I have a very confusing problem that I hope someone can help with.
I have installed several new switches in my network (configured from scratch) and I need VTP to prpogate to these switches and it is not.
Since I am witing this from home all I can give you is what I remember. I will try and update this tommorrow if it has not been answerd. Here are my specs:
-Port is configured as trunk on both ends
-Native VLAN is 1 (default)
-Domain name is same (all lowercase)
-No VTP password is used (I checked and I did a "no vtp password" just in case)
-Server and client are configured respectively
Several other things to note. I read that the VTP version has to be the same on all switches to propogate, and with that being said it also only has to be configured on 1 server to take effect through the network (I am running V2). I manually changed it to Version 2 when it did not propagate I changed the mode to client on the recieving switch and I can still add/delete VLAN's (very confusing) and on top of that the configuration Revision # on the client increases when I do. I have deleted the VLAN database on the client. After that didn't work I deleted the whole configuration and started from scratch. I am able to ping it and ping from it to the CORE (My "ONLY" VTP server in the network). It does the same thing for several switches I just installed from scratch. Some models I used... (2960, 3750, 4500). I have also changed the domain name to a bogus one and back to the one it needs to be. I have also changed it from client to transparent and back.
I keep getting an error:
Feb 1 10:35:49: %SW_VLAN-4-VTP_USER_NOTIFICATION: VTP protocol user notification: MD5 digest checksum mismatch on receipt of equal revision summary on trunk:
Everything I read says to make sure the passwords are correct on all switches but like I said there are none set on any of them. Another thing I was told to try was to create a bogus VLAN on the server and then delete it to increase the revision number and to send out a VTP message to all switches. I did this and still no luck. When I was researching this on google I came across another Discussion at CISCO of the same problem.
Here is the link:
I could not find any help here either.
Please help. My brain hurts from hours of trying everything I know.
Solved! Go to Solution.
What exactly does this command do and do I need to enter it on only the switches not working or the whole netowrk?
Thanks for the speedy reply by the way.
When I posted that I meant none of the other 50+ switches in my network have a password configured and they propogate just fine. Just the ones I added recently do not collect the VLAN information like they are supposed to. Its very wierd. Like I said I was able to change to VLAN database when it was in client mode. Im thinking it might be a bad IOS, but then again can that be the problem for the 6 switches that are having this issue? Its just a nightmare.
W/o more info, which I am not going to ask because its late here! lol, do the debugs show you any useful info:
debug sw-vlan vtp
or something similiar depending on your platform.
It is not possible in normal circumstances that you can create new VLAN locally on VTP client. You should see something like "VTP VLAN configuration not allowed when device is in CLIENT mode". If not - your switch is not a client. May be this is a bug.
MD5 mismatch means that your VTP server and your new switch have different VTP (or VLAN) configurations but the same VTP revision numbers. They do not need to have different passwords. It is enough for them to have different VLAN databases with the same Rev.Num.
Try to use debug, but be very carefull creating and deleting VLANs - you are in risk to delete your VLAN database on your "ONLY" server.
If you are going to mess with vtp positivly make sure all new switches are at revision 0 before you insert them into the network, this can be done by putting the switc h into vtp mode transparent and then changing back vtp mode client. I agree there should be no way to add or delete vlans on a switch that is set as vtp mode client. It has to be a server or in transparent mode to add or delete vlans . Also verify the parameters on the server by doing a show vtp status and show vtp password and make sure those match exactly except one will be a client. It does not need a password to work , the vtp domain name just has to match exactly , capitols, lower case etc... Also theoretically if the switch is at defaults it will learn the vtp domain and parameters by itself. You can try deleting the vlan.dat file and see if it will learn the parameters on the new client.
First of all thanks to everyone who tried to help me with this. I must have been rushing through this problem (I don't really know how beacuse I was working on it for several hours), but I finally figured it out. Apparently the old system administrator DID put a VTP password on the switches, but when I did the "sh vtp password" command it said no password was set. It turns out that that was one of the switches that was not taking the VTP updates so of course there was no password because it was a new switch I installed. I apologize for my negligence, but on a good note I learned a lot about VTP that I did not know.