CCNP – SWITCH – Study Notes #2 – VTP – Part 2

Alright, this should be a quick post. This wraps up what we left out in the last VTP post as that post got too long.

The main points of today: VTP Pruning, a little more details on how VTP actually communicates and a couple of useful debugging commands.

VTP Pruning

By default all VLANs active in the VTP domain are allowed on all trunk links.

By enabling VTP pruning switches can negotiate and limit which VLANs are allowed on a trunk to minimize broadcast traffic on the link.

VTP pruning only has to be enabled on a VTP Server for it to be enabled in the domain. You enable VTP pruning with:

switch#vtp pruning

You can also enable VTP only on a single link rather than on the whole domain:

switch(config-if)#switchport trunk pruning vlan (((add | except | remove) [vlan-list]) | none)


How VTP Works:

VTP has two messages: VTP Summary Advertisements and VTP Subset Advertisements.

VTP sends out VTP Summary Advertisements on all trunk links periodically (every 300 seconds) and also every time the VLAN database changes. These are VTP message type 1. VTP Summary Advertisements send out the domain, password (if enabled) and the Configuration Revision Number (CFN).

These are sent at multicast messages to multicast MAC 0100:0ccc:cccc with a SNAP type of 2003. All switches will flood these out their trunk ports, if a switch is in transparent mode it floods the message but otherwise ignores it.

If the domain (and password if set) matches on the receiving switch and the CFN is higher than what is currently stored on the switch the receiving switch sends a request to the sending server for a VTP Subset Advertisement. A VTP Subset Advertisement is VTP message type 2.
The server responds with a the Subset Advertisement and when the switch receives this packet it updates its VLAN database with what’s the Subset Advertisement.
VTP Revision numbers are stored in NVRAM, so are not altered by power cycles. You can reset the revision number by changing the mode to transparent and back to server/client again.

Some more on VTP Version 3

One more thing to note about VTPv3, not that it’s in the exam, but VTPv3 also supports private-VLANs (PVLANS) on-top of supporting VLANs all the way to 4096.


Useful show commands

Some commands I used to debug and for the exam:

switch#show vtp status
This will show the version, revision, number of VLANs, domain, mode, if pruning is enabled and md5. Eg:
Switch#show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Client
VTP Domain Name                 : VTPDomain
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xD3 0x78 0x41 0xC8 0x35 0x56 0x89 0x97
Another one is:
switch#show vtp counters

VTP statistics:
Summary advertisements received: 2
Subset advertisements received: 1
Request advertisements received: 0
Summary advertisements transmitted: 2
Subset advertisements transmitted: 1
Request advertisements transmitted: 1
Number of config revision errors: 0
Number of config digest errors: 0
Number of V1 summary errors: 0
VTP pruning statistics:

Trunk            Join Transmitted Join Received    Summary advts received
                                                   from on-pruning-capable device
---------------- ---------------- ---------------- ---------------------------
Fa0/1             1               1                2

And finally:

switch# show interface trunk

Port        Mode         Encapsulation  Status        Native vlan
Gi0/1       on           802.1q         trunking      1

Port      Vlans allowed on trunk
Gi0/1       1-4094

Port        Vlans allowed and active in management domain
Gi0/1       1-100

Port        Vlans in spanning tree forwarding state and not pruned
Gi0/1       1,5,10

This allows you to easily determine what VLANs are allowed on the link (1-4094 in the case), what VLANs are used locally on the switch (1-100) and what VLANs are actually going out the trunk interface (1,5,10). If the last two things don’t match, this means that pruning has been enabled.

And that is hopefully all I ever need to say about VTP.

This entry was posted in CCNP, Study by Tom. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *