1.

VTP Overview
a. VLAN database update mechanism that allows switches to know what
VLANs are currently configured in the L2 topology
b. Allows propagation of VLAN information from one switch to another
i. Create, delete & rename VLANS on one switch
ii. Information propagated across trunk links
1) Doesn't create trunk links (requires them to propagate
updates)
c. Does not put ports into VLANs (only updates VLAN databases on
switches)
d. Only supports standard range of VLANs (1-1005)
i. 1-1001 are standard
ii. 1002-1005 are reserved (legacy) for fddi and token ring
iii. 1006 - 4094 are extended
e. Default - VTP server mode
i. Disable with vtp transparent mode
f. VTP Messages
i. MAC: 01-00-0C-CC-CC-CC
1) Well known multicast address
a) CDP, VTP
ii. Three types of messages:
1) Update Process:
a) Summary advertisements
i) Sent by server after change made to VLAN
database
One. Revision Number (CRN) incremented by
one
Two. Sent as multicast to all switches in
management (L2) domain
Three. Informs that changes have been
made
b) Advertisement requests
i) Client switches see summary advertisement
and respond with advertisement request
One. Request latest information
c) Subset advertisements
i) Server switch sends detailed information in
the form of a subset advertisement in response to advertisement request
ii) VLAN database of client switches
synchronize to server switch
iii) CRN of client switches synchronize to the
CRN of the server switch
2) Details:
a) Summary advertisements
i) Default - Sent every 5 mins or when change
is made to VLAN database
ii) Inform other switches of new VTP CRN
b) Advertisement requests
i) Used by client switch as response to summary
advertisement
ii) Used in three cases:
One. Switch has been reset
Two. VTP domain name has been changed
Three. Switch receives a VTP summary
advertisement with a higher CRN than its own
c) Subset advertisements
i) List of VLAN information
One. More than one may be required if
large number of VLANs contained
 Two. Detailed information of the changes
that have been made to VLAN database on switch with latest revision number
3) Overall idea:
a) Summary advertisement used to inform other
switches in management domain of new CRN in short (summary) format
b) If local switch sees that CRN is out of date
(lower number), it can request detailed information from the switch with the latest
revision number
c) Local switch can synchronize database with the
advertising switch
d) Note that switches will also need to have the same
VTP password configured
g. Default - Null VTP domain
i. Switches in same domain update each other
ii. Switch can only belong to a single VTP domain
iii. Switch that doesn't belong to a domain (null) will
automatically join a VTP domain if it receives and advertisement
h. Layer 2 protocol
i. Requires trunk links for communications
ii. Advertisements will not traverse a router
i. Revision Number (Configuration Revision Number)
i. Increments by one every time VLAN database is updated
1) Create, delete or rename VLAN
j. Default - Trunk ports permit all VLANS
i. Traffic for any VLANs that exist in VLAN database will be
forwarded
ii. Access ports have to be manually configured
2. VTP Modes
a. Server - Default
i. Create, modify and delete VLANS
ii. Send and forward VTP advertisements
iii. Synchronizes local database to latest CRN
iv. Can save VLAN configuration information locally to VLAN.dat
v. Multiple switches can be configured as VTP servers
b. Client
i. Cannot create, change or delete VLANS
ii. Can send and forward advertisements
1) VLANs currently listed in database
2) Advertisements it receives from other switches
iii. Synchronize database to latest CRN
c. Transparent
i. Do not participate in VTP
1) Essentially disabling VTP
ii. Does not advertise VLAN config
iii. Does not synchronize VLAN configuration
iv. VTP v 2 - Will still forward VTP advertisements on trunk
ports
d. Off
i. Functions same as VTP transparent but does not forward VTP
advertisements
3. VTP Versions
a. Version 1 and 2
i. Can only configure VLAN 2-1001
1) 1 - reserved for ethernet
2) 1002-1005 - reserved for FDDI and Token Ring
ii. VTP transparent mode must be used to add VLANs > 1005
1) Stored in vlan.dat but cannot set switch back to server
b. Version 3
i. Supports extended VLANs - 1006 to 4094
 ii. Improved authentication
iii. Not in scope of CCNA
c. Compatibilities
i. Version 1 and 3 are not compatible
ii. Version 2 and 3 are compatible but there are caveats
iii. Set all versions to be the same for CCNA
4. VTP Pruning
a. Default - trunk ports permit all configured VLANs
i. Default - all broadcasts sent on permitted VLANs will be sent
across all trunk ports
b. Allows automatic pruning on trunk ports to conserve bandwidth
i. Switches must be in server mode
ii. Prevent broadcasts sent to switches without devices in
related VLAN (recipient hosts)
1) Broadcasts will only be forwarded on trunk ports if they
flow to devices in the same VLAN
c. Allows automatic unpruning of links
i. If device is added to edge switch, it will inform core of
change
1) Link may be unpruned if device is in relevant VLAN
d. Some VLANs are pruning ineligible
i. VLAN 1, VLAN 1002 - 1005
ii. Extended VLANs (>1005)
e. Can manually prune trunks (but not a dynamic process) - used in VTP
transparent mode
5. VTP Defaults
a. No VTP domain is configured
i. Null domain
b. Server mode
i. Can config client, transparent or off
c. Pruning depends on switch model
d. No VTP password exists
i. Configured: only switches with same VTP password and domain
will synchronize
e. VTP version 1
i. Can configure 1, 2 or 3
6. VTP Warnings
a. Switch can automatically become part of a VTP domain once it
receives an advertisement from server
i. Erased switch can join VTP domain automatically
b. Switch must be in transparent or server mode to change or delete
VLANs
c. Changes made on server are propagated across VTP domain
i. Note: VTP advertisements are only sent across trunk links
d. Changing VLANs - means changing subnet used by devices in VLAN
i. Reminder- VLAN is:
1) Single broadcast domain
2) Single IP subnet
ii. Implicit change
e. Assigning a port to a new VLAN will remove it from the previous VLAN
i. Do not need to use "no switchport access" command
f. When deleting a VLAN from a VLAN database
i. All ports contained in deleted VLAN will be err-disabled
ii. Example: New switch added to the network removes VLANs from
the VLAN database through VTP
1) Ports in affected VLANs are disabled
2) May show as up/up
3) Shows as inactive in show int [number] switchport
g. Note: All access ports configured in a VLAN (when the VLAN doesn't
exist in the database) will be err-disabled by the switch
h. Reset CRN before adding new switch to network
i. Change switch to transparent and then client
ii. Change domain to null and then back
i. Check interfaces to make sure that new switch won't automatically
trunk when adding to topology
i. Can also shutdown ports on neighboring switches or make them
access ports
j. Must also delete vlan.dat after erasing switch configuration
7. Troubleshooting
a. Domain name is case sensitive (must share domain name to sync vlan
database)
b. MD5 digest (hash) must be the same
i. Same passwords
ii. show vtp status (MD5 hash)
iii. show vtp password
iv. May show a MD5 digest checksum mismatch on vtp status or as a
warning
c. Make sure trunking is enabled between switches
i. sh int tr
ii. Make sure administrative modes will result in trunk link
1) Dynamic desirable & auto
2) DTP on = "negotiation of trunking: on"
a) sh int switchport
d. Make sure switch is not transparent (if trying to sync vlan database
with VTP domain)
8. Config Notes
a. sh flash
i. vlan.dat exists in flash of server switch
b. Clear configuration:
i. Erase startup-config
ii. Delete flash:/vlan.dat
iii. Reload
c. VLAN database will be overwritten by subset advertisement from
higher CRN switch
i. Example: Switch with CRN 0 is in transparent mode
1) Create VLAN 10 & 11
2) Set switch to client
3) VLAN 10 & 11 no longer exist after sync (not present in
domain database)
ii. Example: Client switch has trunk interfaces shut down
1) Change client to server mode
2) Delete all VLANs
3) Change server to client mode
4) No shut trunk interfaces
5) All switches in management domain have VLANs deleted
from database after sync
a) Client with higher CRN sends out a summary ad
b) All clients and servers receive ad and request new
VLAN database