3.7 VTP进阶配置

实验目的:

1、掌握VTP透明模式配置。

2、掌握VTP修剪配置。

3、理解VTP透明模式和修剪的功能和原理。

实验拓扑:

214009893.png

实验步骤:

1.依据图中拓扑部署VTP技术,其中SW1ServerSW2SW3ClientSW3模拟新加入的交换机,要求SW3作为Client端,将其传递到全网,配置如下:

SW1上配置

SW1#vlan database

SW1(vlan)#vtp domain PingingLab

SW1(vlan)#vtp password Cisco

SW1(vlan)#vlan 10

VLAN 10 added:

Name: VLAN0010

SW1(vlan)#vlan 20

VLAN 20 added:

Name: VLAN0020

SW1(vlan)#vlan 30

VLAN 30 added:

Name: VLAN0030

SW1(vlan)#exit

SW2上配置

SW2#vlan database

SW2(vlan)#vtp client

SW2(vlan)#vtp domain PingingLab

SW2(vlan)#vtp password Cisco

SW2(vlan)#exit

查看VTP信息,如下:

SW1#show vtp status

VTP Version : 2

Configuration Revision : 1

Maximum VLANs supported locally : 256

Number of existing VLANs : 8

VTP Operating Mode : Server

VTP Domain Name : PingingLab

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x3A 0xC2 0xE5 0x34 0x25 0xB3 0xA0 0x79

Configuration last modified by 0.0.0.0 at 3-1-02 00:06:25

Local updater ID is 0.0.0.0 (no valid interface found)

由于版本号低的会向版本号高的同步VLAN信息,所以,SW2上:

SW2#show vlan-switch brief

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5

Fa0/6, Fa0/7, Fa0/8, Fa0/9

Fa0/10, Fa0/11, Fa0/12, Fa0/13

Fa0/14, Fa0/15

10 VLAN0010 active

20 VLAN0020 active

30 VLAN0030 active

1002 fddi-default active

1003 token-ring-default active

1004 fddinet-default active

1005 trnet-default active

2SW3模拟新加入的交换机,为了使得其他交换机学习本地信息,需要保证本地的版本号够高,配置如下:

先将本地接口关闭

SW3(config)#int range f0/1 - 2

SW3(config-if-range)#sh

SW3(config-if-range)#exit

SW3定义为Server模式,以便修改VLAN信息,增加版本号

SW3#vlan database

SW3(vlan)#vtp domain PingingLab

SW3(vlan)#vtp password Cisco

SW3(vlan)#exit

SW3上不断修改VLAN信息,并查看版本号

SW3#vlan database

SW3(vlan)#vlan 100

VLAN 100 added:

Name: VLAN0100

SW3(vlan)#exit

APPLY completed.

Exiting....

SW3#vlan database

SW3(vlan)#vlan 200

VLAN 200 added:

Name: VLAN0200

SW3(vlan)#exit

APPLY completed.

Exiting....

SW3#vlan database

SW3(vlan)#vlan 300

VLAN 300 added:

Name: VLAN0300

SW3(vlan)#exit

VLAN database配置模式,每次进和出使得版本号加1,此时查看SW3VTP信息,如下:

SW3#show vtp status

VTP Version : 2

Configuration Revision : 3

Maximum VLANs supported locally : 256

Number of existing VLANs : 8

VTP Operating Mode : Server

VTP Domain Name : PingingLab

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x23 0x77 0x67 0x40 0x6E 0x68 0xA7 0xD5

Configuration last modified by 0.0.0.0 at 3-1-02 00:20:20

Local updater ID is 0.0.0.0 (no valid interface found)

为保证版本号够大,可以不断进入database里面,创建和删除VLAN,如下:

SW3#vlan database

SW3(vlan)#vlan 400

VLAN 400 added:

Name: VLAN0400

SW3(vlan)#exit

APPLY completed.

Exiting....

SW3#vlan da

SW3#vlan database

SW3(vlan)#no vlan 400

Deleting VLAN 400...

SW3(vlan)#exit

APPLY completed.

Exiting....

再次查看SW3VTP信息:

SW3#show vtp status

VTP Version : 2

Configuration Revision : 5

Maximum VLANs supported locally : 256

Number of existing VLANs : 8

VTP Operating Mode : Server

VTP Domain Name : PingingLab

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xEC 0xC8 0x36 0x9C 0x46 0xD5 0x5E 0x1C

Configuration last modified by 0.0.0.0 at 3-1-02 00:24:11

Local updater ID is 0.0.0.0 (no valid interface found)

此时将SW3Server模式切换到Client模式,并打开本地接口

SW3#vlan database

SW3(vlan)#vtp client

Setting device to VTP CLIENT mode.

SW3(vlan)#exit

SW3(config)#int range f0/1 - 2

SW3(config-if-range)#no sh

SW3(config-if-range)#exit

当打开接口后,相当于新加入一台Client,但此Client的版本号比全局其他交换机都高,此时交换机之间会通过汇总通告、通告请求和子集通告等信息进行VTP同步,再次查看SW1SW2VTP信息,如下:

SW1

SW1#show vtp status

VTP Version : 2

Configuration Revision : 5

Maximum VLANs supported locally : 256

Number of existing VLANs : 8

VTP Operating Mode : Server

VTP Domain Name : PingingLab

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xEC 0xC8 0x36 0x9C 0x46 0xD5 0x5E 0x1C

Configuration last modified by 0.0.0.0 at 3-1-02 00:24:11

Local updater ID is 0.0.0.0 (no valid interface found)

SW1#show vlan-switch brief

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5

Fa0/6, Fa0/7, Fa0/8, Fa0/9

Fa0/10, Fa0/11, Fa0/12, Fa0/13

Fa0/14, Fa0/15

100 VLAN0100 active

200 VLAN0200 active

300 VLAN0300 active

1002 fddi-default active

1003 token-ring-default active

1004 fddinet-default active

1005 trnet-default active

SW2上:

SW2#show vtp status

VTP Version : 2

Configuration Revision : 3

Maximum VLANs supported locally : 256

Number of existing VLANs : 8

VTP Operating Mode : Client

VTP Domain Name : PingingLab

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x4A 0x3B 0xC6 0xB7 0x07 0xA4 0xCD 0x5D

Configuration last modified by 0.0.0.0 at 3-1-02 00:11:20

SW2#show vtp status

VTP Version : 2

Configuration Revision : 5

Maximum VLANs supported locally : 256

Number of existing VLANs : 8

VTP Operating Mode : Client

VTP Domain Name : PingingLab

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xEC 0xC8 0x36 0x9C 0x46 0xD5 0x5E 0x1C

Configuration last modified by 0.0.0.0 at 3-1-02 00:24:11

SW2#show vl

SW2#show vlan-s

SW2#show vlan-switch bri

SW2#show vlan-switch brief

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5

Fa0/6, Fa0/7, Fa0/8, Fa0/9

Fa0/10, Fa0/11, Fa0/12, Fa0/13

Fa0/14, Fa0/15

100 VLAN0100 active

200 VLAN0200 active

300 VLAN0300 active

1002 fddi-default active

1003 token-ring-default active

1004 fddinet-default active

1005 trnet-default active

从上面结果可以看出,VTP信息会向版本号最高的同步,而不管是Server还是Client模式,这样的话,对于新加入的交换机就有必要将其版本号减低,否则,一旦原网络的VLAN信息被冲洗,则整个网络会进入瘫痪状态!

3、将SW3部署为透明模式,并观察其VTP信息,如下:

SW3#vlan database

SW3(vlan)#vtp transparent

SW3(vlan)#exit

SW3#show vtp status

VTP Version : 2

Configuration Revision : 0

Maximum VLANs supported locally : 256

Number of existing VLANs : 8

VTP Operating Mode : Transparent

VTP Domain Name : PingingLab

VTP Pruning Mode : Disabled

VTP V2 Mode  : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xEC 0xC8 0x36 0x9C 0x46 0xD5 0x5E 0x1C

Configuration last modified by 0.0.0.0 at 3-1-02 00:24:11

可以看到,当VTP为透明模式时,配置版本号自动归零,在整个网络中话语权最小,此时就无法对网络造成影响。一般网络新添加交换机之前,都强烈建议先部署为透明模式,后接入网络。

4、部署VTP修剪,修剪不必要的流量,优化网络,如下:

SW1(vlan)#vtp pruning

Pruning switched ON

SW1(vlan)#exit

查看VTP信息

SW1#show vtp status

VTP Version : 2

Configuration Revision : 6

Maximum VLANs supported locally : 256

Number of existing VLANs : 8

VTP Operating Mode : Server

VTP Domain Name : PingingLab

VTP Pruning Mode : Enabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xBA 0xC7 0x3B 0x68 0x79 0x55 0x8C 0x73

Configuration last modified by 0.0.0.0 at 3-1-02 00:42:25

Local updater ID is 0.0.0.0 (no valid interface found)

可以看到,此时VTP修剪模式从disable切换成enabled状态;VTP修剪只需要在Server端部署,查看SW2VTP信息,如下:

SW2#show vtp status

VTP Version : 2

Configuration Revision : 6

Maximum VLANs supported locally : 256

Number of existing VLANs : 8

VTP Operating Mode : Client

VTP Domain Name : PingingLab

VTP Pruning Mode : Enabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xBA 0xC7 0x3B 0x68 0x79 0x55 0x8C 0x73

Configuration last modified by 0.0.0.0 at 3-1-02 00:42:25

此时,VTP客户端也开启修剪。此实验完成。

==========================================

PingingLab·高品质IT教育提供商

CCIE 实验室·IT项目实战·高端人才定制

深圳拼客信息科技有限公司·广州大学城外环西路站

新浪微博:@拼客科技PingingLab  @PingingLab-陈鑫杰

PingingLab微信公众号:pinginglab

PingingLab技术交流群:240920680