Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
775
Views
0
Helpful
5
Replies

two vtp servers same domain

gene.uhl
Level 1
Level 1

‎08-09-2012 08:13 AM - edited ‎03-07-2019 08:15 AM

I read the threads and have it mostly down. Just need to know if I have a switch with all set right vtp domain GENE with vlan 10 named A and vlan 20 named B

Then add a switch with vtp domain GENE with a higher revision number that has vlan 20 named giraffe vlan 30 named elephant and vlan 50 named tiger

Will this switch in a sense COMPLETELY erase the original switch config and now it will have vlan 20 named giraffe vlan 30 named elephant and vlan 50 named tiger and NOT HAVE vlan 10 named A and vlan 20 named B anymore. Or does it do a merge??

Thanks

Gene

Sent from Cisco Technical Support iPhone App

Labels:
0 Helpful
5 Replies 5

Alessio Andreoli
Level 5
Level 5

‎08-09-2012 09:52 AM

Hi,

the higher revision configuration number is the one which will push in the config in the VTP domain (if in server mode). By the way i think it will NOT merge config but it will delete it.

Alessio

0 Helpful

glen.grant
VIP Alumni
VIP Alumni
In response to Alessio Andreoli

‎08-09-2012 09:59 AM

    The above statements are incorrect,  it is based on the revision number solely  if no vtp password is used. It will not matter  if the device is in client mode,  if the client mode revision number is higher the client is going to overwrite the vlan database for the entire domain .  This does not just happen in server mode.  Thats why when you use vtp it is imperative to check the config revision number of any new switch going in whether its a server or a client switch.  To reset a switch to  config revision 0 it is as simple as changing the vtp domain name to a name other than the one it will be going in and then change it back, this should reset it to  "0" .

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-09-2012 10:03 AM

Hello Gene,

it is a replacement and not a merge and a VTP client can override the current Vlan database if its revision number is higher as noted by Glen.

VTP protocol ( at least version 1 and version 2) can suffer this sort of Denial of Service.

You can use MD5 authentication to add some security.

You should always take care to verify the vtp status before connecting a new switch to production network.

Setting a different VTP domain name and/or changing the VTP mode to transparent will make the revision number to be zeroed.

Then you can set back the correct VTP domain name and VTP mode

Having two VTP servers in a domain is considered best practice.

Hope to help

Giuseppe

0 Helpful

gene.uhl
Level 1
Level 1
In response to Giuseppe Larosa

‎08-09-2012 10:33 AM

Great.  Thanks for all the answers.  I have almost what I need. I understand the concept of revision number.  But as stated above.  If I have a VTP Server with revision 100  and some vlans and I add a new switch in Client Mode that has some other vlans assigned BUT has a revision number of 110, does the Client Update the Server and wipeout the server database??  I thought only the server maintains the database  (it is taken that passwords and domains are all set)

I completely understand for safety, setting to transparent or revison back to 0, but what if the case happens above?

Or if it doesnt update the server, when does it get the update from the server?

Thanks

Gene

0 Helpful

glen.grant
VIP Alumni
VIP Alumni
In response to gene.uhl

‎08-09-2012 12:40 PM

   Yes the client will  overwrite all  vlan databases in the domain if the config level on the client is 110 and the server revision level is only 100 including any vtp servers.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card