VTP “Specials”

VTP is a nice tool if you have a larger network with a lot of VLANs and modifications, but it also has its dark sides. Im going to show three different scenarios and how VTP behaves in those, the first two might not be a big suprise, neither the third (cause its written in a warning inside the config guide) but maybe it shows why and how VTP is going to behave in those situations. Im going to start with some copy&paste action (why should I write something by myself if there is already a well written text? 🙂 ) from the Cisco Config Guide about VTP and its three modes.


A VTP domain (also called a VLAN management domain) consists of one switch or several interconnected switches under the same administrative responsibility sharing the same VTP domain name. A switch can be in only one VTP domain. You make global VLAN configuration changes for the domain.

VTP can be configured in one of three modes:

VTP Server – In VTP server mode, you can create, modify, and delete VLANs, and specify other configuration parameters (such as the VTP version) for the entire VTP domain. VTP servers advertise their VLAN configurations to other switches in the same VTP domain and synchronize their VLAN configurations with other switches based on advertisements received over trunk links. In VTP server mode, VLAN configurations are saved in NVRAM. VTP server is the default mode.

VTP Client – A VTP client behaves like a VTP server and transmits and receives VTP updates on its trunks, but you cannot create, change, or delete VLANs on a VTP client. VLANs are configured on another switch in the domain that is in server mode. In VTP client mode, VLAN configurations are not saved in NVRAM.

VTP transparent – VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, in VTP Version 2, transparent switches do forward VTP advertisements that they receive from other switches through their trunk interfaces. You can create, modify, and delete VLANs on a switch in VTP transparent mode. When the switch is in VTP transparent mode, the VTP and VLAN configurations are saved in NVRAM, but they are not advertised to other switches. In this mode, VTP mode and domain name are saved in the switch running configuration, and you can save this information in the switch startup configuration file by using the copy running-config startup-config privileged EXEC command.

Base Config:

Used network layout:

SW1 and 2 are configured as servers, SW3 as client and SW4 is set to transparent. No switch has a VTP domain an begins with only VLAN 1 (default).

SW1#sh vtp status
 VTP Version                     : 2
 Configuration Revision          : 0
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 5
 VTP Operating Mode              : Server
 VTP Domain Name                 :
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
 Local updater ID is 0.0.0.0 (no valid interface found)

SW1#sh int trunk
 Port        Mode         Encapsulation  Status        Native vlan
 Gi1/0/13    on           802.1q         trunking      1
 Gi1/0/19    on           802.1q         trunking      1

Port        Vlans allowed on trunk
 Gi1/0/13    1-4094
 Gi1/0/19    1-4094

Port        Vlans allowed and active in management domain
 Gi1/0/13    1
 Gi1/0/19    1

Port        Vlans in spanning tree forwarding state and not pruned
 Gi1/0/13    1
 Gi1/0/19    1

SW2#sh vtp status
 VTP Version                     : 2
 Configuration Revision          : 4
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 5
 VTP Operating Mode              : Server
 VTP Domain Name                 :
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0x30 0x97 0xFF 0x8F 0x75 0x05 0x07 0xF9
 Configuration last modified by 0.0.0.0 at 3-23-93 00:31:39
 Local updater ID is 0.0.0.0 (no valid interface found)

SW2#sh int trunk
 Port        Mode         Encapsulation  Status        Native vlan
 Gi1/0/13    auto         n-802.1q       trunking      1
 Gi1/0/16    auto         n-isl          trunking      1

Port        Vlans allowed on trunk
 Gi1/0/13    1-4094
 Gi1/0/16    1-4094

Port        Vlans allowed and active in management domain
 Gi1/0/13    1
 Gi1/0/16    1

Port        Vlans in spanning tree forwarding state and not pruned
 Gi1/0/13    1
 Gi1/0/16    1

SW3#sh vtp status
 VTP Version                     : running VTP1 (VTP2 capable)
 Configuration Revision          : 0
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 5
 VTP Operating Mode              : Client
 VTP Domain Name                 :
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

SW3#sh int trunk
 Port        Mode             Encapsulation  Status        Native vlan
 Fa0/16      desirable        n-isl          trunking      1
 Fa0/19      on               802.1q         trunking      1

Port        Vlans allowed on trunk
 Fa0/16              1-4094
 Fa0/19              1-4094

Port                Vlans allowed and active in management domain
 Fa0/16              1
 Fa0/19              1

Port                Vlans in spanning tree forwarding state and not pruned
 Fa0/16              1
 Fa0/19              1

SW4#sh vtp status
 VTP Version                     : running VTP1 (VTP2 capable)
 Configuration Revision          : 0
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 5
 VTP Operating Mode              : Transparent
 VTP Domain Name                 :
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

SW4#sh int trunk
 Port        Mode             Encapsulation  Status        Native vlan
 Fa0/13      on               802.1q         trunking      1
 Fa0/19      on               802.1q         trunking      1

Port        Vlans allowed on trunk
 Fa0/13              1-4094
 Fa0/19              1-4094

Port                Vlans allowed and active in management domain
 Fa0/13              1
 Fa0/19              1

Port                Vlans in spanning tree forwarding state and not pruned
 Fa0/13              1
 Fa0/19              none

VTP without Domain

Claim: VTP Servers configured without a domain do not update other VTP Servers or Clients without a configured domain.
SW2 adds the VLANs 2 and 3.

SW2#sh vlan | i active|Gi
 1    default                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3
                                                 Gi1/0/4, Gi1/0/5, Gi1/0/6
                                                 Gi1/0/7, Gi1/0/8, Gi1/0/9
                                                 Gi1/0/10, Gi1/0/11, Gi1/0/12
                                                 Gi1/0/14, Gi1/0/15, Gi1/0/17
                                                 Gi1/0/18, Gi1/0/19, Gi1/0/20
                                                 Gi1/0/21, Gi1/0/22, Gi1/0/23
                                                 Gi1/0/24
 2    VLAN0002                         active
 3    VLAN0003                         active

Proof: Neither SW1, SW3 nor SW4 got an update.

SW1#sh vlan | i active|Gi
 1    default                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3
                                                 Gi1/0/4, Gi1/0/5, Gi1/0/6
                                                 Gi1/0/7, Gi1/0/8, Gi1/0/9
                                                 Gi1/0/10, Gi1/0/11, Gi1/0/12
                                                 Gi1/0/14, Gi1/0/15, Gi1/0/16
                                                 Gi1/0/17, Gi1/0/18, Gi1/0/19
                                                 Gi1/0/20, Gi1/0/21, Gi1/0/22
                                                 Gi1/0/23, Gi1/0/24</pre>
SW3#sh vlan | i active|Fa|Gi
 1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                 Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                 Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                 Fa0/13, Fa0/14, Fa0/15, Fa0/17
                                                 Fa0/18, Fa0/19, Fa0/20, Fa0/21
                                                 Fa0/22, Fa0/23, Fa0/24, Gi0/1
                                                 Gi0/2</pre>
SW4#sh vlan | i active|Fa|Gi
 1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                 Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                 Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                 Fa0/14, Fa0/15, Fa0/16, Fa0/17
                                                 Fa0/18, Fa0/20, Fa0/21, Fa0/22
                                                 Fa0/23, Fa0/24, Fa0/25, Fa0/26
                                                 Fa0/27, Fa0/28, Fa0/29, Fa0/30
                                                 Fa0/31, Fa0/32, Fa0/33, Fa0/34
                                                 Fa0/35, Fa0/36, Fa0/37, Fa0/38
                                                 Fa0/39, Fa0/40, Fa0/41, Fa0/42
                                                 Fa0/43, Fa0/44, Fa0/45, Fa0/46
                                                 Fa0/47, Fa0/48, Gi0/1, Gi0/2

I also issued a debug sw-vlan vtp events on every switch which shows if any VTP messages are sent or received (VTP debugging), in this case no VTP packet/message was sent.
The why is covered in the VTP Configuration Guide

Until the management domain name is specified or learned, you cannot create or modify VLANs on a VTP server, and VLAN information is not propagated over the network.

VTP Domain Update

Claim: A VTP Server with a configured Domain will update all VTP devices in server or client mode with its domain, as long as no password is set.
On SW2 we are going to congfigure the VTP domain CCIE and keep the two additional VLANs (2/3):

SW2#sh vtp status
 VTP Version                     : 2
 Configuration Revision          : 6
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 7
 VTP Operating Mode              : Server
 VTP Domain Name                 : CCIE
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0x9D 0xA2 0x7E 0x64 0x3C 0xDA 0xA1 0x8F
 Configuration last modified by 0.0.0.0 at 3-23-93 00:48:27
 Local updater ID is 0.0.0.0 (no valid interface found)

Proof: As we can see with the debugging output of all other switches, SW2 is going to configure the VTP Domain on every client or server without a configured Domain.

SW1#
3w1d: VTP LOG RUNTIME: Summary packet received in NULL domain state
3w1d: VTP LOG RUNTIME: Summary packet received, domain = CCIE, rev = 6, followers = 1
3w1d: VTP LOG RUNTIME: Transitioning from NULL to CCIE domain
3w1d: VTP LOG RUNTIME: Summary packet rev 6 greater than domain CCIE rev 0
3w1d: VTP LOG RUNTIME: Domain CCIE currently not in updating state
3w1d: VTP LOG RUNTIME: Subset packet received, domain = CCIE, rev = 6, seq = 1, length = 244
3w1d: VTP LOG RUNTIME: Transmit vtp summary, domain CCIE, rev 6, followers 1
MD5 digest calculated = 9D A2 7E 64 3C DA A1 8F F1 A9 17 17 4B 4D 27 85
3w1d: VTP LOG RUNTIME: Transmit vtp summary, domain CCIE, rev 6, followers 1
MD5 digest calculated = 9D A2 7E 64 3C DA A1 8F F1 A9 17 17 4B 4D 27 85

All but SW4 (the transparent switch) have their domain now set to CCIE:

SW4#
4w1d: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/13 – in TRANSPARENT MODE (nc = false)
4w1d: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/13 – in TRANSPARENT MODE (nc = false)
4w1d: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/13 – in TRANSPARENT MODE (nc = false)

SW4#sh vtp status
 VTP Version                     : running VTP1 (VTP2 capable)
 Configuration Revision          : 0
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 5
 VTP Operating Mode              : Transparent
 VTP Domain Name                 :
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

SW1#sh vtp status
 VTP Version                     : 2
 Configuration Revision          : 6
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 7
 VTP Operating Mode              : Server
 VTP Domain Name                 : CCIE
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0x9D 0xA2 0x7E 0x64 0x3C 0xDA 0xA1 0x8F
 Configuration last modified by 0.0.0.0 at 3-23-93 00:48:27
 Local updater ID is 0.0.0.0 (no valid interface found)

SW3#sh vtp status
 VTP Version                     : running VTP1 (VTP2 capable)
 Configuration Revision          : 6
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 7
 VTP Operating Mode              : Client
 VTP Domain Name                 : CCIE
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0x9D 0xA2 0x7E 0x64 0x3C 0xDA 0xA1 0x8F
 Configuration last modified by 0.0.0.0 at 3-23-93 00:48:27

Both VLANs from SW2 are now known through the CCIE VTP domain:

SW1#sh vlan | i active|Gi
 1    default                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3
                                                 Gi1/0/4, Gi1/0/5, Gi1/0/6
                                                 Gi1/0/7, Gi1/0/8, Gi1/0/9
                                                 Gi1/0/10, Gi1/0/11, Gi1/0/12
                                                 Gi1/0/14, Gi1/0/15, Gi1/0/16
                                                 Gi1/0/17, Gi1/0/18, Gi1/0/20
 Gi1/0/21, Gi1/0/22, Gi1/0/23
 Gi1/0/24
 2    VLAN0002                         active
 3    VLAN0003                         active</pre>
<pre>SW3#sh vlan | i active|Fa|Gi
 1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                 Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                 Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                 Fa0/13, Fa0/14, Fa0/15, Fa0/17
                                                 Fa0/18, Fa0/20, Fa0/21, Fa0/22
                                                 Fa0/23, Fa0/24, Gi0/1, Gi0/2
 2    VLAN0002                         active
 3    VLAN0003                         active

SW4 still doesnt want to know anything about the VLANs:

SW4#sh vlan | i active|Fa|Gi
 1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                 Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                 Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                 Fa0/14, Fa0/15, Fa0/16, Fa0/17
                                                 Fa0/18, Fa0/20, Fa0/21, Fa0/22
                                                 Fa0/23, Fa0/24, Fa0/25, Fa0/26
                                                 Fa0/27, Fa0/28, Fa0/29, Fa0/30
                                                 Fa0/31, Fa0/32, Fa0/33, Fa0/34
                                                 Fa0/35, Fa0/36, Fa0/37, Fa0/38
                                                 Fa0/39, Fa0/40, Fa0/41, Fa0/42
                                                 Fa0/43, Fa0/44, Fa0/45, Fa0/46
                                                 Fa0/47, Fa0/48, Gi0/1, Gi0/2

Even though SW4 does not participate in the VTP updates for the domain CCIE, it is relaying the received VTP packets. So Transparent switches do not have to have a domain configured to relay the VTP packets.

VTP Clients and the revision number

Claim: A VTP client with a configuration higher revision number will overwrite every configuration done by a server.

Note: This will only happen, if the client is preconfigured with the VTP domain, before it is added to the network. If no domain is set, the VTP servers will update the client with their own domain and the client will use the config revision number of the servers and not its own.

We are going to shut down both trunks on SW4 and manualy change it to server mode (remember clients cant add/delete/migrate VLANs) with the CCIE domain. By adding and deleting VLANs we are going to set the configuration revision number from 0 to 10, which is higher then the number in the CCIE domain.

SW4#sh int trunk

SW4#

SW4#sh vtp status
 VTP Version                     : running VTP1 (VTP2 capable)
 Configuration Revision          : 10
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 5
 VTP Operating Mode              : Server
 VTP Domain Name                 : CCIE
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0xF9 0x44 0xC0 0xD4 0x54 0x85 0x7B 0x6D
 Configuration last modified by 0.0.0.0 at 3-30-93 06:15:24
 Local updater ID is 0.0.0.0 (no valid interface found)

Now before we enable the trunks again, SW4 will be set to client mode. As you can see, VTP keeps the revision number even though its now a client:

SW4#sh vtp status
 VTP Version                     : running VTP1 (VTP2 capable)
 Configuration Revision          : 10
 Maximum VLANs supported locally : 1005
 Number of existing VLANs        : 5
 VTP Operating Mode              : Client
 VTP Domain Name                 : CCIE
 VTP Pruning Mode                : Disabled
 VTP V2 Mode                     : Disabled
 VTP Traps Generation            : Disabled
 MD5 digest                      : 0xF9 0x44 0xC0 0xD4 0x54 0x85 0x7B 0x6D
 Configuration last modified by 0.0.0.0 at 3-30-93 06:15:24

As the following output shows SW4 does not have any VLANs configured but VLAN 1:

SW4#sh vlan | i active|Fa|Gi
 1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                 Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                 Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                 Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                 Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                 Fa0/21, Fa0/22, Fa0/23, Fa0/24
                                                 Fa0/25, Fa0/26, Fa0/27, Fa0/28
                                                 Fa0/29, Fa0/30, Fa0/31, Fa0/32
                                                 Fa0/33, Fa0/34, Fa0/35, Fa0/36
                                                 Fa0/37, Fa0/38, Fa0/39, Fa0/40
                                                 Fa0/41, Fa0/42, Fa0/43, Fa0/44
                                                 Fa0/45, Fa0/46, Fa0/47, Fa0/48
                                                 Gi0/1, Gi0/2

Now the fun part starts, as soon as the trunks are operational, SW4 will overwrite the existing config and VLAN 2 and 3 will be lost through the whole domain:

4w1d: %LINK-3-UPDOWN: Interface FastEthernet0/19, changed state to upno shut
SW4(config-if)#end
SW4#
4w1d: VTP LOG RUNTIME: switchport trunk mode on Fa0/19 has changed
4w1d: VTP LOG RUNTIME: delaying first flood on new trunk
4w1d: %SYS-5-CONFIG_I: Configured from console by console
4w1d: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/19, changed state to up
4w1d: %LINK-3-UPDOWN: Interface FastEthernet0/13, changed state to up
SW4#
4w1d: VTP LOG RUNTIME: switchport trunk mode on Fa0/13 has changed
4w1d: VTP LOG RUNTIME: delaying first flood on new trunk
4w1d: VTP LOG RUNTIME: Summary packet received, domain = CCIE, rev = 6, followers = 0, length 77, trunk Fa0/19
4w1d: VTP LOG RUNTIME: Summary packet rev 6 lower than domain CCIE rev 10
4w1d: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/13, changed state to up
4w1d: VTP LOG RUNTIME: Transmit vtp summary, domain CCIE, rev 10, followers 0, tlv blk size 5 (inc #tlv field),
MD5 digest calculated = F9 44 C0 D4 54 85 7B 6D 36 D1 81 C0 E2 73 E0 3B
4w1d: VTP LOG RUNTIME: Transmit vtp summary, domain CCIE, rev 10, followers 1, tlv blk size 5 (inc #tlv field),
MD5 digest calculated = F9 44 C0 D4 54 85 7B 6D 36 D1 81 C0 E2 73 E0 3B
4w1d: VTP LOG RUNTIME: Summary packet received, domain = CCIE, rev = 10, followers = 1, length 77, trunk Fa0/19
4w1d: VTP LOG RUNTIME: Summary packet rev 10 equal to domain CCIE rev 10
4w1d: VTP LOG RUNTIME: Subset packet received, domain = CCIE, rev = 10, seq = 1, length = 204
4w1d: VTP LOG RUNTIME: Summary packet received, domain = CCIE, rev = 10, followers = 1, length 77, trunk Fa0/13
4w1d: VTP LOG RUNTIME: Summary packet rev 10 equal to domain CCIE rev 10
4w1d: VTP LOG RUNTIME: Subset packet received, domain = CCIE, rev = 10, seq = 1, length = 204

SW1#sh vlan | i active|Gi
 1    default                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3
                                                 Gi1/0/4, Gi1/0/5, Gi1/0/6
                                                 Gi1/0/7, Gi1/0/8, Gi1/0/9
                                                 Gi1/0/10, Gi1/0/11, Gi1/0/12
                                                 Gi1/0/14, Gi1/0/15, Gi1/0/16
                                                 Gi1/0/17, Gi1/0/18, Gi1/0/20
                                                 Gi1/0/21, Gi1/0/22, Gi1/0/23
                                                 Gi1/0/24</pre>
SW2#sh vlan | i active|Gi
 1    default                          active    Gi1/0/1, Gi1/0/2, Gi1/0/3
                                                 Gi1/0/4, Gi1/0/5, Gi1/0/6
                                                 Gi1/0/7, Gi1/0/8, Gi1/0/9
                                                 Gi1/0/10, Gi1/0/11, Gi1/0/12
                                                 Gi1/0/14, Gi1/0/15, Gi1/0/17
                                                 Gi1/0/18, Gi1/0/19, Gi1/0/20
                                                 Gi1/0/21, Gi1/0/22, Gi1/0/23
                                                 Gi1/0/24</pre>
SW3#sh vlan | i active|Fa|Gi
 1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                 Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                 Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                 Fa0/13, Fa0/14, Fa0/15, Fa0/17
                                                 Fa0/18, Fa0/20, Fa0/21, Fa0/22
                                                 Fa0/23, Fa0/24, Gi0/1, Gi0/2

Nice one huh? Every configured VLAN except the default VLAN is lost. So why is this going to happen?
As you maybe know, VTP is controlling the VLAN configuration based on the configuration revision number, the higher the more accurate. And every VTP device does send out periodic global configuration advertisements out every trunk to a reserved multicast address. So in a normal VTP domain only a server will update the VLAN informations and the revision number.
Have a look at the following layout:

If one of the VTP servers is going to create a VLAN, his revision number will increase by one and it does send out a VTP packet with the new revision number, the VTP client will compare it to its own number and will update it if its higher. With the next update the VTP client will send out the same packet to the other VTP server which will also add the VLAN if the revision number is higher.
Based on that process, if we now have a VTP client with a higher revision number and another VLAN configuration, the VTP client will update all other switches with its periodic updates. VTP devices do (or can) not check if the original update is from a VTP server or client.

So before you add a switch into your VTP domain, be sure that the configuration revision number is lower then the existing one or that it has no VTP domain configured, otherwise you might have more work then you expected 🙂

Advertisements

7 comments

  1. Pingback: VTP Client with a larger config revision value will update the VLAN database of VTP servers with lower configuration revision value « dAbance, The Network Paranoid
  2. N.Lakshminarayanan

    AS an alternate, change the VTP mode to transparent and then to client. It will lose the existing revision number data and will not corrupt the existing VTP DB.

  3. pashtuk

    “AS an alternate, change the VTP mode to transparent and then to client. It will lose the existing revision number data and will not corrupt the existing VTP DB.”

    Yes this is probably the easiest way to get rid of the configuration revision number and reset it to zero. 🙂

  4. pib30

    A newly introduced VTP Client with higher configuration revision will not always update the VLAN database of the other VTP Servers and VTP Clients from the network.
    It will update the VLAN database only if it is configured with the same VTP domain name.
    If VTP domain is not configured (which is the default configuration) in the newly introduced VTP Client then even if the new VTP Client has a higher configuration revision it won’t do any harm to the existing network. Once placed in the network it will update its VTP domain with the VTP domain name advertised by the VTP Server AND as well it will change its configuration revision to the one advertised by the VTP Server.

  5. pib30

    + to finalize the refinement:
    Also the newly introduced VTP Client with higher configuration revision will not overwrite the existing VLAN database even when it has the same VTP domain configured, in case the VTP password is different from the password set in the existing VTP servers and VTP Clients.
    So to sum up:
    A newly introduced VTP Client will overwrite the existing VLAN database only if the following conditions are all fulfilled:
    – it has the same VTP domain name set as in the existing VTP Servers and VTP clients
    – it has the same VTP password set as in the VTP Servers and VTP Clients
    – it has higher configuration revision than in the existing VTP Servers and VTP Clients

    Please correct me if I’m wrong.

  6. pib30

    Thanks Michel for your confirmation.
    As I’m self-studying for CCNA (hope in 6 months to be at full speed, ready for the CCNA exam then for going to the next preparation step CCNP), it helps me a lot your feedback in order to know whether or not I’m on the right track.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s