ccie.nyquist.eu
Search…
Table of Contents
Layer 2 Technologies
Ethernet Switching
802.1d – STP
802.1w – RSTP
802.1s – MSTP
VTP 101
Private VLANs
VLANs
EtherChannel 101
Layer 2 WAN Protocols
IPv4
IPv4 Addressing
IPv4 Routing
IPv6
IPv6-101
IPv6 Routing
Interconnecting IPv6 and IPv4
MPLS
MPLS 101
MPLS L3 VPN
Multicast
Multicast 101
PIM 101
IGMP 101
Inter Domain Multicast
IPv6 Multicast
Multicast features on switches
Security
NAT 101
NAT for Overlapping Networks
ACLs 101
ACLs 102
Cisco IOS Firewall
Zone Based Firewall
AAA 101
Controlling CLI Access
Control Plane
Switch Security
IPSec VPN 101
DMVPN 101
Network Services
NTP 101
HTTP 101
File Transfer 101 – TFTP & FTP
WCCP 101
QoS
QoS 101
Classification and Marking
Congestion Management
Congestion Avoidance – WRED
Policing and Shaping
Compression and LFI
Frame Relay QoS
RSVP 101
Switching QoS
Network Optimization
NetFlow 101 – TNF – Traditional NetFlow
NetFlow 102 – FNF – Flexible NetFlow
IP SLA 101
IP Accounting 101
Logging 101
SNMP and RMON 101
Cisco CLI Tips and Tricks
AutoInstall
Enhanced Object Tracking
Powered By GitBook
VTP 101

How it works

VTP (VLAN Trunking Protocol) is used to advertise VLAN information between connected switches in a network. VTP messages are sent only on trunk ports. VTP advertises the VLAN_ID, VLAN_NAME, VLAN_TYPE and VLAN_STATE information for each VLAN. VTP doesn’t send any information regarding port assignment to VLANs.
There are 3 modes VTP can run in: server, client and transparent. Switches running in client mode can’t make changes to the VLAN information and only changes on switches in server mode are advertised to the other switches.

VTP version 1 and 2

Changes on VTP servers result in the VTP revision number being incremented and the propagation of new VLAN information in VTP messages. Upon receiving the message, a VTP server or client verifies the received revision number against it’s stored revision number and if the received one is higher, will save the new information in the vlan.dat file.

Improvements in VTP version 3

Due to numerous issues that can occur if there are multiple VTP servers that can change the configuration in a domain, VPTv3 introduces the concept of Primary VTP Server, which is the only switch that can perform changes to the VLAN information (together with the transparent switches, but they are independent). All other VTP servers actually work like clients, the difference being that they can be promoted to a Primary Serer role. To make things safer, switches will only accept VTP changes from the primary server they know and will ignore changes if another primary server comes up, even if its updates have a higher revision number.

VTP Versions

1
Sw(config)# vtp version {1|2|3}
2
!Default: 1
Copied!

Version 1

  • supports only Normal Range VLANs: 1-1005
  • In transparent mode, it forwards only version 1 advertisements received on trunk links if VTP domain is NULL or if it matches the domain in the message

Version 2

  • supports only Normal Range VLANs: 1-1005
  • In transparent mode, it forwards any VTP advertisements received on trunk links if VTP domain is NULL or if it matches the domain in the message

Version 3

  • Supports Normal and Extended Range VLANs (1-4094), including Private VLANs, but is only available starting with IOS 12.2.(52)SE.
  • In transparent mode, it forwards VTP advertisements received on trunk links if VTP domain is NULL or if it matches the domain in the message
  • Passwords are not shown in clear text anymore.
  • Supports an OFF mode where VTP is disabled (per switch, or per interface) and received VTP messages are dropped:
    1
    Sw(config-if)# no vtp
    Copied!
  • Server role changed to support a single primary VTP server and several secondary VTP servers. Only the primary server can change the VLAN information, and only one can exist at one time. VTP primary server role is requested through an EXEC command
  • Backwards compatibile to VTPv1 and v2 by falling back to the detected version on each port
  • VTPv3 is a generalized protocol to exchange database information to other switches, so it is able to distribute MST region configurations as well

VTP Mode

To set the vtp mode, use:
1
Sw(config)# vtp mode {client|server|transparent|off}
2
! Default: server
3
! off is only available in VTPv3
Copied!
To see the mode, use:
1
Sw# show vtp status
Copied!

Server

  • It can create, modify and delete VLANs
  • It sends and receives VLAN configuration in VTP advertisements, over trunk links.
  • It will accept configuration changes from other VTP Servers
In version 3, to make a VTP server primary, use:
1
Sw# vtp primary
Copied!

Client

  • It cannot create, modify and delete VLANs
  • It sends and receives VLAN configuration in VTP advertisements, over trunk links.
  • It will accept configuration changes from other VTP Servers

Transparent

  • It can create, modify and delete VLANs, but they have local significance
  • Forwards VLAN configuration in VTP advertisements, over trunk links, as long as the messages are for the same domain as the switch, or if the switch hasn’t been configured with a domain name (domain=NULL).
  • It will not accept configuration changes from other VTP Servers

Domain

To accept VTP advertisements, switches must be in the same VTP Domain. By default, a switch is set up as a VTP Server, but with a NULL domain name and it will act like a transparent VTP switch. If the VTP Domain is NULL, the switch will set its VTP domain to the first Domain that it sees in a VTP advertisement. You can manually set the domain with:
1
Sw(config)# vtp domain VTP-DOMAIN
Copied!

Passwords

For each VTP domain, a VTP password can be set in order to authenticate VTP advertisements.
1
Sw(config)# vtp password VTP-PASS [hidden]
2
! hidden is only available for VTPv3
Copied!
To see the password used:
1
Sw(config)# show vtp password
2
!It will show either plain text or the encrypted password, depending on how it was configured
Copied!

VTP Pruning

Pruning prevents VLANs from being carried over trunks where they are not needed. Pruning can be enabled only on one VTP server
1
Sw(config)# vtp pruning
Copied!
VTP Pruning can only prune a list of pruning-eligible VLANs that are configured per interface:
1
Sw(config-if)# switchport trunk pruning vlan {add VLAN-LIST|remove VLAN-LIST|except VLAN-LIST|none}
Copied!
Previous
802.1s – MSTP
Next
Private VLANs
Last modified 6mo ago
Copy link
Contents
How it works
VTP version 1 and 2
Improvements in VTP version 3
VTP Versions
Version 1
Version 2
Version 3
VTP Mode
Server
Client
Transparent
Domain
Passwords
VTP Pruning