CCIE Pursuit Blog

January 17, 2008

Cisco’s Official Response Concerning Dynamips

Filed under: Cisco,Cisco Certification,Dynamips,Home Lab,IOS — cciepursuit @ 3:40 pm
Tags: , , , ,

I was reading this post at Brad Reese’s blog about installing Dynamips.  It has a link to the Internetwork Expert Dynamips COD.  It also has a picture of one of the Brians (McGahan – at Networkers?). 

The bit that caught my interest was this post concerning the official Cisco (non)response concerning Dynamips.  It seems that CertGuard believes that Dynamips may be in violation of Cisco’s IOS copyright and licensing agreement.  Cisco’s response:

As a matter of policy, Cisco will not comment on a specific customer or organization’s use of Cisco software.

That said, it is accurate that according to Cisco’s standard software licensing terms, users may only run Cisco software on the Cisco hardware for which the user pays the appropriate fees.

We have also heard from customers that emulation/simulation tools are of value to them and we are exploring different ways on how to continue to help customers best design and test network configurations prior to deployment of their networks.

Dynamips does not include IOS images so I don’t think that they really need to worry about Cisco turning the Eye of Sauron on them.  I don’t think that anyone is looking to throw Dynamips on a PC and using that to replace the 2800 routers in their network.  For Cisco, Dynamips is a boon.  It is allowing more certification candidates to get hands-on (emulated) experience with their products.  The only (extremely slight) downside to their business is the (very few) certification candidates that will be using Dynamips instead of buying new Cisco gear.  Most of that market was being served by eBay and used equipment vendors anyway.  Plus, Dynamips is absolutely free so there’s no one getting rich on the backs of Cisco.  That said, it does look like Dynamips users – by obtaining and running Cisco IOS images in Dynamips – ARE in violation of software licensing agreement.  But, considering the effect of this practice on Cisco, I don’t expect Cisco to do anything.

In the end, CertGuard’s point is interesting (and likely true) but I can’t see any harm that Dynamips does to Cisco, while I can see plenty of upside for Cisco from Dynamips.

****Update****

While Cisco is probably not affected by Dynamips “market”, vendors who currently offer simulators for the Cisco certification markets ARE going to be affected. 

January 15, 2008

6200networks.com: WAN Emulation Toolkit

Filed under: Cisco,Cisco Certification,Home Lab — cciepursuit @ 7:14 pm

How cool is this? (hat tip: Cisco IOS hints and tricks blog):

NIST Net is a network emulation package that runs on Linux. The NIST Net network emulator is a general-purpose tool for emulating performance dynamics in IP networks. The tool is designed to allow controlled, reproducible experiments with network performance-sensitive/adaptive applications and control protocols in a simple laboratory setting. By operating at the IP level, NIST Net can emulate the critical end-to-end performance characteristics imposed by various wide area network situations (e.g., congestion loss) or by various underlying subnet technologies (e.g., asymmetric bandwidth situations of xDSL and cable modems).

Once NIST Net has completed starting up, you see a menu from which you can launch the emulation tool with different network settings: Please select a preset from the following options:
————————————————–
1: 40ms round-trip delay, T1 bandwidth, 0.5% packet loss
2: 60ms round-trip delay, T1 bandwidth, 0.5% packet loss
3: 80ms round-trip delay, T1 bandwidth, 0.5% packet loss
4: 100ms round-trip delay, T1 bandwidth, 0.5% packet loss
5: 120ms round-trip delay, T1 bandwidth, 0.5% packet loss
6: 160ms round-trip delay, T1 bandwidth, 0.5% packet loss 
7: Custom Settings
8: Stop WAN Emulation
9: Exit 

BTW…if your wanting the NistNET .iso you can download it and other industry tools from CCO (login required) @ the following location:http://www.cisco.com/cgi-bin/tablebuild.pl/fe_util

—Read the rest here—

January 11, 2008

Dynamips With GNS (Graphical Network Simulator)

Here’s an interesting article about Dynamips.  It’s pretty basic, but there is a nice overview of GNS3 (Graphical Network Simulator).  GNS3 looks like a very nice tool for designing networks with Dynamips.  I find it very easy just to edit the .net files, but this tool looks very promising for users that are new to Dynamips (provided that it is not buggy).  I may give it a test run just to see if I can export the graphical representations (beats making them in Visio).

November 26, 2007

More Memory Makes Dynamips Happy

I finally dropped a gig stick of RAM in my laptop (it was at 512 megs) and fired up Dynamips.  What a difference!!!  I’m able to run more device instances and they run much faster.  I’m going to swap out the 512 meg stick for another gig stick this weekend.  Since I’ll be doing a lot of technology specific labs this week, I’ll probably be doing most of them in Dynamips.

November 5, 2007

Internetwork Expert Volume III Lab 01: A Drive-by

After wasting most of my weekend adding backbone routers to my existing lab, I decided that I wanted to crack open lab 1 of the Internetwork Expert Volume III lab book.  These are 4-hour mini-labs that concentrate solely on “core tasks” such as switching, IGP, EGP, WAN technologies, and troubleshooting.  Here is IE’s description:

The following scenario is a practice lab exam designed to help you develop your speed and accuracy at configuring Cisco networking devices.  Specifically, this scenario is designed to assist you in your preparation for Cisco Systems’ CCIE Routing and Switching Lab exam.  The goal of this scenario is to configure and verify complete layer 2 and layer 3 reachability as quickly as possible while minimizing the usage of Cisco’s documentation or the context sensitive help.  Ensure to track your time as you progress through each section and compare your results with the specified target time.

I only had a couple of hours left in my study block, so I decided to do the first three sections (troubleshooting, bridging and switching, and WAN technologies) and leave the remaining two sections (IGP and EGP) for another day. 

I did a write erase on all of my lab devices and loaded the provided initial configurations.  I did have to make some minor changes to the provided configurations to match my actual interfaces (replace an e0/0 with an fa0/0 or an s0/0 with an s0/0/0:0 – you get the idea).  The configurations are pretty bareboned, so I got them loaded without any hassle.

Each lab comes with two network maps (one physical and the other with the routing protocol details).  One thing that is not provided is a detailed map of the inter-switch connections.  I know them fairly well and can always turn around and look directly at my stack to verify them, but for this lab I decided to only use the information given to me in the two network maps so it would be similar to the actual CCIE lab environment.  That meant a lot of “show cdp neighbor” statements on the switches to build my own mapping of the inter-switch connections.  IE made this a little more difficult as some of the ports are shut down in the initial configurations.  In order to get an accurate picture of the inter-switch connections, I needed to unshut the interfaces on each switch and then shut them back down again after recording the CDP neighbors.  I’m not sure if this will be necessarily in the actual lab, but it was good practice.

I popped my headphones on and started BT’s “This Binary Universe” (my favorite background music for labbing) on my iPod and dove in.

Troubleshooting

Time alloted: 10 minutes
Time spent: 7 minutes*

I immediately fell on my face.  The first task is troubleshooting.  You are given 10 minutes to find two faults with the initial configurations.  I jumped from device to device and looked for misconfigured IP addresses and ports that were shut down.  There are no routing protocols running in the initial configs, so I figured that this would be a pretty easy task.  I quickly found an interface with an incorrect IP address.  After that I found a number of problems.  There were two layer 3 port-channels that were not built between the switches.  None of the VLANs were configured on the switches so the SVIs were not working.  I had already found more than two issues.  ???

I cracked open the answer key and found out that the bad IP address was one of the errors.  The other error concerned one of the layer 3 port-channels that was not built yet.  I was quite clever and probably would have messed me up, but I had already read the spoiler so it had less of an impact.  I guess that the errors do not necessarily need to be apparent in the initial configurations.  It could be argued that this error could was could be spotted, but you’d need to be a whole lot more observant than I am and I am seriously doubting that the average network engineer would spot it in 10 minutes.  It is something that you would definitely need to fix to complete the lab though!

I marked this up to inexperience with the IE labs and restarted the clock, but added on the time that it took me to diagram the inter-switch topology.  That’s the reason for the asterisk next to my time.  On to the next task!

Bridging and Switching

Time allotted: 40 minutes
Time spent: 27 minutes

This section had four tasks: VLAN assignments, layer 2 Etherchannel, trunking, and layer 3 Etherchannel.  I read the tasks ahead of time and underlined possible pitfalls in each task.  I specifically looked for interdependencies (i.e. a trunking task allowing you to use either dot1q or ISL followed by a later Etherchannel task requiring a native VLAN).  Reading through the tasks I was interested to see that the tasks were pretty specific (needing little to no clarification) and also pretty basic.  I felt pretty good about finishing this section quickly and accurately.

I ran into my first stategy decision early on.  In the first task you are asked to create a number of VLANs (all with names) as well as assign the VLANs to ports on each of the four switches.  It’s pretty obvious that VTP is your friend in this task.  You could configure the VLANs on each switch, but that’s too much time wasted typing and also sets you up to fat-finger something.  The problem is that there are no trunks built between the switches, so VTP is not going to propagate your VLANs to all of the switches until you get them built.  My solution was to configure sw1 as the VTP server and the other three switches as VTP clients (luckily, this was also a specified task, so I could leave them in that state).  I then configured two VLANs on sw1.  Then I jumped out of task 2.1 and directly into tasks 2.2 (layer 2 Etherchannel) and 2.3 (trunking).  Once I had built trunking between the switches and verified that all 3 switches were seeing the 2 VLANs configured on sw1, I would go back to task 2.1 and complete the configuration of the remaining VLANs.

I think that this is a good strategy.  The IE answer guide does not give you strategy tips though.  The answer for task 2.1 shows how to create the VLANs on sw1, assign the VLANs to each port, and set up VTP.  The verification command does show that you should not expect to see the VLANs propagated to switches 2 through 4.  Fair enough.  By reading through the other tasks you can see that trunking will eventually be built so the VLANs should be propagated. 

I did see a couple of errors in the IE answer guide though.  If you were to create all of the VLANs on sw1 and then assign the VLANs to the appropriate switchports on all of the switches, then – because VTP is not working due to no trunking –  the switch would create each VLAN for you.  You’d see something like this:

sw4(config)# interface fa0/15
sw4(config-if)# switchport access vlan 57
% Access VLAN does not exist. Creating vlan 57

The switch would create the VLAN for you, but with a default VLAN name of VLAN0057.  This is not going to match the VLAN name that you’re supposed to use (VLAN_C in this case).  Furthermore, the “show vtp status” verification that the IE answer show for sw2, sw3, and sw4 shows:

Number of existing VLANs           :  5

This will not be the case if you assign the VLANs to the ports on sw2-4.  Even though you won’t have the 12 VLANs configured on sw1 until VTP does its thing, you WILL have 5 + x VLANs; where 5 is the number of default VLANS and x is the number of unique VLANs you assign to the ports.

Finally, since you would have VLANs existing on sw1 with VLAN names and the same VLANs on the other switches with the default VLAN names – what’s going to happen to the VLAN names once VTP does start propagating the VLANs to the client switches?  I’ll lab this when I have access to some switches this weekend.

All of the above is assuming that you haven’t set the VTP mode to “client” on sw2 – 4.  If you did that before assigning the VLANs to the those switches, you would avoid the mess above because the switch would not allow you to configure and VLANs.  Of course, the switch would tell you to piss off if you tried to assign a non-existent VLAN to a port.

Nuff said.  I think that my strategy is the best route.  :-)

In task 2.2 you are asked to configure a two-port port-channel using dot1q trunking and the native default VLAN.  This is easy enough except for two points that are not spelled out for you:

1)  What channel-group number should you use (this layer 2 port-channel is not on the topology map)?
2)  Which port-channel protocol should you use (PAgP, LACP, or on)?

I used channel-group 1 and “on” (“channel-group 1 mode on”).  That’s what IE used for in the answer key as well.  My general rule is to avoid any dynamic protocols unless they are specifically called for.

The “use the default native VLAN” part of the task is a bit of a red herring.  I generally hate tasks like these because you need to know what items are enabled by default.  In this case, it’s pretty easy because dot1q uses the default native VLAN by….well…default.  :-)

The next task (2.3) involved setting up some very simple trunks.  The tasks specify that you use dot1q trunks.  The only thing unclear is whether you should use dynamic trunking.  See “avoid any dynamic protocols unless they are specifically called for” above.  At this point, I had trunking built to across all four switches.  I jumped back to task 2.1 and completed the VLAN configuration and assignment.  I verified that each switch had learned all of the VLANs via VTP. 

The last task was the only one to trip me up a bit.  It involved creating layer 3 Etherchannels.  I knew that you need to configure these in a specific order, but I could not remember the order.  I hit the DOC and pulled up the configuration guide.  I was able to quickly find the document for configuring layer 3 etherchannels.  This is also the step where I would have discovered the second troubleshooting error.  I followed the DOC and had my layer 3 Etherchannels up and running, except that one of the channels (between sw2 and sw3) kept bouncing.  I still don’t know why.  I wrote the configs and reloaded sw2 and sw3.  The problem went away.

One other point about this task.  This was the first “verbiage” issue I came across.  The task asks that you use “all remaining directly connected inter-switch links” for the layer 3 Etherchannels.  The time that I spent drawing the inter-switch topology paid off handsomely in this task.

I was done with the Bridging and Switching section 13 minutes early.  Whoot!!!

WAN Technologies

Time Allotted: 20 minutes
Time Spent: 32 minutes

I need to get my butt to a meeting.  I will finish this post tonight. 

Rack Hell

Want to know what I absolutely hate?  Trying to cobble together a lab.

I decided to finally install the BB routers (backbone routers used to inject routes into the lab) in my home lab.  I had planned on adding a 2600 and using the existing Frame Relay switch (Cisco 2851) and access server (2511) for the 3 BB routers.  I quickly had to chuck the idea of using the 2511 as I don’t have an AUI adapter so I couldn’t use its Ethernet port.  Also – as I would painfully learn later – 14 megs of RAM and 8 megs of flash was not going to allow me to load an IOS image capable of running IPv6.

The good news is that the Frame Relay switch (2851) worked perfectly as BB3 as I had two open Ethernet (gig ports) ports.  I did have to upgrade the IOS to the Advanced Enterprise code.  The 2851 has shitloads of RAM and flash so that was painless as far as upgrades go. 

As I said, my original plan was to use my existing Frame Relay switch (check), my access server (no go), and to use an existing 2620 that I had set up as R7 (I’ve never actually used it).  If everything went right, I would not need to add any more devices to my stack.

The access server was out, so I needed to add at least one more device.  I started tackling the existing 2620.  No luck.  It didn’t have enough memory to run code capable of IPv6 routing protocols.  Internetwork Expert does have a tutorial on how to  boot XM images from a non-XM 2600, but I decided to raid our storeroom and see if I could find a 2651XM instead.

No luck on the 2651XM, but I did find a 2620XM.  Sweet!!!  I was able to load 12.4(10) Advanced Services code.  I pasted in the IE config and everything was going great until I tried to configure BGP.

Oh fucking joy!!!  An hour in and I get this mess:

14:28:00: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x80067BB4, alignment 0
Pool: Processor  Free: 64496  Cause: Not enough free memory
Alternate Pool: None  Free: 0  Cause: No Alternate pool
 -Process= “Exec”, ipl= 0, pid= 3 -Traceback= 0x8114609C 0x80055F1C 0x80058150 0x80058994 0x80067BB8 0x80067784 0x80D967E8 0x8281364C 0x80D97998 0x818B248C 0x818B3B58 0x81186C94 0x81185F70 0x811A5C50 0x802405F8 0x80243CE4
bb1(config-router)# !
14:28:03: %SYS-2-CFORKMEM: Process creation of BGP Open failed (no memory).-Process= “BGP Router”, ipl= 0, pid= 215 -Traceback= 0x8114609C 0x821FAE24 0x82215260 0x80D92EC4 0x802405F8 0x80243CE4

bb1(config-router)#do sh mem
                          Head    Total(b)     Used(b)     Free(b)   Lowest(b)  Largest(b)
Processor   848C91A0    16389232    16388652         580         408         264
      I/O    5700000     9437184     1736328     7700856     7700856     7700828

bb1(config)#do sh ver | i emo
Cisco 2620XM (MPC860P) processor (revision 1.0) with 89088K/9216K bytes of memory.

Great. Back to the drawing board.

There were no more suitable 2600s available (just a few 2620s).  We don’t use those devices except as an occasionally dial up router for out of band management at remote sites.  We do have tons of 2800 routers available, but they are larger, heavier, and louder than the 2600s so I try to avoid them.  Plus they could be used in our actual network, so I run the (unlikely) risk of someone pulling one from my stack for production use.  PLUS, it is hard as hell to find one with the flash card still in the chasis.  That said, I was looking at adding two 2800s to my stack.  Crap.

We have tons of extra 3750 switches (especially the non-PoE ones).  Since BB2 really only needed to have a single Ethernet port, I decided to try using a 3750.  I found an old 12 port non-PoE 3750 and loaded the 12.2(SEE) Advanced Services code.  Voila!  BB2 was up and running and only using one rack unit!  Score one for the home team.

I finally had to capitulate and use a 2800 for BB1.

The 2800 that I grabbed did not have a flash card in it, so I hunted down a flash card and my old buddy rommon greeted me:

rommon 1 > boot
program load complete, entry point: 0x8000f000, size: 0xc5a0

Initializing ATA monitor library…….
program load complete, entry point: 0x8000f000, size: 0xc5a0

Initializing ATA monitor library…….
loadprog: error – Invalid image for platform
e_machine = 134, cpu_type = 135
boot: cannot load “flash:”  <-doh!!!

Booting did not work, I had better give it more precise directions.  Let’s see what IOS versions we have on the flash:

rommon 2 > dir flash:  <-note: the “:” is important.  rommon will note recognize “flash”
program load complete, entry point: 0x8000f000, size: 0xc5a0

Initializing ATA monitor library…….
Directory of flash:

2      21628224  -rw-     c1841-advipservicesk9-mz.123-8.T6.bin
5283    1536      -rw-     sdmconfig-18xx.cfg
5284    3885056   -rw-     sdm.tar
6233    1463      -rw-     home.html
6234    270848    -rw-     home.tar
6301    93095     -rw-     attack-drop.sdf
6324    1187840   -rw-     ips.tar
6614    34165604  -rw-     c2800nm-spservicesk9-mz.124-13b.bin

Let’s try the newer version:

rommon 7 > boot flash:c2800nm-spservicesk9-mz.124-13b.bin
program load complete, entry point: 0x8000f000, size: 0xc5a0

Initializing ATA monitor library…….

program load complete, entry point: 0x8000f000, size: 0x20951c4
Self decompressing the image : #################################################
################################################################################
######################################################## [OK]

Sweet.  I was in.  I did a write erase and added configured “boot system flash:” and used the handy-dandy autocomplete feature to fill in the name of the version that I wanted to boot.  Unfortunately, I didn’t look closely at what IOS had autocompleted [verb?] and I booted to the wrong code:

boot system flash:c2800nm-spservicesk9-mz.124-13b.bin

No problem, I’ll just configure the router to use the correct code:

bb1(config)#boot system flash:c2800nm-adventerprisek9-mz.124-11.T2.bin

I reloaded and then tried to add some IPv6 statements.  The 2800 told me to take my IPv6 and go get bent.

ARGHH!!!! 

I just assumed (NEVER ASSUME!) that there could only be one “boot system [file]” statement per router.  WRONG!!!

bb1(config)#do sh run | i boot
boot-start-marker
boot system flash:c2800nm-spservicesk9-mz.124-13b.bin
boot system flash:c2800nm-adventerprisek9-mz.124-11.T2.bin

That explains why I wasn’t able to run IPv6 after I “updated” the boot file:

bb1(config)#do sh ver | i IOS
Cisco IOS Software, 2800 Software (C2800NM-SPSERVICESK9-M), Version 12.4(13b), RELEASE SOFTWARE (fc3) <-not Advanced Enterprise IOS

Trimming the config down to the correct boot parameter did the trick…but MORE TIME WASTED!!!

I finally did get the BB routers up and configured.  I only ended up adding one additional device to my stack because I was able to use the existing Frame switch and to remove R7 (2620).  I added the 3750 and the 2851.  I now have a stack of 14 devices (17 rack units) on my desk, BUT my lab is now ready for use with Internetwork Expert practices labs.  Of course I also ended up wasting most of the time that I had allotted for labbing this weekend.  I am still going to chalk this time up to lab time even though very little of it was spent doing actual labs.  :-)
 

September 29, 2007

Not On My Game Today

Filed under: Cisco,Cisco Certification,Home Lab,Personal — cciepursuit @ 3:38 pm

Some days I just don’t have “it”.  Today is one of them.  I’ve been making typos galore, adding subnet masks to Frame map statements, redistributing BGP into EIGRP into BGP, etc.  I’ve done 6 hours of labs and completed about half of what I would normally do.  I’m taking the hint and calling it a day.  Hopefully I don’t have a day like this during the actual lab. 

September 26, 2007

Dynamips Blew Up On Me

Filed under: Dynamips,Home Lab — cciepursuit @ 7:07 pm
Tags: , , , ,

It was bound to happen.  I’ve been doing a lot of labs with Dynamips using 4 routers as 1 switch.  Today I started doing some BGP labs that required 5 routers.  Dynamips kept dumping its core (ewww!).  I tried to isolate the issue to a single router instance, but couldn’t do it.  I finally realized that as soon as the IOS loaded on the 6th device (7th if you count the Frame Relay switch) Dynamips would crash.  This is probably due to my laptop.  I only have 512Meg of RAM.  I had planned to drop 2 Gigs in it,  but Dynamips had been chugging along fine up until today.

I dropped the RAM on the Dynamips router instances from 128 to 96.  I was able to get all 6 devices up and working.  Success!!!  Well….until I tried to configure BGP that is:

r1(config)#router bgp 6
r1(config-router)#
*Mar  1 00:42:45.707: %SYS-2-MALLOCFAIL: Memory allocation of 18360 bytes failed from 0x609B8D6C, alignment 0
Pool: Processor  Free: 6300  Cause: Not enough free memory
Alternate Pool: None  Free: 0  Cause: No Alternate pool

-Process= “Exec”, ipl= 0, pid= 3
-Traceback= 0x603F5B88 0x6053CC4C 0x60543434 0x609B8D74 0x60A08938 0x609B9DE0 0x
60798530 0x607999B8 0x60432DB0 0x60450578 0x604F164C 0x604F1630

I finally stripped the switch out of the equation (I just directly connected the couple of routers on Ethernet segments) and bumped the RAM back to 128.  I started each device one by one and then telnetted to it to make sure that it didn’t crash once the IOS was loaded.  I was finally able to get all 5 routers rockin and rollin with BGP and OSPF redistribution.

I put in an order for 2 gigs of RAM shortly after.  :-)

September 25, 2007

VTP: Local updater ID on VTP Transparent Switches

Okay, this is the last post of the VTP Local updater ID trilogy.  I promise.  :-)

Here are the first two posts:

VTP: Which VTP Server Generated The Most Recent Update?

VTP: More On The Local updater ID

This last post concerns the behavior of the Local updater ID on VTP transparent switches.  At first blush, it looks like this feature should not appear on a transparent switch.  If you have a transparent switch, then the updates will always be local, but you can still use the Local updater ID feature:

sw3(config)#do sh vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Transparent
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x13 0x23 0x62 0x16 0x83 0xCD 0x50 0xEC
Configuration last modified by 0.0.0.0 at 9-25-07 09:41:32

Let’s add an IP address and a VLAN to the switch:
sw3(config)#int lo0
sw3(config-if)#ip add 10.0.0.3 255.255.255.255
sw3(config-if)#vlan 666
sw3(config-vlan)#name VLAN_OF_THE_BEAST
sw3(config-vlan)#exit

sw3(config)#do sh vtp statu
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Transparent
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x04 0x4E 0xE9 0xBF 0x79 0x81 0x44 0x8F
Configuration last modified by 10.0.0.3 at 9-25-07 09:41:32

sw3(config)#do sh vlan id 666

VLAN Name                             Status    Ports
—- ——————————– ——— ——————————-
666  VLAN_OF_THE_BEAST                active    Fa0/19, Fa0/20, Fa0/21

Notice that you do not see the “Local updater ID is x.x.x.x” line in the “show vtp status” output when the switch is in transparent mode.  BUT you do see that the switch will record the IP address of the switch that updated the VLAN database (which will always be the local switch when the switch is in VTP transparent mode).  Notice that it follows the same rules (first IP address, lowest vlan ip address, vtp interface, etc) as the client/server switches:

sw3(config-if)#int vlan 666
sw3(config-if)#ip add 6.6.6.3 255.255.255.0
sw3(config-if)#do sh ip int br | e ass
Interface              IP-Address      OK? Method Status                Protocol
Vlan666                6.6.6.3         YES manual up                    up
Loopback0              10.0.0.3        YES manual up                    up
sw3(config-if)#do sh vtp statu
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Transparent
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x04 0x4E 0xE9 0xBF 0x79 0x81 0x44 0x8F
Configuration last modified by 10.0.0.3 at 9-25-07 09:41:32 <-last update used lo0 IP address

Add another VLAN:
sw3(config-if)#vlan 665
sw3(config-vlan)#name VLAN_OF_THE_NEIGHBOR_OF_THE_BEAST
sw3(config-vlan)#exit
sw3(config)#do sh vtp statu
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 7
VTP Operating Mode              : Transparent
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x9A 0x6E 0x3A 0xCB 0x5F 0x43 0xC9 0xF7
Configuration last modified by 6.6.6.3 at 9-25-07 09:41:32 <-now using SWI vlan 665 address

We can also manually set the Local updater ID:
sw3(config)#vtp interface lo0 only
sw3(config)#no vlan 666
sw3(config)#do sh vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Transparent
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x04 0x4E 0xE9 0xBF 0x79 0x81 0x44 0x8F
Configuration last modified by 10.0.0.3 at 9-25-07 09:41:32 <- lo0 IP address (mandatory)

So even though it’s pretty unneeded, you CAN use the Local updater ID with VTP transparent switches.  This is probably due to either some overlooked code in IOS or to be able to maintain Local update ID settings when switching between VTP modes.

VTP: More On The Local updater ID

This post is a follow up to VTP: Which VTP Server Generated The Most Recent Update?  I didn’t want to make that post any longer than it already was.  Here’s some more information about the “Local update ID” in VTP.

If you have multiple IP addresses on your VTP server, the Local updater will use the first IP address found:

sw1(config-if)#do sh ip int br | e ass
Interface              IP-Address      OK? Method Status                Protocol
Loopback0              10.0.0.1        YES manual up                    up
Loopback1              100.100.100.100 YES manual up                    up
Loopback2              220.0.0.100     YES manual up                    up

sw1(config-if)#do sh vtp statu | i Local updater
Local updater ID is 10.0.0.1 on interface Lo0 (first layer3 interface found)

Just for fun, let’s get rid of lo0 and see what IP address it will choose (either lo1 or lo2):

sw1(config-if)#no int lo0
01:47:42: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively down
01:47:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to down
sw1(config)#do sh vtp statu | i Local
Local updater ID is 100.100.100.100 on interface Lo1 (first layer3 interface found)

The Local updater ID will choose the lowest VLAN interface IP address over all IP addresses others:

sw1(config-if)#do sh ip int br | e ass
Interface              IP-Address      OK? Method Status                Protocol
Vlan6                       6.0.0.1         YES manual up                    up
Vlan69                     69.0.0.1        YES manual up                    up
Loopback0              10.0.0.1        YES manual up                    up
Loopback1              100.100.100.100 YES manual up                    up
Loopback2              220.0.0.100     YES manual up                    up

sw1(config-if)#do sh vtp statu | i Local
Local updater ID is 6.0.0.1 on interface Vl6 (lowest numbered VLAN interface found)

If you have multiple IP addresses, you can manually set the Local updater ID:

sw1(config)#do sh ip int br | e ass
Interface              IP-Address      OK? Method Status                Protocol
Vlan6                       6.0.0.1           YES manual up                    up
Vlan69                     69.0.0.1        YES manual up                    up
Loopback0              10.0.0.1        YES manual up                    up
Loopback1              100.100.100.100 YES manual up                    up
Loopback2              220.0.0.100     YES manual up                    up

sw1(config)#vtp ?

  interface  Configure interface as the preferred source for the VTP IP updater address.

sw1(config)#vtp interface ?
  WORD  The name of the interface providing the VTP updater ID for this device. <-word??  really?

sw1(config)#vtp interface lo1 ?
  only  Use only this interface’s IP address as the VTP IP updater address.
  <cr>

sw1(config)#vtp interface lo1
sw1(config)#do sh vtp stat | b Local
Local updater ID is 100.100.100.100 on interface Lo1 (preferred interface)
Preferred interface name is lo1

With “only” keyword:

sw1(config)#vtp interface lo2 only
sw1(config)#do sh vtp stat | b Local
Local updater ID is 220.0.0.100 on interface Lo2 (preferred interface)
Preferred interface name is lo2 (mandatory)

Next Page »

The Rubric Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 113 other followers