VLAN Trunking Protocol

Posted: July 27, 2015 in CISCO

The VLAN Trunking Protocol (VTP) is a protocol to create, manage and maintain network with many interconnected switches.It can add,delete,and rename VLANs from a central switch (called server),without need to manually  configure every switch.Changes made on one,server switch,are propagated to other switches (configured as a client switch.By default,switch is set to server mode.

In this example i added two switches,one will be in server and another one in client mode

Untitled

Let’s configure switch named server:

Set VTP domain and password.A VLAN Trunking Protocol (VTP) domain is one switch or several interconnected switches sharing the same VTP informations. A switch can be configured only in one VLAN Trunking Protocol (VTP) domain. Switches in different VTP domains do not share information.

Switch#configure terminal
Switch(config)#hostname server
server(config)#vtp domain mydomain
Changing VTP domain name from NULL to mydomain
server(config)#vtp password 1234
Setting device VLAN database password to 1234

I set domain to  mydomain and password to 1234. The password must be set  on all switches in the VTP domain. The password must be the same password on all switches.

server(config)#do sh vtp status

VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : mydomain
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x09 0xC6 0x71 0xCE 0x32 0x0D 0x6A 0xA1
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)

Take attention to revision number.It indicates the level of revision for a VTP packet.When you make changes in VTP packet (add/delete vlans),this number increment.This information is used in order to determine whether the received information is more recent than the current version.At this moment,we didn’t add any VLAN,so revision number is currently 0.

This switch will propagate changed to other ones and that’s why it’s set to sever mode (default).If you need to change mode type vtp mode command from config t:

server(config)#vtp mode ?
client Set the device to client mode.  ! in client mode we cannot modify vlans,only receive info from server switch
server Set the device to server mode.
transparent Set the device to transparent mode.

VTP transparent switches do not participate in VTP.It doesn’t advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements,transparent switches do forward VTP changes to other switches

Lets test above statements.

Create some VLAN’s on Server switch:

server(config)#vlan 2
server(config-vlan)#vlan 3
server(config-vlan)#vlan 4
server(config-vlan)#vlan 5

server(config-vlan)#do sh vtp stat

VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 9
VTP Operating Mode : Server
VTP Domain Name : mydomain
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled

Note that revision number has changed from 0 to 4.In order for our client switch to receive changes from server switch,we must set domain,password and mode on client switch:

client#config t
client(config)#vtp domain mydomain
Changing VTP domain name from NULL to mydomain
client(config)#vtp password 1234
Setting device VLAN database password to 1234
client(config)#vtp mode client
Setting device to VTP CLIENT mode.

We need to configure port on server switch as trunk port in order to transfer VLAN data.On the client server we don’t need to configure port to trunk because,by default port is set to dynamic auto (This mode makes the interface able to convert the link to a trunk.It becomes a trunk interface if the neighboring interface is set to trunk or desirable mode)

client(config)#sh int fa0/1 switchport 
Name: Fa0/1
Switchport: Enabled
Administrative Mode: dynamic auto

On server switch configure Fa0/1 port as trunk and allow access to VLAN’s we created in previous step:

server#config t
server(config)#int fa0/1
server(config-if)#switchport mode trunk
server(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
server(config-if)#switchport trunk allowed vlan 2-4

Switch to client switch and observer changes:

client#sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 9
VTP Operating Mode : Client
VTP Domain Name : mydomain
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x69 0x04 0x82 0x5B 0x12 0x01 0x0C 0xD2
Configuration last modified by 0.0.0.0 at 3-1-93 00:59:53

Note that revision number has changed from 0 (default) to 4 and number of VLAN’s increased from 5 (default) to 9

see available VLAN’s:

client#sh vlan

2 VLAN0002 active
3 VLAN0003 active
4 VLAN0004 active
5 VLAN0005 active

As you can see,all changes has propagated drom server to client switch

Adding transparent switch to current topology

We’ll now add another switch,set VTP domain,password,mode to transparent and port,connected to client switch,as trunk port.(to pass VLAN info),and allow VLAN’s configured on server switch (2-5)

Untitled

Switch#configure terminal
Switch(config)#hostname transparent
transparent(config)#vtp domain mydomain
Changing VTP domain name from NULL to mydomain
transparent(config)#vtp password 1234
Setting device VLAN database password to 1234
transparent(config)#vtp mode transparent
Setting device to VTP TRANSPARENT mode.
transparent(config)#int fa0/2
transparent(config-if)#switchport mode trunk
transparent(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
transparent(config)#switchport trunk allowed vlan 2-5

Because this switch is set in transparent mode,any changes from client switch won’t be propagated (revision and VLAN numbers are at default values):

transparent(config-if)#do sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Transparent
VTP Domain Name : mydomain
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x09 0xC6 0x71 0xCE 0x32 0x0D 0x6A 0xA1
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

Add another switch (switch1),set it to client mode and connect to transparent switch

Set VTP domain,password,mode to VTP client,port connected to transparent switch (fa0/1) as trunk,allow VLAN’s (2-5)

Untitled

Switch#configure terminal
Switch(config)#hostname client1
client1(config)#vtp domain mydomain
Changing VTP domain name from NULL to mydomain
client1(config)#vtp password 1234
Setting device VLAN database password to 1234
client1(config)#vtp mode client
Setting device to VTP CLIENT mode.
client1(config)#int fa0/1
client1(config-if)#switchport mode trunk
client1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
client1(config-if)#switchport trunk allowed vlan 2-5
client1(config-if)#do sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 9
VTP Operating Mode : Client
VTP Domain Name : mydomain
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x69 0x04 0x82 0x5B 0x12 0x01 0x0C 0xD2
Configuration last modified by 0.0.0.0 at 3-1-93 00:59:53
client1(config-if)#do sh vlan
2 VLAN0002 active
3 VLAN0003 active
4 VLAN0004 active
5 VLAN0005 active

Although client1 switch is directly connected to transparent switch (which has no an VTP info from server switch),transparent switch passed all VTP info to client1 switch.

Simulating fail of server switch

What will happen if server switch goes down,if we set new switch instead of failed one,will it’s settings override existing client VTP settings,or VTP info from client will propagate to new server switch ?

While disconnected,configure new server switch:

Switch#config t
Switch(config)#hostname new_server
new_server(config)#int fa0/1
new_server(config-if)#switchport mode trunk
new_server(config-if)#switchport trunk allowed vlan 2-4
new_server(config-if)#do vtp domain mydomain
Changing VTP domain name from NULL to mydomain
new_server(config-if)# do vtp password 1234
Setting device VLAN database password to 1234
new_server(config-if)# do vtp mode server
Device mode already VTP SERVER.
new_server(config-if)#do sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 255
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : mydomain
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x09 0xC6 0x71 0xCE 0x32 0x0D 0x6A 0xA1
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)

At this moment,before connecting this switch to client switch,new_server switch has revision number (0), lower than revision number of client switch (4),when we connect new_server to the network,client switch will notice that he has larger revision number than new_server has,and will propagate his VTP data to new_server.

Untitled

new_server(config)#do sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 9
VTP Operating Mode : Server
VTP Domain Name : mydomain
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x69 0x04 0x82 0x5B 0x12 0x01 0x0C 0xD2
Configuration last modified by 0.0.0.0 at 3-1-93 00:59:53
Local updater ID is 0.0.0.0 (no valid interface found)
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s