今天要來說一下VTP的設定
下圖是個企業常見的架構(通常這跟口袋深淺或是規模比較有關係)
CS1 是一台L3的Switch , ES1 、ES2是一台L2的Switch , 老闆說想來切幾個VLAN要求你把VTP建置起來並只能以L3 Switch做為VLAN的新增、刪除...等等的
=================================================================
CS1設定
CS1(config)#vtp domain mmc.local <<建立一個VTP domain
CS1(config)#vtp password 12345 <<密碼 (所有mmc.local domain都要使用相同密碼)
Setting device VLAN database password to 12345
CS1(config)#vtp mode server << Server mode
CS1(config)#vtp version 2 <<使用VTP 版本為 version 2
ES1設定
ES1(config)#vtp domain mmc.local
Changing VTP domain name from NULL to mmc.local
ES1(config)#vtp password 12345
Setting device VLAN database password to 12345
ES1(config)#vtp mode client
Setting device to VTP CLIENT mode.
ES1(config)#vtp version 2
ES2設定
ES2(config)#vtp domain mmc.local
Changing VTP domain name from NULL to mmc.local
ES2(config)#vtp password 12345
Setting device VLAN database password to 12345
ES2(config)#vtp mode client
Setting device to VTP CLIENT mode.
ES2(config)#vtp version 2
你看VTP很簡單吧~但有人說話了...何以見得這樣就可以運作? 問的好
接下來驗證一下....
檢查CS1
CS1(config)#vlan 22 <<創建一個VLAN 名稱為TEST
CS1(config-vlan)#name test
CS1#show vtp status
VTP Version : 2
Configuration Revision : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs : 6 <<ES1、ES2為client mode 都應為相同值
VTP Operating Mode : Server
VTP Domain Name : mmc.local
VTP Pruning Mode : Disabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0xBD 0x2F 0x6C 0xD0 0x59 0x7C 0x2A 0x17
CS1#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
22 test active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
CS1#
CS1#
ES1與ES2檢查方式相同:
ES1#show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : mmc.local
VTP Pruning Mode : Disabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0xB4 0xC6 0xCC 0x3A 0x90 0x77 0x91 0x29
Configuration last modified by 0.0.0.0 at 3-1-93 00:56:35
看看有沒有同步VLAN ....答案是沒有................原因是沒Trunk
CS1(config-if)#exit
CS1(config)#int range gi0/1 - gi0/2
CS1(config-if)#switchport trunk encapsulation dot1q
CS1(config-if)#switchport mode trunk
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to up
完成後再次檢視vlan同步了沒:
ES1#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig1/2
22 test active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
ES1#
這樣完成VTP的設定了~ 幹的好阿小麥克
疑難排解:
=================================================================
1.為什麼執行switchport mode trunk會出現下列這問題?
CS1(config-if)#switchport mode trunk
Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to "trunk"
Ans: 兩邊至少有一邊要先設定802.1Q的協定,才有辦法自動,勤奮點的話兩邊都設定
switchport trunk encapsulation dot1q 後再執行switchport mode trunk
2.設定看起來都很正確但VTP就是沒辦法同步?
Ans:
a. 用 #show vtp status 確定所有的Switch都有設定 (domain、version)
b. 用 #show vtp password 確定兩邊的密碼都是一樣的
c. 用 debug sw-vlan vtp events 與 debug sw-vlan vtp events packets 來看錯誤資訊
=================================================================
當然, 如果您有更好的方法,也請與我交流.....因為我只是菜鳥一個
太有用了 大謝
回覆刪除別客氣,有幫上忙就好XD
刪除作者已經移除這則留言。
回覆刪除extrepZnapht_to2001 Rashid Fogg https://wakelet.com/wake/njClN7F7Mgxy75-u8xfOD
回覆刪除idhotavin