VLAN Trunking Protocol (VTP) is a
Cisco proprietary protocol that carries VLAN information to all the
switches in a VTP domain.VTP reduces administration in a switched network. When
you configure a new VLAN on one VTP server, the VLAN is distributed through all
switches in the domain. This reduces the need to configure the same VLAN
everywhere.The VTP configuration has a revision number which will increase when
you make a change. Every time you make a change on the VTP server this
will be synchronized to the VTP
clients
Main points to be remembered
- · VTP adds / modifies / deletes vlans under same domain
- · For every change occur, the revision number will increase.
- · By default all switches are in VTP Server mode
- · VTP Client updates own database and forward updates to other clients
- · VTP Transparent mode dont update own database but forward updates to other clients
- · The latest advertisement will be sent to all VTP clients.
- · VTP clients will synchronize themselves with the latest information.
- · By default, VTP updates are sent out every 300 seconds, or anytime a change to the database occurs.
VTP Modes
VTP-enabled switches can operate in
one of three modes:
• Server : Only VTP Servers
can create, modify or delete entries in the shared VLAN database. Servers
advertise their VLAN database to all other switches on the network, including other VTP servers. This is
the default mode for Cisco Catalyst switches. VTP servers can only advertise
VLANs 1 - 1005.
• Client : VTP Clients cannot make
modifications to the VLAN database.VTP client updates VTP information having
higher revision number in its own database and forward update to other VTP
clients
• Transparent : VTP Transparent
will forward advertisements but will not synchronize itself. You can create
vlans locally though which is impossible on the VTP client.
Transparent switches handle this
pass-through differently depending on the VTP version:
• VTP Version 1 – the
transparent switch will only pass updates from the same VTP domain.
• VTP Version 2 – the
transparent switch will pass updates from any VTP domain.
NOTE : As a best practice, a new switch
should be configured as a VTP client in the VTP domain, and have its
configuration revision number must set back to zero before being installed into
a production network,Because VTP has a huge
security risk…the problem with VTP is that a VTP server is also a VTP Client
and a VTP client can overwrite a VTP server if the revision number is higher
REMEMBER: A VTP client can update other
clients and VTP servers in the VTP domain, if its revision number is higher.
You can reset revision number by
• Changing the domain-name
will reset the revision number.
• Deleting the vlan.dat
file on your flash memory will reset the revision number
NOTE : There’s a difference between
VTP Transparent mode and Server/Client
mode. In VTP transparent mode all vlan information can be seen at
"running-config" mode .But VTP Server and Client mode store their
information in the VLAN database (vlan.dat on your flash memory).
VTP Updates
By default revision number will be zero.Every change to
the VLAN database increments the configuration revision number by 1.A VTP
switch will only accept or synchronize an update if the revision number is
higher than that of the currently installed VLAN database. Updates with a lower
revision number are ignored.
VTP utilizes three message types:
• Summary Advertisement
– sent out every 300 seconds, informing all VTP switches of the current
configuration revision number.
• Subset Advertisement – sent
out when there is a change to the VLAN database. The subset advertisement
actually contains the updated VLAN database.
• Advertisement Request – sent out when a switch requires
the most current copy of the VLAN database. A switch that is newly joined to
the VTP domain will send out an Advertisement Request.
Configuring VTP
To configure the VTP domain (the
domain name is case sensitive):
Switch(config)# vtp domain <Name>
To configure the VTP mode:
Switch(config)# vtp mode <server /Client / Transparent >
The VTP domain can be further secured
using a password:
Switch(config)# vtp password <PASSWORD>
All switches participating in the VTP
domain must be configured with the same password. The password will be hashed
into a 16-byte MD5 value.
By default, a Catalyst switch uses
VTP version 1. VTP Version 1 and 2 are not compatible
To enable VTP version 2 globally on
all switches:
Switch(config)# vtp version 2
To view status information about VTP:
Switch# show vtp status
VTP Pruning
VTP pruning is a process of preventing
unnecessary VLAN broadcast or multicast traffic throughout the switching
infrastructure.With VTP pruning, traffic is only sent out the necessary VLAN
trunk ports where those VLANs exist.For example,Consider 3 switches called switch A,B and C.
If A and B have vlan 10,20 and 30 and
Switch C have vlan 10 and 20.By default all vlan information is sent along switches A,B and C.Once we enable VTP Pruning
vlan 30 information wont be send to Switch C because vlan 30 doesnt exist there
VTP pruning is disabled by default on
Catalyst IOS switches. If applied on a VTP server, the following command will
enable VTP pruning globally on all switches:
Switch(config)# vtp pruning
On trunk ports, it
is possible to specify which VLANs are pruning eligible:
Switch(config)# interface fa0/24Switch(config-if)# switchport trunk pruning vlan add 2-50Switch(config-if)# switchport trunk pruning vlan remove 50-100
OR like this
Switch(config)# interface fa0/24Switch(config-if)# switchport trunk pruning vlan allSwitch(config-if)# switchport trunk pruning vlan except 2-100
VLAN 1 is never eligible for pruning.
The system VLANs 1002-1005 are also pruning-ineligible.
Troubelshooting commands:
#show vtp status
#show vlan
#debug sw-vlan vtp events
INTERVIEW QUESTIONS
- what are different Vlan modes ?
- What happens to interfaces when you delete a VLAN?
- What is the difference between VTP Transparent and VTP Client mode ?
- Which is the default mode of VTP ?
- what is VTP Pruning ?
- What are two benefits of using VTP in a switching environment?
- Which VTP mode is capable of creating only local VLANs and does not synchronize with other switches in the VTP domain?
Objective Type Questions
Thank you, these are great notes
ReplyDeleteawesome! thanks for this!!
ReplyDeleteexcellentt
ReplyDeletefinest ever
ReplyDeletefinest ever..
ReplyDeleteNice explanation Brother
ReplyDelete