VLAN Trunk Protocol (VTP) is a Cisco-proprietary protocol used to replicate VLANs using Layer 2 trunk frames to other switches. It is a method to ease administration by selecting a switch to be configured as a VTP server.
VLANs are configured on the VTP server and then replicated to other connected switches, called VTP clients. This reduces the amount of configuration — having to log onto each switch to create a VLAN. All VLAN and VTP data is saved in the vlan.dat file – stored in the switch’s flash memory.
VTP is organized into management domains, which share common VLAN requirements. These management domains are called VTP Domains. A switch can only be joined to one VTP domain. Each VTP domain is isolated from one another. Information is not shared between VTP domains.
Switches can be configured in one of three VTP modes:
Server Mode – switch has full control over creating and modifying VLANs. This is the default mode for a switch.
Client Mode – switch cannot create, modify, or delete any VLANs. Switches listen to VTP Advertisements.
Transparent Mode – switch doesn’t participate in VTP. A switch in Transparent Mode will forward VTP version 2 VTP Advertisements out it’s trunk ports — acting as a relay — if it receives VTP Advertisements.
VLAN Trunk Protocol Advertisements are multicast frames carrying VTP information. To process a VTP Advertisement, a switch must have the same VTP password and domain configured.
Different advertisements are tracked with configuration revision numbers. When changes are made by a VTP server, the revision number is incremented before sending the advertisement out. There can be three different advertisements
Summary advertisements – sent out every 300 seconds and every time a change occurs on the VLAN database. Contained in a summary advertisement:
- VTP version
- Domain name
- Configuration revision number
- Time stamp
- MD5 encryption hash code
Subset advertisements – sent after a VLAN configuration change occurs. Contained in the subset advertisement is a list including:
- VLAN type
- Length of the VLAN name
- VLAN number
- Security association identifier value
- VLAN name
Advertisement requests from clients – which is a VTP client requesting any VLAN information it needs.
By default, a switch will have a domain name of NULL and no password. If the switch hears a VTP advertisement it will automatically learn the VTP domain name, VLANs, and the configuration revision number.
In global configuration mode, configure the VTP domain name
SW1#conf t Enter configuration commands, one per line. End with CNTL/Z. SW1(config)#vtp domain rowell.dionicio.net
Then configure the VTP mode and password:
SW1(config)#vtp mode ? client Set the device to client mode. server Set the device to server mode. transparent Set the device to transparent mode. SW1(config)#vtp mode server SW1(config)#vtp password Sup3r!S3cret@ Setting device VLAN database password to Sup3r!S3cret@
Configure VTP version 2
SW1(config)# vtp version 2
Version 1 and 2 are not interoperable. Version two offers version-dependent transparent mode, consistency checks, Token Ring support, and TLV support.
VTP pruning increases the efficiency of trunk bandwidth by reducing the amount of flooded traffic. Basically, broadcast and unknown unicast frames are not forwarded over a trunk link if the receiving switch doesn’t have any ports on that particular VLAN.
Enable VTP pruning
SW1(config)# vtp pruning
View VTP parameters with
show vtp status
SW1#show vtp status VTP Version : running VTP2 Configuration Revision : 1 Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 VTP Operating Mode : Server VTP Domain Name : rowell.dionicio.net VTP Pruning Mode : Disabled VTP V2 Mode : Enabled VTP Traps Generation : Disabled MD5 digest : 0x8D 0x95 0xC5 0x2C 0xC8 0x83 0xB9 0x3C Configuration last modified by 10.1.1.100 at 3-1-93 06:24:38 Local updater ID is 10.1.1.100 on interface Vl10 (lowest numbered VLAN interface found) SW1#
View VTP messages and error counters with
show vtp counters
SW1#show vtp counters VTP statistics: Summary advertisements received : 140 Subset advertisements received : 19 Request advertisements received : 0 Summary advertisements transmitted : 127 Subset advertisements transmitted : 27 Request advertisements transmitted : 3 Number of config revision errors : 0 Number of config digest errors : 0 Number of V1 summary errors : 0 VTP pruning statistics: Trunk Join Transmitted Join Received Summary advts received from non-pruning-capable device ---------------- ---------------- ---------------- --------------------------- Fa0/22 1 0 0 Fa0/23 1 0 0 Fa0/24 1 0 0 SW1#
Verify the VLANs from the VTP server are on the VTP client with
show vlan brief
How to Troubleshoot VTP
If VTP is not working correctly then verify the following items:
- Is the switch in transparent mode?
- Is the switch configured as a VTP client when there is no VTP server?
- Is the link to the VTP server a trunk link?
- Is the same VTP domain the same on each switch?
- Are the VTP versions the same?
- Do the VTP passwords match? VTP passwords are case-senstive.
Putting it All Together
SW1> en SW1# conf t SW1(config)#vtp domain rowell.dionicio.net SW1(config)#vtp mode server SW1(config)#vtp password Sup3r!S3cret@ SW1(config)#vtp version 2