VTP – VLAN Trunking Protocol

VTP – VLAN Trunking Protocol

- in Enterprise Infrastructure
9239
0

VTP uses Layer 2 trunk links to communicate VLAN information within a group of switches.

VTP manages the addition, deletion, and renaming of vlan names by sending VTP update advertisements within an administrative domain for other switches to update their VLAN database; synchronization is done via a revision number.

In the advertisements, the switch announces its revision number, vlans, and vlan specific parameters, each switch can only belong to one domain, and by default its domain is Null.

VTP uses the information of the Vlan.dat file to propagate the vlan of the switches; let us clarify that the vlan.dat file only stores the information of the vlans of the normal range (1-1005), this file is used by VTP version 1 and 2.

VTP version 3 can propagate the information of extended range vlans.

The revision number that is sent in the advertisements is a number that increments by one when a change is made to the vlans, every time this number changes automatically, the switch sends a VTP message. If a switch has a higher revision number, it replicates its configuration to the others.

For this reason, great care must be taken when installing a new switch in the network. Suppose it is already configured, and by chance, it has a higher revision number. In that case, this can cause a catastrophe because the switch will replicate its vlan configuration to the other switches.

The revision number increases in one each time a vlan is created, deleted, or renamed and always starts at 0 unless the vlan.dat file has been modified.

VTP operation modes

  • Server mode: They have full control over creating and modifying VLANs in the domain. VTP information is received and propagated to the other switches in the domain. This is the default mode, but the switch does not send advertisements until a domain name is configured. Each VTP domain must have at least one VTP server.
  • Client mode: Does not allow the creation, change or deletion of VLANs. Switches operating in this mode keep passively listening for VTP updates to synchronize their VLAN database. All information received is forwarded over the trunk links to its neighbors in the same domain; the switch acts as a VTP relay.
  • Transparent mode: Switches do not participate in VTP. While in transparent mode, a switch does not advertise its VLAN configuration and does not synchronize its VLAN database with incoming advertisements. A switch configured in transparent mode can create, delete and modify VLANs, but the changes are not transmitted to other switches in the domain; they affect only the local switch. In VTP version 1, a switch in transparent mode does not relay VTP information it receives to other switches unless their domain names and revision numbers match those of the other switches. In VTP version 2, transparent switches forward VTP advertisements received from their trunk link ports, acting as a VTP relay; this occurs regardless of the VTP domain name configuration.
  • Off mode (disabled): Switches do not participate in VTP and do not forward VTP messages, only supported in version 3.

Versiones de VTP

Versión 1 and 2:

  • Version 1 is the default version used by Cisco switches.
  • Version 1 and 2 support the normal range of VLANs 1-1005.
  • A switch that operates on version 1, but supports version 2, will automatically upgrade to version 2.
    • If it detects a neighbor that is version 2.
    • If it detects a neighbor that is version 3.
  • Version 2 relays VTP messages and can support token ring.
  • It does not support the propagation of private vlans.
  • Supports plaintext and MD5 passwords.
  • Ideal for propagating Multiple STP (MSTP) configuration on multiple switches automatically.

Commands to configure VTP v1 and 2:

Switch(config)# vtp domain <Domain_name>
Switch(config)# vtp password <Password>
Switch(config)# vtp version 1 | 2
Switch(config)# vtp mode server | client | transparent

Version 3:

  • Can propagate VLAN range 1-4094 (normal range + extended range).
  • Supports propagating Private Vlan
  • Support to propagate MST (802.1s) configuration information.
  • VTP password can be stored and encrypted so that it is not displayed in plain text.
  • Adds the primary and secondary server functions; this step is required. Unlike versions 1 and 2 where all are servers. Only the primary server can make modifications to the VTP domain; the secondary server(s) cannot make modifications. It is only promoted to be a primary server with the vtp primary command.
  • It must be configured manually, both the version and a domain name. The default domain is Null for all versions.
  • It is compatible with version 2.

Commands to configure VTP v3:

Switch(config)# vtp domain <Domain_name>
Switch(config)# vtp password <Password> [hidden|secret]
Switch(config)# vtp version 3
Switch(config)# vtp mode server | client | transparent| off
Switch# vtp primary

The assignment or promotion of a primary VTP server is done with the vtp primary command from privileged exec mode; the switch will prompt for the VTP domain password to compel the task.

Validate vtp status:

switch# show vtp status
VTP configuration such as domain, password, the revision number is stored in vlan.dat file along with vlans (normal range only). Deleting the configuration file with the erase startup-config command will not remove the VTP configurations..
If we need to reset the revision number to 0, we can do it as follows:
  • Change the VTP mode to transparent and then back to Server mode.
  • Change the existing VTP domain to a fake name (bogus), any non-existing VTP domain, and then back to the original VTP domain.
If what we need is to delete the vlan.dat file we do it like this:
Switch# delete vlan.dat

!Or we can indicate the disk where the file is stored
Switch# delete flash:/vlan.dat

In the end, we restart the switch to apply the changes.

VTP Prunning

VTP pruning causes broadcast and multicast only to be sent over a trunk if the switch receiving these packets has a port within that VLAN.

It does not send broadcast or multicast traffic over a trunk where it is known that there is no equipment connected in that vlan on neighboring switches.

Enable pruning:

Switch(config)# vtp pruning
Switch(config)# interface type member/module/number
Switch(config-if)# switchport trunk pruning vlan [{{add|except|remove} vlan-list}|none]

Validation:

Switch# show interface g0/1 pruning

The default eligible vlans in pruning is vlan 2 through vlan 1001.

More:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-2_4_e/configurationguide/b_1524e_consolidated_3750x_3560x_cg/b_1524e_consolidated_3750x_3560x_cg_chapter_010101.html

Facebook Comments

You may also like

How-to Install SSH Server on Linux 

1.- Install with apt-get command on Ubuntu: sudo