CISCO CCNA BOOTCAMP

VTP
(Virtual Trunking Protocol)

Internetworking 1
 What is VTP? Small Network VLAN Management

• The VLAN Management Challenge

–As the number of switches increases on a small- or
medium-sized business network, the overall
administration required to manage VLANs and trunks
becomes a challenge.
• Small Network VLAN Management
–The figure shows a network manager adding a new
VLAN, VLAN30.
• The network manager needs to update the three
trunks to allow VLANs 10, 20, 30, and 99.
• Recall that a common error is forgetting to update
the allowed list of VLANs on trunks. Larger Network VLAN Management
• Larger Network VLAN Management
–After you have manually updated this network a few
times, you may want to know if there is a way for the
switches to learn what the VLANs and trunks are so that
you do not have to manually configure them.
• VLAN trunking protocol (VTP).

Internetworking 2
 What is VTP?
• What is VTP?
–VTP allows a network manager to configure a switch so that it
will propagate VLAN configurations to other switches in the
network.
• Switch can be configured a VTP server or VTP client.
• VTP only learns about normal-range VLANs (VLAN IDs 1 to
1005). Extended-range VLANs (IDs greater than 1005) are
not supported by VTP.
• VTP Overview
–VTP allows a network manager to makes changes on a switch
that is configured as a VTP server.
• The VTP server distributes and synchronizes VLAN
information to VTP-enabled switches throughout the
switched network, which minimizes the configuration
inconsistencies.
–VTP stores VLAN configurations in the VLAN database called
vlan.dat.
• For example: In the figure, a trunk link is added between S1, a VTP
server, and S2, a VTP client.
–After a trunk is established, VTP advertisements are
exchanged between the switches.
• VTP advertisements will not be exchanged if the trunk
between the switches is inactive.

Internetworking 3
 Benefits of VTP

• VTP maintains VLAN configuration

consistency by managing the following vlan
information in a switch network:
–Addition
–Deletion
–Renaming
• VTP offers a number of benefits for network
managers, as shown in the figure.

Internetworking 4
 VTP Components
• VTP Domain - Consists of one or more interconnected switches.
–All switches in a domain share VLAN configuration details
using VTP advertisements.
–Router or Layer 3 switch defines the boundary of domain.
• VTP Modes - 3 different VTP modes
–VTP Server - VTP servers advertise the VTP VLAN information
to other switches in the same VTP domain.
• VTP servers store the VLAN information for the domain in
NVRAM.
• The server is where VLAN can created, deleted, or renamed
for the domain.
–VTP Client - VTP clients function the same way as VTP servers,
but you cannot create, change, or delete VLANs.
• A VTP client only stores the VLAN information for the entire
domain while the switch is on.
• A switch reset deletes the VLAN information. You must
configure VTP client mode on a switch.
–VTP Transparent - Transparent switches forward VTP
advertisements to VTP clients and VTP servers.
• Transparent switches do not participate in VTP.
• VLANs that are created, renamed, or deleted on transparent
switches are local to that switch only.
Internetworking 5
 Default VTP Configuration
• The Cisco command show VTP status displays the VTP status.
• The default VTP settings are.
–VTP Version = 1
–VTP Domain Name = null
–VTP Mode = Server
–Configuration Revision = 0
–VLANs = 1
• The following briefly describes the show VTP status parameters:
VTP Version - Displays the VTP version the switch is running.
• By default, the switch implements version 1.
• Only one VTP version is allowed in a VTP domain.
Configuration Revision - Current configuration revision number.
–Maximum VLANs Supported Locally - Maximum number of VLANs supported locally.
Number of Existing VLANs - Number of existing VLANs.
VTP Operating Mode - Can be server, client, or transparent.
VTP Domain Name - Name that identifies the administrative domain.
–VTP Pruning Mode - Displays whether pruning is enabled or disabled.
–VTP V2 Mode - Displays if VTP version 2 mode is enabled. VTP version 2 is disabled by
default.
–VTP Traps Generation - Displays whether VTP traps are sent to a network management
station.
–MD5 Digest - A 16-byte checksum of the VTP configuration.
–Configuration Last Modified - Date and time of the last configuration modification.
Displays the IP address of the switch that caused the configuration change to the
database.

Internetworking 6
 VTP Domains

• VTP allows you to separate your network into

smaller management domains to help reduce
VLAN management.
–A VTP domain consists of one switch or
several interconnected switches sharing the
same VTP domain name.
–An additional benefit of configuring VTP
domains is that it limits the extent to which
configuration changes are propagated in the
network if an error occurs.
• A switch can be a member of only one VTP
domain at a time.
–Until the VTP domain name is specified you
cannot create or modify VLANs on a VTP
server, and VLAN information is not
propagated over the network.
Internetworking 7
 VTP Domain Name Propagation

• For a VTP server or client switch to participate in a

VTP-enabled network, it must be a part of the same
domain.
–When switches are in different VTP domains, they do
not exchange VTP messages.
–Domain name propagation uses three VTP components:
servers, clients, and advertisements.
• The network in the figure shows three switches, S1,
S2, and S3, in their default VTP configuration.
–They are configured as VTP servers.
–VTP domain names have not been configured.
• The network manager configures the VTP domain
name as cisco1 on the VTP server switch S1.
–The VTP server sends out a VTP advertisement with the
new domain name embedded inside.
–The S2 and S3 VTP server switches update their VTP
configuration to the new domain name.
• Cisco recommends that access to the domain name
configuration functions be protected by a password.
Internetworking 8
 VTP Revision Number

• The configuration revision number determines whether the

configuration information received from another VTP-enabled
switch is more recent than the version stored on the switch.
–The configuration revision number is a 32-bit number.
–The default revision number for a switch is zero.
–Each time a VLAN is added or removed, the configuration
revision number is incremented.
–Each VTP device tracks the VTP configuration revision
number that is assigned to it.
• Note: A VTP domain name change does not increment the
revision number.
–Instead, it resets the revision number to zero.
• The figure shows a network manager adding three VLANs to
switch S1.
–The highlighted area shows that the revision number on
switch S1 is 3,
–The number of VLANs is 8,
• because 3 VLANs have been added to the 5 default
VLANs.

Internetworking 9
 VTP Modes Overview
• Server Mode
–In server mode, you can create, modify, and delete VLANs for
the entire VTP domain.
• VTP server mode is the default mode for a Cisco switch.
• VTP servers advertise their VLAN configurations to other switches
in the same VTP domain and synchronize their VLAN
configurations with other switches based on advertisements
received over trunk links.
• VTP servers track of updates through a configuration revision
number.
• Other switches in the same VTP domain compare their
configuration revision to see if they need to synchronize their VLAN
database.
• Client Mode
–If a switch is in client mode, you cannot create, change, or
delete VLANs.
• The VLAN configuration information that a VTP client switch
receives from a VTP server switch is stored in a VLAN database,
not in NVRAM.
• When a VTP client is shut down and restarted, it sends a request
advertisement to a VTP server for updated VLAN information.
• Transparent Mode
–Switches configured in transparent mode forward VTP
advertisements that they receive on trunk ports to other
switches.
• VTP transparent mode switches do not advertise their VLAN and do
not synchronize their VLAN configuration with other switch.
• A VTP transparent mode switch reboots, it does not revert to a
default VTP server mode, but remains in VTP transparent mode.

Internetworking 10
 VTP Configuration Guidelines
• VTP Server Switches
–Confirm that all of switches you are have been set to default
settings.
–Always reset the configuration revision number before installing a
previously configured switch into a VTP domain.
• Not resetting the configuration revision number allows for potential
disruption in the VLAN configuration across the rest of the switches.
–Configure at least two VTP server switches in your network.
• In case the primary VTP server becomes disabled, if all the switches are
in VTP client mode, you cannot create new VLANs on the network.
–Configure a VTP domain on the VTP server.
• Other switches connected through trunk links receive the VTP domain
information automatically through VTP advertisements.
–If there is an existing VTP domain, make sure that you match the
name exactly.
• VTP domain names are case-sensitive.
–If you are configuring a VTP password, ensure that the same
password is set on all switches in the domain.
• Switches without password or with the wrong password reject VTP
advertisements.
–Ensure that all switches are configured to use the same VTP
version.
• VTP version 1 is not compatible with VTP version 2. By default, Cisco
Catalyst 2960 switches run version 1 but are capable of running version
2.
–Create the VLAN after you have enabled VTP on the VTP server.
• VTP information is only exchanged on trunk ports.

Internetworking 11
 VTP Configuration Guidelines

• VTP Client Switches

–As on the VTP server switch, confirm that the default
settings are present.
–Configure VTP client mode.
• Switch is not in VTP client mode by default. You have to
configure this mode.
–Configure trunks.
• VTP works over trunk links.
–Connect to a VTP server.
• When you connect to a VTP server or another VTP-enabled
switch, it takes a few moments for the various advertisements to
make their way back and forth to the VTP server.
–Verify VTP status.
• Before you begin configuring the access ports, confirm that the
revision mode and number of VLANs have been updated.
–Configure access ports.
• When a switch is in VTP client mode, you cannot add new
VLANs. You can only assign access ports to existing VLANs.

Internetworking 12
 Configuring VTP: Step 1
Configure the VTP Server
• Initially none of the devices are connected.
–The topology highlights switch S1. You will configure
this switch to be a VTP server.
• The output of the show vtp status command confirms that
the switch is by default a VTP server.
–the revision number is still set to 0
–the switch does not belong to VTP domain.

Configure the VTP Server

• If the switch was not already configured as a VTP server, you
could configure it using the the vtp mode {server} command.
• The domain name is configured using the the vtp
domaindomain-name command.
–switch S1 has been configured with the domain name
cisco1.
• For security reasons, a password could be configured using
the vtp passwordpassword command.
• The default version for Catalyst 2960 is version 1.
• Assume that three VLANs have been configured and have
been assigned VLANs names.

Internetworking 13
 Configuring VTP: Step 2
Configure the VTP client

• The topology highlights switches S2 and

S3. You will be shown the VTP client
configuration for S2.
–To configure S3 as a VTP client, you will
follow the same procedure.

Configure the VTP Client

• Before configuring a switch as a VTP client,
verify its current VTP status.
–Show vtp status
• Configure VTP client mode using the
following Cisco IOS command syntax:
–Enter global configuration mode with the
configure terminal command.
–Configure the switch in client mode with the
vtp mode {client} command.

Internetworking 14
 Configuring VTP: Step 3 Confirm and Connect

• After configuring the main VTP server and the VTP clients, you will
connect the VTP client switch S2 to the switch S1 VTP server.
–The topology highlights the trunks that will be added to this
topology.
• Confirm VTP Operation
–There are 2 commands for confirming that VTP domain and
VLAN configurations have been transferred.
• Use show VTP status command to verify the following:
–Configuration revision number has been incremented to 6.
–There are now three new VLANs indicated by the existing
number of VLANs showing 8.
–Domain name has been changed to cisco1.
• Use show vtp counters command to confirm that the advertisements
took place.
• Configure Access Ports
–The task now is to configure the port F0/11 on switch S2 to be in
VLAN 20. Use the switchport access vlan [number] interface
command

Internetworking 15
 Troubleshooting VTP Connections
• In this topic, you will learn about
common VTP configuration problems.
This information, combined with your
VTP configuration skills, will help you
when troubleshooting VTP configuration
problems.

Internetworking 16
 Troubleshooting VTP: Incompatible VTP Versions

• VTP versions 1 and 2 are incompatible

with each other.
–Modern Cisco Catalyst switches, such as
the 2960, are configured to use VTP version
1 by default.
–However, older switches may only support
VTP version 1.
–Switches that only support version 1
cannot participate in the VTP domain along
with version 2 switches.
–If your network contains switches that
support only version 1, you need to
manually configure the version 2 switches
to operate in version 1 mode.

Internetworking 17
 Troubleshooting VTP: VTP Password Issues

• When using a VTP password to control

participation in the VTP domain, ensure that
the password is set correctly on all switches
in the VTP domain.
–Forgetting to set a VTP password is a very
common problem.
–If a password is used, it must be configured
on each switch in the domain.
–By default, a Cisco switch does not use a VTP
password.
–The switch does not automatically set the
password parameter, unlike other parameters
that are set automatically when a VTP
advertisement is received.

Internetworking 18
 Troubleshooting VTP: Incorrect VTP Domain Name

• The VTP domain name is a key parameter

that is set on a switch.
–An improperly configured VTP domain
affects VLAN synchronization between
switches.
–As you learned earlier, if a switch receives
the wrong VTP advertisement, the switch
discards the message.
• Solution
–To avoid incorrectly configuring a VTP
domain name, only set the VTP domain
name on one VTP server switch.
• All other switches in the same VTP
domain will accept and automatically
configure their VTP domain name when
they receive the first VTP summary
advertisement.

Internetworking 19
 Troubleshooting VTP: Switches Set to VTP Client Mode

• It is possible to change the operating

mode of all switches to VTP client.
–By doing so, you lose all ability to
create, delete, and manage VLANs within
your network environment.
• Solution
–To avoid losing all VLAN configurations
in a VTP domain by accidentally
reconfiguring the only VTP server in the
domain as a VTP client, you can
configure a second switch in the same
domain as a VTP server.
–It is not uncommon for small networks
that use VTP to have all the switches in
VTP server mode.

Internetworking 20
 Managing VLANs on a VTP Server

• When a new VLAN, for example, VLAN 10, is added to

the network, the network manager adds the VLAN to
the VTP server, switch S1 in the figure.
–As you know, VTP takes care of propagating the VLAN
configuration details to the rest of the network.
–It does not have any effect on which ports are
configured in VLAN 10 on switches S1, S2, and S3.
• The figure displays the commands used to configure
VLAN 10 and the port F0/11 on switch S1.
• After you have configured the new VLAN on switch S1
and configured the ports on switches S1, S2, and S3
to support the new VLAN, confirm that VTP updated
the VLAN database on switches S2 and S3.
–The output of the command is used to verify the
configuration on switch S2.
–The output confirms that the new VLAN has been added
to F0/1 on switch S2. The highlighted area shows that
VLAN 10 is now active in the VTP management domain.

Internetworking 21
-- End of presentation --

Internetworking 22