Configuring VTP V3
This chapter contains the following sections:
• Configuring VTP V3, page 1
Configuring VTP V3
From Cisco NX-OS Release 7.2(0)N1(1), VLAN Trunk Protocol (VTP) V3 supports PVLAN integration, 4K
VLAN integration, generic database transport mechanism, and VTP authentication mechanism.
VTP V3 Overview
VTP V3 allows each router or LAN device to transmit advertisements in frames on its trunk ports. These
frames are sent to a multicast address where they can be received by all neighboring devices. They are not
forwarded by normal bridging procedures. An advertisement lists the sending device's VTP management
domain, its configuration revision number, the VLANs which it knows about, and certain parameters for each
known VLAN. By hearing these advertisements, all devices in the same management domain learn about any
new VLANs that are configured in the transmitting device. This process allows you to create and configure
a new VLAN only on one device in the management domain, and then that information is automatically
learned by all the other devices in the same management domain.
Once a device learns about a VLAN, the device receives all frames on that VLAN from any trunk port by
default, and if appropriate, forwards them to each of its other trunk ports, if any. This process prevents
unnecessary VLAN traffic from being sent to a device. An extension of VTP called VTP pruning has been
defined to limit the scope of broadcast traffic and save bandwidth. Beginning with Release 5.1(1), the Cisco
NX-OS software supports VTP pruning.
VTP also publishes information about the domain and the mode in a shared local database that can be read
by other processes such as Cisco Discovery Protocol (CDP).
Guidelines and Limitation
VTP Version 3 (VTPv3) was introduced in Cisco NX-OS release 7.2(0) and has the following features:
• Provides interoperability with switches configured with VTP version 1 or 2.
Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x
1
� Configuring VTP V3
VTP V3 Modes
• Allows only the primary server to make VTP configuration changes.
• Supports 4K VLANs
• Permits feature-specific primary servers. A switch can be a primary server for a specific feature database
like MST or for the entire VLAN database
• Provides enhanced security with hidden and secret passwords
• Provides interoperability with private VLANs (PVLAN). PVLANs and VTPs are no longer mutually
exclusive.
VTP Version 3 has the following software restriction:
• User will not be able to create vlan when switch is configured as a VTP client.
• In a VTP domain network, configure all the transparent devices first and then configure the primary
server to avoid any VLAN sync up issue from the VTP server.
VTP V3 Modes
From Cisco NX-OS Release 7.2(0)N1(1), VTP V3 supports the following modes:
• Transparent—Allows you to relay all VTP protocol packets that it receives on a trunk port to all other
trunk ports. When you create or modify a VLAN that is in VTP transparent mode, those VLAN changes
affect only the local device. A VTP transparent network device does not advertise its VLAN configuration
and does not synchronize its VLAN configuration based on received advertisements. You cannot configure
VLANs 1002 to 1005 in VTP client/server mode because these VLANs are reserved for Token Ring.
• Server— Allows you to create, remove, and modify VLANs over the entire network. You can set other
configuration options like the VTP version and also turn on or off VTP pruning for the entire VTP
domain. VTP servers advertise their VLAN configuration to other switches in the same VTP domain
and synchronize their VLAN configuration with other switches based on messages received over trunk
links. Beginning with Release 5.1(1), the server mode is the default mode. The VLAN information is
stored on the bootflash and is not erased after a reboot.
• Client— Allows you to create, change, and delete VLANs on the local device. In VTP client mode, a
switch stores the last known VTP information including the configuration revision number, on the
bootflash. A VTP client might or might not start with a new configuration when it powers up.
• Off— Behaves similarly to the transparent mode but does not forward any VTP packets. The off mode
allows you to monitor VLANs by using the CISCO-VTP-MIB without having to run VTP. On Cisco
Nexus 7000 Series devices, because VTP is a conditional service, its MIB is loaded only when the
corresponding feature is enabled. The CISCO-VTP-MIB does not follow this convention. It is loaded
by the VLAN manager and will always return the correct values whether the VTP process is enabled or
disabled.
Note VTP client will move to transparent mode if there is any failure during updating VLAN
database received from server. Following syslog message is displayed on console.
“VTP-2-VTP_MODE_TRANSPARENT_CREATE_SEQ_FAILED: VTP Mode changed to
transparent since VTP vlan create/update failed”. User need to change back
the VTP mode to client to get latest database from server.
Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x
2
� Configuring VTP V3
VTP V3 Pruning
VTP V3 Pruning
The VLAN architecture requires all flooded traffic for a VLAN to be sent across a trunk port even if it leads
to switches that have no devices that are active in the VLAN. This method leads to wasted network bandwidth.
VTP V3 Pruning optimizes the usage of network bandwidth by restricting the flooded traffic to only those
trunk ports that can reach all the active network devices. When this protocol is in use, a trunk port does not
receive the flooded traffic that is meant for a certain VLAN unless an appropriate join message is received.
A join message is defined as a new message type in addition to the ones already supported by version 1 of
the VTP V3 protocol. A VTP V3 implementation indicates that it supports this extension by appending a
special TLV at the end of the summary advertisement messages that it generates. In VTP V3 transparent mode,
VTP relays all VTP packets, and pruning requires that the switch processes TLVs in the VTP V3 summary
packets.
VTP V3 Per Interface
VTP allows you to enable or disable the VTP protocol on a per-port basis to control the VTP traffic. When a
trunk is connected to a switch or end device, it drops incoming VTP packets and prevents VTP advertisements
on this particular trunk. By default, VTP is enabled on all the switch ports.
VTP V3 Pruning and Spanning Tree Protocol
VTP maintains a list of trunk ports in the Spanning Tree Protocol (STP) forwarding state by querying STP at
bootup and listening to the notifications that are generated by STP.
VTP sets a trunk port into the pruned or joined state by interacting with STP. STP notifies VTP V3 when a
trunk port goes to the blocking or forwarding state. VTP V3 notifies STP when a trunk port becomes pruned
or joined.
Default VTP Settings
This table lists the default settings for VTP parameters.
Table 1: Default VTP Parameters
Parameters Default
VTP Disabled
VTP Mode Transparent
VTP Domain blank
VTP Version 1
VTP Pruning Disabled
Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x
3
� Configuring VTP V3
Configuring VTP V3
Parameters Default
VTP per Interface Enabled
Configuring VTP V3
Note VLAN 1 is required on all trunk ports used for switch interconnects if VTP V3 is used in transparent mode
in the network. Disabling VLAN 1 from any of these ports prevents VTP from functioning properly in
transparent mode.
Before You Begin
Ensure that you are in the correct virtual device context (VDC) (or enter the switchto vdc command). VLAN
names and IDs can be repeated in different VDCs, so you must confirm which VDC that you are working in.
Procedure
Command or Action Purpose
Step 1 switch# configure terminal Enters global configuration mode.
Step 2 switch(config)# feature vtp Enables VTP on the device. The default is disabled.
Step 3 switch(config)# vtp domain domain-name Specifies the name of the VTP domain that you want
this device to join. The default is blank.
Step 4 switch(config)# vtp version {1 | 2 | 3} Sets the VTP version that you want to use. The default
is version 1.
Step 5 switch(config)# vtp mode {client | server Sets the VTP mode to client, server, transparent, or
| transparent | off} [vlan | mst | unknown] off. The default server mode is for vlan instance and
transparent is for mst instance.
Step 6 switch(config)# vtp interface Configures the interface name used by the VTP
interface-name [only] updater for this device.
Step 7 switch(config)# vtp file file-name Specifies the ASCII filename of the IFS file system
file where the VTP configuration is stored.
Step 8 switch(config)# vtp password Specifies the password for the VTP administrative
password-value [ hidden | secret] domain. Default value is taken from vlan.dat.
The following options are applicable only on VTP V3:
Example:
For Hidden: • Hidden–Password is not saved as clear text in
Device(config)# vtp password helping vlan.data file. Instead, a hexadecimal secret key
hidden generated from the password is saved. This is
Generating the secret associated to displayed as the output of the show vtp
the password. password.
Device# exit
Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x
4
�Configuring VTP V3
Configuring VTP V3
Command or Action Purpose
Device# show vtp password • Secret–Use this keyword to directly configure
VTP Password: the 32-character hexadecimalsecret key. System
89914640C8D90868B6A0D8103847A733
administrators can distribute this secret key
instead of the clear text password.
Example:
For Secret:
Device(config)# vtp password Note This command is applicable for VTP version
89914640C8D90868B6A0D8103847A733 3 only.
secret
Device# exit
Device# show vtp password
VTP Password:
89914640C8D90868B6A0D8103847A733
Step 9 switch(config)# exit Exits the configuration submode.
Step 10 switch# vtp primary [feature] [force] This command changes the operational state of a
secondary server to primary and advertises the
Example: information to the entire VTP domain. If the password
Device# vtp primary vlan is configured as hidden, the user is prompted to
re-enter the password after this command.
Enter VTP password:
This switch is becoming Primary Before the device takes over the role of primary, it
server for vlan feature in the VTP
domain attempts to discover servers that conflict this
information and follows another primary server. If
VTP Database Conf Switch ID
Primary Server Revision System Name conflicting servers are discovered, the user must
reconfirm the takeover of operational state and the
------------ ---- -------------- subsequent overwriting of configuration.
-------------- --------
--------------------
VLANDB Yes • feature–Configures the device as primary server
00d0.00b8.1400=00d0.00b8.1400 1 for a specific feature database. For example, the
stp7
MST database. Possible values are MST and
Do you want to continue (y/n) [n]? VLAN. By default, the VLAN database is
y chosen.
Note This command is applicable for VTPv3
only.
Step 11 switch# show vtp status (Optional)
Displays information about the VTP configuration on
the device, such as the version, mode, and revision
number.
Step 12 switch# show vtp counters (Optional)
Displays information about VTP advertisement
statistics on the device.
Step 13 switch# show vtp interface (Optional)
Displays the list of VTP-enabled interfaces.
Step 14 switch# show vtp password (Optional)
Displays the password for the management VTP
domain.
Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x
5
� Configuring VTP V3
Configuring VTP V3 Pruning
Command or Action Purpose
Step 15 switch# show vtp devices [conflict] (Optional)
This is a VTP version 3 command that displays
Example: information about neighbor switches. The information
Device# show vtp devices is not learned from the summary packet used for
regular VTP packets. This command sends out a
Gathering information from the
domain, please wait. separate packet to collect information regarding
VTP Database Conf switch ID neighbor switches running VTP version 3.
Primary Server Revision System
Name
lict
------------ ---- --------------
-------------- ----------
----------------------
VLAN Yes 00b0.8e50.d000
000c.0412.6300 12354
main.cisco.com
MST No 00b0.8e50.d000
0004.AB45.6000 24
main.cisco.com
VLAN Yes
000c.0412.6300=000c.0412.6300 67
qwerty.cisco.com
Step 16 switch# copy running-config (Optional)
startup-config Copies the running configuration to the startup
configuration.
This example shows how to configure VTP in transparent mode for the device:
switch# configure terminal
switch(config)# feature vtp
switch(config)# vtp domain accounting
switch(config)# vtp version 2
switch(config)# vtp mode transparent
switch(config)# exit
switch#
Configuring VTP V3 Pruning
Follow the steps given below to configure VTP V3 Pruning.
Procedure
Command or Action Purpose
Step 1 switch# configure terminal Enters global configuration mode.
Step 2 switch(config)# vtp pruning Enables VTP pruning on the device. The default
is disabled.
Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x
6
�Configuring VTP V3
Configuring VTP V3 Pruning
Command or Action Purpose
Step 3 switch(config)# no vtp pruning (Optional)
Disables VTP pruning on the device. The default
is disabled.
Step 4 switch(config)# show interface (Optional)
interface-identifier switchport Displays the VTP pruning eligibility of the trunk
port. The default is that all the VLANs from 2 to
1001 are pruning eligible.
Step 5 switch(config)# interface port-channel Creates a port-channel interface and enter interface
channel-number configuration mode.
Step 6 switch(config-if)# switchport trunk Sets the specified VLANs to be VTP pruning
pruning vlan [add | remove | except | eligible.
none | all] VLAN-IDs
Step 7 switch(config-if)# end Returns to privileged EXEC mode.
Step 8 switch# show vtp counters (Optional)
Displays VTP pruning information and counters.
Step 9 switch# clear vtp counters (Optional)
Resets all the VTP pruning counter values.
Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x
7
� Configuring VTP V3
Configuring VTP V3 Pruning
Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x
8
