迷彩 潜伏 隐蔽 伪装
分类:
2012-07-12 21:00:22
原文地址:Cisco VTP 设置 作者:wfeng
问:
不是同一个域的交换机不会同步?
SW1(config)#int f0/15
SW1(config-if)#no sh
SW1(config-if)#switchport trunk encapsulation dot1q
SW1(config-if)#switchport mode trunk
SW1(config-if)#
*Mar 1 00:04:55.047: %DTP-5-TRUNKPORTON: Port Fa0/15 has become dot1q trunk
SW1(config-if)#exit
SW1(config)#exit
SW1#sh int f0/15 trunk-----------------查看是否配置成TRUNK
Port Mode Encapsulation Status Native
Fa0/15 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/15 1-1005
Port Vlans allowed and active in management domain
Fa0/15 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/15 1
SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1#vlan database
SW1(vlan)#vtp ?
client Set device client mode.
domain Set the name of the VTP administrative domain.
password Set the password for the VTP administrative domain.
pruning Set the administrative domain to permit pruning.
server Set the device to server mode.
transparent Set the device to transparent mode.
v2-mode Set the administrative domain to V2 mode.
SW1(vlan)#vtp server--------------配置VTP的3种模式,有的在全局模式下配置,这个与IOS版本有关
Device mode already VTP SERVER.
SW1(vlan)#vtp domain test-------指定域名
Changing VTP domain name from NULL to test
SW1(vlan)#vtp password cisco
Setting device VLAN database password to cisco.
SW1(vlan)#vlan 2
VLAN 2 added:
Name: VLAN0002
SW1(vlan)#vlan 3
VLAN 3 added:
Name: VLAN0003
SW1(vlan)#exit
APPLY completed.
Exiting....
SW1#
SW1#sh vtp status ----------查看VTP信息
VTP Version : 2-----支持VTP2版本
Configuration Revision : 1--------修订号?更新号?
Maximum VLANs supported locally : 256
Number of existing VLANs : 7------VLAN的数量
VTP Operating Mode : Server
VTP Domain Name : test
VTP Pruning Mode : Disabled----修剪
VTP V2 Mode : Disabled-----VTP版本2没有使用,现在是版本1
VTP Traps Generation : Disabled
MD5 digest : 0x85 0x35 0x60 0x9F 0xE6 0x4C 0x82 0x85
Configuration last modified by 0.0.0.0 at 3-1-93 19:37:15
Local updater ID is 0.0.0.0 (no valid interface found)
SW1#vlan database
SW1(vlan)#vtp pruning
Pruning switched ON
SW1(vlan)#vtp ?
client Set the device to client mode.
domain Set the name of the VTP administrative domain.
password Set the password for the VTP administrative domain.
pruning Set the administrative domain to permit pruning.
server Set the device to server mode.
transparent Set the device to transparent mode.
v2-mode Set the administrative domain to V2 mode.
SW1(vlan)#vtp v2-mode --------启用版本2
V2 mode enabled.
SW1(vlan)#exit
APPLY completed.
Exiting....
SW1#sh vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 256
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : test
VTP Pruning Mode : Enabled--------一般要启用修剪
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0xF5 0x51 0xE4 0xBC 0x1E 0x89 0xC4 0x28
Configuration last modified by 0.0.0.0 at 3-1-93 19:59:24
Local updater ID is 0.0.0.0 (no valid interface found)
SW1#
---------------------------------------------
SW2(config)#int f0/15
SW2(config-if)#no sh
SW2(config-if)#sw
*Mar 1 01:22:30.359: %LINK-3-UPDOWN: Interface FastEthernet0/15, changed state to up
*Mar 1 01:22:31.359: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/15, changed state to up
SW2(config-if)#switchport trunk encapsulation dot1q
SW2(config-if)#switchport mode trunk
SW2#sh int f0/15 trunk----------查看TRUNK是否已经配置好
Port Mode Encapsulation Status Native vlan
Fa0/15 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/15 1-1005
Port Vlans allowed and active in management domain
Fa0/15 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/15 1
SW2#vlan database
SW2(vlan)#vtp client
Setting device to VTP CLIENT mode.
SW2(vlan)#vtp domain test
Domain name already set to test .
SW2(vlan)#vtp password cisco
Setting device VLAN database password to cisco.
SW2(vlan)#exit
In CLIENT state, no apply attempted.
Exiting....
SW2#sh vlan-switch --------------当SW1建立 VLAN2 和 VLAN3 时查看,表明在CLIENT模式下:可以与服务模式进行同步
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/0, Fa0/1, Fa0/2, Fa0/3
Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14
2 VLAN0002 active
3 VLAN0003 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
2 enet 100002 1500 - - - - - 0 0
3 enet 100003 1500 - - - - - 0 0
1002 fddi 101002 1500 - 0 - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
SW2#
----------------------------------------------
SW3(config)#int f0/1
SW3(config-if)#no sh
SW3(config-if)#switchport trunk en dot1q
SW3(config-if)#switchport mode trunk
SW3(config)#int f0/2
SW3(config-if)#no sh
SW3(config-if)#switchport trunk encapsulation dot1q
SW3(config-if)#switchport mode trunk
SW3(config-if)#
SW3#sh interfaces f0/1 trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-1005
Port Vlans allowed and active in management domain
Fa0/1 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1
SW3#sh int f0/2 trunk
Port Mode Encapsulation Status Native vlan
Fa0/2 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/2 1-1005
Port Vlans allowed and active in management domain
Fa0/2 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/2 1
SW3#vlan database
SW3(vlan)#vtp transparent ---------配置成透明模式
Setting device to VTP TRANSPARENT mode.
SW3(vlan)#vtp domain test
Domain name already set to test .
SW3(vlan)#vtp password cisco-----------------安全,防止不明身份交换机进入到TEST域中
Setting device VLAN database password to cisco.
SW3(vlan)#exit
APPLY completed.
Exiting....
SW3#sh vlan-switch
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/0, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
1002 fddi 101002 1500 - 0 - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0
SW3#
