实验目标:理解掌握VTP的配置及其工作原理
实验TOP:
基本配置
SW1
SW2
R3
基本配置完成。
首先,我们看下一下这个案例。如图:
通常情况下,我们需要在整个园区网或者企业网中的一组的交换机中保持VLAN数据库的同步,以保证所有交换机都能从数据帧中读取相关的VLAN信息进行正确的数据转发,然而对于大型网络来说,可能有成百上千台交换机,而一台交换机上都可能存在几十乃至数百个VLAN,如果仅凭网络工程师手工配置的话是一个非常大的工作量,并且也不利于日后维护——每一次添加修改或删除VLAN都需要在所有的交换机上部署。在这种情况下,我们引入了VTP(VLAN Trunking Protocol)。
VTP即VLAN中继协议,也被称为虚拟局域网干道协议,是思科私有协议。VTP有3种模式:服务器模式(Server);客户机模式(Client);透明模式(Transparent)。
Server模式:提供VTP消息(包括VLAN ID和名字信息);
学习相同域名的VTP消息;
转发相同域名的VTP消息;
可以添加、删除和更改VLAN VLAN信息写入NVRAM。
Client模式:请求VTP消息;
学习相同域名的VTP消息;
转发相同域名的VTP消息;
不可以添加、删除和更改VLAN VLAN信息不会写入NVRAM。
Transparent模式:不提供VTP消息;
不学习VTP消息;
转发VTP消息;
可以添加、删除和更改VLAN,只在本地有效VLAN信息写入NVRAM。
新交换机出厂时的默认配置是预配置为VLAN1,VTP 模式为服务器。
在VTP域中有两个重要的概念:
VTP域:也称VLAN管理域,由一个以上共享VTP域名的相互连接的交换机组成的。也就是说VTP域是一组域名相同并通过中继链路相互连接的交换机;
VTP通告:在交换机之间用来传递VLAN信息的数据包被称为VTP数据包。
VTP通告包括:汇总通告,子集通告,通告请求。
注意:VTP通过Trunk,VTP Server向其它交换机传输信息和接收更新。若给VTP配置密码,那么本域内的所有交换机的VTP密码必须保持一致。
创建VTP域命令 switch(config)#vtp domain DOMAIN_NAME
配置交换机的VTP模式switch(config)# vtp mode server | client | transparent
配置VTP密码 switch (config) # vtp password PASSWORD
查看VTP配置信息 switch# show vtp status
实验:
假设一个小型公司由总公司和分公司组成,而总公司和分公司里都有生产部和销售部。
需求:为了不让俩不能各个部门相互影响其工作,并能够使总公司和分公司相同部门成员间能相互通信。
解决方案:分别在总公司和分公司的交换机上配置相同的两个VLAN,分别供生产部和销售部使用,而两公司交换机的借口配为trunk模式。
如上图所示,假设总公司、分公司的交换机命名分别为SW1、SW2,公司规定:交换机fa0/1—10为生产部所使用,fa0/11—20为销售部所使用,剩余接口保留。创建VLAN 10和VLAN 20分别为生产部和销售部所使用。生产部各一成员PC1、PC3,销售部各一成员PC2、PC4分别连接于总公司、分公司交换机,如上图。
配置如下:
SW1(config)#vlan 10
SW1(config-vlan)#exi
SW1(config)#vlan 20
SW1(config-vlan)#exi
SW1(config)#int range f0/1 - f0/10
SW1(config-if-range)#switchport mode access
SW1(config-if-range)#switchport access vlan 10
SW1(config-if-range)#exi
SW1(config)#int range f0/11 - f0/20
SW1(config-if-range)#switchport mode access
SW1(config-if-range)#switchport access vlan 20
SW1(config-if-range)#exi
SW1(config)#int f0/24
SW1(config-if)#switchport mode trunk
SW1(config-if-range)#end
SW1#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/21, Fa0/22, Fa0/23, Gig1/1
Gig1/2
10 VLAN0010 active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10
20 VLAN0020 active Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW2(config)#vlan 10
SW2(config-vlan)#exi
SW2(config)#vlan 20
SW2(config-vlan)#exi
SW2(config)#int range f0/1 - f0/10
SW2(config-if-range)#switchport mode access
SW2(config-if-range)#switchport access vlan 10
SW2(config-if-range)#exi
SW2(config)#int range f0/11 - f0/20
SW2(config-if-range)#switchport mode access
SW2(config-if-range)#switchport access vlan 20
SW2(config-if-range)#exi
SW2(config)#int f0/24
SW2(config-if)#switchport mode trunk
SW1(config-if-range)#end
SW2#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/21, Fa0/22, Fa0/23, Gig1/1
Gig1/2
10 VLAN0010 active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10
20 VLAN0020 active Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
实验结果:
PC1或PC3 与PC2或PC4 ping 都不通;
PC2 与PC4 ping通;
PC1 与PC3 ping通。
有此说明:可通过在交换机上创建VLAN以达到把不同位置的PC划分进同一区域或实现同一区域的逻辑划分。
但同时也存着在问题:如果在大型公司,存在着多个不同的部门和分公司,需要更多的交换机上实现VLAN的划分(可能有成百上千台交换机,而一台交换机上都可能存在几十乃至数百个VLAN),如果仅凭网络工程师手工配置的话是一个非常大的工作量,并且也不利于日后维护——每一次添加修改或删除VLAN都需要在所有的交换机上部署。而现在我们使用VTP只需在一台交换机上配置所有VLAN,其他交换机则会自动学习其交换机的VLAN信息。
SW1#sh vtp status 查看SW1VTP配置信息
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server 默认VTP 模式为服务器
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp status 查看SW2VTP配置信息
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server 默认VTP 模式为服务器
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vtp status 查看SW3VTP配置信息
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server 默认VTP 模式为服务器
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
三台交换机在未作任何VTP配置的情况下自启动VTP,通过查看VTP运行状态命令可以看到:VTP默认模式为服务器(Server)
SW1(config)#vtp domain cisco 在SW1上创建名字为ciscoVTP域
Changing VTP domain name from NULL to cisco
SW1(config)#exi
SW1#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
在交换机SW1上创建名字为cisco的VTP,交换机SW2和SW3上无任何操作,但他们将自动学习到VTP域名:cisco。
SW2(config)#vlan 10
SW2(config-vlan)#end
SW2#sh vtp status
VTP Version : 2
Configuration Revision : 1 修订版本号由0变为1
Maximum VLANs supported locally : 255
Number of existing VLANs : 6 VLAN数由5变为6
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x50 0xDF 0x49 0x46 0x91 0xEF 0x8B 0x41
Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51
Local updater ID is 0.0.0.0 (no valid interface found)
SW1#sh vtp status
VTP Version : 2
Configuration Revision : 1 修订版本号由0变为1
Maximum VLANs supported locally : 255
Number of existing VLANs : 6 VLAN数由5变为6
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x50 0xDF 0x49 0x46 0x91 0xEF 0x8B 0x41
Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51
Local updater ID is 0.0.0.0 (no valid interface found)
SW1#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/24, Gig1/1
Gig1/2
10 VLAN0010 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW3#sh vtp status
VTP Version : 2
Configuration Revision : 1 修订版本号由0变为1
Maximum VLANs supported locally : 255
Number of existing VLANs : 6 VLAN数由5变为6
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x50 0xDF 0x49 0x46 0x91 0xEF 0x8B 0x41
Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51
Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Gig1/1
Gig1/2
10 VLAN0010 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
交换机SW2因为添加VLAN 10而修订版本号有1变为2,而交换机SW1和SW3修订版本号都为0 < 1,所以自动学习SW2的VLAN配置,自动添加VLAN 10,并同步VTP信息。由此可以看出:添加VLAN可以使VTP修订版本号增大,且在多台交换机VTP都Server模式时,修订版本号越大信息越新,会被其他修订版本号地的交换机学习。
SW2(config)#vtp mode transparent 把交换机SW2设为透明模式
Setting device to VTP TRANSPARENT mode.
SW2(config)#vlan 30 在交换机SW2上添加VLAN 30
SW2(config-vlan)#exi
SW1(config)#vtp mode server 把交换机SW1设为服务器模式
Device mode already VTP SERVER.
SW1(config)#vlan 20 在交换机SW1上添加VLAN 20
SW1(config-vlan)#end
SW1#sh vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x8A 0xBD 0xC9 0xDB 0xE2 0x59 0x61 0x29
Configuration last modified by 0.0.0.0 at 3-1-93 00:12:55
Local updater ID is 0.0.0.0 (no valid interface found)
SW1#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/24, Gig1/1
Gig1/2
10 VLAN0010 active
20 VLAN0020 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW2#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 6
VTP Operating Mode : Transparent
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x2F 0x58 0x29 0x9B 0x10 0x9A 0x42 0x41
Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51
SW2#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Gig1/1, Gig1/2
10 VLAN0010 active
30 VLAN0030 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW3#sh vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x28 0x2B 0x39 0xF0 0xE3 0xCD 0x25 0xC7
Configuration last modified by 0.0.0.0 at 3-1-93 00:06:07
Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Gig1/1
Gig1/2
10 VLAN0010 active
20 VLAN0020 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
交换机SW1配置为服务器模式,交换机SW2配置为透明模式,交换机SW3未作任何配置,默认为服务器模式。在交换机SW1上添加VLAN 20修订版本再次有1变为2,使交换机SW3自动学习,与交换机SW1同步信息,添加VLAN 20并同步VTP信息;而交换机SW2不同步VLAN配置,只发送、转发通告,所以既不学习VLAN 20,也不会让交换机SW1和SW3学习到VLAN 30,两者更不会同步VTP信息。由此说明:VTP服务器模式的交换机具有建立、修改和删除VLAN,发送、转发通告,同步VLAN配置作用;VTP透明模式的交换机建立、修改和删除本交换机的VLANs,不同步VLAN配置,但发送、转发通告。
SW3(config)#no vlan 20
SW3(config)#exi
SW3#sh vtp status
VTP Version : 2
Configuration Revision : 3
Maximum VLANs supported locally : 255
Number of existing VLANs : 6
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xA8 0x0B 0x21 0x34 0x68 0x53 0xE6 0xC1
Configuration last modified by 0.0.0.0 at 3-1-93 00:11:35
Local updater ID is 0.0.0.0 (no valid interface found)
SW1#sh vtp status
VTP Version : 2
Configuration Revision : 3
Maximum VLANs supported locally : 255
Number of existing VLANs : 6
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xA8 0x0B 0x21 0x34 0x68 0x53 0xE6 0xC1
Configuration last modified by 0.0.0.0 at 3-1-93 00:11:35
Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Transparent
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x0F 0xB1 0xAC 0x47 0x23 0xFE 0x0A 0x44
Configuration last modified by 0.0.0.0 at 3-1-93 00:04:36
在交换机SW3上删除VLAN 20后,其修订版本号由2变为3,使交换机SW1自动学习,与交换机SW3同步信息,删除VLAN 20,并同步VTP版本号信息。而交换机SW2去无任何变化,只向交换机SW1、SW3间相互发送、转发通告。由此看出,添加、删除VLAN都能使修订版本号增大。
SW3(config)#vtp mode client
Setting device to VTP CLIENT mode.
SW3(config)#vlan 20
VTP VLAN configuration not allowed when device is in CLIENT mode.
SW3#sh vtp status
VTP Version : 2
Configuration Revision : 3
Maximum VLANs supported locally : 255
Number of existing VLANs : 6
VTP Operating Mode : Client
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xF3 0xA4 0x91 0xAC 0x45 0xBD 0x9B 0xB8
Configuration last modified by 0.0.0.0 at 3-1-93 00:08:00
SW3(config)#no vlan 10
VTP VLAN configuration not allowed when device is in CLIENT mode.
SW3#sh vtp status
VTP Version : 2
Configuration Revision : 3
Maximum VLANs supported locally : 255
Number of existing VLANs : 6
VTP Operating Mode : Client
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xF3 0xA4 0x91 0xAC 0x45 0xBD 0x9B 0xB8
Configuration last modified by 0.0.0.0 at 3-1-93 00:08:00
SW1(config)#vlan 20
SW1(config-vlan)#end
SW1#sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xF2 0x09 0x72 0xEF 0x3B 0x8B 0x28 0x57
Configuration last modified by 0.0.0.0 at 3-1-93 00:11:10
Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xF2 0x09 0x72 0xEF 0x3B 0x8B 0x28 0x57
Configuration last modified by 0.0.0.0 at 3-1-93 00:11:10
SW3#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Gig1/1
Gig1/2
10 VLAN0010 active
20 VLAN0020 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
把交换机SW3配置为客户机模式,然后在交换机上添加VLAN 20,弹出信息:VTP VLAN configuration not allowed when device is in CLIENT mode. (在VTP客户机模式下不能添加VLAN配置);接着在交换机上删除VLAN 10,弹出信息:VTP VLAN configuration not allowed when device is in CLIENT mode. (在VTP客户机模式下不能删除VLAN配置)
在交换机SW1上添加VLAN 20,其修订版本号由3变为4,交换机SW3自动学习,添加VLAN 20并同步VTP信息。由此说明:VTP客户机模式的交换机不建立、修改和删除VLAN;发送、转发通告;同步VLAN配置。
SW1(config)#vtp password cisco 给交换机SW1配置VTP密码为cisco
Setting device VLAN database password to cisco
SW1(config)# vlan 40 在交换机SW1上添加VLAN 40
SW1(config-vlan)#end
SW1#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/24, Gig1/1
Gig1/2
10 VLAN0010 active
20 VLAN0020 active
40 VLAN0040 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
40 enet 100040 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW3#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Gig1/1
Gig1/2
10 VLAN0010 active
20 VLAN0020 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW3(config)#vtp password cisco 给交换机SW1配置VTP密码为cisco
Setting device VLAN database password to cisco
SW3(config)#exi
SW3#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Gig1/1
Gig1/2
10 VLAN0010 active
20 VLAN0020 active
40 VLAN0040 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
40 enet 100040 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
在交换机SW1上添加VLAN 40交换机SW3却没有添加,因为再添加VLAN 40前交换机SW1 VTP已添加密码。而在交换机SW3上配上密码,即可自动学习得VLAN 40。由此可见:若给VTP配置密码,那么本域内的所有交换机都必须拥有密码才能相互同步信息。
SW3(config)#no vtp password cisco
Clearing device VLAN database password.
SW3(config)#vtp password cisc1
Setting device VLAN database password to cisc1
SW1(config)#vlan 50
SW1(config-vlan)#exi
SW3#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Gig1/1
Gig1/2
10 VLAN0010 active
20 VLAN0020 active
40 VLAN0040 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
40 enet 100040 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW3(config)#no vtp password cisc1
Clearing device VLAN database password.
SW3(config)#vtp password cisco
Setting device VLAN database password to cisco
SW3#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Gig1/1
Gig1/2
10 VLAN0010 active
20 VLAN0020 active
40 VLAN0040 active
50 VLAN0050 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
40 enet 100040 1500 - - - - - 0 0
50 enet 100050 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
在交换机SW3上VTP使用与SW1不同的密码cisc1,并在交换机SW1上添加VLAN 50,交换机SW3不能学习到,但使用相同的密码cisco,则能学习到。由此可见:若给VTP配置密码,那么本域内的所有交换机不仅要拥有VTP密码而且要必须保持一致才能相互同步信息。
将三台交换机恢复基本配置。
SW1(config)#int f0/23
SW1(config-if)#no switchport mode trunk
SW2(config)#int f0/23
SW2(config-if)#no switchport mode trunk
SW1(config)#vtp domain cisco
Changing VTP domain name from NULL to cisco
SW1(config)#exi
SW1#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
SW1(config)#int f0/23
SW1(config-if)# switchport mode trunk
SW2(config)#int f0/23
SW2(config-if)# switchport mode trunk
SW2#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
使交换机SW1和SW2相连的接口模式变为默认,则交换机SW2不能学到VTP域名cisco。由此说明:VTP通过Trunk向其它交换机传输信息和接收更新。
SW1(config)#vlan 10
SW1(config-vlan)#exi
SW1(config)#vlan 20
SW1(config-vlan)#exi
SW2(config)#vlan 30
SW2(config-vlan)#exi
SW2(config)#vlan 40
SW2(config-vlan)#exi
SW1(config)#int f0/23
SW1(config-if)# switchport mode trunk
SW2(config)#int f0/23
SW2(config-if)# switchport mode trunk
SW1#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/24, Gig1/1
Gig1/2
10 VLAN0010 active
20 VLAN0020 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW2#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Gig1/1, Gig1/2
30 VLAN0030 active
40 VLAN0040 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
40 enet 100040 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
SW2(config)#vlan 50
SW2(config-vlan)#exi
SW2#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Gig1/1, Gig1/2
10 VLAN0010 active
20 VLAN0020 active
50 VLAN0050 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
50 enet 100050 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
在交换机SW1上添加VLAN 10、VLAN 20,交换机SW2上添加VLAN 30、VLAN 40,交换机SW1和交换机SW2修订版本号相同,而在交换机SW1上添加VLAN 50,修订版本号由2变为3,所以交换机SW2自动学习交换机SW1VLAN配置,而交换机SW2原有的VLAN配置却被清空。由此说明:交换机通过VTP相互学习信息的方式是覆盖式学习的方式。
总结:
在企业网中,配置VLAN工作量大,可以使用VTP协议。VTP通过网络(ISL帧或cisco私有DTP帧)保持VLAN配置统一性。VTP在系统级管理增加,删除,调整的VLAN,自动地将信息向网络中其它的交换机广播。此外,VTP减小了那些可能导致安全问题的配置。便于管理,只要在vtp server做相应设置,vtp client会自动学习vtp server上的vlan信息。
优点
1.保持配置的一致性;
2.提供跨不同介质类型如ATM FDDI和以太网配置虚拟局域网的方法;
3.提供跟踪和监视虚拟局域网的方法;
4.提供检测加到另一个交换机上的虚拟局域的方法;
5.提供从一个交换机在整个管理域中增加虚拟局域网的方法。
缺点
1.覆盖式学习,当交换机学习完其他交换机上的VLAN配置后本交换机的VLAN配置也会被清空;
2.VTP通过Trunk,VTP Server向其它交换机传输信息和接收更新。若未给VTP配置密码,则所有通过Trunk相连的交换机都会学习到相同的VLAN配置。
转载于:https://blog.51cto.com/hexintj/1310824
4073
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
