VTP Version 3

ReneMolenaar · December 29, 2016, 5:23pm

This topic is to discuss the following lesson:

mdbetar · May 16, 2015, 8:41pm

Thanks For VTPv3
…Nice Explanation …

atif03 · July 2, 2015, 11:45am

Great explanation.
thanks

oigeboy · September 3, 2015, 5:13pm

Great explanation Rene. Simple, clear & to the point. Excellent.
thank you.

am.sepide · September 12, 2015, 7:59am

Danke Rene.It is really good

am.sepide · September 12, 2015, 9:17am

Is there no force to change VTP mode to transparent in switch for private VLAN?

ReneMolenaar · September 12, 2015, 10:40am

For VTP version 1 or 2 you should VTP transparent mode. For VTP version 3, server and client mode also support private VLANs.

adelkhalil8 · September 18, 2015, 12:09pm

which IOS Version Can run VTP V3 ?

ReneMolenaar · September 24, 2015, 9:55pm

Hi Adel,

It’s best to use the Cisco Feature Navigator for this:

http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp

Search by feature and look for “VTP version 3”. There’s quite a list with IOS images that support it.

Rene

singhronie · October 5, 2015, 9:17am

Hi Rene,

Great topic. I have one clarification with you. I am aware of that extended vlans (1006-4095) are only configurable on the switch with VTP mode set to transparent. VTP version 3 is supporting extended vlans where version 1 and 2 aren’t.

My clarification is that since a switch in VTP transparent is not synchronizing(updating) its vlans to others switches, how VTP version 3 can propagate those extended vlans to other switches ? It doesn’t make sense to me. I do hope you are the one who can make me understand.

Thank you in advance.

Best Regards,

Ronie

ReneMolenaar · October 5, 2015, 12:36pm

Hi Ronie,

Switches in VTP transparent mode don’t synchronizes themselves but they do forward VTP advertisements. This allows other switches to learn VLAN information.

Rene

singhronie · October 8, 2015, 7:23am

Hi Rene,

Thank you for your response.I got the answer from Mr.Google. In VTP ver 1 and 2, we need to set the VTP mode to transparent before creating extended vlans. In VTP ver 3, we can create extended vlans with VTP server mode itself.

I am cleared now

Best Regards,

Ronie

ikhambay · January 4, 2016, 6:45pm

Hi Rene

Quick question , in a switch network running VTP VER 3, a primary server has revision number 201, if a new switch running vtp3 server mode reversion umber 301 is connected with same domain name, will the other switches (client) update their database learned from switch with reversion number 301, or they will only take their update from primary server.

Thanks

ReneMolenaar · January 5, 2016, 11:57am

With VTP v3 switches will only synchronize with the primary server.

michmoor · April 25, 2016, 4:55am

So with VTP v3 revision numbers no longer have any place which is great but am I correct in understanding that any switch in the VTP domain can become a primary server? What if i have 2 distro switches and X amount of access switches. Realistically I would want my vlan creations and my primary server on the DISTRO but what stops another administrator from promoting an access layer switch to primary?

andrew · April 25, 2016, 5:04pm

Michael,
You can set a VTP v3 password that prevents a device from becoming primary without it. This is done via
(config)#vtp password <PASSWORD> hidden
Where the “hidden” keyword will obfuscate the password in the config.

michmoor · April 26, 2016, 3:08am

Well that prevents any unauthorized switches from joining the VTP domain but once those switches agree on domain name and password what is to stop an administrator from choosing another switch other than the VTP primary and choosing that other switch as the VTP primary?

michmoor · April 26, 2016, 3:13am

Actually,you helped me figure out thank you. You are correct in your reply I guess I just had a brain fart

From the CISCO documentation - Thanks Andrew !!
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_52_se/configuration/guide/3560scg/swvtp.html

Switch(config)# vtp password mypassword hidden
 Generating the secret associated to the password.
 Switch(config)# end

 Switch# show vtp password
 VTP password: 89914640C8D90868B6A0D8103847A733

Switch# vtp primary vlan
 Enter VTP password: mypassword
 This switch is becoming Primary server for vlan feature in the VTP  domain

 VTP Database Conf Switch ID      Primary Server Revision System Name           
 ------------ ---- -------------- -------------- -------- --------------------
 VLANDB       Yes  00d0.00b8.1400=00d0.00b8.1400 1        stp7                  

 Do you want to continue (y/n) [n]? y
Enabling the VTP Version

luis1 · October 4, 2016, 10:54pm

HI Rene,

There are an little error in this sentence:

Let’s see if we are able to synchronize some VLANs. We’ll start with something simple:

SW1(config)#vlan 100
SW2(config-vlan)#exit

I think its SW1 instead of SW2(config-vlan)#exit

Thanks for all! very easy to study with your explanations.

maher1 · October 7, 2016, 9:02am

Thanks Luis, we will correct it.