VTP explained with Interview Questions

VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol that carries VLAN information to all the switches in a VTP domain.VTP reduces administration in a switched network. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere.The VTP configuration has a revision number which will increase when you make a change. Every time you make a change on the VTP server this
will be synchronized to the VTP clients
Main points to be remembered 
  • ·         VTP adds / modifies / deletes vlans under same domain
  • ·         For every change occur, the revision number will increase.
  • ·         By default all switches are in VTP Server mode
  • ·         VTP Client updates own database and forward updates to other clients
  • ·         VTP Transparent mode dont update own database but forward updates to other clients
  • ·         The latest advertisement will be sent to all VTP clients.
  • ·         VTP clients will synchronize themselves with the latest information.
  • ·         By default, VTP updates are sent out every 300 seconds, or anytime a change to the database occurs. 

VTP Modes
VTP-enabled switches can operate in one of three modes:

Server : Only VTP Servers can create, modify or delete entries in the shared VLAN database. Servers advertise their VLAN database to all other switches on the  network, including other VTP servers. This is the default mode for Cisco Catalyst switches. VTP servers can only advertise VLANs 1 - 1005.

• Client : VTP Clients cannot make modifications to the VLAN database.VTP client updates VTP information having higher revision number in its own database and forward update to other VTP clients
                       
Transparent : VTP Transparent will forward advertisements but will not synchronize itself. You can create vlans locally though which is impossible on the VTP client.

Transparent switches handle this pass-through differently depending on the VTP version:
VTP Version 1 – the transparent switch will only pass updates from the same VTP domain.
VTP Version 2 – the transparent switch will pass updates from any VTP domain.

NOTE : As a best practice, a new switch should be configured as a VTP client in the VTP domain, and have its configuration revision number must set back to zero before being installed into a production network,Because VTP has a huge security risk…the problem with VTP is that a VTP server is also a VTP Client and a VTP client can overwrite a VTP server if the revision number is higher

REMEMBER: A VTP client can update other clients and VTP servers in the VTP domain, if its revision number is higher.

You can reset revision number by
Changing the domain-name will reset the revision number.
Deleting the vlan.dat file on your flash memory will reset the revision number

NOTE : There’s a difference between VTP Transparent mode and  Server/Client mode. In VTP transparent mode all vlan information can be seen at "running-config" mode .But VTP Server and Client mode store their information in the VLAN database (vlan.dat on your flash memory).

VTP Updates                                                      
By default  revision number will be zero.Every change to the VLAN database increments the configuration revision number by 1.A VTP switch will only accept or synchronize an update if the revision number is higher than that of the currently installed VLAN database. Updates with a lower revision number are ignored.

VTP utilizes three message types:
Summary Advertisement – sent out every 300 seconds, informing all VTP switches of the current configuration revision number.
Subset Advertisement – sent out when there is a change to the VLAN database. The subset advertisement actually contains the updated VLAN database.
• Advertisement Request – sent out when a switch requires the most current copy of the VLAN database. A switch that is newly joined to the VTP domain will send out an Advertisement Request.

Configuring VTP
To configure the VTP domain (the domain name is case sensitive):
Switch(config)# vtp domain <Name>
To configure the VTP mode:
Switch(config)# vtp mode <server /Client / Transparent >
The VTP domain can be further secured using a password:
Switch(config)# vtp password  <PASSWORD>
All switches participating in the VTP domain must be configured with the same password. The password will be hashed into a 16-byte MD5 value.

By default, a Catalyst switch uses VTP version 1. VTP Version 1 and 2 are not compatible

To enable VTP version 2 globally on all switches:
Switch(config)# vtp version 2
To view status information about VTP:
Switch# show vtp status 
VTP Pruning
VTP pruning is a process of preventing unnecessary VLAN broadcast or multicast traffic throughout the switching infrastructure.With VTP pruning, traffic is only sent out the necessary VLAN trunk ports where those VLANs exist.For example,Consider  3 switches called switch A,B and C.

If A and B have vlan 10,20 and 30 and Switch C have vlan 10 and 20.By default all vlan information is sent along  switches A,B and C.Once we enable VTP Pruning vlan 30 information wont be send to Switch C because vlan 30 doesnt exist there

VTP pruning is disabled by default on Catalyst IOS switches. If applied on a VTP server, the following command will enable VTP pruning globally on all switches:
Switch(config)# vtp pruning
On trunk ports, it is possible to specify which VLANs are pruning eligible:     
Switch(config)# interface fa0/24Switch(config-if)# switchport trunk pruning vlan add 2-50Switch(config-if)# switchport trunk pruning vlan remove 50-100
OR like this
Switch(config)# interface fa0/24Switch(config-if)# switchport trunk pruning vlan allSwitch(config-if)# switchport trunk pruning vlan except 2-100
VLAN 1 is never eligible for pruning. The system VLANs 1002-1005 are also pruning-ineligible.

Troubelshooting commands:
#show vtp status 
#show vlan 
#debug sw-vlan vtp events

INTERVIEW QUESTIONS
  • what are different Vlan modes ?
  • What happens to interfaces when you delete a VLAN?
  • What is the difference between VTP Transparent and VTP Client mode ?
  • Which is the default mode of VTP ?
  • what is VTP Pruning ?
  • What are two benefits of using VTP in a switching environment?
  • Which VTP mode is capable of creating only local VLANs and does not synchronize with other switches in the VTP domain?
 Objective Type Questions 

6 comments: