VLAN Trunking Protocol

VLAN Trunking Protocol, or VTP, is a Cisco-proprietary protocol that propagates VLAN information from one switch acting as a server to other switches in the same domain.  The information is multicast from the switch configured as the server to other switches in the domain using the MAC address 01-00-0C-CC-CC-CC, to which only Cisco devices respond.

The three modes for VTP are:

1. Server - updates are made on any switch configured as a server and multicast to other participating members of the domain.  This is the default mode for Cisco switches
2. Client - updates are not allowed to be made, but they receive updates from servers
3. Transparent - updates are able to be made to the local vlan database only, although the switch will forward updates

 When a change is made on a VTP server, it updates its revision number and sends the update to other systems in the domain.  If a switch receives the update and the revision number is higher than the rev currently on that switch, it adds the update to its database and updates its own revision.  If the rev is lower than its current running revision, it sends a response to the sender to update.  If the rev is the same number, it ignores the update.

In client mode, switches simply get their vlan information from a VTP server.  Updates cannot be made on them, but the do forward VTP updates to keep the domain synchronized.  They do not store any VLAN information, so when they reboot there is no configuration retained.  Rather, they pull the latest revision from a server each boot.

Transparent mode in VTP will not accept revision changes in the VTP domain, but you are able to create and modify local VLANs on the switch.  Transparent mode switches will forward VTP updates to other downstream switches should there be any to keep the domain consistent.  Transparent mode switches store vlan information in the startup and running-config instead of in the vlan database, which is why they do not propagate VLAN info to other switches.  Also, when using VTP Transparent mode, you are able to use extended VLANs beyond the default 1-1005.  VTP transparent mode allows the use of 1006-4096 for local VLANs only.

Exercise caution when adding switches to your network in server mode.  If the revision number on the new switch is higher than the running configuration, and you have not added any VLANs to it when you introduce it to the network, all VTP members will overwrite their existing VLAN database with the empty database of the new switch.  (NOTE:  I have seen this happen in a large production environment.  It's what I call an "RGE" or "resume generating event.")  To avoid this trouble, configure new switches as client or transparent when introducing them to the domain.  To reset the revision number, change the domain to a bogus name and back again, or change the mode to client or transparent before introducing the new switch.

VLAN information is sent over trunk links to all other switches, whether or not the VLANs are in use on the downstream switches.  To conserve bandwidth on trunk links, a VTP server can enable VTP pruning.  Pruning essentially limits VTP updates to switches that have that VLAN active, or assigned to a port, in that VLAN.  If the VLAN doesn't exist on the receiving switch, it does not accept the update.

To configure VTP on a switch, enter config mode and use the vtp command.  The default domain is null, and you must match the case-sensitive domain and password on all switches to participate.  If a switch is in server or client mode, it will inherit the domain from a server's summary advertisement once introduced.

Use the command:

R1#show vtp status

to determine the VTP revisino number, the operating mode of the switch, the pruning status, domain and MD5 password hash.  This is the main troubleshooting tool for VTP.