VLAN Trunking Protocol

This is a Cisco proprietary protocol that is designed to ease Vlan database management, it has nothing to do with trunking. The concept is that a switch with a VTP server mode will propagate VLAN database down to all switches with VTP client mode.

Sw2-3560 vlan database before a new vlan is added (VTP client)


Sw2-3560#sh vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup

Sw4-3560-2 Vlan database before a new vlan is added (VTP server)

SW4-3560-2#sh vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup
SW4-3560-2#

Demonstration

I added vlan100 to Sw4-3560-2 only.

SW4-3560-2#conf t
SW4-3560-2(config)#vlan 100
SW4-3560-2(config-vlan)#end
SW4-3560-2#sh vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21
100  VLAN0100                         active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup
SW4-3560-2#

The below is Sw2-3560 Vlan database, which is synchronized with Sw4-3560-2


Sw2-3560#sh vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
100  VLAN0100                         active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup
Sw2-3560#

VTP configuration guidelines

1. All switches must have the same VTP domain name to share vlan database information.

2. All switches must have the same VTP version under the same domain name. (If VTP server is version 1, and a VTP client is version 2, the VTP client will downgrade to 1. If one of the VTP server or client is using version 1 the configured version 2 client or server will downgrade to 1.)

3. If VTP password is configured. All switches must have the same VTP password of the same domain.

4. All switches of the same VTP domain should have the same revision number. (If a newly included switch is a vtp server with a higher revision number and if the domain and password are the same then VTP servers and clients with lower revision number will sync its vlan database with this newly included switch)

VTP version

Version 2 is used to support token ring. If no token ring exists in switch network then version 1 is suffice.

Version 3 has these features:

a. VTP can pass vlan from 1 to 4095. Previously version 1 and 2 cannot support vlan id beyond 1001.

b. VTP version 3 not only passes vlan database information, it also passes Multiple Spanning Tree instances.

c. VTP version 3 password has an encrypted option. Version 1 and 2 show plain text vtp password.
enable
service password-encryption

This will “hide” vtp version 3 password under vignere cipher when show vtp password command is used. VTP version 3 password is still plain-text in vlan.dat file.


enable
conf t
vtp password cisco hidden

VTP version 3 has added a new “hidden” option to encrypt the VTP version 3 password, the password in vlan.dat will also be encrypted.

d. VTP version 3 can pass private vlan information as well since it can support full range of 802.1q vlan id now.

VTP version 3 modes

Server – Can change vtp password, VTP version, and VTP domain. Can create, delete and modify vlan. Originates VTP information.

Client – Cannot change vtp password, vtp version and vtp domain. Cannot create, delete and modify vlan. Receives vtp information and update other vtp devices including vtp devices that is a vtp server.

Transparent – Revision number is always 0. VTP information received will be relayed to another VTP device. Contains its own VTP information that is not shared with other vtp devices.

Off – Turn off VTP. VTP information will be terminated by this VTP off mode device. VTP information received will not be relayed nor evaluated.

Advertisements
This entry was posted in Switch, Vlan and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s