Course Code and Title: DATA COMMUNICATION AND NETWORKING (ITE 106)

Lesson Number: Lesson 13 (Week 13)

Topic: VTP (VLAN Trunking Protocol)

Introduction:
This lesson covers the concept VLAN Trunking Protocol or VTP. VLAN
Trunking Protocol (VTP) reduces administration in a switched network. When you
configure a new VLAN on one VTP server, the VLAN is distributed through all switches
in the domain. This reduces the need to configure the same VLAN everywhere. VTP is
a Cisco-proprietary protocol that is available on most of the Cisco Catalyst series
products.
This lesson begins by discussing the concept of VTP. Then, we will discuss the different
VTP modes. The topic concludes with configuration of VTP and troubleshooting VTP
related issues.
Pre-Assessment

Direction: Identify what is being asked/described. Write your answer on a separate sheet
of paper.
1. Which of the following is not a valid VTP mode?
a. Hybrid
b. Client
c. Server
d. Transparent

2. Which statement accurately describes a benefit of implementing the use of the VTP?
a. VTP will allow for routing between VLANs
b. VTP will allow physically redundant links while preventing switching loops
c. VTP will allow switches to share VLAN configuration information
d. VTP will allow a single port to carry information to more than one VLAN

3. Which of the following is NOT a VLAN Trunking Protocol (VTP) mode of operation?
a. Virtual
b. Client
c. Server
d. Transparent
 4. Which protocol provides a method of sharing VLAN configuration information between
two Cisco Switches?
a. VTP
b. None
c. STP
d. 802.1Q
5. What is the result of entering this command on a Cisco Switch “atech_SW(config)#vtp
mode client”?
a. The switch will forward & process VTP summary advertisements
b. The switch will ignore VTP summary advertisements
c. The switch will ignore or originate VTP summary advertisements
d. The switch will originate VTP summary advertisements
Learning Objectives:
At the end of the lesson, you should be able to:
 Discuss concept of VLAN Trunking Protocol.
 Be conscious how important VTP is to your switched network .
 Perceive how to configure VTP on Cisco switches and troubleshoot VTP related
issues on the network.

Lesson Presentation:
VLAN Trunk Protocol (VTP)
VTP (VLAN Trunking Protocol) is a Cisco proprietary protocol used by Cisco
switches to exchange VLAN information. With VTP, you can synchronize VLAN
information (such as VLAN ID or VLAN name) with switches inside the same VTP
domain. A VTP domain is a set of trunked switches with the matching VTP settings
(the domain name, password and VTP version). All switches inside the same VTP
domain share their VLAN information with each other.
To better understand the true value of VTP, consider an example network with 100
switches. Without VTP, if you want to create a VLAN on each switch, you would
have to manually enter VLAN configuration commands on every switch! VTP
enables you to create the VLAN only on a single switch. That switch can then
propagate information about the VLAN to every other switch on the network and
cause other switches to create it. Likewise, if you want to delete a VLAN, you only
need to delete it on one switch, and the change is automatically propagated to every
other switch inside the same VTP domain.
 The following network topology explains the concept more thoroughly:

On SW1, we have created a new VLAN. SW1 sends a VTP update about the new
VLAN to SW2, which in turn sends its VTP update to SW3. These updates will cause
SW2 and SW3 to create the same VLAN. You can see how this simplifies network
administration – the engineer only had to log in and create the VLAN on the first
switch. Other switches have created the same VLAN automatically.

VTP modes

You can configure a switch to operate in any one of these VTP modes:
Each switch can use one of four different VTP modes:
 VTP client mode – a switch using this mode can’t change its VLAN configuration.
That means that a VTP client switch cannot create or delete VLANs. However,
received VTP updates are processed and forwarded.
 VTP server mode – a switch using this mode can create and delete VLANs. A
VTP server switch will propagate VLAN changes. This is the default mode for
Cisco switches.
 VTP transparent mode – a switch using this mode doesn’t share its VLAN
database, but it forwards received VTP advertisements. You can create and
delete VLANs on a VTP transparent switch, but these changes will not be sent
to other switches.
 VTP mode off – similar to VTP transparent mode, with a difference that a switch
using this mode will not forward received VTP updates. This command is
supported only in VTP V3.
 As mentioned above, all switches are configured as VTP servers by default. This is
fine in smaller networks without too many VLANs and VLAN changes, since all VLAN
information can easily be stored in each switch’s NVRAM. However, in larger
networks, it is recommended to specify a couple of higher-quality switches to serve
as VTP servers. All other switches in the network should be set up as VTP clients.
Consider the following example:

We have a simple network of three switches. SW1 is configured as VTP server. After
the VLAN 5 is created on SW1, this switch will notify the connected switch (SW2)
about the created VLAN. SW2 will receive the update but, since it uses the VTP
transparent mode, it will not create this VLAN in its configuration. However, it will
forward the VTP update to SW3. Since SW3 is configured as VTP client, it will
process the update and create VLAN 5.

VTP Password
If you configure a password for VTP, you must configure the password on all switches
in the VTP domain. The password must be the same password on all those switches.
The VTP password that you configure is translated by algorithm into a 16-byte word
(MD5 value) that is carried in all summary-advertisement VTP packets.

VTP Pruning
VTP ensures that all switches in the VTP domain are aware of all VLANs. However,
there are occasions when VTP can create unnecessary traffic. All unknown unicasts
and broadcasts in a VLAN are flooded over the entire VLAN. All switches in the
network receive all broadcasts, even in situations in which few users are connected
in that VLAN. VTP pruning is a feature that you use in order to eliminate or prune this
unnecessary traffic.
This figure shows a switched network without VTP pruning enabled. Port 1 on Switch
A and Port 2 on Switch D are assigned to the Red VLAN. If a broadcast is sent from
the host connected to Switch A, Switch A floods the broadcast and every switch in
the network receives it, even though Switches C, E, and F have no ports in the Red
VLAN.

This figure shows the same switched network with VTP pruning enabled. The
broadcast traffic from Switch A is not forwarded to Switches C, E, and F because
traffic for the Red VLAN has been pruned on the links shown (Port 5 on Switch B and
Port 4 on Switch D).
  When VTP pruning is enabled on a VTP server, pruning is enabled for the
entire management domain. Making VLANs pruning-eligible or pruning-
ineligible affects pruning eligibility for those VLANs on that trunk only (not on
all switches in the VTP domain).
 VTP pruning takes effect several seconds after you enable it. VTP pruning
does not prune traffic from VLANs that are pruning-ineligible. VLAN 1 and
VLANs 1002 to 1005 are always pruning-ineligible; traffic from these VLANs
cannot be pruned. Extended-range VLANs (VLAN IDs greater than 1005) are
also pruning-ineligible.

Use VTP in a Network

 By default, all switches are configured to be VTP servers. This configuration is
suitable for small-scale networks in which the size of the VLAN information is
small and the information is easily stored in all switches (in NVRAM).
 In a large network, the network administrator must make a judgment call at some
point, when the NVRAM storage that is necessary is wasteful because it is
duplicated on every switch. At this point, the network administrator must choose
a few well-equipped switches and keep them as VTP servers. Everything else
that participates in VTP can be turned into a client. The number of VTP servers
should be chosen in order to provide the degree of redundancy that is desired in
the network.

Notes:
 If a switch is configured as a VTP server without a VTP domain name, you
cannot configure a VLAN on the switch.
 Dynamic Trunking Protocol (DTP) sends the VTP domain name in a DTP packet.
Therefore, if you have two ends of a link that belong to different VTP domains,
the trunk does not come up if you use DTP. In this special case, you must
configure the trunk mode as on or nonegotiate, on both sides, in order to allow
the trunk to come up without DTP negotiation agreement.
 If the domain has a single VTP server and it crashes, the best and easiest way
to restore the operation is to change any of the VTP clients in that domain to a
 VTP server. The configuration revision is still the same in the rest of the clients,
even if the server crashes. Therefore, VTP works properly in the domain.

Three VTP versions are available – V1, V2, and V3. The first two versions are
similar except that V2 adds support for token ring VLANs.

V3 adds the following features:

 enhanced authentication
 support for extended VLANs (1006 to 4094). VTP versions 1 and 2 can
propagate only VLANs 1 to 1005.
 support for private VLAN
 VTP primary server and VTP secondary servers
 VTP mode off that disables VTP
 backward compatibility with VTP V1 and V2
 the ability to be configured on a per-port basis

VTP Configuration Guidelines

 All switches have the same the VTP domain name, unless the network design
insists for different VTP domains.

 Note: Trunk negotiation does not work across VTP domains. Refer to the Data
Traffic Blocked between VTP Domains section of Troubleshooting VLAN Trunk
Protocol (VTP) for more information.

 All switches in a VTP domain must run the same VTP version.

 All switches in a VTP domain has the same VTP password, if there is any.

 All VTP Server switch(es) should have the same configuration revision number
and it should also be the highest in the domain.

 When you move a VTP mode of a switch from Transparent to Server, VLANs
configured on the VTP Transparent switch should exist on the Server switch.

VTP Configuration on Catalyst Switches

To exchange VTP messages, five requirements must be met:

 A switch has to be configured as either a VTP server or VTP client

  The VTP domain name has to be the same on both switches
 If present, the VTP domain password has to be the same
 VTP versions have to match
 The link between the switches has to be a trunk link:

Consider the following example network:

We have a network of three switches connected via trunk links. On SW1, we will
configure the VTP domain name using the vtp domain NAME command and VTP
password using the vtp password PASSWORD commands:

NOTE
The default VTP mode on Cisco switches is the server mode, so the
command vtp mode server wasn’t necessary in the SW1 configuration pictured
above.

Now we need to configure SW2 and SW3 as VTP clients. We can do it using
the following set of commands:

Now, when we create a new VLAN on SW1, the VTP will be sent to SW2
and SW3 and the new VLAN will be created automatically on SW2 and SW3:
 SW2 and SW3 will create the VLAN 30 automatically. We can use the show
vlan command on both switches to verify this:

To display the VTP configuration information, we can use the show vtp
status command:
 The most important field listed in the output above is the Configuration
Revision number. This number indicates the level of revision for a VTP packet.
Each device tracks the VTP configuration revision number that is assigned to it.
This information is used in order to determine whether the received information
is more recent than the current version.

Each time you make a VLAN change on a VTP server, the configuration
revision number is incremented by one and a VTP advertisement is sent. The
switch that receives a VTP packet compares the configuration revision to its
own revision. If the configuration revision number in the received VTP
advertisement is higher than its own revision number, the switch will overwrite
its VLAN configurations with the new information that is being advertised.

NOTE
It is important to check a new switch’s VTP configuration revision number
before adding it to your network. If the revision number on the new switch is
higher than the current revision number of other switches on the network, all
current VLANs could be deleted!

How a Recently Inserted Switch Can Cause Network Problems

This problem occurs when you have a large switched domain that is all in the same
VTP domain, and you want to add one switch in the network. This switch was
previously used in the lab, and a good VTP domain name was entered. The switch
was configured as a VTP client and was connected to the rest of the network. Then,
you brought the ISL link up to the rest of the network. In just a few seconds, the
whole network was down.

How did this happen?

The configuration revision number of the switch that you inserted was higher than
the configuration revision number of the VTP domain. Therefore, your recently
introduced switch, with almost no configured VLANs, erased all VLANs through the
VTP domain.

This occurs whether the switch is a VTP client or a VTP server. A VTP client can
erase VLAN information on a VTP server. You can tell that this has occurred when
 many of the ports in your network go into inactive state but continue to be assigned
to a nonexistent VLAN.

Solution

Quickly reconfigure all of the VLANs on one of the VTP servers.

What to Remember

Always make sure that the configuration revision number of all switches that you
insert into the VTP domain is lower than the configuration revision number of the
switches that are already in the VTP domain.

Summary:
VLAN Trunk Protocol (VTP)

 VTP (VLAN Trunking Protocol) is a Cisco proprietary protocol used by Cisco

switches to exchange VLAN information.
 With VTP, you can synchronize VLAN information (such as VLAN ID or VLAN
name) with switches inside the same VTP domain.
 A VTP domain is a set of trunked switches with the matching VTP settings (the
domain name, password and VTP version). All switches inside the same VTP
domain share their VLAN information with each other.

VTP modes

 VTP client mode – a switch using this mode can’t change its VLAN configuration.
That means that a VTP client switch cannot create or delete VLANs. However,
received VTP updates are processed and forwarded.
 VTP server mode – a switch using this mode can create and delete VLANs. A
VTP server switch will propagate VLAN changes. This is the default mode for
Cisco switches.
 VTP transparent mode – a switch using this mode doesn’t share its VLAN
database, but it forwards received VTP advertisements. You can create and
delete VLANs on a VTP transparent switch, but these changes will not be sent
to other switches.
  VTP mode off – similar to VTP transparent mode, with a difference that a switch
using this mode will not forward received VTP updates. This command is
supported only in VTP V3.

VTP Password
 If you configure a password for VTP, you must configure the password on all
switches in the VTP domain. The password must be the same password on
all those switches.

VTP Pruning
 There are occasions when VTP can create unnecessary traffic. All unknown
unicasts and broadcasts in a VLAN are flooded over the entire VLAN.
 All switches in the network receive all broadcasts, even in situations in which
few users are connected in that VLAN.
 VTP pruning is a feature that you use in order to eliminate or prune this
unnecessary traffic.
 When VTP pruning is enabled on a VTP server, pruning is enabled for the
entire management domain. Making VLANs pruning-eligible or pruning-
ineligible affects pruning eligibility for those VLANs on that trunk only (not on
all switches in the VTP domain).
 VTP pruning takes effect several seconds after you enable it. VTP pruning
does not prune traffic from VLANs that are pruning-ineligible. VLAN 1 and
VLANs 1002 to 1005 are always pruning-ineligible; traffic from these VLANs
cannot be pruned. Extended-range VLANs (VLAN IDs greater than 1005) are
also pruning-ineligible.

Use VTP in a Network

 By default, all switches are configured to be VTP servers. This configuration is
suitable for small-scale networks in which the size of the VLAN information is
small and the information is easily stored in all switches (in NVRAM).
  In a large network, the network administrator must make a judgment call at some
point, when the NVRAM storage that is necessary is wasteful because it is
duplicated on every switch. At this point, the network administrator must choose
a few well-equipped switches and keep them as VTP servers. Everything else
that participates in VTP can be turned into a client. The number of VTP servers
should be chosen in order to provide the degree of redundancy that is desired in
the network.

Notes:
 If a switch is configured as a VTP server without a VTP domain name, you
cannot configure a VLAN on the switch.
 Dynamic Trunking Protocol (DTP) sends the VTP domain name in a DTP packet.
Therefore, if you have two ends of a link that belong to different VTP domains,
the trunk does not come up if you use DTP. In this special case, you must
configure the trunk mode as on or nonegotiate, on both sides, in order to allow
the trunk to come up without DTP negotiation agreement.
 If the domain has a single VTP server and it crashes, the best and easiest way
to restore the operation is to change any of the VTP clients in that domain to a
VTP server. The configuration revision is still the same in the rest of the clients,
even if the server crashes. Therefore, VTP works properly in the domain.

Three VTP versions are available – V1, V2, and V3. The first two versions are
similar except that V2 adds support for token ring VLANs.

V3 adds the following features:

 enhanced authentication
 support for extended VLANs (1006 to 4094). VTP versions 1 and 2 can
propagate only VLANs 1 to 1005.
 support for private VLAN
 VTP primary server and VTP secondary servers
 VTP mode off that disables VTP
 backward compatibility with VTP V1 and V2
 the ability to be configured on a per-port basis
 VTP Configuration Guidelines

 All switches have the same the VTP domain name, unless the network design
insists for different VTP domains.

 Note: Trunk negotiation does not work across VTP domains. Refer to the Data
Traffic Blocked between VTP Domains section of Troubleshooting VLAN Trunk
Protocol (VTP) for more information.

 All switches in a VTP domain must run the same VTP version.

 All switches in a VTP domain has the same VTP password, if there is any.

 All VTP Server switch(es) should have the same configuration revision number
and it should also be the highest in the domain.

 When you move a VTP mode of a switch from Transparent to Server, VLANs
configured on the VTP Transparent switch should exist on the Server switch.

VTP Configuration on Catalyst Switches

To exchange VTP messages, five requirements must be met:

 A switch has to be configured as either a VTP server or VTP client

 The VTP domain name has to be the same on both switches
 If present, the VTP domain password has to be the same
 VTP versions have to match
 The link between the switches has to be a trunk link:

Evaluation: Week 13

Direction: Identify what is being asked/described. Write your answer on a separate sheet
of paper.

1. Which protocol supports sharing the VLAN configuration between two or more
switches?
a. multicast
b. STP
c. VTP
d. split-horizon
2. What are the requirements for running VTP? (Choose two)
a. VTP domain names must be different
 b. VTP domain names must be the same
c. VTP server must have the highest revision numbers
d. All devices need to have the same VTP version*
3. Which Cisco command is used to view the VTP statistics information?
a. #show vtp statistics
b. #show vtp domain
c. #show vtp status
d. #show vtp counters
4. What must a network administrator do in order to successfully configure VTP so that
VLAN information can be propagated across the trunk between two switches?
a. Use a router to forward VTP traffic between the VLANs
b. Set each end of the trunk link to IEEE 802.1Q encapsulation
c. Set the same VTP management domain name on both switches & configure one of
the two switches as a VTP server
d. Set all ports on the two switched as access ports & configure one of the two switches
as a VTP server
5. Which VTP mode should a Cisco switch be set to if this switch is to add or delete VLANs
to a management domain?
a. Auto
b. Client
c. Server
d. Transparent
6. Which VTP mode processes VTP messages and saves VLAN information in NVRAM?
a. Client
b. Transparent
c. Client and Server
d. Server
7. Which statement accurately describes a benefit of implementing the use of the VTP?
a. VTP will allow for routing between VLANs
b. VTP will allow physically redundant links while preventing switching loops
c. VTP will allow switches to share VLAN configuration information
d. VTP will allow a single port to carry information to more than one VLAN
8. Which protocol provides a method of sharing VLAN configuration information between
two Cisco Switches?
a. VTP
b. None
 c. STP
d. 802.1Q
9. Which VTP mode can not make a change to vlan?
a. Server
b. Client
c. Transparent
d. Off
10. What is the result of entering this command on a Cisco Switch “atech_SW(config)#vtp
mode client”?
a. The switch will forward & process VTP summary advertisements
b. The switch will ignore VTP summary advertisements
c. The switch will ignore or originate VTP summary advertisements
d. The switch will originate VTP summary advertisements

Reinforcement:

Watch the video about VLAN Trunking Protocol. After watching this video make a
reaction paper on what you have learned from the video. (10 points)

https://www.youtube.com/watch?v=Nlyx5lFQR34&t=3s

References:
Books:
Cisco Routing and Switching Essentials
Scott Empson, et al. Cisco Press. 2016