08-09-2012 08:13 AM - edited 03-07-2019 08:15 AM
I read the threads and have it mostly down. Just need to know if I have a switch with all set right vtp domain GENE with vlan 10 named A and vlan 20 named B
Then add a switch with vtp domain GENE with a higher revision number that has vlan 20 named giraffe vlan 30 named elephant and vlan 50 named tiger
Will this switch in a sense COMPLETELY erase the original switch config and now it will have vlan 20 named giraffe vlan 30 named elephant and vlan 50 named tiger and NOT HAVE vlan 10 named A and vlan 20 named B anymore. Or does it do a merge??
Thanks
Gene
Sent from Cisco Technical Support iPhone App
08-09-2012 09:52 AM
Hi,
the higher revision configuration number is the one which will push in the config in the VTP domain (if in server mode). By the way i think it will NOT merge config but it will delete it.
Alessio
08-09-2012 09:59 AM
The above statements are incorrect, it is based on the revision number solely if no vtp password is used. It will not matter if the device is in client mode, if the client mode revision number is higher the client is going to overwrite the vlan database for the entire domain . This does not just happen in server mode. Thats why when you use vtp it is imperative to check the config revision number of any new switch going in whether its a server or a client switch. To reset a switch to config revision 0 it is as simple as changing the vtp domain name to a name other than the one it will be going in and then change it back, this should reset it to "0" .
08-09-2012 10:03 AM
Hello Gene,
it is a replacement and not a merge and a VTP client can override the current Vlan database if its revision number is higher as noted by Glen.
VTP protocol ( at least version 1 and version 2) can suffer this sort of Denial of Service.
You can use MD5 authentication to add some security.
You should always take care to verify the vtp status before connecting a new switch to production network.
Setting a different VTP domain name and/or changing the VTP mode to transparent will make the revision number to be zeroed.
Then you can set back the correct VTP domain name and VTP mode
Having two VTP servers in a domain is considered best practice.
Hope to help
Giuseppe
08-09-2012 10:33 AM
Great. Thanks for all the answers. I have almost what I need. I understand the concept of revision number. But as stated above. If I have a VTP Server with revision 100 and some vlans and I add a new switch in Client Mode that has some other vlans assigned BUT has a revision number of 110, does the Client Update the Server and wipeout the server database?? I thought only the server maintains the database (it is taken that passwords and domains are all set)
I completely understand for safety, setting to transparent or revison back to 0, but what if the case happens above?
Or if it doesnt update the server, when does it get the update from the server?
Thanks
Gene
08-09-2012 12:40 PM
Yes the client will overwrite all vlan databases in the domain if the config level on the client is 110 and the server revision level is only 100 including any vtp servers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide