CCIE Pursuit Blog

September 25, 2007

VTP: Which VTP Server Generated The Most Recent Update?

Recently JB left the following comment:

Hi,

I have a VTP question, unrelated to vtp passwords.
I have multiple switches connected by trunks, most on the same vtp domain. Two of the switches are VTP Servers – an Agg pair, and the others are either Transparent or clients.
What command can I use at a Transparent or Client switch, to identify the VTP Server that is managing the VLANs, that sent the last update. Thanks much, hope you can help.

Regards,

My initial answer was to tell him that there was not way of finding out that information without comparing the VTP status on the client switch (transparent switches don’t use VTP for updates) to the same output on the VTP server switch.  Before I responded, I wanted to check out the functionality of the “Local updater ID” in VTP.  I’m glad that I did.

For those of you who don’t want to read this entire post (and I don’t blame you) here’s the quick and easy answer: By configuring an IP address on your VTP server switches you’ll be able to use the “Local updater ID” (on VTP client and server switches) to see which VTP server last updated the VLAN database via VTP.

I think that I’ve mentioned before that I’ve never used VTP in a production environment before.  I’ve used VTP domain names to identify sites for CiscoWorks, but all of our switches are set to VTP transparent mode.  The only time that I’ve used VTP server/client is in the lab.  I tried to find more information on the “Local updater ID” but came back pretty empty.  I decided to lab up a scenario to answer JB’s question:

sw1———-sw2———-sw3———-sw4
server      client     transparent     server
CCIE        CCIE       CCIE            CCIE

All of the switches are in the VTP domain CCIE.  sw1 and sw4 are servers, while sw2 is a client and sw3 is tranparent.

Note: Before labbing this up, make sure that your devices have their clocks synchronized (“clock set” command).

Let’s start by adding a vlan to sw1.  This will propagate to sw2 (client) and sw4(server).  Let’s see if we can tell by looking at sw2 and sw4 where the update came from.

sw1(server):
sw1#sh vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x13 0x23 0x62 0x16 0x83 0xCD 0x50 0xEC
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)

add vlan on sw1:
sw1(config)#vlan 69
sw1(config-vlan)#name TEST_069
sw1(config-vlan)#exit
sw1(config)#do sh vtp status
VTP Version                     : 2
Configuration Revision          : 1 
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6  
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x38 0x5C 0x9D 0x0F 0x3E 0x6C 0x1F 0x84
Configuration last modified by 0.0.0.0 at 9-25-07 08:59:56
Local updater ID is 0.0.0.0 (no valid interface found)

sw2(client)
sw2#sh vtp statu
VTP Version                     : 2
Configuration Revision          : 1
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6  
VTP Operating Mode              : Client
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x38 0x5C 0x9D 0x0F 0x3E 0x6C 0x1F 0x84
Configuration last modified by 0.0.0.0 at 9-25-07 08:59:56

sw2#sh vlan id 69

VLAN Name                             Status    Ports
—- ——————————– ——— ——————————-
69   TEST_069                         active    Fa0/13, Fa0/18

sw3 (transparent)
sw3#sh vtp stat
VTP Version                     : 2
Configuration Revision          : 0 
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5  
VTP Operating Mode              : Transparent
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

sw3#sh vlan id 69
VLAN id 69 not found in current VLAN database

sw4(server):
sw4#sh vtp statu
VTP Version                     : 2
Configuration Revision          : 1  
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x38 0x5C 0x9D 0x0F 0x3E 0x6C 0x1F 0x84
Configuration last modified by 0.0.0.0 at 9-25-07 08:59:56 
Local updater ID is 0.0.0.0 (no valid interface found)

sw4#sh vlan id 69

VLAN Name                             Status    Ports
—- ——————————– ——— ——————————-
69   TEST_069                         active    Fa0/19

So, we do see when the updates come in, but we don’t see a layer 2 address associated with it.  In a situation where there are multiple VTP servers in the VTP domain, this doesn’t help us to identify which VTP server iniated the most recent update.  Let’s first remove our test vlan on sw4 (server) and see how that affects the VTP domain:

sw4 (server):
sw4(config)#no vlan 69
sw4(config)#^Z
sw4#sh v
01:22:12: %SYS-5-CONFIG_I: Configured from console by console
sw4#sh vtp status
VTP Version                     : 2
Configuration Revision          : 2
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xA4 0x5F 0x11 0x86 0x4D 0x57 0x50 0xC7
Configuration last modified by 0.0.0.0 at 9-25-07 09:06:13
Local updater ID is 0.0.0.0 (no valid interface found)

sw3(transparent):
sw3#sh vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Transparent
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

sw2(client):
sw2#sh vtp status
VTP Version                     : 2
Configuration Revision          : 2
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5  
VTP Operating Mode              : Client
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xA4 0x5F 0x11 0x86 0x4D 0x57 0x50 0xC7
Configuration last modified by 0.0.0.0 at 9-25-07 09:06:13

sw2#sh vlan id 69
VLAN id 69 not found in current VLAN database
sw1(server):
sw1#sh vtp statu
VTP Version                     : 2
Configuration Revision          : 2
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xA4 0x5F 0x11 0x86 0x4D 0x57 0x50 0xC7
Configuration last modified by 0.0.0.0 at 9-25-07 09:06:13
Local updater ID is 0.0.0.0 (no valid interface found)
sw1#sh vlan id 69
VLAN id 69 not found in current VLAN database

Okay…so the timestamp is nice, but in the case where you have multiple servers in your VTP domain, it is useless for finding out which server iniated a change.  In our case we could see that the client’s (sw2) VLAN database was changed at 9:06:13, but we can’t tell if it was sw1 or sw4 that iniated the change.

Let’s add some layer 3 addresses to the mix.  First let’s add an l3 address to sw1 but not to sw4 and repeat the same experiment as above:

sw1(server):
sw1(config)#int lo0
sw1(config-if)#ip add 10.0.0.1 255.255.255.255
sw1(config-if)#do sh vtp statu
VTP Version                     : 2
Configuration Revision          : 2
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xA4 0x5F 0x11 0x86 0x4D 0x57 0x50 0xC7
Configuration last modified by 0.0.0.0 at 9-25-07 09:06:13
Local updater ID is 10.0.0.1 on interface Lo0 (first layer3 interface found)

Let’s add a VLAN on sw1:

sw1(config-if)#vlan 69
sw1(config-vlan)#name TEST_069
sw1(config-vlan)#end
sw1#
01:29:49: %SYS-5-CONFIG_I: Configured from console by console
sw1#sh vtp status
VTP Version                     : 2
Configuration Revision          : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xDF 0x82 0xE1 0x8F 0x9E 0xE4 0x74 0x24
Configuration last modified by 10.0.0.1 at 9-25-07 09:14:33  <-note time and IP address
Local updater ID is 10.0.0.1 on interface Lo0 (first layer3 interface found)

sw2(client):
sw2#sh vtp statu
VTP Version                     : 2
Configuration Revision          : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Client
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xDF 0x82 0xE1 0x8F 0x9E 0xE4 0x74 0x24
Configuration last modified by 10.0.0.1 at 9-25-07 09:14:33  <-booyah!!!
sw2#sh vlan id 69

VLAN Name                             Status    Ports
—- ——————————– ——— ——————————-
69   TEST_069                         active    Fa0/13, Fa0/18

sw3(transparent):
sw3#sh vtp statu
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Transparent
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

sw4(server):
sw4#sh vtp statu
VTP Version                     : 2
Configuration Revision          : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xDF 0x82 0xE1 0x8F 0x9E 0xE4 0x74 0x24
Configuration last modified by 10.0.0.1 at 9-25-07 09:14:33
Local updater ID is 0.0.0.0 (no valid interface found)
sw4#sh vlan id 69

VLAN Name                             Status    Ports
—- ——————————– ——— ——————————-
69   TEST_069                         active    Fa0/19

SWEET!  We CAN find out which VTP server made the last update to a VTP client switch by just looking at the “show vtp status” output PROVIDED WE HAVE AN IP ADDRESS CONFIGURED ON THE VTP SERVER SWITCH. 

Let’s remove the vlan on sw4 and then see what happens (sw4 does not have a layer 3 address configured).  In the interest of keeping this post under 100,000 words I’m not going to include sw3 (transparent):

sw4 (server):
sw4(config)#no vlan 69
sw4(config)#do sh vtp statu
VTP Version                     : 2
Configuration Revision          : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x36 0xD3 0xE7 0x16 0xB1 0xF7 0x76 0x54
Configuration last modified by 0.0.0.0 at 9-25-07 09:16:54
Local updater ID is 0.0.0.0 (no valid interface found)

sw2(client):
sw2#sh vtp statu
VTP Version                     : 2
Configuration Revision          : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Client
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x36 0xD3 0xE7 0x16 0xB1 0xF7 0x76 0x54
Configuration last modified by 0.0.0.0 at 9-25-07 09:16:54
sw2#sh vlan id 69
VLAN id 69 not found in current VLAN database

sw1(server):
sw1#sh vtp status
VTP Version                     : 2
Configuration Revision          : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x36 0xD3 0xE7 0x16 0xB1 0xF7 0x76 0x54
Configuration last modified by 0.0.0.0 at 9-25-07 09:16:54
Local updater ID is 10.0.0.1 on interface Lo0 (first layer3 interface found)
sw1#sh vlan id 69
VLAN id 69 not found in current VLAN database

If you have multiple VTP servers in your VTP domain, you’ll want to make sure that each of the VTP servers has an IP address configured.  We pretty much know how this will turn out, but for the sake of completeness, let’s configure an l3 address on sw4 and then add a vlan to that switch (server).

sw4(server):
sw4(config)#int lo0
01:36:25: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
sw4(config-if)#ip add 10.0.0.4 255.255.255.255

sw4(config-if)#do sh vtp statu
VTP Version                     : 2
Configuration Revision          : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x36 0xD3 0xE7 0x16 0xB1 0xF7 0x76 0x54
Configuration last modified by 0.0.0.0 at 9-25-07 09:16:54
Local updater ID is 10.0.0.4 on interface Lo0 (first layer3 interface found)
*********
WARNING:

Make sure that you “exit” the vlan configuration or else your vlan will NOT be created:

sw4(config-if)#vlan 69
sw4(config-vlan)#name LAST_TEST
sw4(config-vlan)#do sh vtp statu  <- I have not exited the “config-vlan” mode so vlan 69 is NOT created yet
VTP Version                     : 2
Configuration Revision          : 4
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5 <-note
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x36 0xD3 0xE7 0x16 0xB1 0xF7 0x76 0x54
Configuration last modified by 0.0.0.0 at 9-25-07 09:16:54 <-old update
Local updater ID is 10.0.0.4 on interface Lo0 (first layer3 interface found)

********
sw4(config-if)#vlan 69
sw4(config-vlan)#name LAST_TEST
sw4(config-vlan)#exit
sw4(config)#do sh vtp statu
VTP Version                     : 2
Configuration Revision          : 5
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xF4 0x4E 0xDA 0xAA 0x12 0xC1 0x77 0xB1
Configuration last modified by 10.0.0.4 at 9-25-07 09:23:34
Local updater ID is 10.0.0.4 on interface Lo0 (first layer3 interface found)

sw2(client):
sw2#sh vtp statu
VTP Version                     : 2
Configuration Revision          : 5
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Client
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xF4 0x4E 0xDA 0xAA 0x12 0xC1 0x77 0xB1
Configuration last modified by 10.0.0.4 at 9-25-07 09:23:34
sw2#sh vlan id 69

VLAN Name                             Status    Ports
—- ——————————– ——— ——————————-
69   LAST_TEST                        active    Fa0/13, Fa0/18

sw1#sh vtp statu
VTP Version                     : 2
Configuration Revision          : 5
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 6
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xF4 0x4E 0xDA 0xAA 0x12 0xC1 0x77 0xB1
Configuration last modified by 10.0.0.4 at 9-25-07 09:23:34
Local updater ID is 10.0.0.1 on interface Lo0 (first layer3 interface found)
sw1#sh vlan id 69

VLAN Name                             Status    Ports
—- ——————————– ——— ——————————-
69   LAST_TEST                        active    Fa0/13

By configuring an IP address on your VTP server switches you’ll be able to use the “Local updater ID” when troubleshooting VTP updates.

Advertisements

7 Comments »

  1. […] More On The Local updater ID This post is a follow up to VTP: Which VTP Server Generated The Most Recent Update?  I didn’t want to make that post any longer than it already was.  Here’s some more […]

    Pingback by VTP: More On The Local updater ID « CCIE Pursuit — September 25, 2007 @ 4:41 pm | Reply

  2. […] Here are the first two posts: VTP: Which VTP Server Generated The Most Recent Update? […]

    Pingback by VTP: Local updater ID on VTP Transparent Switches « CCIE Pursuit — September 25, 2007 @ 5:00 pm | Reply

  3. Hi,

    Did you know that you can also specify the update source for VTP?
    i.e. you may have 50 SVI’s but want to use a particular SVI as your Local updater

    Switch1(config)#vtp interface ?
    WORD The name of the interface providing the VTP updater ID for this device.

    Comment by SteveP — September 27, 2007 @ 5:11 am | Reply

  4. I have run into a location that we have where the vtp password was never set. All the switches have client mode except for the appropriate server and the proper domain. All the uplinks are set to trunk. So everything works right now. Best I can tell is that setting a vtp password does not update the version number. So if you go through and set the password on the switches from the bottom up to the core which is the vtp server will this do more than break updates until the password is implemented at the top core switch?

    Comment by George — December 13, 2007 @ 12:27 pm | Reply

  5. @George

    You shouldn’t have any issues as long as you are only changing the password. I am fairly positive that changing the password does not change the revision number. I would work in the opposite direction (core to access) though. That way you can create a test VLAN on the VTP server (core switch) and then you can verify that VTP is working on the downstream switches by checking for that VLAN after you configure the VTP password on each device.

    I’m pretty sure that the above is correct, but I’ve never run VTP outside of a lab (the production networks I have worked on all disable VTP (vtp mode transparent) so caveat emptor. 🙂

    Comment by cciepursuit — December 14, 2007 @ 1:02 pm | Reply

  6. @George

    The Configuration Revision does not change when you change the VTP password:

    sw1#sh vtp status
    VTP Version : 2
    Configuration Revision : 3 <-
    Maximum VLANs supported locally : 1005
    Number of existing VLANs : 16
    VTP Operating Mode : Server
    VTP Domain Name : IELAB
    VTP Pruning Mode : Disabled
    VTP V2 Mode : Disabled
    VTP Traps Generation : Disabled
    MD5 digest : 0xBC 0x12 0xF4 0xC8 0x8C 0xF4 0x2A 0x67
    Configuration last modified by 136.1.57.7 at 3-1-93 02:58:12
    Local updater ID is 136.1.57.7 on interface Vl57 (lowest numbered VLAN interface found)

    sw1#sh vtp pass
    VTP Password: CISCO

    sw1#conf t
    Enter configuration commands, one per line. End with CNTL/Z.
    sw1(config)#vtp pass SYSCO
    Setting device VLAN database password to SYSCO
    sw1(config)#^Z

    sw1#sh vtp status
    VTP Version : 2
    Configuration Revision : 3 <-
    Maximum VLANs supported locally : 1005
    Number of existing VLANs : 16
    VTP Operating Mode : Server
    VTP Domain Name : IELAB
    VTP Pruning Mode : Disabled
    VTP V2 Mode : Disabled
    VTP Traps Generation : Disabled
    MD5 digest : 0xD7 0x5B 0x83 0x22 0x5A 0xD6 0x43 0xED
    Configuration last modified by 136.1.57.7 at 3-1-93 02:58:12
    Local updater ID is 136.1.57.7 on interface Vl57 (lowest numbered VLAN interface found)

    Comment by cciepursuit — December 14, 2007 @ 1:12 pm | Reply

  7. Is there a max number of VTP servers allowed in a VTP domain?

    Comment by Vince — February 27, 2009 @ 3:12 pm | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: