VTP can run in three different modes:
- Server mode – in server mode you can create, remove, and modify VLANs. VTP servers advertise their configuration to the VTP clients in the same VTP domain. The VLAN information is stored in NVRAM and it’s not lost after a reboot.
- Client mode – clients only get the VLANs advertised by the VTP server. They are not able to modify, create, or delete VLANs from their configuration. The VLAN configuration is not stored in NVRAM and will be lost at first reboot (of course, the switch will get the VLAN configuration back after it boots, from the VTP server)
- Transparent mode – in this mode, the switch does not participate in the VTP domain. You are able to add, delete, or modify VLANs from their configuration. The configuration of the VLANs will not be broadcasted over the network. With VTP version 2, a transparent switch is forwarding the VTP messages that he receives out its trunk ports.
The first thing you have to do when you begin studying VTP is to understand some key concepts. We will briefly present them to you, as requested by Cisco’s CCNA certification exam.
- VTP Domain – consists of one or more interconnected switches which are sharing the same VLAN configuration. A router or a Layer 3 switch defines the boundary of a VTP domain.
- VTP Advertisements – are used to distribute the VLAN configuration across the VTP domain.
- VTP Modes – the modes a switch can be configured in the VTP domain, as described above.
- VTP Server – a VTP server is used to advertise the VLAN configuration to all VTP enabled switches in the same VTP domain. This is the point where you are able to create, modify, or delete the VLAN configuration.
- VTP Client – is a VTP enabled switch which receives the VLAN information from a VTP Server. You are not able to create, modify, or delete the VLAN configuration.
- VTP Transparent – is a switch that’s not participating in the VTP domain, but forwards VTP advertisements to other switches in the network. VLANs created, modified, or deleted on a transparent switch are affecting only that switch and are not broadcasted on the VTP domain.
- VTP Pruning – By default, a switch sends a broadcast, multicast, and unknown unicast traffic through all trunk links. The VTP pruning increases network available bandwidth by sending traffic only on those trunk links that the traffic must use to reach the destination device.
When you check the VTP configuration on a switch you use the show vtp status command.
Switch#show vtp status
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xFB 0xC2 0x38 0xC1 0x0D 0x1D 0x14 0x10
Configuration last modified by 192.168.1.2 at 3-1-93 00:20:31
Local updater ID is 192.168.1.2 on interface Gi0/1 (first layer3 interface found)
You can see here some information. The first line shows us the version of VTP the switch is running, currently 1. We can configure the switch to run VTP2 because, as you can see, it’s VTP2 capable. Next, we have a configuration revision. The revision number is a 32-bit number that indicates the level of revision for a VTP frame. By default, the number is 0, and it’s incremented every time the configuration changes. We also can see that this switch is supporting 1005 VLANs configured locally, and we currently have 7 VLANs configured on the switch. We find in the next line that this switch is acting as a VTP server. The VTP Domain Name identifies the administrative domain for the switch. By default, VTP Pruning Mode, V2 Mode, and Traps Generation are disabled. The MD5 digest is a 15-byte checksum of the VTP configuration.
VTP uses the destination MAC address 01-00-0C-CC-CC-CC, which is a reserved multicast address for VTP messages.
A VTP advertisement contains the following global informations:
- VTP domain name – the name of the VTP domain
- Updater identity and update timestamp – used by client switches to identify who sent the update and when the message was sent.
- MD5 digest – used by client switches to compare if the checksums match. Also includes the Maximum Transmission Unit (MTU) for each VLAN.
- Frame format – can be ISL or 802.1Q
Also, VTP advertisements carry the following VLAN information:
- VLAN IDs (IEEE 802.1Q)
- VLAN name
- VLAN type
- VLAN state
- Additional VLAN configuration specific to the VLAN type
VTP is sending different types of advertisements:
- Summary advertisements
- Sent every 5 minutes by a VTP server or immediately after a configuration change has been made.
- Informs VTP enabled switches of the current VTP configuration revision number.
- Subset advertisements
- Contains VLAN information.
- Sent when you:
- Create or delete a VLAN.
- Suspend or activate a VLAN.
- Change the name of a VLAN.
- Change the MTU of a VLAN.
- Request advertisements
- Sent by a VTP client to a VTP server
- Sent if:
- The domain name has been change.
- The switch receives a summary advertisement with a higher revision number than its own.
- A subset message is missed.
- The switch has been reset.
When you begin to configure your VTP enabled network you must first make sure that all switches you are going to configure are set to their default settings. Good advice is to configure at least two VTP servers on your network in case one VTP server fails. Also, all switches in a VTP domain must use the same version. Not configuring the VTP version correctly will result in no VTP communication between your switches.
On a VTP server you must make sure you configure the following key components:
- VTP domain
- VTP version
- VLANs and trunk ports
On the VTP clients you must configure:
- VTP client mode
- VTP version
- Trunks
- Access ports
Let’s take the following topology and configure a VTP enabled network.
First of all, we must make sure that the VTP server’s configuration is the default one.
S1#show vtp status
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xFB 0xC2 0x38 0xC1 0x0D 0x1D 0x14 0x10
Configuration last modified by 0.0.0.0 at 0-0-0 00:00:00
Looks good. Now, let’s configure the VTP domain name and check again the output of show vtp status.
S1#configure terminal
S1(config)#vtp mode server
S1(config)#vtp domain cisco
Changing VTP domain name from NULL to cisco
S1(config)#vtp version 1
VTP mode already in V1
S1(config)#exit
S1#show vtp status
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : cisco
Good. We have configured a switch to act as a version 1 VTP server for the VTP Domain cisco. Next, you must create the VLANs and trunks. You can find more details about these operations in our VLAN and Trunking courses from the CCNA Certification series.
Please note that every added VLAN increases the revision number with 1. The name of a VLAN also increases the revision number with 1. For example, if you have 3 VLANs, you will have 3 VLANs + 3 Names = Revision 6.
Next, let’s configure the VTP client switches. The configuration is identical on both switches.
The first step is to check if the configuration is the default one with show vtp status, as you did for the VTP server too. Now let’s configure the switch to act as a client.
S2#configure terminal
S2(config)#vtp mode client
Setting device to VTP CLIENT mode.
S2(config)#exit
S2#show vtp status
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Client
The next step is to connect the Client switch to the server. After the switches are connected, check the show vtp status output again and show vtp counters to make sure those switches are exchanging information.
S2#show vtp status
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 6
Maximum VLANs supported locally : 1005
Number of existing VLANs : 10
VTP Operating Mode : Client
VTP Domain Name : cisco
S2#show vtp counters
VTP statistics:
Summary advertisements received : 1
Subset advertisements received : 1
Request advertisements received : 0
Summary advertisements transmitted : 1
Subset advertisements transmitted : 1
We see that the switch has successfully joined the cisco VTP domain, got the configuration revision 6, and now has 10 configured VLANs.
The next step is to configure the access ports, for example:
S2(config)#interface Gi0/18
S2(config-if)#switchport access vlan 20
In VTP enabled networks you can encounter different errors. To troubleshoot them you must be sure you the output the the show commands. Common issues you may encounter can be:
- The VTP version is not configured correctly
- If you use a VTP password, the password mismatches on the other switches
- You didn’t correctly configure the VTP mode
- You don’t have a VTP server in your network.
- The VTP domain is not configured correctly
- Before you put the switch on the network, you didn’t reset the revision number
This concludes our lesson. We are proud to provide real-life examples along with our Cisco CCNA certification courses. Not only you will take the certification exam, but you will also have a valuable hands-on experience.