VLAN Trunking Protocol

• VTP is a Cisco-proprietary protocol that use Layer 2 trunk frames to distribute and synchronize VLAN information throughout a switched network.
•  VTP Manages the addition, deletion, and name changes of VLANs within a VTP domain.
• VTP messages are transmitted on swtiches’ 802.1Q and ISL trunks.
• By using VTP, misconfiguration and configuration inconsistencies are minimized.

VTP Domains

• A VTP domain is a switch or group of interconnected switches that share the same VTP environment or areas with common VLAN requirements.
• A switch can belong to only one VTP domain.
• Switches in different VTP domains do not share VTP information.
• Switches in a VTP domain advertise several attributes to their domain neighbor containing information about:
  • VTP management domain
  • VTP revision number
  • known VLANs
  • Other specific VLAN parameters

VTP Modes

•  Server Mode
  • This is the default VTP mode
  • VTP servers have full control over VLAN creation, deletion, and modification.
  • All VTP information is forwarded/advertised to other switches.
  • Received VLAN information is sychronized if they carry the latest information about the domain.
  • Each VTP domain must have at least one server so that all created, modified, or deleted VLANs and other VLAN information can be propagated.
  • Saves VLAN and VTP configuration in NVRAM in a file called vlan.dat (typically in Cisco Catalyst 6500/6000 series switches). In most other cases it is saved in flash.
• Client Mode
  • Cannot create, modify, or delete VLANs.
  • Listens to VTP advertisements from other switches and modify their VLAN configurations accordingly.
  • Forwards VLAN advertisements to other switches.
    • This mode is effectively a passive listening mode.
  • Does not save VLAN configuration in NVRAM
• Transparent Mode
  • Do not participate in VTP.
  • Creates, modifies, and deletes VLAN only on the local switch.
    • These changes do not propagate to other switches.
    • Does not synchronize its VLAN database with received advertisements.
  • In VTP version 1, switch does not relay VTP information unless VTP domain name and VTP version numbers match other switches.
  • In VTP version 2, they forward received VTP advertisements out their trunk ports regardless of VTP domain setting.
  • Saves VLAN configuration in NVRAM.

VTP Advertisements

• VTP switches send VTP information to other switches participating in VTP. They advertise:
  • VLANs (only VLANs 1 to 1005)
  • Configuration Revision Numbers
  • Other parameters such as VTP domain name and password.
• They are sent as multicast frames every 5 minutes or when there is a change.

Configuration Revision Numbers

• Each time a VTP server modifies its VLAN information, the configuration revision number is incremented by 1.
• If the configuration revision number that is being advertised is higher than the number stored on the other switches in teh VTP domain, the rest of the switches in the domain ovewrite their VLAN configurations with the new information being advertised.
• The VTP advertisement process always starts with revision number 0.
• It is important that any new switches that are added to the network have revision number 0 before plugging into the network.
• The VTP revision numnber is stored in NVRAM and is not affected by a reload of the switch.
• The following methods resets the revision number to 0:
  • Change the switch’s VTP mode to transparent and then change the back to server.
  • Change the switch’sVTP domain to a bogus name, then change the VTP domain back to the original name.
• VTP advertisements can originate from client-mode switches upon bootup.
  • They may also originate from server-mode switches as VLAN configuration changes.

3 Forms of VTP Advertisements

• Summary advertisements
  • Sent by VTP domain servers.
  • Sent every 300 seconds (5 minutes) or every time VLAN changes occurs.
  • List information about the VTP domain such as:
    • VTP version
    • Domain name
    • Configuration revision number
    • Time stamp
    • MD5 encryption hash code
    • Number of subset advertisements to follow.
• Subset advertisements
  • Sent by VTP domain servers after a VLAN configuration change occurs.
    • These advertisements list the specific changes that have been performed, such as:
      • Creating or deleting VLANs.
      • Suspending or activating a VLAN.
      • Changing the name of a VLAN.
      • Changing a VLANs MTU.
  • Subset advertisements can list the following VLAN parameters:
    • Status of the VLAN
    • VLAN type (Ethernet or Token Ring)
    • MTU
    • Length of the VLAN name
    • VLAN number
    • Security Association Identifier (SAID) value
    • VLAN name
  • VLANs are listed individually in sequential subset advertisements.
• Advertisement requests from clients
  • A VTP client can request any missing VLAN information.
    • For example:
      • A client has its database erased and after a reload the VTP domain membership has changed.
      • It hears a VTP summary advertisement with a higher revision number than it currently has.
  • When a client advertisement request is made, the  VTP domain servers respond with summary and subset advertisements to bring it up to date.

VTP Pruning

• By defualt, a trunk link transports traffic from all VLAN, unless specific VLANs are removed from the trunk.
• VTP pruning uses VLAN advertisements to determine when a trunk connection is flooding traffic needlesly.
  • It makes more efficient use of trunk bandwidth by reducing unnecessary flooded traffic.
  • Broadcast and unknown unicast frames on a VLAN are forwarded over a trunk link only if the switch on the receiving end of the trunk has ports in that VLAN.
• Consider the following network below:

• Traffic from Switch A is only forwarded to Switches B and D while traffic out to Switches E and C are “pruned”.
• This prevent uneccesary traffic sent to switches that do not have ports in the Red VLAN (where traffic was originated and destined to).

Configuring VTP

Configuring VTP Management Domain

switch(config)#vtp domain domain-name

Configuring VTP Mode

switch(config)vtp mode {server | client | transparent}

• Server Mode
  • Default mode
  • Each domain must have at least one server.
  • May be used even if other server and client switches are present – provides redundancy in case of server failure.
• Client Mode
  • One way to configure new switches as client mode so that it can learn existing VTP infromation from existing servers. Once it has learned the current configuration, it may be configured as a server if redundancy is desired.
•  Transparent Mode
  • VLANs can be created, modified, and deleted. But the changes remain in the local switch
  • Received advertisements from other switches, however, are forwarded to others.
  • This mode can help prevent the possibility of duplicate and over-lapping VLANs.

Configuring VTP Password

Switch(config)#vtp password password

• Password can only be configured on VTP servers and clients.
• Password string is not sent, rather the MD5 hash is sent in VTP server advertisements and used to validate received client advertisements.
• Password string can be 1 to 32 characters and is case-sensitive.

Configuring VTP version

 switch(config)#vtp version {1 | 2}

• Version 1 is the default
• They are not interoperable, ie. the same version must be used throughout the management domain.

Configuring VTP Pruning

switch(config)#vtp pruning

• If this command is used on a VTP server, it is advertised to the rest of the domain and all listening switches will also enable pruning.
• General purpose VLANs (2 – 1001) are eligible for pruning on all trunk links if needed.

Using the following interface configuration command, the list of pruning eligibility can be narrowed down:

switch(config-if)#switchport trunk pruning vlan {add | except | none | remove} vlan-list

• vlan-list – a list of eligible VLAN numbers (2 -1001), separated by commas or dashes.
• add – a list VLAN numbers added to the already configured list; this is a shortcut from typing a long list of numbers
• except - excludes the specified VLANs from being included in the pruning.
• remove – removes the specified VLANs from the already configured list.

 Verifying VTP

• show vtp status
  • Displays information about about the VTP configuration and current state in Cisco IOS.
  • The output describes the VTP version, the numbers of VLANs supported locally, the VTP operating mode, VTP domain name, and the VTP pruning mode.
• show vtp counters
  • Diplays statistics about VTP operation.

References:

1. Understanding VLAN Trunking Protocol (VTP) – Cisco System, Inc.
2. Configuring VTP –  Catalyst 3560 Switch Software Configuration Guide, 12.2(20)SE
3. Managing vlan.dat in Cisco Catalyst Switches Running Cisco IOS Software

This entry is not an authoritative guide. These are merely notes and rehash of the primary text materials and resources that I use. For a thorough guide of the BCMSN course, consider purchasing Building Cisco Multilayer Switched Networks (BCMSN) (Authorized Self-Study Guide) (4th Edition) by Richard Froom, Balaji Sivasubramanian, and Erum Frahim and CCNP BCMSN Official Exam Certification Guide (4th Edition) by Dave Hucaby ; as well as following the links on the reference section of this entry.