VLAN Trunking Protocol (VTP)

VLAN Trunking Protocol (VTP) is a protocol with the aim of reducing the administrative overhead of provisioning VLANs on switches. Switches that participate in the same VTP domain can have a VLAN created once on a VTP server which is propagated across the VTP domain.

Three versions of VTP exist with version 1 being the default operating version on Cisco devices.

Versions 1 and 2 are limited to VLANs 1 to 1005. Version 3 allows propagation of the full VLAN range of 1 to 4094.

VTP Roles

In a VTP set-up a switch can have one of four roles:

ServerThe server is responsible for the creation, deletion and modification of VLANs within the VTP domain
ClientThe client receives VTP advertisements from the server and modifies its VLAN database on the local device. Client devices can not have VLANs configured locally on the switch.
TransparentVTP transparent switches receive and forward VTP advertisements but do not partake in local VLAN database modification. A transparent devices’ VLAN database can be modified locally.
OffA switch does not forward VTP advertisements it receives and does not partake in VTP operations.
The four roles in a VTP setup

Multiple VTP servers can exist in a VTP domain. There is a caveat if running version 3 that the primary VTP server must have the command vtp primary configured on it.

VTP Communication

VTP communicates across the domain using a multicast address 01-00-0C-CC-CC-CC with three types of advertisments.

  • Summary advertisement occurs every 300 seconds or when a VLAN is added, removed, or changed. It will include the VTP version, domain, configuration revision number and timestamp.
  • Subset advertisement occurs after a VLAN configuration change. It will contain the relevant information for switches to make changes to their VLANs.
  • Client request is when a client wishes to receive a more detailed subset advertisement. This usually occurs when a switch with a lower configuration version number joins the VTP domain and observes a summary advertisement with a higher revision than the switch has locally.

Configuring VTP

Configuring a VTP server

SW(config)# vtp version 3
SW(config)# vtp domain ROUTEPROTOCOL
SW(config)# vtp mode server
SW(config)# vtp password SECRET
SW(config)# exit
SW# vtp primary

Configuring a VTP client

SW(config)# vtp version 3
SW(config)# vtp domain ROUTEPROTOCOL
SW(config)# vtp mode client
SW(config)# vtp password SECRET
SW(config)# exit

Common Pitfall

When joining a new switch to the VTP domain, it is important that the switch has the VTP revision number reset to 0. Failing to check this could result in a joining switch having a higher revision number and an invalid VLAN table in comparison to the rest of the network. If this switch propagates its VTP configuration it could be devastating to the network by overwriting VLAN databases with incorrect configurations.




Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.