Review/Perspective: VTP

2.1.d Implement and troubleshoot trunking

  • 2.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning
  • 2.1.d [ii] dot1Q
  • 2.1.d [iii] Native VLAN
  • 2.1.d [iv] Manual pruning

VLAN configuration can be centralized using VTP

VTP is not required to define a broadcast domain, it is used to advertise VLAN attributes and is solely used for VLAN administration.

VTP is typically not worth the potential risk inherent in its use, as easily as it can create and manage VLANs, you can easily break your network as well.

VTP will try to authenticate the MD5 checksum regardless if a password is configured.  This means that VTP will use NULL authentication for verification.

Configuration revision numbers indicate the current VLAN database currently installed.  The higher the revision is VTP will sync its VLAN database to the highest configuration revision.  Every time a VLAN is Add/Changed/Removed it increments the revision number and is propagated out to all VTP clients.

VTP has three modes

  • Server – switch is defaulted to this mode, can update configuration revisions
  • Client – switch is set to listen only for configuration revisions from servers and will not update revisions on its own.
  • Transparent – passes through configuration revisions, and does not participate in VTP meaning VLANs must be manually configured.



vtp domain.PNG

VTP Pruning – reduces uneccesary replication of broadcasts. unknown unicasts, and unknown multicast traffic.  Pruning is only supported in server and client mode

vtp pruning.PNG

sh int pruning.PNG

Click here to see specific details for all VTP versions 

Manual pruning involves configuring an allowed VLAN list or a specific pruning configuration on a trunk port.
Allowed List:
manual pruning.PNG

Prune List
manual pruning 2.PNG

The command sh interface trunk will display the configured trunks on a switch, what VLANs are allowed in the domain and what VLANs are actively being forwarded across the trunk.
sh int trunk.PNG

Native VLAN – default VLAN 1 on switches, accepts and forwards any and all untagged traffic.

802.1Q – Open standard that injects a VLAN Id tag into an ethernet frame to distinguish traffic from other broadcast domains.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s