Vlan administration: MVRP, GVRP, Cisco VTP

Currently studying Huawei, I came across Garp Vlan Registration Protocol (GVRP) as a mean to do Vlan administration and pruning. Having no prior experience with it, I run a quick investigation.

Cisco VTP is the proprietary counterpart of GVRP, but not all features have direct match: VTP appears to be richer and more mature.

  • First thing to note is that GARP has become a legacy standard in 2007 once Multiple Registration Protocol (MRP) has replaced it.  And together with that, GVRP was replaced by Multiple Vlan Registration Protocol (MVRP).
  • Second thing to note: Huawei eNSP lab reveals that MVRP is not supported by either S3700 or S5700 models, software v5.1. Search on internet displays no evidence on MVRP support by Huawei.

Quick conclusion (which requires further confirmation): Huawei wasn’t quick enough to add support of MRP since 2007, and there are number of things where GARP/GVRP aren’t ideal. Among them is convergency, bandwidth consumption and security. Huawei courses are still teaching legacy stuff.

What about the others?

Cisco does support MVRP (link here), as well as Juniper (link here), but I suspect on particular models only.

To my surprise even the extensive search on internet did not reveal many details on MVRP operation. So some aspects like security or exact interaction with Spanning Tree protocol remain to be explored.

Interoperability

Cisco VTP and MVRP can co-exist on a Cisco switch, with the following in mind:

  • VTP pruning and MVRP are mutually exclusive. When both MVRP and VTP pruning are enabled on the device, VTP pruning will be disabled on the dot1q trunks.
  • MVRP dynamic VLAN creation feature is disallowed if the device is running in VTP server or client mode. It has to be in VTP transparent mode.
  • With MVRP, Spanning Tree Protocol must run in one of three modes: MST, PVST, Rapid PVST.

Side notes

On Cisco switch, VTP version 1 is still the default mode while VTP version 3 is the latest incarnation with noticeable changes in functionality (link here and  there).

I also noticed the large amount of posts on internet say that VTP and similar protocols are evil, especially in the data centres, as the whole Vlan database can be incidentally wiped out by some junior engineer placing new top-of-the-rack switch. Well, to me it does not appear to be a problem of VTP, but rather of qualification and the level of discipline that the organization has. Protocols just do what we tell them to do.


Alex Mavrin, CCIE #7846

Visit http://www.apteriks.com and use FREE ONLINE tools for network professionals.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: