VTP配置及工作原理(实验)
2013-10-18 13:54
573 查看
实验目标:理解掌握VTP的配置及其工作原理实验TOP:
基本配置SW1SW2
R3
基本配置完成。首先,我们看下一下这个案例。如图:
通常情况下,我们需要在整个园区网或者企业网中的一组的交换机中保持VLAN数据库的同步,以保证所有交换机都能从数据帧中读取相关的VLAN信息进行正确的数据转发,然而对于大型网络来说,可能有成百上千台交换机,而一台交换机上都可能存在几十乃至数百个VLAN,如果仅凭网络工程师手工配置的话是一个非常大的工作量,并且也不利于日后维护――每一次添加修改或删除VLAN都需要在所有的交换机上部署。在这种情况下,我们引入了VTP(VLAN Trunking Protocol)。 VTP即VLAN中继协议,也被称为虚拟局域网干道协议,是思科私有协议。VTP有3种模式:服务器模式(Server);客户机模式(Client);透明模式(Transparent)。 Server模式:提供VTP消息(包括VLAN ID和名字信息); 学习相同域名的VTP消息; 转发相同域名的VTP消息; 可以添加、删除和更改VLAN VLAN信息写入NVRAM。 Client模式:请求VTP消息; 学习相同域名的VTP消息; 转发相同域名的VTP消息; 不可以添加、删除和更改VLAN VLAN信息不会写入NVRAM。 Transparent模式:不提供VTP消息; 不学习VTP消息; 转发VTP消息; 可以添加、删除和更改VLAN,只在本地有效VLAN信息写入NVRAM。 新交换机出厂时的默认配置是预配置为VLAN1,VTP 模式为服务器。 在VTP域中有两个重要的概念: VTP域:也称VLAN管理域,由一个以上共享VTP域名的相互连接的交换机组成的。也就是说VTP域是一组域名相同并通过中继链路相互连接的交换机; VTP通告:在交换机之间用来传递VLAN信息的数据包被称为VTP数据包。 VTP通告包括:汇总通告,子集通告,通告请求。 注意:VTP通过Trunk,VTP Server向其它交换机传输信息和接收更新。若给VTP配置密码,那么本域内的所有交换机的VTP密码必须保持一致。 创建VTP域命令 switch(config)#vtp domain DOMAIN_NAME 配置交换机的VTP模式switch(config)# vtp mode server | client | transparent 配置VTP密码 switch (config) # vtp password PASSWORD 查看VTP配置信息 switch# show vtp status 实验: 假设一个小型公司由总公司和分公司组成,而总公司和分公司里都有生产部和销售部。 需求:为了不让俩不能各个部门相互影响其工作,并能够使总公司和分公司相同部门成员间能相互通信。 解决方案:分别在总公司和分公司的交换机上配置相同的两个VLAN,分别供生产部和销售部使用,而两公司交换机的借口配为trunk模式。
如上图所示,假设总公司、分公司的交换机命名分别为SW1、SW2,公司规定:交换机fa0/1―10为生产部所使用,fa0/11―20为销售部所使用,剩余接口保留。创建VLAN 10和VLAN 20分别为生产部和销售部所使用。生产部各一成员PC1、PC3,销售部各一成员PC2、PC4分别连接于总公司、分公司交换机,如上图。配置如下:SW1(config)#vlan 10SW1(config-vlan)#exiSW1(config)#vlan 20SW1(config-vlan)#exiSW1(config)#int range f0/1 - f0/10SW1(config-if-range)#switchport mode accessSW1(config-if-range)#switchport access vlan 10SW1(config-if-range)#exiSW1(config)#int range f0/11 - f0/20SW1(config-if-range)#switchport mode accessSW1(config-if-range)#switchport access vlan 20SW1(config-if-range)#exiSW1(config)#int f0/24SW1(config-if)#switchport mode trunkSW1(config-if-range)#endSW1#sh vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/1020 VLAN0020 active Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/201002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW2(config)#vlan 10SW2(config-vlan)#exiSW2(config)#vlan 20SW2(config-vlan)#exiSW2(config)#int range f0/1 - f0/10SW2(config-if-range)#switchport mode accessSW2(config-if-range)#switchport access vlan 10SW2(config-if-range)#exiSW2(config)#int range f0/11 - f0/20SW2(config-if-range)#switchport mode accessSW2(config-if-range)#switchport access vlan 20SW2(config-if-range)#exiSW2(config)#int f0/24SW2(config-if)#switchport mode trunkSW1(config-if-range)#endSW2#sh vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/1020 VLAN0020 active Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/201002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
实验结果: PC1或PC3 与PC2或PC4 ping 都不通; PC2 与PC4 ping通; PC1 与PC3 ping通。 有此说明:可通过在交换机上创建VLAN以达到把不同位置的PC划分进同一区域或实现同一区域的逻辑划分。 但同时也存着在问题:如果在大型公司,存在着多个不同的部门和分公司,需要更多的交换机上实现VLAN的划分(可能有成百上千台交换机,而一台交换机上都可能存在几十乃至数百个VLAN),如果仅凭网络工程师手工配置的话是一个非常大的工作量,并且也不利于日后维护――每一次添加修改或删除VLAN都需要在所有的交换机上部署。而现在我们使用VTP只需在一台交换机上配置所有VLAN,其他交换机则会自动学习其交换机的VLAN信息。
SW1#sh vtp status 查看SW1VTP配置信息VTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : Server 默认VTP 模式为服务器VTP Domain Name :VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3AConfiguration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp status 查看SW2VTP配置信息VTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : Server 默认VTP 模式为服务器VTP Domain Name :VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3AConfiguration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vtp status 查看SW3VTP配置信息VTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : Server 默认VTP 模式为服务器VTP Domain Name :VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3AConfiguration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found) 三台交换机在未作任何VTP配置的情况下自启动VTP,通过查看VTP运行状态命令可以看到:VTP默认模式为服务器(Server)
SW1(config)#vtp domain cisco 在SW1上创建名字为ciscoVTP域Changing VTP domain name from NULL to ciscoSW1(config)#exiSW1#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found) 在交换机SW1上创建名字为cisco的VTP,交换机SW2和SW3上无任何操作,但他们将自动学习到VTP域名:cisco。
SW2(config)#vlan 10SW2(config-vlan)#endSW2#sh vtp statusVTP Version : 2Configuration Revision : 1 修订版本号由0变为1Maximum VLANs supported locally : 255Number of existing VLANs : 6 VLAN数由5变为6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x50 0xDF 0x49 0x46 0x91 0xEF 0x8B 0x41Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51Local updater ID is 0.0.0.0 (no valid interface found)
SW1#sh vtp statusVTP Version : 2Configuration Revision : 1 修订版本号由0变为1Maximum VLANs supported locally : 255Number of existing VLANs : 6 VLAN数由5变为6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x50 0xDF 0x49 0x46 0x91 0xEF 0x8B 0x41Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51Local updater ID is 0.0.0.0 (no valid interface found)SW1#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/24, Gig1/1 Gig1/210 VLAN0010 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3#sh vtp statusVTP Version : 2Configuration Revision : 1 修订版本号由0变为1Maximum VLANs supported locally : 255Number of existing VLANs : 6 VLAN数由5变为6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x50 0xDF 0x49 0x46 0x91 0xEF 0x8B 0x41Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51Local updater ID is 0.0.0.0 (no valid interface found)SW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------ 交换机SW2因为添加VLAN 10而修订版本号有1变为2,而交换机SW1和SW3修订版本号都为0 < 1,所以自动学习SW2的VLAN配置,自动添加VLAN 10,并同步VTP信息。由此可以看出:添加VLAN可以使VTP修订版本号增大,且在多台交换机VTP都Server模式时,修订版本号越大信息越新,会被其他修订版本号地的交换机学习。
SW2(config)#vtp mode transparent 把交换机SW2设为透明模式Setting device to VTP TRANSPARENT mode.SW2(config)#vlan 30 在交换机SW2上添加VLAN 30SW2(config-vlan)#exiSW1(config)#vtp mode server 把交换机SW1设为服务器模式Device mode already VTP SERVER.SW1(config)#vlan 20 在交换机SW1上添加VLAN 20SW1(config-vlan)#endSW1#sh vtp statusVTP Version : 2Configuration Revision : 2Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x8A 0xBD 0xC9 0xDB 0xE2 0x59 0x61 0x29Configuration last modified by 0.0.0.0 at 3-1-93 00:12:55Local updater ID is 0.0.0.0 (no valid interface found)SW1#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/24, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : TransparentVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x2F 0x58 0x29 0x9B 0x10 0x9A 0x42 0x41Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51SW2#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Gig1/1, Gig1/210 VLAN0010 active 30 VLAN0030 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 030 enet 100030 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3#sh vtp statusVTP Version : 2Configuration Revision : 2Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x28 0x2B 0x39 0xF0 0xE3 0xCD 0x25 0xC7Configuration last modified by 0.0.0.0 at 3-1-93 00:06:07Local updater ID is 0.0.0.0 (no valid interface found)SW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------ 交换机SW1配置为服务器模式,交换机SW2配置为透明模式,交换机SW3未作任何配置,默认为服务器模式。在交换机SW1上添加VLAN 20修订版本再次有1变为2,使交换机SW3自动学习,与交换机SW1同步信息,添加VLAN 20并同步VTP信息;而交换机SW2不同步VLAN配置,只发送、转发通告,所以既不学习VLAN 20,也不会让交换机SW1和SW3学习到VLAN 30,两者更不会同步VTP信息。由此说明:VTP服务器模式的交换机具有建立、修改和删除VLAN,发送、转发通告,同步VLAN配置作用;VTP透明模式的交换机建立、修改和删除本交换机的VLANs,不同步VLAN配置,但发送、转发通告。
SW3(config)#no vlan 20SW3(config)#exiSW3#sh vtp statusVTP Version : 2Configuration Revision : 3Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xA8 0x0B 0x21 0x34 0x68 0x53 0xE6 0xC1Configuration last modified by 0.0.0.0 at 3-1-93 00:11:35Local updater ID is 0.0.0.0 (no valid interface found)
SW1#sh vtp statusVTP Version : 2Configuration Revision : 3Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xA8 0x0B 0x21 0x34 0x68 0x53 0xE6 0xC1Configuration last modified by 0.0.0.0 at 3-1-93 00:11:35Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : TransparentVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x0F 0xB1 0xAC 0x47 0x23 0xFE 0x0A 0x44Configuration last modified by 0.0.0.0 at 3-1-93 00:04:36
在交换机SW3上删除VLAN 20后,其修订版本号由2变为3,使交换机SW1自动学习,与交换机SW3同步信息,删除VLAN 20,并同步VTP版本号信息。而交换机SW2去无任何变化,只向交换机SW1、SW3间相互发送、转发通告。由此看出,添加、删除VLAN都能使修订版本号增大。
SW3(config)#vtp mode clientSetting device to VTP CLIENT mode.SW3(config)#vlan 20VTP VLAN configuration not allowed when device is in CLIENT mode.SW3#sh vtp statusVTP Version : 2Configuration Revision : 3Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : ClientVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xF3 0xA4 0x91 0xAC 0x45 0xBD 0x9B 0xB8Configuration last modified by 0.0.0.0 at 3-1-93 00:08:00
SW3(config)#no vlan 10VTP VLAN configuration not allowed when device is in CLIENT mode.SW3#sh vtp statusVTP Version : 2Configuration Revision : 3Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : ClientVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xF3 0xA4 0x91 0xAC 0x45 0xBD 0x9B 0xB8Configuration last modified by 0.0.0.0 at 3-1-93 00:08:00
SW1(config)#vlan 20SW1(config-vlan)#endSW1#sh vtp statusVTP Version : 2Configuration Revision : 4Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xF2 0x09 0x72 0xEF 0x3B 0x8B 0x28 0x57Configuration last modified by 0.0.0.0 at 3-1-93 00:11:10Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vtp statusVTP Version : 2Configuration Revision : 4Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : ClientVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xF2 0x09 0x72 0xEF 0x3B 0x8B 0x28 0x57Configuration last modified by 0.0.0.0 at 3-1-93 00:11:10
SW3#sh vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
把交换机SW3配置为客户机模式,然后在交换机上添加VLAN 20,弹出信息:VTP VLAN configuration not allowed when device is in CLIENT mode. (在VTP客户机模式下不能添加VLAN配置);接着在交换机上删除VLAN 10,弹出信息:VTP VLAN configuration not allowed when device is in CLIENT mode. (在VTP客户机模式下不能删除VLAN配置) 在交换机SW1上添加VLAN 20,其修订版本号由3变为4,交换机SW3自动学习,添加VLAN 20并同步VTP信息。由此说明:VTP客户机模式的交换机不建立、修改和删除VLAN;发送、转发通告;同步VLAN配置。
SW1(config)#vtp password cisco 给交换机SW1配置VTP密码为ciscoSetting device VLAN database password to ciscoSW1(config)# vlan 40 在交换机SW1上添加VLAN 40SW1(config-vlan)#endSW1#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/24, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 40 VLAN0040 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3(config)#vtp password cisco 给交换机SW1配置VTP密码为ciscoSetting device VLAN database password to ciscoSW3(config)#exiSW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 40 VLAN0040 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
在交换机SW1上添加VLAN 40交换机SW3却没有添加,因为再添加VLAN 40前交换机SW1 VTP已添加密码。而在交换机SW3上配上密码,即可自动学习得VLAN 40。由此可见:若给VTP配置密码,那么本域内的所有交换机都必须拥有密码才能相互同步信息。
SW3(config)#no vtp password ciscoClearing device VLAN database password.SW3(config)#vtp password cisc1Setting device VLAN database password to cisc1SW1(config)#vlan 50SW1(config-vlan)#exiSW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 40 VLAN0040 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3(config)#no vtp password cisc1Clearing device VLAN database password.SW3(config)#vtp password ciscoSetting device VLAN database password to cisco
SW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 40 VLAN0040 active 50 VLAN0050 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 050 enet 100050 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
在交换机SW3上VTP使用与SW1不同的密码cisc1,并在交换机SW1上添加VLAN 50,交换机SW3不能学习到,但使用相同的密码cisco,则能学习到。由此可见:若给VTP配置密码,那么本域内的所有交换机不仅要拥有VTP密码而且要必须保持一致才能相互同步信息。
将三台交换机恢复基本配置。SW1(config)#int f0/23SW1(config-if)#no switchport mode trunkSW2(config)#int f0/23SW2(config-if)#no switchport mode trunk
SW1(config)#vtp domain ciscoChanging VTP domain name from NULL to ciscoSW1(config)#exiSW1#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name :VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3AConfiguration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW1(config)#int f0/23SW1(config-if)# switchport mode trunkSW2(config)#int f0/23SW2(config-if)# switchport mode trunk
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
使交换机SW1和SW2相连的接口模式变为默认,则交换机SW2不能学到VTP域名cisco。由此说明:VTP通过Trunk向其它交换机传输信息和接收更新。
SW1(config)#vlan 10SW1(config-vlan)#exiSW1(config)#vlan 20SW1(config-vlan)#exiSW2(config)#vlan 30SW2(config-vlan)#exiSW2(config)#vlan 40SW2(config-vlan)#exi
SW1(config)#int f0/23SW1(config-if)# switchport mode trunkSW2(config)#int f0/23SW2(config-if)# switchport mode trunk
SW1#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/24, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW2#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Gig1/1, Gig1/230 VLAN0030 active 40 VLAN0040 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 030 enet 100030 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW2(config)#vlan 50SW2(config-vlan)#exi
SW2#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Gig1/1, Gig1/210 VLAN0010 active 20 VLAN0020 active 50 VLAN0050 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 050 enet 100050 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
在交换机SW1上添加VLAN 10、VLAN 20,交换机SW2上添加VLAN 30、VLAN 40,交换机SW1和交换机SW2修订版本号相同,而在交换机SW1上添加VLAN 50,修订版本号由2变为3,所以交换机SW2自动学习交换机SW1VLAN配置,而交换机SW2原有的VLAN配置却被清空。由此说明:交换机通过VTP相互学习信息的方式是覆盖式学习的方式。
总结: 在企业网中,配置VLAN工作量大,可以使用VTP协议。VTP通过网络(ISL帧或cisco私有DTP帧)保持VLAN配置统一性。VTP在系统级管理增加,删除,调整的VLAN,自动地将信息向网络中其它的交换机广播。此外,VTP减小了那些可能导致安全问题的配置。便于管理,只要在vtp server做相应设置,vtp client会自动学习vtp server上的vlan信息。
本文出自 “分享技术 分享进步” 博客,谢绝转载!
基本配置SW1SW2
R3
基本配置完成。首先,我们看下一下这个案例。如图:
通常情况下,我们需要在整个园区网或者企业网中的一组的交换机中保持VLAN数据库的同步,以保证所有交换机都能从数据帧中读取相关的VLAN信息进行正确的数据转发,然而对于大型网络来说,可能有成百上千台交换机,而一台交换机上都可能存在几十乃至数百个VLAN,如果仅凭网络工程师手工配置的话是一个非常大的工作量,并且也不利于日后维护――每一次添加修改或删除VLAN都需要在所有的交换机上部署。在这种情况下,我们引入了VTP(VLAN Trunking Protocol)。 VTP即VLAN中继协议,也被称为虚拟局域网干道协议,是思科私有协议。VTP有3种模式:服务器模式(Server);客户机模式(Client);透明模式(Transparent)。 Server模式:提供VTP消息(包括VLAN ID和名字信息); 学习相同域名的VTP消息; 转发相同域名的VTP消息; 可以添加、删除和更改VLAN VLAN信息写入NVRAM。 Client模式:请求VTP消息; 学习相同域名的VTP消息; 转发相同域名的VTP消息; 不可以添加、删除和更改VLAN VLAN信息不会写入NVRAM。 Transparent模式:不提供VTP消息; 不学习VTP消息; 转发VTP消息; 可以添加、删除和更改VLAN,只在本地有效VLAN信息写入NVRAM。 新交换机出厂时的默认配置是预配置为VLAN1,VTP 模式为服务器。 在VTP域中有两个重要的概念: VTP域:也称VLAN管理域,由一个以上共享VTP域名的相互连接的交换机组成的。也就是说VTP域是一组域名相同并通过中继链路相互连接的交换机; VTP通告:在交换机之间用来传递VLAN信息的数据包被称为VTP数据包。 VTP通告包括:汇总通告,子集通告,通告请求。 注意:VTP通过Trunk,VTP Server向其它交换机传输信息和接收更新。若给VTP配置密码,那么本域内的所有交换机的VTP密码必须保持一致。 创建VTP域命令 switch(config)#vtp domain DOMAIN_NAME 配置交换机的VTP模式switch(config)# vtp mode server | client | transparent 配置VTP密码 switch (config) # vtp password PASSWORD 查看VTP配置信息 switch# show vtp status 实验: 假设一个小型公司由总公司和分公司组成,而总公司和分公司里都有生产部和销售部。 需求:为了不让俩不能各个部门相互影响其工作,并能够使总公司和分公司相同部门成员间能相互通信。 解决方案:分别在总公司和分公司的交换机上配置相同的两个VLAN,分别供生产部和销售部使用,而两公司交换机的借口配为trunk模式。
如上图所示,假设总公司、分公司的交换机命名分别为SW1、SW2,公司规定:交换机fa0/1―10为生产部所使用,fa0/11―20为销售部所使用,剩余接口保留。创建VLAN 10和VLAN 20分别为生产部和销售部所使用。生产部各一成员PC1、PC3,销售部各一成员PC2、PC4分别连接于总公司、分公司交换机,如上图。配置如下:SW1(config)#vlan 10SW1(config-vlan)#exiSW1(config)#vlan 20SW1(config-vlan)#exiSW1(config)#int range f0/1 - f0/10SW1(config-if-range)#switchport mode accessSW1(config-if-range)#switchport access vlan 10SW1(config-if-range)#exiSW1(config)#int range f0/11 - f0/20SW1(config-if-range)#switchport mode accessSW1(config-if-range)#switchport access vlan 20SW1(config-if-range)#exiSW1(config)#int f0/24SW1(config-if)#switchport mode trunkSW1(config-if-range)#endSW1#sh vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/1020 VLAN0020 active Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/201002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW2(config)#vlan 10SW2(config-vlan)#exiSW2(config)#vlan 20SW2(config-vlan)#exiSW2(config)#int range f0/1 - f0/10SW2(config-if-range)#switchport mode accessSW2(config-if-range)#switchport access vlan 10SW2(config-if-range)#exiSW2(config)#int range f0/11 - f0/20SW2(config-if-range)#switchport mode accessSW2(config-if-range)#switchport access vlan 20SW2(config-if-range)#exiSW2(config)#int f0/24SW2(config-if)#switchport mode trunkSW1(config-if-range)#endSW2#sh vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/1020 VLAN0020 active Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/201002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
实验结果: PC1或PC3 与PC2或PC4 ping 都不通; PC2 与PC4 ping通; PC1 与PC3 ping通。 有此说明:可通过在交换机上创建VLAN以达到把不同位置的PC划分进同一区域或实现同一区域的逻辑划分。 但同时也存着在问题:如果在大型公司,存在着多个不同的部门和分公司,需要更多的交换机上实现VLAN的划分(可能有成百上千台交换机,而一台交换机上都可能存在几十乃至数百个VLAN),如果仅凭网络工程师手工配置的话是一个非常大的工作量,并且也不利于日后维护――每一次添加修改或删除VLAN都需要在所有的交换机上部署。而现在我们使用VTP只需在一台交换机上配置所有VLAN,其他交换机则会自动学习其交换机的VLAN信息。
SW1#sh vtp status 查看SW1VTP配置信息VTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : Server 默认VTP 模式为服务器VTP Domain Name :VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3AConfiguration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp status 查看SW2VTP配置信息VTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : Server 默认VTP 模式为服务器VTP Domain Name :VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3AConfiguration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vtp status 查看SW3VTP配置信息VTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : Server 默认VTP 模式为服务器VTP Domain Name :VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3AConfiguration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found) 三台交换机在未作任何VTP配置的情况下自启动VTP,通过查看VTP运行状态命令可以看到:VTP默认模式为服务器(Server)
SW1(config)#vtp domain cisco 在SW1上创建名字为ciscoVTP域Changing VTP domain name from NULL to ciscoSW1(config)#exiSW1#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found) 在交换机SW1上创建名字为cisco的VTP,交换机SW2和SW3上无任何操作,但他们将自动学习到VTP域名:cisco。
SW2(config)#vlan 10SW2(config-vlan)#endSW2#sh vtp statusVTP Version : 2Configuration Revision : 1 修订版本号由0变为1Maximum VLANs supported locally : 255Number of existing VLANs : 6 VLAN数由5变为6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x50 0xDF 0x49 0x46 0x91 0xEF 0x8B 0x41Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51Local updater ID is 0.0.0.0 (no valid interface found)
SW1#sh vtp statusVTP Version : 2Configuration Revision : 1 修订版本号由0变为1Maximum VLANs supported locally : 255Number of existing VLANs : 6 VLAN数由5变为6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x50 0xDF 0x49 0x46 0x91 0xEF 0x8B 0x41Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51Local updater ID is 0.0.0.0 (no valid interface found)SW1#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/24, Gig1/1 Gig1/210 VLAN0010 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3#sh vtp statusVTP Version : 2Configuration Revision : 1 修订版本号由0变为1Maximum VLANs supported locally : 255Number of existing VLANs : 6 VLAN数由5变为6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x50 0xDF 0x49 0x46 0x91 0xEF 0x8B 0x41Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51Local updater ID is 0.0.0.0 (no valid interface found)SW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------ 交换机SW2因为添加VLAN 10而修订版本号有1变为2,而交换机SW1和SW3修订版本号都为0 < 1,所以自动学习SW2的VLAN配置,自动添加VLAN 10,并同步VTP信息。由此可以看出:添加VLAN可以使VTP修订版本号增大,且在多台交换机VTP都Server模式时,修订版本号越大信息越新,会被其他修订版本号地的交换机学习。
SW2(config)#vtp mode transparent 把交换机SW2设为透明模式Setting device to VTP TRANSPARENT mode.SW2(config)#vlan 30 在交换机SW2上添加VLAN 30SW2(config-vlan)#exiSW1(config)#vtp mode server 把交换机SW1设为服务器模式Device mode already VTP SERVER.SW1(config)#vlan 20 在交换机SW1上添加VLAN 20SW1(config-vlan)#endSW1#sh vtp statusVTP Version : 2Configuration Revision : 2Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x8A 0xBD 0xC9 0xDB 0xE2 0x59 0x61 0x29Configuration last modified by 0.0.0.0 at 3-1-93 00:12:55Local updater ID is 0.0.0.0 (no valid interface found)SW1#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/24, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : TransparentVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x2F 0x58 0x29 0x9B 0x10 0x9A 0x42 0x41Configuration last modified by 0.0.0.0 at 3-1-93 00:00:51SW2#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Gig1/1, Gig1/210 VLAN0010 active 30 VLAN0030 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 030 enet 100030 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3#sh vtp statusVTP Version : 2Configuration Revision : 2Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x28 0x2B 0x39 0xF0 0xE3 0xCD 0x25 0xC7Configuration last modified by 0.0.0.0 at 3-1-93 00:06:07Local updater ID is 0.0.0.0 (no valid interface found)SW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------ 交换机SW1配置为服务器模式,交换机SW2配置为透明模式,交换机SW3未作任何配置,默认为服务器模式。在交换机SW1上添加VLAN 20修订版本再次有1变为2,使交换机SW3自动学习,与交换机SW1同步信息,添加VLAN 20并同步VTP信息;而交换机SW2不同步VLAN配置,只发送、转发通告,所以既不学习VLAN 20,也不会让交换机SW1和SW3学习到VLAN 30,两者更不会同步VTP信息。由此说明:VTP服务器模式的交换机具有建立、修改和删除VLAN,发送、转发通告,同步VLAN配置作用;VTP透明模式的交换机建立、修改和删除本交换机的VLANs,不同步VLAN配置,但发送、转发通告。
SW3(config)#no vlan 20SW3(config)#exiSW3#sh vtp statusVTP Version : 2Configuration Revision : 3Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xA8 0x0B 0x21 0x34 0x68 0x53 0xE6 0xC1Configuration last modified by 0.0.0.0 at 3-1-93 00:11:35Local updater ID is 0.0.0.0 (no valid interface found)
SW1#sh vtp statusVTP Version : 2Configuration Revision : 3Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xA8 0x0B 0x21 0x34 0x68 0x53 0xE6 0xC1Configuration last modified by 0.0.0.0 at 3-1-93 00:11:35Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : TransparentVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x0F 0xB1 0xAC 0x47 0x23 0xFE 0x0A 0x44Configuration last modified by 0.0.0.0 at 3-1-93 00:04:36
在交换机SW3上删除VLAN 20后,其修订版本号由2变为3,使交换机SW1自动学习,与交换机SW3同步信息,删除VLAN 20,并同步VTP版本号信息。而交换机SW2去无任何变化,只向交换机SW1、SW3间相互发送、转发通告。由此看出,添加、删除VLAN都能使修订版本号增大。
SW3(config)#vtp mode clientSetting device to VTP CLIENT mode.SW3(config)#vlan 20VTP VLAN configuration not allowed when device is in CLIENT mode.SW3#sh vtp statusVTP Version : 2Configuration Revision : 3Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : ClientVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xF3 0xA4 0x91 0xAC 0x45 0xBD 0x9B 0xB8Configuration last modified by 0.0.0.0 at 3-1-93 00:08:00
SW3(config)#no vlan 10VTP VLAN configuration not allowed when device is in CLIENT mode.SW3#sh vtp statusVTP Version : 2Configuration Revision : 3Maximum VLANs supported locally : 255Number of existing VLANs : 6VTP Operating Mode : ClientVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xF3 0xA4 0x91 0xAC 0x45 0xBD 0x9B 0xB8Configuration last modified by 0.0.0.0 at 3-1-93 00:08:00
SW1(config)#vlan 20SW1(config-vlan)#endSW1#sh vtp statusVTP Version : 2Configuration Revision : 4Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xF2 0x09 0x72 0xEF 0x3B 0x8B 0x28 0x57Configuration last modified by 0.0.0.0 at 3-1-93 00:11:10Local updater ID is 0.0.0.0 (no valid interface found)
SW3#sh vtp statusVTP Version : 2Configuration Revision : 4Maximum VLANs supported locally : 255Number of existing VLANs : 7VTP Operating Mode : ClientVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xF2 0x09 0x72 0xEF 0x3B 0x8B 0x28 0x57Configuration last modified by 0.0.0.0 at 3-1-93 00:11:10
SW3#sh vlanVLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
把交换机SW3配置为客户机模式,然后在交换机上添加VLAN 20,弹出信息:VTP VLAN configuration not allowed when device is in CLIENT mode. (在VTP客户机模式下不能添加VLAN配置);接着在交换机上删除VLAN 10,弹出信息:VTP VLAN configuration not allowed when device is in CLIENT mode. (在VTP客户机模式下不能删除VLAN配置) 在交换机SW1上添加VLAN 20,其修订版本号由3变为4,交换机SW3自动学习,添加VLAN 20并同步VTP信息。由此说明:VTP客户机模式的交换机不建立、修改和删除VLAN;发送、转发通告;同步VLAN配置。
SW1(config)#vtp password cisco 给交换机SW1配置VTP密码为ciscoSetting device VLAN database password to ciscoSW1(config)# vlan 40 在交换机SW1上添加VLAN 40SW1(config-vlan)#endSW1#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/24, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 40 VLAN0040 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3(config)#vtp password cisco 给交换机SW1配置VTP密码为ciscoSetting device VLAN database password to ciscoSW3(config)#exiSW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 40 VLAN0040 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
在交换机SW1上添加VLAN 40交换机SW3却没有添加,因为再添加VLAN 40前交换机SW1 VTP已添加密码。而在交换机SW3上配上密码,即可自动学习得VLAN 40。由此可见:若给VTP配置密码,那么本域内的所有交换机都必须拥有密码才能相互同步信息。
SW3(config)#no vtp password ciscoClearing device VLAN database password.SW3(config)#vtp password cisc1Setting device VLAN database password to cisc1SW1(config)#vlan 50SW1(config-vlan)#exiSW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 40 VLAN0040 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW3(config)#no vtp password cisc1Clearing device VLAN database password.SW3(config)#vtp password ciscoSetting device VLAN database password to cisco
SW3#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 40 VLAN0040 active 50 VLAN0050 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 050 enet 100050 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
在交换机SW3上VTP使用与SW1不同的密码cisc1,并在交换机SW1上添加VLAN 50,交换机SW3不能学习到,但使用相同的密码cisco,则能学习到。由此可见:若给VTP配置密码,那么本域内的所有交换机不仅要拥有VTP密码而且要必须保持一致才能相互同步信息。
将三台交换机恢复基本配置。SW1(config)#int f0/23SW1(config-if)#no switchport mode trunkSW2(config)#int f0/23SW2(config-if)#no switchport mode trunk
SW1(config)#vtp domain ciscoChanging VTP domain name from NULL to ciscoSW1(config)#exiSW1#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name :VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3AConfiguration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
SW1(config)#int f0/23SW1(config-if)# switchport mode trunkSW2(config)#int f0/23SW2(config-if)# switchport mode trunk
SW2#sh vtp statusVTP Version : 2Configuration Revision : 0Maximum VLANs supported locally : 255Number of existing VLANs : 5VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xAA 0xB9 0x0C 0xCD 0xD7 0xE8 0xA6 0xE0Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00Local updater ID is 0.0.0.0 (no valid interface found)
使交换机SW1和SW2相连的接口模式变为默认,则交换机SW2不能学到VTP域名cisco。由此说明:VTP通过Trunk向其它交换机传输信息和接收更新。
SW1(config)#vlan 10SW1(config-vlan)#exiSW1(config)#vlan 20SW1(config-vlan)#exiSW2(config)#vlan 30SW2(config-vlan)#exiSW2(config)#vlan 40SW2(config-vlan)#exi
SW1(config)#int f0/23SW1(config-if)# switchport mode trunkSW2(config)#int f0/23SW2(config-if)# switchport mode trunk
SW1#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/24, Gig1/1 Gig1/210 VLAN0010 active 20 VLAN0020 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW2#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Gig1/1, Gig1/230 VLAN0030 active 40 VLAN0040 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 030 enet 100030 1500 - - - - - 0 040 enet 100040 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
SW2(config)#vlan 50SW2(config-vlan)#exi
SW2#sh vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Gig1/1, Gig1/210 VLAN0010 active 20 VLAN0020 active 50 VLAN0050 active 1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 050 enet 100050 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
在交换机SW1上添加VLAN 10、VLAN 20,交换机SW2上添加VLAN 30、VLAN 40,交换机SW1和交换机SW2修订版本号相同,而在交换机SW1上添加VLAN 50,修订版本号由2变为3,所以交换机SW2自动学习交换机SW1VLAN配置,而交换机SW2原有的VLAN配置却被清空。由此说明:交换机通过VTP相互学习信息的方式是覆盖式学习的方式。
总结: 在企业网中,配置VLAN工作量大,可以使用VTP协议。VTP通过网络(ISL帧或cisco私有DTP帧)保持VLAN配置统一性。VTP在系统级管理增加,删除,调整的VLAN,自动地将信息向网络中其它的交换机广播。此外,VTP减小了那些可能导致安全问题的配置。便于管理,只要在vtp server做相应设置,vtp client会自动学习vtp server上的vlan信息。
优点
1.保持配置的一致性;2.提供跨不同介质类型如ATM FDDI和以太网配置虚拟局域网的方法;3.提供跟踪和监视虚拟局域网的方法;4.提供检测加到另一个交换机上的虚拟局域的方法;5.提供从一个交换机在整个管理域中增加虚拟局域网的方法。缺点
1.覆盖式学习,当交换机学习完其他交换机上的VLAN配置后本交换机的VLAN配置也会被清空;2.VTP通过Trunk,VTP Server向其它交换机传输信息和接收更新。若未给VTP配置密码,则所有通过Trunk相连的交换机都会学习到相同的VLAN配置。本文出自 “分享技术 分享进步” 博客,谢绝转载!
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- VTP配置及工作原理(实验)
- 路由器DHCP服务、VTP、SHRP和PVST+生成树的配置实验
- CISCO 配置实验 --VTP
- NA-NP-IE系列实验46:VTP 配置
- CISCO 配置实验 --VTP修剪
- 实验来介绍 DHCP服务器工作原理和配置
- VTP STP的实验配置
- VTP小实验配置,学习参考
- 使用GNS3软件配置VTP、DHCP和单臂路由的详细截图和配置实验
- 实验十三配置VLAN,vtp,及端口安全性.doc
- VTP与三层交换配置实验
- VLAN&VTP实验2:配置VLAN Trunk和VTP域 推荐
- 通过思科模拟器配置多个vlan,dhcp,vtp等综合实验
- 实验6 VTP配置
- CCNA实验一配置STP与VTP
- CCNA之旅-交换机的基本配置-stp、vtp、vlan间通信实验
- LVS之NAT模型配置实验
- 一步一步CCNA之六:交换机vtp配置
- vtp 简单配置
- 实验七 访问列表配置