Skip to main content

Configuring and Verifying VTP v2

 Configuring and Verifying VTP v2

Configuring VTP

Verifying the topology

Before you start configuring VLAN Trunking Protocol on Cisco switches, it is very important to first verify that all inter-switch links are trunks. Especially in lab/test environments, engineers often spent time troubleshooting VTP issues and in the end, it turns out that the problem is not with the VTP but with the Interswitch links.


IMPORTANT TO REMEMBER VTP messages are sent and received on trunk links only.


In this configuration example, we will use the topology shown in Figure 1. Before we start configuring the VTP, let's verify the trunks and how many VLANs are configured.





The easiest way to verify this by checking Switch 2, because it has links to all other switches.



SW2#sh interfaces trunk Port Mode Encapsulation Status Native vlan Fa0/1 desirable n-802.1q trunking 1 Fa0/2 desirable n-802.1q trunking 1 Fa0/3 desirable n-802.1q trunking 1 Port Vlans allowed on trunk Fa0/1 1-1005 Fa0/2 1-1005 Fa0/3 1-1005 Port Vlans allowed and active in management domain Fa0/1 1 Fa0/2 1 Fa0/3 1 Port Vlans in spanning tree forwarding state and not pruned Fa0/1 1 Fa0/2 1 Fa0/3 1 SW2# sh vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7 Fa0/8, Fa0/9, Fa0/10, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/23 Fa0/24, Gig0/1, Gig0/2 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active



As you can see, SW2 has only the default VLANs and all inter-switch links are trunks. 

VTP Domain Name

When setting up VTP for the first time, we always start with the domain name. All switches in the topology must be in the same domain. There are two ways to configure this. First more explicit way is to manually configure the name on each switch. The other one is to configure the name only on the VTP server switch and it will advertise it to the others.


SW1#conf t Enter configuration commands, one per line. End with CNTL/Z. SW1(config)#vtp domain ? WORD The ascii name for the VTP administrative domain. SW1(config)#vtp domain CISCO Changing VTP domain name from NULL to CISCO SW1(config)#end SW1# %SYS-5-CONFIG_I: Configured from console by console SW1#show vtp status VTP Version capable : 1 to 2 VTP version running : 2 VTP Domain Name : CISCO VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 0001.43A9.0200 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 0.0.0.0 (no valid interface found) Feature VLAN : -------------- VTP Operating Mode : Server Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 Configuration Revision : 0 MD5 digest : 0x1A 0xFC 0x64 0xDA 0x8E 0xA1 0x8A 0x3B  

0x47 0x97 0x87 0xB1 0x8B 0x59 0xE9 0x52



VTP Password

There is no need to explain what the VTP password does. It is set to protect the VTP domain from rouge switches. Let's configure a password on SW1.


SW1#conf t Enter configuration commands, one per line. End with CNTL/Z. SW1(config)#vtp password ? WORD The ascii password for the VTP administrative domain. SW1(config)#vtp password cisco Setting device VLAN database password to cisco SW1(config)#end SW1# %SYS-5-CONFIG_I: Configured from console by console SW1#show vtp status VTP Version capable : 1 to 2 VTP version running : 2 VTP Domain Name : CISCO VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 0001.43A9.0200 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 0.0.0.0 (no valid interface found) Feature VLAN : -------------- VTP Operating Mode : Server Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 Configuration Revision : 0 MD5 digest : 0x68 0xDE 0x27 0x00 0xEB 0x43 0x67 0x3F 0x47 0xB4 0xB4 0x18 0x7F 0x7C 0xF5 0x81 SW1#show vtp password  

VTP Password: cisco


You can see that the password is stored and shown in cleartext. 



Labels:

Comments

Post a Comment

Popular posts from this blog

Rectangular Microstrip Patch Antenna

Microstrip is a type of electrical transmission line which can be fabricated using printed circuit board technology, and is used to convey microwave-frequency signals. It consists of a conducting strip separated from a ground plane by a dielectric layer known as the substrate. The most commonly employed microstrip antenna is a rectangular patch which looks like a truncated  microstrip  transmission line. It is approximately of one-half wavelength long. When air is used as the dielectric substrate, the length of the rectangular microstrip antenna is approximately one-half of a free-space  wavelength . As the antenna is loaded with a dielectric as its substrate, the length of the antenna decreases as the relative  dielectric constant  of the substrate increases. The resonant length of the antenna is slightly shorter because of the extended electric "fringing fields" which increase the electrical length of the antenna slightly. An early model of the microst...
Read more

Prepare Data for Exploration : weekly challenge 1

Prepare Data for Exploration : weekly challenge 1 #coursera #exploration #weekly #challenge 1 #cybersecurity #coursera #quiz #solution #network Are you prepared to increase your data exploration abilities? The goal of Coursera's Week 1 challenge, "Prepare Data for Exploration," is to provide you the skills and resources you need to turn unprocessed data into insightful information. With the knowledge you'll gain from this course, you can ensure that your data is organised, clean, and ready for analysis. Data preparation is one of the most important processes in any data analysis effort. Inaccurate results and flawed conclusions might emerge from poorly prepared data. You may prepare your data for exploration with Coursera's Weekly Challenge 1. You'll discover industry best practises and insider advice. #answers #questions #flashcard 1 . Question 1 What is the most likely reason that a data analyst would use historical data instead of gathering new data? 1 / 1...
Post a Comment
Read more

Cracking Passwords Using John the Ripper: A Complete Step-by-Step Guide

Cracking Passwords Using John the Ripper: A Complete Step-by-Step Guide In today's post, we’re diving into a practical lab exercise that shows how to use John the Ripper, one of the most effective password-cracking tools in cybersecurity. Whether you're an IT professional or a cybersecurity student, mastering John the Ripper will help you understand password vulnerabilities and enhance your penetration testing skills. Lab Objective: The goal of this lab is to crack the root password on a Linux system (Support) and extract the password from a password-protected ZIP file (located on IT-Laptop). Both tasks are performed using John the Ripper. Steps to Crack the Root Password on Support: Open the Terminal on the Support system. Change directories to /usr/share/john . List the files and open password.lst to view common password guesses. Use John the Ripper to crack the root password by running john /etc/shadow . Once cracked, the password is stored in the john.pot file for future u...
Post a Comment
Read more