VLAN Trunking Protocol (VTP) is a protocol with the aim of reducing the administrative overhead of provisioning VLANs on switches. Switches that participate in the same VTP domain can have a VLAN created once on a VTP server which is propagated across the VTP domain.
Three versions of VTP exist with version 1 being the default operating version on Cisco devices.
Versions 1 and 2 are limited to VLANs 1 to 1005. Version 3 allows propagation of the full VLAN range of 1 to 4094.
In a VTP set-up a switch can have one of four roles:
|Server||The server is responsible for the creation, deletion and modification of VLANs within the VTP domain|
|Client||The client receives VTP advertisements from the server and modifies its VLAN database on the local device. Client devices can not have VLANs configured locally on the switch.|
|Transparent||VTP transparent switches receive and forward VTP advertisements but do not partake in local VLAN database modification. A transparent devices’ VLAN database can be modified locally.|
|Off||A switch does not forward VTP advertisements it receives and does not partake in VTP operations.|
Multiple VTP servers can exist in a VTP domain. There is a caveat if running version 3 that the primary VTP server must have the command
vtp primary configured on it.
VTP communicates across the domain using a multicast address 01-00-0C-CC-CC-CC with three types of advertisments.
- Summary advertisement occurs every 300 seconds or when a VLAN is added, removed, or changed. It will include the VTP version, domain, configuration revision number and timestamp.
- Subset advertisement occurs after a VLAN configuration change. It will contain the relevant information for switches to make changes to their VLANs.
- Client request is when a client wishes to receive a more detailed subset advertisement. This usually occurs when a switch with a lower configuration version number joins the VTP domain and observes a summary advertisement with a higher revision than the switch has locally.
Configuring a VTP server
SW(config)# vtp version 3 SW(config)# vtp domain ROUTEPROTOCOL SW(config)# vtp mode server SW(config)# vtp password SECRET SW(config)# exit SW# vtp primary
Configuring a VTP client
SW(config)# vtp version 3 SW(config)# vtp domain ROUTEPROTOCOL SW(config)# vtp mode client SW(config)# vtp password SECRET SW(config)# exit
When joining a new switch to the VTP domain, it is important that the switch has the VTP revision number reset to 0. Failing to check this could result in a joining switch having a higher revision number and an invalid VLAN table in comparison to the rest of the network. If this switch propagates its VTP configuration it could be devastating to the network by overwriting VLAN databases with incorrect configurations.