I was working through some switching labs this weekend which included some VTP labs. Every company that I have worked at has disabled VTP on their switches by putting the switches into VTP transparent mode (“vtp mode transparent”) so I have little experience configuring VTP. The concepts are very simple and the range of configuration commands is pretty limited so this isn’t a hard technology to master. I had gone over nearly all of the configuration options during my CCNP studies, so I thought that would have no problems. Well, I had forgotten a strange but important fact about VTP: VTP info will NOT show up in the running config, unless you have set the switch to “transparent.”
Client Mode:
sw2(config)#vtp mode client
Setting device to VTP CLIENT mode.
sw2(config)#vtp domain CISCO
Domain name already set to CISCO.
sw2(config)#vtp password CISCO
Setting device VLAN database password to CISCO
sw2(config)#do sh run | i vtp
sw2(config)# <-notice no output
Server Mode:
sw1(config)#vtp mode server
Setting device to VTP SERVER mode.
sw1(config)#vtp domain CISCO
Domain name already set to CISCO.
sw1(config)#vtp pass CISCO
Setting device VLAN database password to CISCO
sw1(config)#do sh run | i vtp
sw1(config)# <-notice no output
Transparent Mode:
sw2(config)#vtp mode trans
Setting device to VTP TRANSPARENT mode.
sw2(config)#do sh run | i vtp
vtp domain CISCO <-Output!!!
vtp mode transparent
*The VTP password never shows in configuration regardless of VTP mode. You can only view it with “show vtp password”.
This is important to know so that you don’t spend any time freaking out about the lack of VTP information in the running config. 🙂
Here’s the explanation for this oddness from Cisco:
…a VLAN database was introduced into Cisco IOS Software as a method to immediately save VTP updates for VTP clients and servers. In some versions of software, this VLAN database is in the form of a separate file in NVRAM, called the vlan.dat file. You can view VTP/VLAN information that is stored in the vlan.dat file for the VTP client or VTP server if you issue the show vtp status command.
VTP server/client mode switches do not save the entire VTP/VLAN configuration to the startup config file in the NVRAM when you issue the copy running-config startup-config command on these systems. It saves the configuration in the vlan.dat file. This does not apply to systems that run as VTP transparent. VTP transparent systems save the entire VTP/VLAN configuration to the startup config file in NVRAM when you issue the copy running-config startup-config command.
You can’t see the vlans in the running config if you are in client or server VTP mode, even if you created the vlans on that switch. This makes sense since the vlans are stored in the vlan.dat file:
Switch in VTP Server Mode Does NOT Show VLANs in Running Config:
sw1#sh vtp status
…
Number of existing VLANs : 13
VTP Operating Mode : Server
VTP Domain Name : CISCO
…
sw1#sh run | i vlan
sw1# <-notice no output
Set VTP Mode to Transparent and VLANs Show:
sw1(config)#vtp mode trans
Setting device to VTP TRANSPARENT mode.
sw1(config)#do sh run | i vlan
vlan 2 <-Booyah!!!
vlan 3
vlan 4
vlan 5
vlan 6
vlan 7
vlan 8
vlan 9
sw1(config)#
One last bit of vtp information that I can definately see coming up in the exam:
You can configure normal-range VLANs (2 through 1000) when the switch is in either VTP server or transparent mode. But, you can only configure extended-range VLANs (1025 through 4094) in VTP transparent switches.
I can see some question asking you to configure an extended-range vlan on a switch after you’ve set the switch to VTP server mode (probably due to incorrect assumption on a previous question) in order to confuse you.
In summary:
1) Don’t freak if you do a “sh run | i vtp” and don’t see any VTP configuration lines on a switch in client or server mode.
2) You can verify the VTP password only by issuing “show vtp password” from the command line.
3) VLANs that you create on a VTP server switch will not show up in the running config as they are stored in the vlan.dat file.
4) You can only configure normal-range VLANs (2-1000) on a VTP server. You need to be in VTP transparent mode to use extended-range VLANs (1025-4094).
Cisco Documentation:
Understanding and Configuring VLAN Trunk Protocol (VTP)