Understanding and Configuring VTP
Available Languages
Table of Contents
Understanding and Configuring VTP
Understanding VTP Advertisements
VTP Configuration Guidelines and Restrictions
Configuring VTP Global Parameters
Configuring the Switch as a VTP Server
Configuring the Switch as a VTP Client
Disabling VTP (VTP Transparent Mode)
Understanding and Configuring VTP
This chapter describes the VLAN Trunking Protocol (VTP) on the Catalyst 4500 series switch. It also provides guidelines, procedures, and configuration examples.
This chapter includes the following major sections:
- Overview of VTP
- VTP Configuration Guidelines and Restrictions
- VTP Default Configuration
- Configuring VTP
Note
For complete syntax and usage information for the switch commands used in this chapter, refer to the Catalyst 4500 Series Switch Cisco IOS Command Reference and related publications at
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/index.htm.
Overview of VTP
VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of VLANs within a VTP domain. A VTP domain (also called a VLAN management domain) is made up of one or more network devices that share the same VTP domain name and that are interconnected with trunks. VTP minimizes misconfigurations and configuration inconsistencies that can result in a number of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations.
Before you create VLANs, you must decide whether you want to use VTP in your network. With VTP, you can make configuration changes centrally on one or more network devices and have those changes automatically communicated to all the other network devices in the network.
Note For complete information on configuring VLANs, see Chapter1, “Configuring VLANs, VTP, and VMPS”
These sections describe how VTP works:
- Understanding the VTP Domain
- Understanding VTP Modes
- Understanding VTP Advertisements
- Understanding VTP Version 2
- Understanding VTP Pruning
Understanding the VTP Domain
A VTP domain is made up of one or more interconnected network devices that share the same VTP domain name. A network device can be configured to be in only one VTP domain. You make global VLAN configuration changes for the domain using either the command-line interface (CLI) or Simple Network Management Protocol (SNMP).
By default, the Catalyst 4500 series switch is in VTP server mode and is in the no-management domain state until the switch receives an advertisement for a domain over a trunk link or you configure a management domain. You cannot create or modify VLANs on a VTP server until the management domain name is specified or learned.
If the switch receives a VTP advertisement over a trunk link, it inherits the management domain name and the VTP configuration revision number. The switch ignores advertisements with a different management domain name or an earlier configuration revision number.
If you configure the switch as VTP transparent, you can create and modify VLANs, but the changes affect only the individual switch.
When you make a change to the VLAN configuration on a VTP server, the change is propagated to all network devices in the VTP domain. VTP advertisements are transmitted out all Inter-Switch Link (ISL) and IEEE 802.1Q trunk connections.
VTP maps VLANs dynamically across multiple LAN types with unique names and internal index associations. Mapping eliminates unnecessary device administration for network administrators.
Understanding VTP Modes
You can configure a Catalyst 4500 series switch to operate in any one of these VTP modes:
- Server—In VTP server mode, you can create, modify, and delete VLANs and specify other configuration parameters (such as VTP version and VTP pruning) for the entire VTP domain. VTP servers advertise their VLAN configuration to other network devices in the same VTP domain and synchronize their VLAN configuration with other network devices based on advertisements received over trunk links. VTP server is the default mode.
- Client—VTP clients behave the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client.
- Transparent—VTP transparent network devices do not participate in VTP. A VTP transparent network device does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, in VTP version 2, transparent network devices do forward VTP advertisements that they receive on their trunking LAN interfaces.
Note Catalyst 4500 series switch automatically change from VTP server mode to VTP client mode if the switch detects a failure while writing configuration to NVRAM. If this happens, the switch cannot be returned to VTP server mode until the NVRAM is functioning.
Understanding VTP Advertisements
Each network device in the VTP domain sends periodic advertisements out each trunking LAN interface to a reserved multicast address. VTP advertisements are received by neighboring network devices, which update their VTP and VLAN configurations as necessary.
The following global configuration information is distributed in VTP advertisements:
Understanding VTP Version 2
If you use VTP in your network, you must decide whether to use VTP version 1 or version 2.
Note Catalyst 4500 series switch do not support Token Ring or FDDI media. The switch does not forward FDDI, FDDI-Net, Token Ring Concentrator Relay Function [TrCRF], or Token Ring Bridge Relay Function [TrBRF] traffic, but it does propagate the VLAN configuration via VTP.
VTP version 2 supports the following features, which are not supported in version 1:
- Token Ring support—VTP version 2 supports Token Ring LAN switching and VLANs (TrBRF and TrCRF).
- Unrecognized Type-Length-Value (TLV) Support—A VTP server or client propagates configuration changes to its other trunks, even for TLVs it is not able to parse. The unrecognized TLV is saved in NVRAM.
- Version-Dependent Transparent Mode—In VTP version 1, a VTP transparent network device inspects VTP messages for the domain name and version, and forwards a message only if the version and domain name match. Because only one domain is supported in the supervisor engine software, VTP version 2 forwards VTP messages in transparent mode, without checking the version.
- Consistency Checks—In VTP version 2, VLAN consistency checks (such as VLAN names and values) are performed only when you enter new information through the CLI or SNMP. Consistency checks are not performed when new information is obtained from a VTP message or when information is read from NVRAM. If the digest on a received VTP message is correct, its information is accepted without consistency checks.
Understanding VTP Pruning
VTP pruning enhances network bandwidth use by reducing unnecessary flooded traffic, such as broadcast, multicast, and unicast packets. VTP pruning increases available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to access the appropriate network devices. By default, VTP pruning is disabled.
For VTP pruning to be effective, all devices in the management domain must either support VTP pruning or, on devices that do not support VTP pruning, you must manually configure the VLANs allowed on trunks.
Figure 27-1 shows a switched network without VTP pruning enabled. Interface 1 on Switch 1 and Interface 2 on Switch 4 are assigned to the Red VLAN. A broadcast is sent from the host connected to Switch 1. Switch 1 floods the broadcast and every network device in the network receives it, even though Switches 3, 5, and 6 have no interfaces in the Red VLAN.
You can enable pruning globally on the Catalyst 4500 series switch (see the “Enabling VTP Pruning” section).
Figure 27-1 Flooding Traffic without VTP Pruning
Figure 27-2 shows the same switched network with VTP pruning enabled. The broadcast traffic from Switch 1 is not forwarded to Switches 3, 5, and 6 because traffic for the Red VLAN has been pruned on the links indicated (Interface 5 on Switch 2 and Interface 4 on Switch 4).
Figure 27-2 Flooding Traffic with VTP Pruning
Enabling VTP pruning on a VTP server enables pruning for the entire management domain. VTP pruning takes effect several seconds after you enable it. By default, VLANs 2 through 1000 are eligible for pruning. VTP pruning does not prune traffic from pruning-ineligible VLANs. VLAN 1 is always ineligible for pruning; traffic from VLAN 1 cannot be pruned.
To configure VTP pruning on a trunking LAN interface, use the switchport trunk pruning vlan command. VTP pruning operates when a LAN interface is trunking. You can set VLAN pruning eligibility regardless of whether VTP pruning is enabled or disabled for the VTP domain, whether any given VLAN exists, and regardless of whether the LAN interface is currently trunking.
VTP Configuration Guidelines and Restrictions
Follow these guidelines and restrictions when implementing VTP in your network:
- All network devices in a VTP domain must run the same VTP version.
- You must configure a password on each network device in the management domain when VTP is in secure mode.
If you configure VTP in secure mode, the management domain will not function properly if you do not assign a management domain password to each network device in the domain.
- A VTP version 2-capable network device can operate in the same VTP domain as a network device running VTP version 1 if VTP version 2 is disabled on the VTP version 2-capable network device (VTP version 2 is disabled by default).
- Do not enable VTP version 2 on a network device unless all of the network devices in the same VTP domain are version 2-capable. When you enable VTP version 2 on a server, all of the version 2-capable network devices in the domain enable VTP version 2.
- Enabling or disabling VTP pruning on a VTP server enables or disables VTP pruning for the entire management domain.
- Configuring VLANs as eligible for pruning on a Catalyst 4500 series switch affects pruning eligibility for those VLANs on that switch only, not on all network devices in the VTP domain.
VTP Default Configuration
Table 27-1 shows the default VTP configuration.
Configuring VTP
The following sections describe how to configure VTP:
- Configuring VTP Global Parameters
- Configuring the Switch as a VTP Server
- Configuring the Switch as a VTP Client
- Disabling VTP (VTP Transparent Mode)
- Displaying VTP Statistics
Configuring VTP Global Parameters
The following sections describe configuring the VTP global parameters:
Configuring a VTP Password
Enabling VTP Pruning
To enable VTP pruning in the management domain, perform this task:
Enables VTP pruning in the management domain. Use the no keyword to disable VTP pruning in the management domain. |
||
This example shows how to enable VTP pruning in the management domain:
Enabling VTP Version 2
By default, VTP version 2 is disabled on VTP version 2-capable network devices. When you enable VTP
version 2 on a server, every VTP version 2-capable network device in the VTP domain enables version 2.
VTP version 1 and VTP version 2 are not interoperable on network devices in the same VTP domain. Every network device in the VTP domain must use the same VTP version. Do not enable VTP version 2 unless every network device in the VTP domain supports version 2.
To enable VTP version 2, perform this task:
Configuring the Switch as a VTP Server
To configure the Catalyst 4500 series switch as a VTP server, perform this task:
This example shows how to configure the switch as a VTP server:
Configuring the Switch as a VTP Client
To configure the Catalyst 4500 series switch as a VTP client, perform this task:
Configure the switch as a VTP client. Use the no keyword to return to the default setting (server mode). |
||
This example shows how to configure the switch as a VTP client:
Disabling VTP (VTP Transparent Mode)
To disable VTP on the Catalyst 4500 series switch, perform this task:
Feedback