From Inetpro
Jump to: navigation, search

OK, so my articles tend to focus on the architecture of products.

These are cobbled together here and there from Networkers, experience, Cisco docs and general hear-say. If you can contribute to these articles, please feel free to go ahead. I'd appreciate it if you change any of the technical information on products to notify me so I can learn from it and/or verify.

If you plan on making your own pages on product, please use the {{architectural}} tag to mark it as such. For example:

Icon tools.png This page or section contains architectural information
Please note that this page or section contains information on the architecture of a product or software and may be inaccurate, confidential or unsupported by the vendor. Any stated capabilities or future roadmap information may be dependent on software and hardware modules.

Please do not submit items under NDA to the wiki, it causes legal issues. However, roadmap items that are relatively public should be marked with {{roadmap}}. For example:

Icon clock.png This page or section contains roadmap or future development information
Please note that this page or section contains roadmap or future development information. Information of this nature is subject to change and may be confidential and unsupported by the vendor or publisher.

See the Page Guidelines for more information.

1) A CatOS access switch fails and is scheduled to be replaced by the network team.

2) The network team grabs a replacement switch off the shelf and is configured with the IP address, default gateway, SNMP strings and VTP domain name of the failed switch. In addition the switch was configured as a VTP Server <-- mistake. At this point the switch has a very low revision number.

3) The failed switch is removed and the replacement switch is put in its place. Once the new switch connects to the network it downloads the VTP configuration and syncs up its configuration revision. At this point everything is fine.

4) To restore exact configuration of the previously failed switch a Ciscoworks configuration restore job is launched. The Ciscoworks server does a stare and compare of the last archived config and starts configuring the switch.

5) In the process of configuring the switch the Ciscoworks server deletes all VLANs execpt the ones needed by the switch (as was called for in the config file). Since the switch is still a VTP Server it starts deleting the VLANs across the campus. Network connectivity on the MGMT vlan was lost to the switch before Ciscoworks could set the VTP mode back to Client or make any further configurations.

The customer had to manually recreate each VLAN at the intended VTP servers to restore the network.

This is an unfortunate reminder that VTP really is a risky thing that that should be turned off everywhere.