Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

two vtp servers same domain

I read the threads and have it mostly down. Just need to know if I have a switch with all set right vtp domain GENE with vlan 10 named A and vlan 20 named B

Then add a switch with vtp domain GENE with a higher revision number that has vlan 20 named giraffe vlan 30 named elephant and vlan 50 named tiger

Will this switch in a sense COMPLETELY erase the original switch config and now it will have vlan 20 named giraffe vlan 30 named elephant and vlan 50 named tiger and NOT HAVE vlan 10 named A and vlan 20 named B anymore. Or does it do a merge??

Thanks

Gene

Sent from Cisco Technical Support iPhone App

5 REPLIES

two vtp servers same domain

Hi,

the higher revision configuration number is the one which will push in the config in the VTP domain (if in server mode). By the way i think it will NOT merge config but it will delete it.

Alessio

Purple

two vtp servers same domain

    The above statements are incorrect,  it is based on the revision number solely  if no vtp password is used. It will not matter  if the device is in client mode,  if the client mode revision number is higher the client is going to overwrite the vlan database for the entire domain .  This does not just happen in server mode.  Thats why when you use vtp it is imperative to check the config revision number of any new switch going in whether its a server or a client switch.  To reset a switch to  config revision 0 it is as simple as changing the vtp domain name to a name other than the one it will be going in and then change it back, this should reset it to  "0" .

Hall of Fame Super Silver

Re: two vtp servers same domain

Hello Gene,

it is a replacement and not a merge and a VTP client can override the current Vlan database if its revision number is higher as noted by Glen.

VTP protocol ( at least version 1 and version 2) can suffer this sort of Denial of Service.

You can use MD5 authentication to add some security.

You should always take care to verify the vtp status before connecting a new switch to production network.

Setting a different VTP domain name and/or changing the VTP mode to transparent will make the revision number to be zeroed.

Then you can set back the correct VTP domain name and VTP mode

Having two VTP servers in a domain is considered best practice.

Hope to help

Giuseppe

New Member

Re: two vtp servers same domain

Great.  Thanks for all the answers.  I have almost what I need. I understand the concept of revision number.  But as stated above.  If I have a VTP Server with revision 100  and some vlans and I add a new switch in Client Mode that has some other vlans assigned BUT has a revision number of 110, does the Client Update the Server and wipeout the server database??  I thought only the server maintains the database  (it is taken that passwords and domains are all set)

I completely understand for safety, setting to transparent or revison back to 0, but what if the case happens above?

Or if it doesnt update the server, when does it get the update from the server?

Thanks

Gene

Purple

Re: two vtp servers same domain

   Yes the client will  overwrite all  vlan databases in the domain if the config level on the client is 110 and the server revision level is only 100 including any vtp servers.

408
Views
0
Helpful
5
Replies