This is a Cisco proprietary protocol that is designed to ease Vlan database management, it has nothing to do with trunking. The concept is that a switch with a VTP server mode will propagate VLAN database down to all switches with VTP client mode.
Sw2-3560 vlan database before a new vlan is added (VTP client)
Sw2-3560#sh vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
Sw4-3560-2 Vlan database before a new vlan is added (VTP server)
SW4-3560-2#sh vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
SW4-3560-2#
Demonstration
I added vlan100 to Sw4-3560-2 only.
SW4-3560-2#conf t
SW4-3560-2(config)#vlan 100
SW4-3560-2(config-vlan)#end
SW4-3560-2#sh vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21
100 VLAN0100 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
SW4-3560-2#
The below is Sw2-3560 Vlan database, which is synchronized with Sw4-3560-2
Sw2-3560#sh vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
100 VLAN0100 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
Sw2-3560#
VTP configuration guidelines
1. All switches must have the same VTP domain name to share vlan database information.
2. All switches must have the same VTP version under the same domain name. (If VTP server is version 1, and a VTP client is version 2, the VTP client will downgrade to 1. If one of the VTP server or client is using version 1 the configured version 2 client or server will downgrade to 1.)
3. If VTP password is configured. All switches must have the same VTP password of the same domain.
4. All switches of the same VTP domain should have the same revision number. (If a newly included switch is a vtp server with a higher revision number and if the domain and password are the same then VTP servers and clients with lower revision number will sync its vlan database with this newly included switch)
VTP version
Version 2 is used to support token ring. If no token ring exists in switch network then version 1 is suffice.
Version 3 has these features:
a. VTP can pass vlan from 1 to 4095. Previously version 1 and 2 cannot support vlan id beyond 1001.
b. VTP version 3 not only passes vlan database information, it also passes Multiple Spanning Tree instances.
c. VTP version 3 password has an encrypted option. Version 1 and 2 show plain text vtp password.
enable
service password-encryption
This will “hide” vtp version 3 password under vignere cipher when show vtp password command is used. VTP version 3 password is still plain-text in vlan.dat file.
enable
conf t
vtp password cisco hidden
VTP version 3 has added a new “hidden” option to encrypt the VTP version 3 password, the password in vlan.dat will also be encrypted.
d. VTP version 3 can pass private vlan information as well since it can support full range of 802.1q vlan id now.
VTP version 3 modes
Server – Can change vtp password, VTP version, and VTP domain. Can create, delete and modify vlan. Originates VTP information.
Client – Cannot change vtp password, vtp version and vtp domain. Cannot create, delete and modify vlan. Receives vtp information and update other vtp devices including vtp devices that is a vtp server.
Transparent – Revision number is always 0. VTP information received will be relayed to another VTP device. Contains its own VTP information that is not shared with other vtp devices.
Off – Turn off VTP. VTP information will be terminated by this VTP off mode device. VTP information received will not be relayed nor evaluated.
cyruslab 