VTP Management

With the VLAN Trunk Protocol (VTP) Management page, you can:

VTP is a Layer-2 messaging protocol that maintains VLAN configuration consistency throughout the network. VTP manages the addition, deletion, and reconfiguration of VLANs network-wide by allowing each device to send advertisements on its trunk ports. These advertisements include the VTP management domain of the device, its configuration revision number, the VLANs that it knows about, and certain VLAN parameters. By receiving these advertisements, devices in the same management domain learn about new VLANs configured in the transmitting device. These advertisements automatically communicate the changes you make on one switch to all the other switches in the network.

VTP minimizes configuration inconsistencies that can arise when changes are made. These inconsistencies can result in security violations. For example, if VLANs are not consistently named, they might be cross-connected as a result. Or if they are incorrectly mapped between one LAN type and another, VLANs can internally disconnect.

Viewing VTP Information

The VTP Information section is read only. It shows the maximum number of VLANs supported locally and the current number of VLANs on the switch. It displays the date and time of the last configuration modification, the VTP version, and the IP address of the switch that caused the last configuration change to the database.

Configuring VTP

Before you create a VLAN, you must decide whether to use VTP in your network. If you choose to use VTP, you must decide whether the switch will be a VTP server or VTP client and whether to enable VTP version 2 mode. If you choose not to use VTP, you must set the switch to transparent mode. Before you start, review the VLAN configuration rules.

To configure VTP:

  1. From the VTP V2 Mode drop-down list, select Enabled to enable version 2.
    By default, Disabled is selected, which means that version 1 mode is selected.
    Each VTP switch automatically detects the capabilities of all the other VTP devices. All VTP switches in the network must support version 2 mode; otherwise, you must configure them to operate in VTP version 1 mode.
    Note: If you are using VTP in a Token Ring environment, VTP V2 Mode must be set to Enabled.
    Note: If you are configuring a Token Ring or Token Ring-NET VLAN media type, you must disable VTP V2 mode. If you are configuring a TRBRF or TRCRF VLAN media type, you must enable VTP V2 mode.
  2. From the VTP Mode Control drop-down list, select Server, Client, or Transparent.
    The default is Server.
    Before you set this option, review the VTP mode control field descriptions.
    If you select Client, you cannot add, modify, or remove VLAN configurations.
    Note: If you are upgrading your switch from a software version that supports VLANs but not VTP, and if the saved configuration file has ports assigned to a VLAN other than VLAN 1, VTP enters transparent mode, and the domain name becomes "UPGRADE." VTP learns about the previous VLAN configurations but does not globally propagate them. If you want to use VTP, you must select Server from the VTP Mode Control drop-down list.
  3. In the Domain Name field, enter a name that identifies the administrative domain for the switch.
    VTP is not active until a name is defined or until it is learned from an advertisement.
    Domain names are from 1 to 32 characters and are case sensitive. By default, no domain name is defined.
    Note: Once the domain name is configured or learned, you cannot change it back to a blank or undefined name.
    If you are configuring the switch for VMPS, make sure this domain name matches the one in the VMPS configuration file.
    Note: If you are upgrading your switch from a software version that supports VLANs but not VTP, and if the saved configuration file has ports assigned to a VLAN other than VLAN 1, VTP enters transparent mode, and the domain name becomes "UPGRADE." VTP learns about the previous VLAN configurations but does not globally propagate them. If you want to use VTP, you must select Server from the VTP Mode Control drop-down list.
  4. In the VTP Password field, enter a password.
    The password is used for the generation of the 16-byte secret value used in MD5 digest calculation. The switch uses the password for VTP advertisement authentication in the VTP administrative domain.
    Passwords are from 8 to 64 characters and are case sensitive. By default, no password is defined. Passwords should match on all switches in the same domain.
  5. From the VTP Pruning Mode drop-down list, select Enabled.
    By default, pruning is disabled. When enabled, global pruning occurs for the entire management domain. Pruning restricts flooded traffic to those trunk links that the traffic must use to access ports assigned to those VLANs. Only VLANs included in the VLAN pruning-eligible list can be pruned. No VLANs are pruning eligible on trunk ports on this switch.
  6. Click Apply.
  7. In the VLAN Configuration section, add a new VLAN configuration.

Adding a New VLAN Configuration

You cannot add a new VLAN configuration if you set the VTP Control Mode to Client.

To add a new VLAN configuration:

  1. In the VLAN ID field in the VLAN Configuration section, enter a VLAN ID from 2 to 1001.
  2. In the VLAN Media Type drop-down list, select a media type.
    The default is Ethernet.
    Note: This switch only supports Ethernet interfaces. You only configure FDDI and Token Ring media-specific characteristics for VTP global advertisements to other switches.
  3. Click <<Add<<.
    A pop-up page opens for you to configure specific media-type VLAN characteristics. Click Help on the pop-up page for configuration information.
  4. Complete the configuration by assigning one or more switch ports to the VLAN.
    From the menu bar, select VLAN > VLAN Membership.

Modifying a VLAN Configuration

You cannot modify a VLAN configuration if you set the VTP Control Mode to Client.

To modify a VLAN configuration:

  1. In the VLAN Configuration list, select a VLAN.
  2. Click Modify.
    A pop-up page opens for you to modify specific media-type VLAN characteristics. Click Help on the pop-up page for configuration information.

Removing a VLAN Configuration

You cannot remove a VLAN configuration if you set the VTP Control Mode to Client.

To remove a VLAN configuration:

  1. In the VLAN Configuration list, select a VLAN.
  2. Click Remove.

VTP Mode Control Field Descriptions

The VTP mode control determines how a switch interacts with VTP database.

Field Description
Server A switch in VTP server mode is enabled for VTP and sends advertisements. You can configure VLANs on it. The switch can recover all the VLAN information in the current VTP database from nonvolatile storage after reboot. By default, every switch is a VTP server, which is the recommended mode of operation.
Client A switch in VTP client mode is enabled for VTP, can send advertisements, but does not have enough nonvolatile storage to store VLAN configurations. You cannot configure VLANs on it. When a VTP client starts up, it does not transmit VTP advertisements until it receives advertisements to initialize its VLAN database.
Transparent A switch in VTP transparent mode is locally disabled for VTP, does not transmit advertisements or learn from advertisements sent by other devices, and cannot affect VLAN configurations on other devices in the network. The switch receives VTP advertisements and forwards them on all trunk ports except the one on which the advertisement was received.

Note: This switch supports up to 64 VLANs (250 VLANs on the Catalyst 2912MF, 2924M, 3508G, 3512, and 3524 XL switches). If you define more than 64 (250) or if the switch receives an advertisement that contains more than 64 (250) VLANs, the switch automatically enters VTP transparent mode and operates with the VLAN configuration preceding the one that sent it into transparent mode. The count of 64 (250) VLANs always includes VLAN 1 but never includes VLANs 1002 to 1005. The switch can have 64 (250) active VLANs, plus VLANs 1002 through 1005, which are inactive.