Catalyst 4000 Family Switch Cisco IOS Software Configuration Guide, 12.1(8a)EW - Configuring VTP [Cisco Catalyst 4000 Series Switches]

Table Of Contents

Understanding and Configuring VTP

VTP Overview

Understanding the VTP Domain

Understanding VTP Modes

Understanding VTP Advertisements

Understanding VTP Version 2

Understanding VTP Pruning

VTP Configuration Guidelines and Restrictions

VTP Default Configuration

Configuring VTP

Configuring VTP Global Parameters

Configuring a VTP Password

Enabling VTP Pruning

Enabling VTP Version 2

Configuring the Switch as a VTP Server

Configuring the Switch as a VTP Client

Disabling VTP (VTP Transparent Mode)

Displaying VTP Statistics

Understanding and Configuring VTP

This chapter describes the VLAN Trunking Protocol (VTP) on the Catalyst 4000 family switches. It also provides guidelines, procedures, and configuration examples.

This chapter consists of the following sections:

•VTP Overview

•VTP Default Configuration

•VTP Configuration Guidelines and Restrictions

•Configuring VTP

Note For complete syntax and usage information for the commands used in this chapter, refer to the Command Reference for the Catalyst 4006 Switch with Supervisor Engine III and the publications at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/index.htm

VTP Overview

VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of VLANs within a VTP domain. A VTP domain (also called a VLAN management domain) is made up of one or more network devices that share the same VTP domain name and that are interconnected with trunks. VTP minimizes misconfigurations and configuration inconsistencies that can result in a number of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations.

Before you create VLANs, you must decide whether you want to use VTP in your network. With VTP, you can make configuration changes centrally on one or more network devices and have those changes automatically communicated to all the other network devices in the network.

Note For complete information on configuring VLANs, see "Understanding and Configuring VLANs."

The following sections describe how VTP works:

•Understanding the VTP Domain

•Understanding VTP Modes

•Understanding VTP Advertisements

•Understanding VTP Version 2

•Understanding VTP Pruning

Understanding the VTP Domain

A VTP domain is made up of one or more interconnected network devices that share the same VTP domain name. A network device can be configured to be in only one VTP domain. You make global VLAN configuration changes for the domain using either the command-line interface (CLI) or Simple Network Management Protocol (SNMP).

By default, the Catalyst 4000 family switch is in VTP server mode and is in the no-management domain state until the switch receives an advertisement for a domain over a trunk link or you configure a management domain. You cannot create or modify VLANs on a VTP server until the management domain name is specified or learned.

If the switch receives a VTP advertisement over a trunk link, it inherits the management domain name and the VTP configuration revision number. The switch ignores advertisements with a different management domain name or an earlier configuration revision number.

If you configure the switch as VTP transparent, you can create and modify VLANs but the changes affect only the individual switch.

When you make a change to the VLAN configuration on a VTP server, the change is propagated to all network devices in the VTP domain. VTP advertisements are transmitted out all Inter-Switch Link (ISL) and IEEE 802.1Q trunk connections.

VTP maps VLANs dynamically across multiple LAN types with unique names and internal index associations. Mapping eliminates excessive device administration required from network administrators.

Understanding VTP Modes

You can configure a Catalyst 4000 family switch to operate in any one of these VTP modes:

•Server—In VTP server mode, you can create, modify, and delete VLANs and specify other configuration parameters (such as VTP version and VTP pruning) for the entire VTP domain. VTP servers advertise their VLAN configuration to other network devices in the same VTP domain and synchronize their VLAN configuration with other network devices based on advertisements received over trunk links. VTP server is the default mode.

•Client—VTP clients behave the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client.

•Transparent—VTP transparent network devices do not participate in VTP. A VTP transparent network device does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, in VTP version 2, transparent network devices do forward VTP advertisements that they receive out their trunking LAN interfaces.

Note Catalyst 4000 family switches automatically change from VTP server mode to VTP client mode if the switch detects a failure while writing configuration to NVRAM. If this happens, the switch cannot be returned to VTP server mode until the NVRAM is functioning.

Understanding VTP Advertisements

Each network device in the VTP domain sends periodic advertisements out each trunking LAN interface to a reserved multicast address. VTP advertisements are received by neighboring network devices, which update their VTP and VLAN configurations as necessary.

The following global configuration information is distributed in VTP advertisements:

•VLAN IDs (ISL and 802.1Q)

•Emulated LAN names (for ATM LANE)

•802.10 SAID values (FDDI)

•VTP domain name

•VTP configuration revision number

•VLAN configuration, including maximum transmission unit (MTU) size for each VLAN

•Frame format

Understanding VTP Version 2

If you use VTP in your network, you must decide whether to use VTP version 1 or version 2.

Note Catalyst 4000 family switches do not support Token Ring or FDDI media. The switch does not forward FDDI, FDDI-Net, TrCRF, or TrBRF traffic, but it does propagate the VLAN configuration via VTP.

VTP version 2 supports the following features, which are not supported in version 1:

•Token Ring support—VTP version 2 supports Token Ring LAN switching and VLANs (Token Ring Bridge Relay Function [TrBRF] and Token Ring Concentrator Relay Function [TrCRF]).

•Unrecognized Type-Length-Value (TLV) Support—A VTP server or client propagates configuration changes to its other trunks, even for TLVs it is not able to parse. The unrecognized TLV is saved in NVRAM.

•Version-Dependent Transparent Mode—In VTP version 1, a VTP transparent network device inspects VTP messages for the domain name and version, and forwards a message only if the version and domain name match. Because only one domain is supported in the supervisor engine software, VTP version 2 forwards VTP messages in transparent mode, without checking the version.

•Consistency Checks—In VTP version 2, VLAN consistency checks (such as VLAN names and values) are performed only when you enter new information through the CLI or SNMP. Consistency checks are not performed when new information is obtained from a VTP message, or when information is read from NVRAM. If the digest on a received VTP message is correct, its information is accepted without consistency checks.

Understanding VTP Pruning

VTP pruning enhances network bandwidth use by reducing unnecessary flooded traffic, such as broadcast, multicast, and unicast packets. VTP pruning increases available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to access the appropriate network devices. By default, VTP pruning is disabled.

For VTP pruning to be effective, all devices in the management domain must either support VTP pruning or, on devices that do not support VTP pruning, you must manually configure the VLANs allowed on trunks.

Figure 9-1 shows a switched network without VTP pruning enabled. Interface 1 on Switch 1 and interface 2 on Switch 4 are assigned to the Red VLAN. A broadcast is sent from the host connected to Switch 1. Switch 1 floods the broadcast and every network device in the network receives it, even though Switches 3, 5, and 6 have no interfaces in the Red VLAN.

You can enable pruning globally on the Catalyst 4000 family switch (see the "Enabling VTP Pruning" section).

Figure 9-1 Flooding Traffic without VTP Pruning

Figure 9-2 shows the same switched network with VTP pruning enabled. The broadcast traffic from Switch 1 is not forwarded to Switches 3, 5, and 6 because traffic for the Red VLAN has been pruned on the links indicated (interface 5 on Switch 2 and interface 4 on Switch 4).

Figure 9-2 Flooding Traffic with VTP Pruning

Enabling VTP pruning on a VTP server enables pruning for the entire management domain. VTP pruning takes effect several seconds after you enable it. By default, VLANs 2 through 1000 are pruning eligible. VTP pruning does not prune traffic from pruning-ineligible VLANs. VLAN 1 is always pruning ineligible; traffic from VLAN 1 cannot be pruned.

To configure VTP pruning on a trunking LAN interface, use the switchport trunk pruning vlan command. VTP pruning operates when a LAN interface is trunking. You can set VLAN pruning eligibility regardless of whether VTP pruning is enabled or disabled for the VTP domain, whether any given VLAN exists, and regardless of whether the LAN interface is currently trunking.

VTP Configuration Guidelines and Restrictions

Follow these guidelines and restrictions when implementing VTP in your network:

•All network devices in a VTP domain must run the same VTP version.

•You must configure a password on each network device in the management domain when in secure mode.

Caution If you configure VTP in secure mode, the management domain will not function properly if you do not assign a management domain password to each network device in the domain.

•A VTP version 2-capable network device can operate in the same VTP domain as a network device running VTP version 1 provided VTP version 2 is disabled on the VTP version 2-capable network device (VTP version 2 is disabled by default).

•Do not enable VTP version 2 on a network device unless all of the network devices in the same VTP domain are version 2-capable. When you enable VTP version 2 on a server, all of the version 2-capable network devices in the domain enable VTP version 2.

•Enabling or disabling VTP pruning on a VTP server enables or disables VTP pruning for the entire management domain.

•Configuring VLANs as pruning eligible or pruning ineligible on a Catalyst 4000 family switch affects pruning eligibility for those VLANs on that switch only; not on all network devices in the VTP domain.

VTP Default Configuration

Table 9-1 shows the default VTP configuration.

Table 9-1 VTP Default Configuration

Feature

Default Value

VTP domain name

Null

VTP mode

Server

VTP version 2 enable state

Version 2 is disabled

VTP password

None

VTP pruning

Disabled

Configuring VTP

The following sections describe how to configure VTP:

•Configuring VTP Global Parameters

•Configuring the Switch as a VTP Server

•Configuring the Switch as a VTP Client

•Disabling VTP (VTP Transparent Mode)

•Enabling VTP Version 2

•Enabling VTP Pruning

•Displaying VTP Statistics

Configuring VTP Global Parameters

The following sections describe configuring the VTP global parameters:

•Configuring a VTP Password

•Enabling VTP Pruning

•Enabling VTP Version 2

Configuring a VTP Password

To configure the VTP global parameters, enter the following command:
Purpose

Command
Sets a password, which can be from 8 to 64 characters long, for the VTP domain.

Use the no keyword to remove the password.
Switch# [no] vtp password 
password_string 
This example shows how to configure a VTP password:
Switch# vtp password WATER
Setting device VLAN database password to WATER.
Switch# 
Enabling VTP Pruning

To enable VTP pruning in the management domain, perform the following task:
Task

Command
Step 1

Enable VTP pruning in the management domain.

Use the no keyword to disable VTP pruning in the management domain.
Switch# [no] vtp pruning 
Step 2

Verify the configuration.
Switch# show vtp status 
This example shows how to enable VTP pruning in the management domain:
Switch# vtp pruning
Pruning switched ON
This example shows how to verify the configuration:
Switch# show vtp status | include Pruning
VTP Pruning Mode                : Enabled
Switch# 
Enabling VTP Version 2

By default, VTP version 2 is disabled on VTP version 2-capable network devices. When you enable VTP
version 2 on a server, every VTP version 2-capable network device in the VTP domain enables version 2.

Caution VTP version 1 and VTP version 2 are not interoperable on network devices in the same VTP domain. Every network device in the VTP domain must use the same VTP version. Do not enable VTP version 2 unless every network device in the VTP domain supports version 2.

To enable VTP version 2, perform this task:
Task

Command
Step 1

Enable VTP version 2. Use the no keyword to revert to the default.
Switch# [no] vtp version {1 | 2} 
Step 2

Verify the configuration.
Switch# show vtp status 
This example shows how to enable VTP version 2:
Switch# vtp version 2
V2 mode enabled.
Switch# 
This example shows how to verify the configuration:
Switch# show vtp status | include V2
VTP V2 Mode                     : Enabled
Switch# 
Configuring the Switch as a VTP Server

To configure the Catalyst 4000 family switch as a VTP server, perform this task:
Task

Command
Step 1

Enter configuration mode.
Switch# configuration terminal
Step 2

Configure the switch as a VTP server.
Switch(config)# vtp mode server 
Step 3

Define the VTP domain name, which can be up to 32 characters long.
Switch(config)# vtp domain domain_name 
Step 4

Exit VLAN configuration mode.
Switch(config)# end 
Step 5

Verify the configuration.
Switch# show vtp status 
This example shows how to configure the switch as a VTP server:
Switch# configuration terminal
Switch(config)# vtp mode server
Setting device to VTP SERVER mode.
Switch(config)# vtp domain Lab_Network
Setting VTP domain name to Lab_Network
Switch(config)# end
Switch# 
This example shows how to verify the configuration:
Switch# show vtp status 
VTP Version                     : 2
Configuration Revision          : 247
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 33
VTP Operating Mode              : Server
VTP Domain Name                 : Lab_Network
VTP Pruning Mode                : Enabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80
Configuration last modified by 0.0.0.0 at 8-12-99 15:04:49
Local updater ID is 172.20.52.34 on interface Gi1/1 (first interface found) 
Switch# 
Configuring the Switch as a VTP Client

To configure the Catalyst 4000 family switch as a VTP client, perform this task:
Task

Command
Step 1

Enter configuration mode.
Switch# configuration terminal 
Step 2

Configure the switch as a VTP client. Use the no keyword to return to the default setting (server).
Switch(config)# [no] vtp mode client
Step 3

Exit configuration mode.
Switch(config)# end 
Step 4

Verify the configuration.
Switch# show vtp status 
This example shows how to configure the switch as a VTP client:
Switch# configuration terminal
Switch(config)# vtp mode client
Setting device to VTP CLIENT mode.
Switch(config)# exit
Switch# 
This example shows how to verify the configuration:
Switch# show vtp status 
VTP Version                     : 2
Configuration Revision          : 247
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 33
VTP Operating Mode              : Client
VTP Domain Name                 : Lab_Network
VTP Pruning Mode                : Enabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80
Configuration last modified by 0.0.0.0 at 8-12-99 15:04:49
Switch# 
Disabling VTP (VTP Transparent Mode)

To disable VTP on the Catalyst 4000 family switch, perform this task:
Task

Command
Step 1

Enter configuration mode.
Switch# configuration terminal 
Step 2

Disable VTP on the switch.Use the no keyword to return to the default setting (server).
Switch(config)# [no] vtp mode transparent
Step 3

Exit configuration mode.
Switch(config)# end 
Step 4

Verify the configuration.
Switch# show vtp status 
This example shows how to disable VTP on the switch:
Switch# configuration terminal
Switch(config)# vtp transparent
Setting device to VTP mode.
Switch(config)# end
Switch# 
This example shows how to verify the configuration:
Switch# show vtp status 
VTP Version                     : 2
Configuration Revision          : 247
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 33
VTP Operating Mode              : Transparent
VTP Domain Name                 : Lab_Network
VTP Pruning Mode                : Enabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80
Configuration last modified by 0.0.0.0 at 8-12-99 15:04:49
Switch# 
Displaying VTP Statistics

To display VTP statistics, including VTP advertisements sent and received and VTP errors, enter the following command:
Command

Purpose
Switch# show vtp counters 
Displays VTP statistics.
This example shows how to display VTP statistics:
Switch# show vtp counters
VTP statistics:
Summary advertisements received    : 7
Subset advertisements received     : 5
Request advertisements received    : 0
Summary advertisements transmitted : 997
Subset advertisements transmitted  : 13
Request advertisements transmitted : 3
Number of config revision errors   : 0
Number of config digest errors     : 0
Number of V1 summary errors        : 0
VTP pruning statistics:
Trunk            Join Transmitted Join Received    Summary advts received from
                                                   non-pruning-capable device
---------------- ---------------- ---------------- ---------------------------
Fa5/8               43071            42766            5