CCIE Pursuit Blog

June 12, 2007

VTP Weirdness

Filed under: IOS — cciepursuit @ 11:43 am

I was working through some switching labs this weekend which included some VTP labs.  Every company that I have worked at has disabled VTP on their switches by putting the switches into VTP transparent mode (“vtp mode transparent”) so I have little experience configuring VTP.  The concepts are very simple and the range of configuration commands is pretty limited so this isn’t a hard technology to master.  I had gone over nearly all of the configuration options during my CCNP studies, so I thought that would have no problems.  Well, I had forgotten a strange but important fact about VTP: VTP info will NOT show up in the running config, unless you have set the switch to “transparent.”

Client Mode:
sw2(config)#vtp mode client
Setting device to VTP CLIENT mode.
sw2(config)#vtp domain CISCO
Domain name already set to CISCO.
sw2(config)#vtp password CISCO
Setting device VLAN database password to CISCO
sw2(config)#do sh run | i vtp
sw2(config)# <-notice no output

Server Mode:
sw1(config)#vtp mode server
Setting device to VTP SERVER mode.
sw1(config)#vtp domain CISCO
Domain name already set to CISCO.
sw1(config)#vtp pass CISCO
Setting device VLAN database password to CISCO
sw1(config)#do sh run | i vtp
sw1(config)# <-notice no output

Transparent Mode:
sw2(config)#vtp mode trans
Setting device to VTP TRANSPARENT mode.
sw2(config)#do sh run | i vtp
vtp domain CISCO  <-Output!!!
vtp mode transparent

*The VTP password never shows in configuration regardless of VTP mode.  You can only view it with “show vtp password”.

This is important to know so that you don’t spend any time freaking out about the lack of VTP information in the running config. 🙂

Here’s the explanation for this oddness from Cisco:

…a VLAN database was introduced into Cisco IOS Software as a method to immediately save VTP updates for VTP clients and servers. In some versions of software, this VLAN database is in the form of a separate file in NVRAM, called the vlan.dat file. You can view VTP/VLAN information that is stored in the vlan.dat file for the VTP client or VTP server if you issue the show vtp status command.

VTP server/client mode switches do not save the entire VTP/VLAN configuration to the startup config file in the NVRAM when you issue the copy running-config startup-config command on these systems. It saves the configuration in the vlan.dat file. This does not apply to systems that run as VTP transparent. VTP transparent systems save the entire VTP/VLAN configuration to the startup config file in NVRAM when you issue the copy running-config startup-config command.

You can’t see the vlans in the running config if you are in client or server VTP mode, even if you created the vlans on that switch.  This makes sense since the vlans are stored in the vlan.dat file:

Switch in VTP Server Mode Does NOT Show VLANs in Running Config:
sw1#sh vtp status

Number of existing VLANs        : 13
VTP Operating Mode              : Server
VTP Domain Name                 : CISCO

sw1#sh run | i vlan
sw1# <-notice no output

Set VTP Mode to Transparent and VLANs Show:
sw1(config)#vtp mode trans
Setting device to VTP TRANSPARENT mode.
sw1(config)#do sh run | i vlan
vlan 2 <-Booyah!!!
vlan 3
vlan 4
vlan 5
vlan 6
vlan 7
vlan 8
vlan 9

One last bit of vtp information that I can definately see coming up in the exam:

You can configure normal-range VLANs (2 through 1000) when the switch is in either VTP server or transparent mode. But, you can only configure extended-range VLANs (1025 through 4094) in VTP transparent switches.

I can see some question asking you to configure an extended-range vlan on a switch after you’ve set the switch to VTP server mode (probably due to incorrect assumption on a previous question) in order to confuse you.

In summary:

1) Don’t freak if you do a “sh run | i vtp” and don’t see any VTP configuration lines on a switch in client or server mode.
2) You can verify the VTP password only by issuing “show vtp password” from the command line.
3) VLANs that you create on a VTP server switch will not show up in the running config as they are stored in the vlan.dat file.
4) You can only configure normal-range VLANs (2-1000) on a VTP server.  You need to be in VTP transparent mode to use extended-range VLANs (1025-4094).

Cisco Documentation:

Understanding and Configuring VLAN Trunk Protocol (VTP)



  1. Thanks a lot for the information you have published.

    It helped me to solve the problem while converting from Server mode to Transparent mode due to some misconfiguration in the initial stage of implementation.


    Comment by Biju Kesavan — February 27, 2009 @ 5:16 am | Reply

  2. Hi, i have a problem in my network when i try to change a switch with vtp client to transparent, when i do that, my switch suffer a parcial disconextion.

    How can i change the vtp mode to transparent with out generate intermittent in my network.

    Comment by Alejandra — March 11, 2009 @ 9:20 am | Reply

  3. Hi,

    Good post. However, im confused on something when reading from different sources. I understand that VTP clients and servers, save the info in vlan.dat in FLASH, but what I lack a clear answer to, is whether the VTP information on a transparent server, gets put into only the running-config (not volatile memory) or NVRAM. I read some on some cisco docs, saying NVRAM meaning it will be in startup-config, and in the exam guide (CCIE), saying one place only the running config, and in another place, in NVRAM.

    Confusing tbh. Any thoughts?

    Comment by Kim Pedersen — April 9, 2009 @ 10:16 am | Reply

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at

%d bloggers like this: