VTP Flashcards

1
Q

What does VTP stand for?

A

Vlan Trunking Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Is VTP used for Router?

A

No - VTP is only for switches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

If VTP is in Version 1 and is connected to a Version 3 Switch, what will it do?

A

It will change it’s VTP version to 2, if capable. VTP v1 devices will automatically upgrade itself to v2 if

  1. Detects it is connected to v2 member
  2. Detects it is connected to a v3 member
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Under what circumstances will VTP auto upgrade to v3?

A

Never - Currently v3 will never auto upgrade. You must manually configure vtpv3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

While configuring a vlan you see this error.

(config)#vlan 2000
“%PM-2-VLAN_ADD:Failed to add VLAN 2000

Why are you see this? What can you do to resolve this issue?

A

Extended vlan range is 1006-4094. You can normally only use in two cases. When VTP is configured in Transparent mode and when VTP is version 3.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

To go along with vlans and NOT VTP.

While configuring a vlan you see these errors.
(config)#vlan 1006
“%Failed to create VLAN 1006 VLAN(s) not available in port manager.
%Failed to commit extended VLAN(s) changes.
%PM-4-Ext_VLAN_Inuse: VLAN 1006 currently in use by FastEthernet 0/19
%SW_VLAN-4-VLAN_Create_Fail: Failed to create VLAN(s) 1006: VLAN (s) not available in port manager”

What does this tell you and what do you need to do to resolve it?

A

This tells us that VLAN X is taken up by the internal VLANs. To see this use “show vlan internal usage” in Catalyst series. You should see that vlan 1006 was taken up by the internal resources. This means you configured an IP address on a physical interface. In the configuration you should see this command “vlan internal allocation policy ascending”. This means for Ip address created on the interface it is going to use the first available Ip address after 1005 (1002-1005 are taken up by legacy FDDI and token ring). You must remove the ip address off the interface, create the vlan 1006, then re-add the ip address. The next address is should be able to pull will be 1007. Or you can create an SVI to negate this issue.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is VTP not?

A
  1. It is not a requirement of Ethernet networks (meaning it is not one of the three things needs to provide basic network connectivity).
  2. Does not define the broadcast domain.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the three different modes of operations for VTP v1 + v2 ?

A
  1. Server
  2. Client
  3. Transparent
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Match these 3 modes of operations for VTP to it’s characteristics. Server, Client, and Transparent. Each one of these characteristics applies to one or two modes of operation.

-Creates VLANs (1 option)
-Creates locally significant VLANs (1 option)
-Advertises VLANs (2 options)
-Does not install VLANs from other advertisements
(1 option)
-Installs VLANs from other advertisements (2 options)
-Will install and forward other VTP advertisements along if VTP domain matches (2 options)
-Will only forward other VTP advertisements along if VTP domain matches (1 options)

A
  • Creates VLANs = Server
  • Creates locally significant VLANs = Transparent
  • Advertises VLANs = Server + Client
  • Does not install VLANs from other advertisements = Transparent
  • Installs VLANs from other advertisements = Server + Client
  • Will install and forward other VTP advertisements along if VTP domain matches = Server + Client
  • Will only forward other VTP advertisements along if VTP domain matches = Transparent
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the three types of VTP passwords?

A
  1. Normal
  2. Hidden
  3. Secret
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the VTP password if you do not set one? Default password.

A

NULL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the two purposes of VTP?

A
  1. Used to synchronized VLAN creation between switches.

2. Simplifies the management of VLANs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You configure an interface with this command.

(config-if)#switchport access vlan 4

You do not see any issues after using this command.
However the computers in this vlan are not working.

What is going on? What “Show” can you use in troubleshooting this?

A

There are 3 ways to create VLANs - Globally, VLAN Database and at time of assignment. At time of assignment is when you go under an interface and use the “switchport access vlan X” command. If the vlan has not been created yet, it will create it for you (Cool!). However if you are running VTP v1 or v2 and your switch is in client mode it will not create the vlan. This happens since VTP client is not allowed to create VLANs. The worst part is that the CLI will NOT warn you that this VLAN wasn’t create or does not exist (Not Cool!). The shitty part is that if you do a “show interface status” it will show you the interface and the un-created vlan assigned to it. See picture of example.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the potential problems with VTP?

A
  1. Switch with the wrong database with higher configuration revision number can overwrite the database of all other switches.
    • This is true for both Server and Client mode. You might think to yourself how is that possible? Well we all know whenever you are in vtp mode client and you try to add a vlan it gives you this error. “VTP VLAN configuration not allowed when device is in CLIENT mode”. But you can take a offline switch, change it to vtp mode server, add vlans, then put it back to VTP mode client. Once this switch comes on the network and has a higher revision it will update every switches vlans in the same VTP domain.
  2. Since VTP is Cisco proprietary they can be a “break in the chain” meaning a non cisco switch is in between two cisco switches. Therefore it cannot pass along the VTP messages or participate in the update to the vlan database. This could also happen if there is a cisco switch in between two other cisco switches and has a different VTP domain.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What benefits does VTP pruning provide?

A

Reduces unnecessary replication of “bum traffic”

  • Broadcast
  • Unknown unicasts
  • Unknown multicast

VTP pruning is benefical because it keeps un-needed data sent across links. Normally if a device sends a broadcast or multicast it will flood it over trunk ports even if that vlan doesn’t have a device on the opposite end. VTP pruning keeps un-need bandwidth from going across trunk interfaces.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What two messages does VTP pruning use?

A

Prune and Join messages.

17
Q

Is it possible to prune extended vlans in VTP?

A

No, not even in VTP v3

18
Q

What vlans are “prune eligible”?

A

Normal vlans - Vlans 2-1001

19
Q

Can VTP pruning prune vlan 1?

A

No, the only want to prune vlan one is to manullay prune it.

20
Q

True/False - Pruning does not remove vlans from the database.

A

True

21
Q

What are the three rules for VTP Pruning?

A
  1. For a VLAN that is disabled (no access ports anywhere in VLAN) all trunks will “Prune” VLAN.
  2. Once a VLAN is activated (an access port joins VLAN) it will send a triggered “join” message.
  3. VLANs on trunks can take VLANs out of “Pruned” state.
22
Q

What ports can a triggered “join” be sent on?

A
  1. STP root port (if a non-root bridge switch)

2. All designated ports (if switch is the root bridge)

23
Q

When can a switch take a VLAN out of the “pruned” state?

A
  1. A triggered “join” was RECEIVED on a port and…

2. That port is in STP “Forwarding” state for THAT Vlan.

24
Q

What are 3 enhancements of VTP v3?

A
  1. Security Enhancements
    • Fixes configuration revision overwrite problem.
  2. New advertisements
    • Extended vlans, Private vlans, and MST configuration
  3. VTP can now be disabled
    • Globally
    • Per Link
25
Q

What is the purpose of VTP Client mode in VTP v3?

A

Not a dame thing. Best practice to leave all in vtp mode server.

26
Q

Can you make your switch the primary server in VTP v3 if it is in VTP mode Client?

A

No, you must change it to vtp mode server.

27
Q

What are the two features you can make a switch primary server in VTPv3?

A

Vlans + MST

28
Q

Can you have two different switches be the primary server for the two different features?

A

Yes, one can be the primary server for VLANs and another can be the primary server for MST.

29
Q

What does the “VTP primary” command do?

A

It makes the switch the primary server for both VLANs and MST. If you want to choose just one then the command is (config)#vtp primary

30
Q

What show commands can you use for troubleshooting VTP pruning?

A

Show interface trunk

show interface pruning

31
Q

You have one switch configured for VTP domain Cisco and the other cisco. Will VTP work?

A

No - the domain in VTP is CASE-sensitive

32
Q

For VTPv3 order of operations, can your first step be to change the mode to VTPv3?

A

No, this is not the correct order of operations. If you try to change the mode to VTPv3 before configuring the Domain name you will receive the following error.

“Cannot set the version to 3 because domain name is not configured”

33
Q

What is the order of operation for VTPv3?

A
  1. Configure Domain name
  2. Change mode to VTPv3
  3. Configure one switch as VTP primary
  4. (Optional) - Configure VTP Password
34
Q

Can you leave the domain name blank for VTPv3?

A

No, you must configure a domain name before you can even set the version to v3.

35
Q

Will this work? “VTP password Cisco secret” ?

A

No, in order to use the secret command you must use a 32 character hash. You can get this from the “show vtp password” after doing the “VTP password Cisco hidden”