VLAN Trunking Protocol is a Cisco proprietary protocol that allows the switch to propagate VLANs. Some may argue that it is poorly named protocol since the name implies that it has to do something with trunking VLANs. Maybe the name should’ve been VLAN Propagation Protocol (VPP)? I may have taken the name and the thought that the protocol is poorly named from Jeremy Cioara. It’s hard to tell now since I’ve watched a lot of videos and read a lot of books, blogs, and discussion forums.
As I was reading the CCNP SWITCH OCG book, a way for me to refresh my BCMSN knowledge, I was curious about what the book says regarding VTP v1 and v2 transparent mode.
In VTP version 1, a transparent mode switch does not even relay VTP information it receives to other switches unless its VTP domain names and VTP version numbers match those of the other switches. In VTP version 2, transparent switches do forward received VTP advertisements out of their trunk ports, acting as VTP relays. This occurs regardless of the VTP domain name setting.
On Cisco’s documentation page, it says something different than the book.
Version-Dependent Transparent Mode—In VTP version 1, a VTP transparent switch inspects VTP messages for the domain name and version and forwards a message only if the version and domain name match. Although VTP version 2 supports only one domain, a VTP version 2 transparent switch forwards a message only when the domain name matches.
Since the book and the documentation page conflicts with each other, it’s time to put this to the test to end this confusion once and for all.
Switch Topology
Just a simple three-switch topology to test if VLANs will propagate when VTP Transparent mode is in the middle.
Configuration
Our first test is configured the same for all the necessary interfaces of the switches. The configuration is shown below for reference. Since we’re going to play with different VTP domain names, we’ll need to turn off the DTP as shown below.
interface FastEthernet0/1 switchport trunk encapsulation dot1q switchport mode trunk switchport nonegotiate
Switches that are in factory default settings have NULL domain or a blank domain name and as soon as they hear the first VTP advertisement from another switch who has VTP configured then it will inherit that name and start updating its database.
SW1#conf t Enter configuration commands, one per line. End with CNTL/Z. SW1(config)#vtp mode server Device mode already VTP SERVER. SW1(config)#vtp domain networkjutsu Changing VTP domain name from NULL to networkjutsu SW1(config)#vtp version 1 VTP mode already in V1. SW1#sh vtp VTP Version capable : 1 to 3 VTP version running : 1 VTP Domain Name : networkjutsu VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 0015.6264.3300 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 0.0.0.0 (no valid interface found) Feature VLAN: -------------- VTP Operating Mode : Server Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 Configuration Revision : 0 MD5 digest : 0xBC 0xB8 0xA3 0xEE 0x7E 0xDE 0x5A 0xDE 0xBE 0xB3 0xDC 0xCE 0xE8 0xB8 0x5A 0x82 SW2#sh vtp statu VTP Version capable : 1 to 3 VTP version running : 1 VTP Domain Name : networkjutsu VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 001c.5823.6480 Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 0.0.0.0 (no valid interface found) Feature VLAN: -------------- VTP Operating Mode : Server Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 Configuration Revision : 0 MD5 digest : 0xBC 0xB8 0xA3 0xEE 0x7E 0xDE 0x5A 0xDE 0xBE 0xB3 0xDC 0xCE 0xE8 0xB8 0x5A 0x82 SW3#sh vtp statu VTP Version : running VTP1 (VTP2 capable) Configuration Revision : 0 Maximum VLANs supported locally : 1005 Number of existing VLANs : 5 VTP Operating Mode : Server VTP Domain Name : networkjutsu VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 0.0.0.0 (no valid interface found)
Once every switch are in the same VTP domain mode, we are now ready to test. Let’s create a VLAN on SW1 to verify that VTP is actually working. Before I issue the command below, I enabled the debugging of VTP on SW2 and SW3 by issuing debug sw-vlan vtp events.
SW1(config)#vlan 10 SW1(config-vlan)#end SW1#
Once the command was issued in SW1, both SW2 and SW3 received the VTP advertisements – this is expected in VTP Server mode.
SW2# debug sw-vlan vtp events VTP LOG RUNTIME: Summary packet received, domain = networkjutsu, rev = 1, followers = 1 VTP LOG RUNTIME: Summary packet rev 1 greater than domain networkjutsu rev 0 VTP LOG RUNTIME: Domain networkjutsu currently not in updating state VTP LOG RUNTIME: Subset packet received, domain = networkjutsu, rev = 1, seq = 1, length = 165 VTP LOG RUNTIME: Transmit vtp summary, domain networkjutsu, rev 1, followers 1 MD5 digest calculated = BF 22 27 B3 02 83 26 97 D2 70 B1 33 21 96 DA 12 VTP LOG RUNTIME: Summary packet received, domain = networkjutsu, rev = 1, followers = 1 VTP LOG RUNTIME: Summary packet rev 1 equal to domain networkjutsu rev 1 VTP LOG RUNTIME: Subset packet received, domain = networkjutsu, rev = 1, seq = 1, length = 165 SW2#sh vlan id 10 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 10 VLAN0010 active SW3#sh vlan id 10 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 10 VLAN0010 active
VTP v1 Transparent Mode
Now, let’s try changing the VTP mode on SW2 to see if the SWITCH OCG book is correct and create another VLAN on SW1.
SW2(config)#vtp mode trans Setting device to VTP TRANSPARENT mode. SW2# sh vtp statu VTP Version capable : 1 to 3 VTP version running : 1 VTP Domain Name : networkjutsu VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 001c.5823.6480 Configuration last modified by 0.0.0.0 at 3-1-93 00:36:47 Feature VLAN: -------------- VTP Operating Mode : Transparent Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 Configuration Revision : 0 MD5 digest : 0xCF 0xCE 0x8A 0x4E 0x4F 0xFA 0x6E 0x4D 0x4F 0xA4 0xA7 0xA2 0xE3 0xD9 0xB2 0x15 SW1(config)#vlan 20 SW1(config-vlan)#end SW1#
Upon creating VLAN 20 on SW1, SW2 relayed the VTP advertisements and SW3 updated its database. As expected, switch on transparent mode would not update it’s database.
SW2# VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) SW2# sh vlan id 20 VLAN id 20 not found in current VLAN database SW3# VTP LOG RUNTIME: Summary packet received, domain = networkjutsu, rev = 2, followers = 1 VTP LOG RUNTIME: Summary packet rev 2 greater than domain networkjutsu rev 1 VTP LOG RUNTIME: Domain networkjutsu currently not in updating state VTP LOG RUNTIME: Subset packet received, domain = networkjutsu, rev = 2, seq = 1, length = 185 VTP LOG RUNTIME: Transmit vtp summary, domain networkjutsu, rev 2, followers 1 MD5 digest calculated = 1B 2E 5F 19 49 46 C4 E6 B7 D2 3C 7A DD 86 D6 42 SW3#sh vlan id 20 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 20 VLAN0020 active
Different VTP Domain, VTP v1 Transparent
Now, how about we change the domain name. According to SWITCH OCG book, the switch with VTP1 Transparent mode will not forward VTP advertisements if it doesn’t match the domain name and version number.
SW2(config)#vtp domain NetworkJutsu Changing VTP domain name from networkjutsu to NetworkJutsu SW2(config)#end SW2#sh vtp statu VTP Version capable : 1 to 3 VTP version running : 1 VTP Domain Name : NetworkJutsu VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 001c.5823.6480 Configuration last modified by 0.0.0.0 at 3-1-93 00:36:47 Feature VLAN: -------------- VTP Operating Mode : Transparent Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 Configuration Revision : 0 MD5 digest : 0x2A 0xE8 0x6D 0xF7 0x91 0x0A 0x62 0xC4 0x03 0xD0 0x07 0x07 0x7C 0xE2 0x23 0xED SW1(config)#vlan 30 SW1(config-vlan)#end SW1#
Upon creating VLAN 30 on SW1, SW2 dropped the VTP advertisement and SW3 never received it.
SW2# *Mar 1 00:42:56.963: VTP LOG RUNTIME: Dropping packet received on trunk Fa0/1 - not in domain networkjutsu *Mar 1 00:42:56.963: VTP LOG RUNTIME: Dropping packet received on trunk Fa0/1 - not in domain networkjutsu SW3#sh vl id 30 VLAN id 30 not found in current VLAN database
Different Domain, VTP v2 Transparent
Let’s change SW2’s VTP version and leave the VTP domain name unchanged.
SW2(config)#vtp ver 2 SW2(config)#end SW2#sh vtp statu VTP Version capable : 1 to 3 VTP version running : 2 VTP Domain Name : NetworkJutsu VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 001c.5823.6480 Configuration last modified by 0.0.0.0 at 3-1-93 00:36:47 Feature VLAN: -------------- VTP Operating Mode : Transparent Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 Configuration Revision : 0 MD5 digest : 0x1B 0xF8 0xD3 0x9D 0xD2 0x06 0xC7 0xD7 0x33 0x4B 0x66 0x50 0xC5 0x77 0xF5 0xE1
Now, let’s create another VLAN on SW1 and see if the SWITCH OCG book is correct.
SW1(config)#vlan 40 SW1(config-vlan)#end SW1# SW3# VTP LOG RUNTIME: Dropping packet received on trunk Fa0/1 - not in domain networkjutsu VTP LOG RUNTIME: Dropping packet received on trunk Fa0/2 - not in domain networkjutsu SW3#sh vlan id 40 VLAN id 40 not found in current VLAN database
We now know that VTP v2 transparent mode does not relay traffic if the domain does not match. This means that the book is incorrect and the Cisco’s documentation page is spot on. Let’s prove it by changing the domain back to its previous name.
SW2(config)#vtp domain networkjutsu Changing VTP domain name from NetworkJutsu to networkjutsu SW2#sh vtp statu VTP Version capable : 1 to 3 VTP version running : 2 VTP Domain Name : networkjutsu VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 001c.5823.6480 Configuration last modified by 0.0.0.0 at 3-1-93 00:36:47 Feature VLAN: -------------- VTP Operating Mode : Transparent Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 Configuration Revision : 0 MD5 digest : 0xF1 0x29 0x4F 0xB3 0x73 0x0A 0x3A 0xE7 0xF9 0x38 0x1B 0x1A 0xD1 0xAC 0xA6 0x19 SW2# *Mar 1 01:10:35.944: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) *Mar 1 01:10:35.953: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) *Mar 1 01:10:36.532: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) *Mar 1 01:10:36.532: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) *Mar 1 01:10:36.574: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) *Mar 1 01:10:36.574: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) SW3#sh vlan id 40 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 40 VLAN0040 active Fa0/1
So far, the book did get the information correctly for the VTP Transparent mode version 1 but wrong for version 2.
All VTP version 2
Now, let’s try to change SW1 and SW3 to version 2 and see the effects. Let’s see if the book has more errors in its statement.
SW3(config)#vtp ver 2 SW3(config)#end SW1(config)#vtp ver 2 SW1(config)#end SW1(config)#vlan 50 SW1(config-vlan)#end SW2# *Mar 1 01:15:36.810: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) *Mar 1 01:15:36.810: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) *Mar 1 01:15:36.852: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) *Mar 1 01:15:36.852: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) SW3#sh vlan id 50 VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 50 VLAN0050 active Fa0/1
As the book says, in version 2 transparent mode the VTP advertisements are forwarded out to the trunks. Great, the book is correct.
Different Domain, VTP v2 Transparent and Servers
Now, how about testing what the book says on the last sentence? The book says “this occurs regardless of the VTP domain name setting.”
SW2(config)#vtp domain NetworkJutsu Changing VTP domain name from networkjutsu to NetworkJutsu *Mar 1 01:17:27.196: %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to NetworkJutsu. SW2(config)#end SW1(config)#vlan 60 SW1(config-vlan)#exit SW1(config)# SW2# *Mar 1 01:18:08.057: VTP LOG RUNTIME: Dropping packet received on trunk Fa0/1 - not in domain networkjutsu *Mar 1 01:18:08.057: VTP LOG RUNTIME: Dropping packet received on trunk Fa0/1 - not in domain networkjutsu SW3#sh vlan id 60 VLAN id 60 not found in current VLAN database
It looks like the book got it wrong again. Let’s continue with our testing.
Different Domain, VTP v1 Transparent, VTP v2 Servers
For our penultimate test, let’s try to change SW2’s VTP version to 1 and domain name unchanged, and let SW1 and SW3 remain in version 2. According to the book, with VTP v1 Transparent the domain name and version must match. Let’s see if our gears agree with that.
SW1(config)#vlan 70 SW1(config-vlan)#exit SW2# *Mar 1 01:19:19.377: VTP LOG RUNTIME: Dropping packet received on trunk Fa0/1 - not in domain networkjutsu *Mar 1 01:19:19.377: VTP LOG RUNTIME: Dropping packet received on trunk Fa0/1 - not in domain networkjutsu SW3#sh vlan id 70 VLAN id 70 not found in current VLAN database
It looks like the book is wrong again.
Same Domain, VTP v1 Transparent, VTP v2 Servers
Now for our last test, let’s change it back to the original domain name and leave other settings unchanged.
SW2(config)#vtp domain networkjutsu Changing VTP domain name from NetworkJutsu to networkjutsu *Mar 1 01:20:26.500: %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to networkjutsu. SW1(config)#vlan 80 SW1(config-vlan)#exit SW2 *Mar 1 01:20:26.645: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) *Mar 1 01:20:26.645: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/1 - in TRANSPARENT MODE (nc = false) *Mar 1 01:20:26.687: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) *Mar 1 01:20:26.687: VTP LOG RUNTIME: Relaying packet received on trunk Fa0/2 - in TRANSPARENT MODE (nc = false) SW3#sh vlan | i active 1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5 10 VLAN0010 active 20 VLAN0020 active 30 VLAN0030 active 40 VLAN0040 active 50 VLAN0050 active 60 VLAN0060 active 70 VLAN0070 active 80 VLAN0080 active
Summary
In theory, theory and practice are the same. In practice, they are not. – Albert Einstein
We’ve just witnessed that it doesn’t matter what the switch’s VTP version is set to so long as the VTP domain name match then the advertisement will be forwarded. Please note that the behavior of VTP version 3 may not be the same as shown here. Unfortunately, I only have two switches capable of running VTP version 3 so it was not tested this time. Maybe when I get a hands on three switches capable of VTP version 3 then I will revisit this blog and update it.
Want to learn more about VTP or switching?
CCNP SWITCH 642-813 Official Certification Guide (Official Cert Guide)
CCNP Routing and Switching SWITCH 300-115 Official Cert Guide
CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 (5th Edition)
Disclosure
NetworkJutsu.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.