companies with decent sized > network groups (multiple engineers doing different things). Who wants > to maintain updating vlan names on every switch in a 50 switch > datacenter? Additionally, what stops you from then using the same > number more than once if you have strict pruning guidelines which can > cause issues if they ever need to be extended. I suppose you could > make the update part of the process of trunking out and/or removing > pruning, but just seems like an unnecessary headache. > > Perhaps I am missing something major since its early AM, but its not > the first time i have seen that advice and wondered. the OP with a small network is best to avoid all the benefits of VTP ;-)) from Cisco best practice doc http://www.cisco.com/en/US/products/hw/switches/ps700/products_white_paper09186a00801b49a4.shtml#cg1 " There are pros and cons to the VTP ability to make changes easily on a network. Many enterprises prefer a cautious approach and use VTP transparent mode for these reasons: This practice encourages good change control because the requirement to modify a VLAN on a switch or trunk port must be considered one switch at a time. VTP transparent mode limits the risk of an administrator error, such as accidental deletion of a VLAN. Such errors can impact the entire domain. VLANs can be pruned from trunks down to switches that do not have ports in the VLAN. This results in frame flooding to be more bandwidth- efficient. Manual pruning also has a reduced spanning-tree diameter. See the Dynamic Trunking Protocol section for more information. A per- switch VLAN configuration also encourages this practice. There is no risk of the introduction into the network of a new switch with a higher VTP revision number that overwrites the entire domain VLAN configuration. Cisco IOS Software VTP transparent mode is supported in Campus Manager 3.2, which is part of CiscoWorks2000. The earlier restriction that requires you to have at least one server in a VTP domain has been removed. " |