VTP protocol Learning

VTP Protocol
I. Overview of VTP
VLAN relay protocol (VTP, VLAN TRUNKING
PROTOCOL) is a dedicated cisco protocol. Most switches support this PROTOCOL. VTP is responsible for synchronizing VLAN information in The VTP domain, so that you do not have to configure the same VLAN information for each switch.
VTP also provides a ing scheme to allow communication flows to span the backbone of the hybrid media.
The most important role of VTP is to minimize the configuration inconsistency that may occur during changes.
VTP also has some disadvantages, which are usually related to the Spanning Tree Protocol.
1. Role of VTP Protocol
VLAN relay protocol (VTP) uses layer-3 relay frames to implement VLAN communication between a group of switches. VTP maintains the VLAN addition and rename of the entire enterprise network from a central control point to ensure Configuration consistency.
2. Advantages of VTP
> Maintain Configuration consistency
> You can configure a virtual LAN across different media types, such as atm fddi and Ethernet.
> Provides methods for tracking and monitoring Virtual LAN
> Provides a method to detect virtual regions added to another vswitch.
> You can add a virtual LAN from a vswitch to the entire management domain.
Ii. Working Principles of VTP
1. Overview and working principle of VTP
VTP is a message protocol that uses layer-3 frames to manage VLAN addition, deletion, and rename on the basis of the entire network to achieve consistent VLAN configuration. You can use VTP to manage VLAN1 to 1005 in the network.
With VTP, you can change the configuration of a centralized obsolete machine, and the changes will be automatically transmitted to all other switches in the network. (The premise is in the same VTP domain)
To implement this function, you must first create a VTP management domain so that it can manage the current VLAN on the network. Vswitches in the same management domain share their VLAN information. A vswitch can only participate in one VTP management domain. vswitches in different domains cannot share VTP information.
Switches exchange the following information:
> Domain name management
> Configuration revision number
> The configuration information of the virtual LAN is known.
The vswitch uses the configuration correction number to determine whether the internal data of the current vswitch should receive the VTP update information sent from other vswitches.
> If the received VTP Update Configuration revision number is smaller than that of the internal database revision number domain, the switch ignores the update.
> Otherwise, the internal database will be updated and the updated information will be accepted.
In secure mode, The VTP management domain must have a unique password for all vswitches In The VTP domain.
VTP has the following features:
> VTP works by sending multicast VTP messages to a specific MAC address 01-00-0C-CC-CC-CC.
> The VTP announcement is transmitted only through the relay port.
> VTP messages are transmitted through vlan1. (this is why VLAN1 cannot be removed from the relay link)
> After automatic DTP negotiation and the relay is enabled, the VTP information can be transmitted along the relay link.
> Each vswitch In The VTP domain regularly sends a notification to the reserved VTP multicast address on each relay port.
VTP notifications can be encapsulated in ISL or 802.1Q frames.
2. VTP domain
A VTP domain, also known as a VLAN management domain, is composed of one or more switches that share VTP domain names.
To use VTP, you must specify the VTP domain name for each vswitch. The VTP information can only be kept in The VTP domain. One vswitch can belong to and only belongs to one VTP domain.
By default, the CISCO switch is in vtp server mode and does not belong to any management domain until the switch receives a notification about a domain through the relay link, you can also configure a VLAN management domain on the vswitch to notify the vswitch of the VLAN creation or modification message on the vtp server.
If the VLAN configuration is changed on the vtp server, the changes will be transmitted to all vswitches In The VTP domain.
If the switch is configured in "Transparent" mode, you can create or modify a VLAN, but the modifications only affect a single switch.
A key parameter for VTP control is the VTP Configuration Modification number. the 32-bit number indicates the specific version of The VTP configuration. the value of the Configuration Modification number starts from 0. Each time it is modified, it is increased by 1 until it reaches 4294967295. Then, it is cyclically set to 0 and increased again. each VTP device records its own VTP Configuration Modification number. The VTP packet contains the VTP Configuration Modification Number of the sender. this information is used to determine whether the received information is updated later than the current information.
To change the vswitch configuration to 0, you only need to disable relay, change the VTP name, and enable relay again.
VTP Domain requirements:
> Each vswitch in the domain must use the same VTP domain name, whether implemented through configuration or automatically learned by the switch
> The CATALYST Switch must be adjacent, which means that all switches in The VTP domain form a tree that is connected to each other. Each switch uses this tree to interact with other switches.
> Relay must be enabled between all vswitches.
3. VTP Running Mode
There are three VTP modes:
> SERVER mode (Default SERVER)
VTP servers control the generation and modification of VALN in their domain. all VTP information is advertised to other vswitches in this domain, and all these VTP information is synchronously received by other vswitches.
> CLIENT Mode)
VTP clients do not allow administrators to create, modify, or delete VLANs. They listen to VTP announcements from other vswitches in the domain and modify their VTP configurations accordingly.
> TRANSPARENT)
Vswitches in VTP transparent mode do not participate in VTP. when the switch is in transparent mode, it does not advertise its VLAN configuration information. in addition, its VLAN database updates and notices are not synchronized. however, it can create and delete local VLANs. however, these VLAN changes will not be transmitted to any other switch.
Status of various running Modes
Functional server mode client mode transparent mode
VTP message √ ×
Listen for VTP messages √ ×
Change VLAN √ × √ (valid locally)
Remember VLAN √ × √ (different results are available in different versions) √ (effective locally)
4. VTP announcement
1. Overview of VTP announcement
When VTP is used, the following information is published on the relay port of each switch that is added to the VTP domain.
> Manage Domains
> Configuration version number
> All VLANs it knows
> Some parameters of each known VLAN
These advertised data frames are sent to a multicast address so that all adjacent devices can receive these frames.
The new VLAN must be created and configured on a vswitch in the management domain. This information can be learned by all other devices in the same management domain.
A VTP frame is sent to a relay link as a special frame.
There are two types of announcements:
> A request from a client is sent by the client at startup to obtain information.
> Response from the server
There are three types of messages:
> Notification requests from clients
> Summary announcement
> Subset announcement
The VTP announcement may contain the following information:
> Manage Domain Name
> Configuration version number
> MD5 Digest-after the password is configured, MD5 is the password sent together with VTP. If the password does not match, the update will be ignored.
> Updater identity: ID of the switch that sends the VTP summary announcement.
The VTP announcement process starts with the configuration revision number 0. When a subsequent field changes, this revision number is added with 1 until the VTP announcement is sent.
The VTP revision number is stored in NVRAM, and the switch's power switch does not change this value. to initialize the revision number to 0, use the following methods:
> Change The VTP mode of the vswitch to transparent mode and then to server mode.
> Change The VTP Domain Name of the vswitch once and then back to the original domain name.
> Run the clear config all command to clear the vswitch configuration and VTP information. Start again.
2. Three VTP Message Types
(1) Summary announcement
The current VTP domain name and Configuration Modification Number of the CATALYST switch used to notify the adjacent. By default, the CATALYST Switch sends a summary notice every five minutes.
When the switch receives a Summary Notification packet, it will compare the VTP Domain Name:
> If the domain name is different, ignore this packet.
> If the domain name is the same, the configuration modification numbers are further compared.
> If the vswitch has a higher or equal Configuration Modification number, ignore this packet. If the number is smaller, send a notification request.
(2) subset announcement
If a VLAN is added, deleted, or modified on The vtp server, the "configuration change number" is added. The switch sends a summary notice and one or more subset notifications. suspending or activating a VLAN and changing the VLAN name or MTU will trigger a subset announcement.
The subset announcement contains the VLAN list and corresponding VLAN information. If multiple VLANs exist, multiple subset announcements may be sent to notify all information.
(3) Notification request
The vswitch sends a VTP notification request in the following circumstances:
> After the vswitch is restarted
> After The VTP domain name is changed
> The vswitch has received a summary announcement of VTP with a higher Configuration Modification number.
5. VTP domain security
To make the management domain more secure, the domain name and password must be configured for each vswitch in the domain, and the domain name and password must be the same.
Example ):
> Enter the configuration mode:
Switch # configure terminal
> Configure The VTP Domain Name:
Switch (config) # vtp domain test
> Configure The VTP running mode:
Switch (config) # vtp mode server
> Configure The VTP password:
Switch (config) # vtp password 2 3 7
Switch (config-if) # end
Switch # show interface fa0/3 switchport
-
Trunking vlans active: 1-, 6, 7,200
Pruning vlans enable: 4-6,8-1001
Example 3 (disable VTP pruning in the management domain)
Switch # config t
Switch (config) # no vtp pruning
Switch # show vtp status
-
Vtp pruning mode: disabled (TRIM disabled)
<3> VTP version settings
Switch (config) # vtp version 2 (configured as version 2)
Switch (config) # no vtp version 2 (back to version 1)
Switch # show vtp terminal
VTP V2 mode: enable
You can change the VTP version only in vtp server mode.
3. How to add or remove vswitches In The VTP domain
<1> Add a vswitch
The VTP configuration number of the newly added vswitch is lower than that of the original vtp server in the domain to be added.
Add process:
> Clear configuration: (or other methods)
Switch (config) # erase startup-config
Switch (config) # end
Switch # reload
> Configure The VTP running mode:
Switch (config) # vtp domain test
> Configure VTP Running Mode
Switch (config) # vtp mode server
Switch (config) # end
Switch # show vtp status
<2> reduce vswitches
Switch (config) # vtp domain test-
Switch (config) # end
Switch # show vtp status