Well all my VTP stories end in tears. Most STP stories tend to end there too. Sigh...oh! well if it works it works right?:-) Sent from my iPad On 27 Feb 2012, at 12:46, jim ndegwa <ndegwajim@yahoo.com> wrote:
my experience with vtp on a large govt deployment was excellent (lots of access switches and two 6509 Core). Proper documentation does help of course. Challenge is that we techies dislike write-ups after project completion
From: Mark Tinka <mtinka@globaltransit.net> To: eanog@lists.my.co.ke Cc: John Gitau <jgitau@gmail.com>; jim ndegwa <ndegwajim@yahoo.com>; SkunkworksMailing List <skunkworks@lists.my.co.ke> Sent: Monday, February 27, 2012 11:34 AM Subject: Re: [EANOG] [Skunkworks] STP convergence & MST
On Monday, February 27, 2012 03:51:15 PM John Gitau wrote:
-Disable vtp. Prune manually. 60 is not a large number. Just for comparison for one segment of our network we have well over 7000 Vlans and yes stp/vtp are disabled. We planned it that way.
Sage advice.
VTP is evil.
-Even if you choose to go L3 end to end. I wouldn't advocate for a total stp shutdown as has been advised unless you are very sure no one can attach a random switch or other bpdu generating device. You can start planning the transition though.
If STP is mainly used core-facing, I'd suggest disabling it there, for those who are running an IP/MPLS Access and Aggregation network.
Of course, continuining to have STP and/or BPDU filtering on customer-facing ports is highly advised.
We block Edge ports that receive BPDU's, and we've been happy. Pain of one customer is better than pain of many :-).
Mark.