VTP Flashcards

1
Q

What is the purpose of the VTP client advertisement request?

A

It allows a client device to request VTP summary and subset advertisement from the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does the VTP summary advertisement carry?

A

Synchronization information. Domain name, CRN, VTP version, MD5 hash code, timestamp, and the number of subset advertisements to follow.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the VTP subset advertisement carry?

A

Updated VLAN information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is VTP Pruning?

A

If a VLAN is not present on any ports on a switch, VTP will automatically remove that VLAN from trunks leading to that switch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

VTP version 3 introduced ___, ___. ___ and ___.

A

The “off” mode, the primary server, encrypted passwords and support for all VLANs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

List the VTP versions.

A

Versions 1, 2 and 3. 1 is ran by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

List the three VTP advertisement types.

A

Summary advertisements, subset advertisements, client advertisement requests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In VTP, client devices can still make changes when they send a ___.

A

Full summary advertisement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define the CRN.

A

Configuration revision number. In VTP, the advertisement with the highest CRN is used. The CRN is incremented on a switch whenever a VLAN change is made.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

List the VTP roles.

A

Server, client, transparent, off.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

To participate in VTP, devices must be part of the same ___ and have the correct ___.

A

VTP domain and VTP password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Briefly describe VTP.

A

VLAN trunking protocol. Replicates VLANs across devices in a whole network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which command will show VTP config information?

A

Show VTP status

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Each switch can only be in one ___.

A

VTP domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What VTP version do switches run in by default?

A

VTP version 1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the default VTP domain?

A

“Null”. Will still run VTP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Are VTP domains case sensitive?

A

Yes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Describe the VTP server mode.

A

The switch will send out VTP subset advertisements. Only one serve is allowed in later VTP versions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Describe the VTP client mode.

A

The switch will listen for VTP subset advertisements and update it’s VLANs accordingly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Describe the VTP transparent mode.

A

The switch will ignore VTP packets but will forward them along.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Describe the VTP off mode.

A

The switch will ignore VTP packets and will not forward them. Only available in version 3.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Will a client switch ever send a VTP advertisement?

A

Yes, when it first boots and enters a domain. This can affect the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What port types are VTP advertisements sent over?

A

Trunk ports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

When is a VTP summary advertisement sent?

A

Every 5 minutes or whenever any changes are made to the VLAN database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What happens when the CRN for an advertisement matches the CRN of the recieving switch?

A

The advertisement will be rejected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

The CRN is incremented ___ the VTP advertisement is sent.

A

Before.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What are two ways to reset the CRN number?

A

Change the VTP domain to a non-existent domain and then change it back; change the VTP mode to transparent and then back. ALWAYS VERIFY.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

When are subset advertisements sent?

A

Whenever a change to the VLAN database is made.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Can local VLAN changes be made to a VTP mode client device?

A

No, changes can only be made on a server, transparent, or off mode device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

When would a VTP client advertisement request be needed?

A

When the client device’s VLAN database is corrupted or deleted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What’s the difference between transparent mode in version 1 and 2?

A

In version 1 transparent mode will only forward VTP advertisements within its own domain, in version 2 transparent mode will forward all VTP advertisements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

VTP version 3 allows you to configure VTP on a ___ by ___ basis.

A

Port by port.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

In VTP versions 1 and 2, which file can the VTP password be viewed in?

A

the VLAN.dat file. This was fixed in VTP version 3.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

How does VTP version 3 fix the VTP synch issue?

A

With the introduction of the primary server. Only the primary server can make changes to other switch’s VLAN databases.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

How do you make a switch the primary VTP server?

A

With the “VTP primary” command.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Which VLAN are VTP advertisements sent across?

A

The untagged VLAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Which VTP versions are compatible?

A

VTP versions 2 and 3 are “compatible”. VTP version 1 is not compatible with any other version.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What’s the command to enable VTP pruning?

A

“VTP pruning” from global config mode. Can be edited on a port-by-port basis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What are the 3 modes of VTP?

A

Client- 1. Can’t modify, create of delete VLANs. 2. Forwards advertisments. 3. Only sends advertisements at bootup.

Server- Can modify, create of delete VLANs. 2. Originate VTP advertisments. 3. Accepts advertisements from Servers/Clients

Transparent- 1. Can modify, create of delete VLANs. 2. Does NOT advertise anything. 3. Forwards advertisments from other switches (does not look at them)

  1. Same as disabling VTP
  2. Needed for private VLAN. (can’t do private VLAN and VTP)
  3. Needed for extended VLAN 1006-4094
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What does VTP do?

A
  1. Cisco Proprietary
  2. Used to Dynamicly to manage VLANs across multiple switches.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

How does VTP Work?

A
  1. All Switches must belong to the same domain to exchange info.
  2. Server is the default mode.
  3. Highest revision # is considered newest DB. (a switch in client mode could update VLAN DB at bootup with higher Revision #)
  4. VTP is only advertised over Trunk Ports
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Describe VTP version 1

A
  1. Supports VLAN 1-1005
  2. If a switch with version 1 detects a switch with version 3, the switch with version 1 will try to upgrade itself.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Describe VTP version 2

A
  1. supports VLAN 1-1005
  2. Consistenty checks when changes are made to VLAN or VTP configuration
  3. Transparent VTP switches will forward advertisments via trunk enen if domain name is different
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Describe VTP version 3

A
  1. Into off mode
  2. able to disable VTP at port level
  3. Secure Mode
  • Hidden (hash, not visable)
  • Secret (encrypted)
  1. VTP Primary Server Feature
  2. Supports VLAN 1-4094
  3. Supports Private VLAN
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What are 2 ways to reset the VTP reversion #?

A
  1. Change Domain Name
  2. Change mode to Transparent and back to desirered mode.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

What are the 3 VTP advertisments types?

A
  1. Summary advertisments
  2. Subset advertisments
  3. client advertisment request
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

What do VTP summary advertisments contain?

A
  1. Domain
  2. Config Revision #
  3. MD5
  4. Timestamp
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

How often are VTP Summary advertisments sent?

A
  1. Every 5 minutes by VTP Server
  2. Everytime a DB change
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

What are VTP subset advertisments?

A

VLAN Config change

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

When would a VTP client advertisment request be sent?

A
  1. If the client switch VLAN DB comes corrupt
  2. If client DB get deleted
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

What is VTP Prunning?

A

When enabled a switch will not send broadcast, multicast and unicast down a trunk to another switch when it knows there is not a port with that VLAN on it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What is the command to enable VPT Prunning?

A

(config)#vtp pruning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

The network operations center has received a call stating that Users in VLAN 107 are unable to access resources through R1. From the information contained in the graphic, what is the cause of this problem?

vtp_pruning

vtp_pruning_output.jpg

A – spanning tree is not enabled on VLAN 107
B – VTP is pruning VLAN 107
C – VLAN 107 does not exist on switch SA
D – VLAN 107 is not configured on the trunk

Exhibit 2 on answer slide

A

Answer: B

Explanation:

“VLAN allowed on trunk” – Each trunk allows all VLANs by default. However, administrator can remove or add to the list by using the “switchport trunk allowed” command.

“VLANs allowed and active in management” – To be active, a VLAN must be in this list.

“VLANs in spanning tree forwarding state and not pruned” – This list is a subset of the “allowed and active” list but with any VTP-pruned VLANs removed.

All VLANs were configured except VLAN 101 so D is not correct. VLAN 107 exists in the “allowed and active” section so A and C are not correct, too. In the “forwarding state and not pruned” we don’t see VLAN 107 so the administrator had wrongly configured this VLAN as pruned.

Question 3:

The network administrator needs to enable VTP pruning within the network. What action should a network administrator take to enable VTP pruning on an entire management domain?

A – enable VTP pruning on every switch in the domain
B – enable VTP pruning on any client switch in the domain
C – enable VTP pruning on any switch in the management domain
D – enable VTP pruning on a VTP server in the management domain

Answer: D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Exhibit 2 on answer slide

Study the diagram below carefully, which three statements are true? (Choose three)

dtp_diagram

dtp

A – DTP packets are sent from Switch SB.
B – DTP is not running on Switch SA.
C – A trunk link will be formed.
D – The native VLAN for Switch SB is VLAN 1.

A

Answer: A C D

Explanation:

Dynamic Trunking Protocol (DTP) is the Cisco-proprietary that actively attempts to negotiate a trunk link between two switches. If an interface is set to switchport mode dynamic desirable, it will actively attempt to convert the link into trunking mode. If the peer port is configured as switchport mode trunk, dynamic desirable, or dynamic auto mode, trunking is negotiated successfully -> C is correct.

SB is in “dynamic desirable” mode so it will send DTP packets to SA to negotiate a trunk link -> A is correct.

On an 802.1Q trunk, DTP packets are sent on the native VLAN. By default, it is VLAN 1 (notice that SA’s native VLAN is 5) -> D is correct.

(Note: an 802.1Q trunk’s native VLAN is the only VLAN that has untagged frames)

Below is the switchport modes for easy reference:

Mode Function
Dynamic Auto Creates the trunk based on the DTP request from the neighboring switch.
Dynamic Desirable Communicates to the neighboring switch via DTP that the interface would like
to become a trunk if the neighboring switch interface is able to become a trunk.
Trunk Automatically enables trunking regardless of the state of the neighboring switch
and regardless of any DTP requests sent from the neighboring switch.
Access Trunking is not allowed on this port regardless of the state of the neighboring
switch interface and regardless of any DTP requests sent from the neighboring
switch.
Nonegotiate Prevents the interface from generating DTP frames. This command can be
used only when the interface switchport mode is access or trunk. You must
manually configure the neighboring interface as a trunk interface to establish a
trunk link.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Two switches SA and SB are connected as shown below. Given the below partial configuration, which two statements are true about VLAN traffic? (Choose two)

vtp_traffic

A – VLANs 1-5 will be blocked if fa0/10 goes down.
B – VLANs 6-10 have a port priority of 128 on fa0/10.
C – VLANs 6-10 will use fa0/10 as a backup only.
D – VLANs 1-10 are configured to load share between fa0/10 and fa0/12.

A

Answer: C D

Explanation:

Let’s assume that SA is the root bridge for all VLANs, it will make the explanation a bit clearer…

First we should understand what will happen if nothing is configured (use default values). Because we assumed that SA is the root bridge so all of its ports will forward. SB will need to block one of its ports to avoid a bridging loop between the two switches. But how does SB select its blocked port? Well, the answer is based on the BPDUs it receives from SA. A BPDU is superior than another if it has:

  1. A lower Root Bridge ID
  2. A lower path cost to the Root
  3. A lower Sending Bridge ID
  4. A lower Sending Port ID

These four parameters are examined in order. In this specific case, all the BPDUs sent by SA have the same Root Bridge ID, the same path cost to the Root and the same Sending Bridge ID. The only parameter left to select the best one is the Sending Port ID (Port ID = port priority + port index). If using default values, the default port priority’s value is 32 or 128 (128 is much more popular today but 32 is also a default port priority’s value), so SB will compare port index values, which are unique to each port on the switch, and because Fa0/12 is inferior to Fa0/10, SB will select the port connected with Fa0/10 (of SA) as its root port and block the other port.

vtp_traffic_explanation_blockFa012

To change the default decision of selecting root port, we can change the port priority of each interface. The above picture is true for VLAN 1-5 because port Fa0/10 has a lower port-priority so the peer port will be chosen as the root port. For VLAN 6-10, port Fa0/12 has higher priority ID (lower port priority value) so SB will block its upper port.

For answer A – “VLANs 1-5 will be blocked if fa0/10 goes down” – is not correct because if Fa0/10 goes down, SB will unblock its lower port therefore VLANs 1-5 will still operate.

For answer B – “VLANs 6-10 have a port priority of 128 on fa0/10″ – is not always correct because VLAN 6-10 can have a different port priority (of 32) according to the Cisco’s link below.

Answer C is correct because VLAN 6-10 uses Fa0/12 link as it main path. Fa0/10 is the backup path and is only opened when port Fa0/12 fails.

Answer D is correct because this configuration provide load-balance traffic based on VLAN basis. VLANs 1-5 use Fa0/10 and VLANs 6-10 use Fa0/12 as their main paths.

Note: We can not assure the answer B is always correct so we should choose C and D if the question asks us to give only 2 choices).

Reference (and good resource, too):

http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96a.shtml

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Regarding the exhibit and the partial configuration of switch SA and SB. STP is configured on all switches in the network. SB receives this error message on the console port:

00:06:34: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/5 (not half duplex), with SA FastEthernet0/4 (half duplex), with TBA05071417(Cat6K-B) 0/4 (half duplex).

What would be the possible outcome of the problem?

STP_mismatched_duplex.jpg

A – The root port on switch P4S-SB will fall back to full-duplex mode.
B – The interfaces between switches P4S-SA and P4S-SB will transition to a blocking state.
C – The root port on switch P4S-SA will automatically transition to full-duplex mode.
D – Interface Fa0/6 on switch SB will transit to a forwarding state and create a bridging loop.

A

Answer: D

Explanation:

From the output, we learned that the interfaces on two switches are operating in different duplex modes: Fa0/4 of SA in half-duplex mode & Fa0/5 of SB in full-duplex mode. In this case, because SB is operating in full duplex mode, it does not check the carrier sense before sending frames (CSMA/CD is not used in full-duplex mode). Therefore, SB can start to send frames even if SA is using the link and a collision will occur. The result of this is SA will wait a random time before attempting to transmit another frame. If B sends enough frames to A to make every frame sent from A (which includes the BPDUs) get dropped then SB can think it has lost root bridge (B does not receive BPDUs from A anymore). Therefore SB will unblock its Fa0/6 interface for transmitting and cause a bridging loop.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

What action should a network administrator take to enable VTP pruning on an entire management domain?

A. Enable VTP pruning on any switch in the management domain.
B. Enable VTP pruning on any client switch in the management domain.
C. Enable VTP pruning on a VTP server in the management domain.
D. Enable VTP pruning on every switch in the management domain.
E. Disable VTP pruning on a VTP server in the management domain.

A

Answer: C

Explanation

VTP pruning should only be enabled on VTP servers, all the clients in the VTP domain will automatically enable VTP pruning -> C is correct.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

What must be configured on a Cisco switch in order to advertise VLAN information?

A. VTP mode
B. VTP password
C. VTP revision number
D. VTP pruning
E. VTP domain name

A

Answer: E

Explanation

A Cisco switch needs a VTP domain name to advertise VLAN information to other switches and it must be configured on a Cisco switch.

Note: If a switch is configured as a VTP server without a VTP domain name, you cannot configure a VLAN on the switch

60
Q

Refer to the exhibit. VTP has been enabled on the trunk links between all switches within the Certprepare domain. An administrator has recently enabled VTP pruning. Port 1 on Switch 1 and port 2 on Switch 4 are assigned to VLAN 2. A broadcast is sent from the host connected to Switch 1. Where will the broadcast propagate?

VTP_pruning_broadcast.jpg

A. Every switch in the network receives the broadcast and will forward it out all ports.
B. Every switch in the network receives the broadcast, but only Switch 4 will forward it out port 2.
C. Switches 1, 2, and 4 will receive the broadcast, but only Switch 4 will forward it out port 2.
D. Only Switch 4 will receive the broadcast and will forward it out port 2.

A

Answer: C

Explanation

With VTP pruning enabled network-wide, switch 2 and switch 4 automatically use VTP to learn that none of the switches in the lower-left part of the figure have any ports assigned to VLAN 10. As a result, switch 2 and switch 4 prune VLAN 2 from the trunks connected to these switches. The pruning causes switch 2 and switch 4 to not send frames in VLAN 2 out these trunks -> Switches 3, 5 and 6 will not receive the broadcast while Switch 4 will receive it and forward out to port 2 -> C is correct.

62
Q

Switch R1 is part of the Company VTP domain. What’s true of VTP Pruning within this domain?

A. It does not prune traffic from VLANs that are pruning-ineligible
B. VLAN 1 is always pruning-eligible
C. It will prune traffic from VLANs that are pruning-ineligible
D. VLAN 2 is always pruning-ineligible

A

Answer: A

Explanation

VLAN 1 and VLANs 1002 to 1005 are always pruning-ineligible; traffic from these VLANs cannot be pruned. Extended-range VLANs (VLAN IDs greater than 1005) are also pruning-ineligible -> A is correct.

63
Q

Switch R1 has been configured with DTP using the desirable option. Which statement describes Dynamic Trunking Protocol (DTP) desirable mode?

A. The interface actively attempts to convert the link to a trunk link.
B. The interface is put into permanent trunking mode but prevented from generating DTP frames.
C. The interface is put into permanent trunking mode and negotiates to convert the link into a trunk link.
D. The interface is put into a passive mode, waiting to convert the link to a trunk link.

A

Answer: A

Explanation

Note: If an interface is set to switchport mode dynamic desirable, it will actively attempt to convert the link into trunking mode. If the peer port is configured as switchport mode trunk, dynamic desirable, or dynamic auto mode, trunking is negotiated successfully.

64
Q

Refer to the exhibit. What happens when the switch SW2 is connected to the rest of the network in the VTP domain Lab_Network?

VTP_show_vtp_status.jpg

A. The recently introduced switch SW2 adds one more VLAN to the VLAN database in the VTP domain.
B. The recently introduced switch SW2 creates a STP loop in the VTP domain.
C. The recently introduced switch SW2 removes all configured VLANs throughout the VTP domain.
D. The recently introduced switch SW2 switches over to VTP transparent mode in order to be included into the VTP domain.
E. A trunk should be configured between the two switches in order to integrate SW2 into the VTP domain.

A

Answer: C

Explanation

The Configuration Revision number of SW2 is higher than that of SW1 (147 > 47) and SW2 is operating in Client mode so it can send update to other switches. The result is SW1 and other switches in that VTP domain will remove their current VLAN information and copy VLAN information from SW2.

65
Q

What is the default VTP advertisement for subset advertisements in Catalyst switches that are in server or client mode?

A. 30 seconds
B. 5 minutes
C. 1 minute
D. 10 seconds
E. 5 seconds

A

Answer: B

Explanation

Subset advertisements list the specific changes that have been performed, such as creating or deleting a VLAN, suspending or activating a VLAN, changing the name of a VLAN, and changing a VLAN’s maximum transmission unit (MTU), status of the VLAN, VLAN type (such as Ethernet or Token Ring), length of the VLAN name, VLAN number, security association identifier (SAID) value. Summary advertisements are sent out every 300 seconds (5 minutes) by default.

66
Q

The network operations center has received a call stating that users in VLAN 107 are unable to access resources through Router 1. From the information contained in the graphic, what is the cause of this problem?

VTP_pruning_VLAN.jpg

A. VLAN 107 does not exist on switch A.
B. VTP is pruning VLAN 107.
C. VLAN 107 is not configured on the trunk.
D. Spanning tree is not enabled on VLAN 107.

A

Answer: B

Explanation

From the “VLANs in spanning tree forwarding state and not pruned” we can deduce that VLAN 107 is currently pruned on switch A.

67
Q

Two Company switches are connected via a trunk using VTP. Which VTP information does a Catalyst switch advertise on its trunk ports when using VTP? (Choose two)

A. STP root status
B. VTP mode
C. Negotiation status
D. Management domain
E. Configuration revision number

A

Answer: D E

69
Q

How does VTP pruning enhance network bandwidth?

A. by restricting unicast traffic to across VTP domains
B. by reducing unnecessary flooding of traffic to inactive VLANs
C. by limiting the spreading of VLAN information
D. by disabling periodic VTP updates

Image in question is second image in explanation

A

Answer: B

Explanation

VTP Pruning makes more efficient use of trunk bandwidth by forwarding broadcast and unknown unicast frames on a VLAN only if the switch on the receiving end of the trunk has ports in that VLAN.

The following example shows the operation of a VTP domain without and with VTP Pruning.

Without VTP Pruning:

VTP_Pruning_example.jpg

VTP domain without VTP Pruning

When PC A sends a broadcast frame on VLAN 10, it travels across all trunk links in the VTP domain. Switches Server, Sw2, and Sw3 all receive broadcast frames from PC A. But only Sw3 has user on VLAN 10 and it is a waste of bandwidth on Sw2. Moreover, that broadcast traffic also consumes processor time on Sw2. The link between switches Server and Sw2 does not carry any VLAN 10 traffic so it can be “pruned”.

VTP_Pruning_Enabled.jpg

VTP domain with VTP Pruning

-> B is correct.

70
Q

A switch that is to be added to the production network has been preconfigured (trunks, VLANs, VTP, and STP) and was tested in your lab. After installing the switch into the network, the entire network went down. What might explain what happened?

A. The new switch happened to be running Cisco Catalyst operating system, while the other network switches were running Cisco IOS Software.
B. The configuration revision of the new switch was higher than the configuration revision of the production VTP domain.
C. The link costs on the new switch are set to a high value, causing all ports on the new switch to go into a forwarding mode and none into blocking mode, thereby causing a spanning-tree loop.
D. The ports connecting to the two switches have been configured incorrectly. One side has the command switchport mode access and the other switchport mode trunk.

A

Answer: B

Explanation

If the configuration revision number of the new switch is higher than that of the rest of Cisco switches and it is in Client or Server mode with the same VTP domain then it can wipe out other switches’ VLAN information. This is a nightmare if you are working for a large company and it can make you to lose your job so please remember this: always set your newly added Cisco switch to VTP Transparent mode before plugging into your working network. This step also resets the Configuration Revision Number of that switch back to 0, which is safe to plug into your network.

71
Q

Switch R1 and R2 both belong to the Company VTP domain. What’s true about the switch operation in VTP domains? (Choose two)

A. A switch can only reside in one management domain
B. A switch is listening to VTP advertisements from their own domain only
C. A switch is listening to VTP advertisements from multi domains
D. A switch can reside in one or more domains
E. VTP is no longer supported on Catalyst switches

A

Answer: A B

Explanation

A VTP domain (also called a VLAN management domain) is made up of one or more network devices that share the same VTP domain name and that are interconnected with trunks. A network device can be configured to be in one and only one VTP domain -> A is correct.

If the switch receives a VTP advertisement over a trunk link, it inherits the management domain name and the VTP configuration revision number. The switch ignores advertisements with a different management domain name or an earlier configuration revision number -> B is correct.

(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/vtp.html)

Note: Just for your information, if a switch has not belonged to any VTP domain yet and it receives a VTP advertisement with a VTP domain (whose password is not set), it will join that domain automatically.

73
Q

VTP devices in a network track the VTP revision number. What is a VTP configuration revision number?

A. A number for identifying changes to the network switch.
B. A number for identifying changes to the network router.
C. A number for identifying changes to the network topology.

A

Answer: C

74
Q

The Company switches are configured to use VTP. What’s true about the VLAN trunking protocol (VTP)? (Choose two)

A. VTP messages will not be forwarded over nontrunk links.
B. VTP domain names need to be identical. However, case doesn’t matter.
C. A VTP enabled device which receives multiple advertisements will ignore advertisements with higher configuration revision numbers.
D. A device in “transparent” VTP v.1 mode will not forward VTP messages.
E. VTP pruning allows switches to prune VLANs that do not have any active ports associated with them.

A

Answer: A D

Explanation

Answer A is obviously correct as VTP advertisements only travel through trunk ports.

VTP domain names are case-sensitive. That means the domain “certprepare” is different from “Certprepare”. There is no exception -> B is not correct.

A VTP enabled device which receives multiple advertisements will update (not ignore) advertisements with higher configuration revision numbers, provided that it has the same VTP domain name and password -> C is not correct.

Answer D is not clear. In VTP Version 1, a VTP transparent switch inspects VTP messages for the domain name and version and forwards a message only if the version and domain name match. Because VTP Version 2 supports only one domain, it forwards VTP messages in transparent mode without inspecting the version and domain name. So in this case we don’t have enough information to conclude about answer D.

Answer E is not clear too. VTP will prune VLANs on trunks connected to switches that do not have ports associated with the VLANs. I am not sure what Cisco wants to say in answer E.

But if we consider answer E to be incorrect then the best answers should be A and D.

VTP_Pruning_Enabled.jpg

(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_50_se/configuration/guide/swvtp.html#wp1035121)

75
Q

VTP switches use advertisements to exchange information with each other. Which of the following advertisement types are associated with VTP? (Choose three)

A. Domain advertisements
B. Advertisement requests from clients
C. Subset advertisements
D. Summary advertisements

A

Answer: B C D

Explanation

All VTP packets contain these fields in the header:

* VTP protocol version: 1, 2, or 3
* VTP message types:
1) Summary advertisements (inform adjacent Catalysts of the current VTP domain name and the configuration revision number)
2) Subset advertisement (is sent following the summary advertisement and contains a list of VLAN information)
3) Advertisement requests (is needed in the case it is reset, the VTP domain name has been changed or it has received a VTP summary advertisement with a higher configuration revision than it own).

(For more information about these VTP types, please read: http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml)

4) VTP join messages (similar to the Advertisement request messages but with a different Message Type field value and a few more parameters, including VTP domain name, and a VLAN bit string. If the bit is set, flooded traffic for that VLAN should be received on that trunk. Each trunk port maintains a state variable per VLAN – Joined/Pruned. If the state is Joined, the trunk port is allowed to send broadcast and flooded unicast traffic on this VLAN. If the state is Pruned, the trunk port will not send the broadcast or flooded unicast traffic on this VLAN. VTP join messages are sent when the VTP Client first joins a VTP domain to inform the VTP Servers about its existence in that VTP domain).
* Management domain length
* Management domain name

76
Q

The lack of which two prevents VTP information from propagating between switches? (Choose two)

A. A root VTP server
B. A trunk port
C. VTP priority
D. VLAN 1

A

Answer: B D

Explanation

VTP advertisements only travel through trunk ports -> B is correct.

VLAN 1 is a special VLAN selected by design to carry specific information such as CDP (Cisco Discovery Protocol), VTP, PAgP and DTP. This is always the case and cannot be changed. Cisco recommends not to use VLAN 1 as a standard VLAN to carry network data -> D is correct.

77
Q

Which two DTP modes will permit trunking between directly connected switches? (Choose two)

A. dynamic desirable (VTP domain A) to dynamic desirable (VTP domain A)
B. dynamic desirable (VTP domain A) to dynamic desirable (VTP domain B)
C. dynamic auto (VTP domain A) to dynamic auto (VTP domain A)
D. dynamic auto (VTP domain A) to dynamic auto (VTP domain B)
E. dynamic auto (VTP domain A) to nonegotiate (VTP domain A)
F. nonegotiate (VTP domain A) to nonegotiate (VTP domain B)

A

Answer: A F

Explanation

Below is the switchport modes for easy reference:

Mode Function
Dynamic Auto Creates the trunk based on the DTP request from the neighboring switch.
Dynamic Desirable Communicates to the neighboring switch via DTP that the interface would like
to become a trunk if the neighboring switch interface is able to become a trunk.
Trunk Automatically enables trunking regardless of the state of the neighboring switch
and regardless of any DTP requests sent from the neighboring switch.
Access Trunking is not allowed on this port regardless of the state of the neighboring
switch interface and regardless of any DTP requests sent from the neighboring
switch.
Nonegotiate Forces the port to permanently trunk but prevents the interface from generating
DTP frames. This command can be used only when the interface switchport mode
is access or trunk. You must manually configure the neighboring interface as a
trunk interface to establish a trunk link.
Note: If an interface is set to switchport mode dynamic desirable, it will actively attempt to convert the link into trunking mode. If the peer port is configured as switchport mode trunk, dynamic desirable, or dynamic auto mode, trunking is negotiated successfully -> A is correct.

B is not correct because 2 dynamic desirable mode in 2 different VTP domains cannot create a trunk link.

Dynamic auto waits to receive DTP from the neighbor so if 2 interfaces are set to this mode, none of them will receive DTP frames -> C and D are not correct.

A port in Nonegotiate mode can be set to access or trunk port mode but it will not send DTP. Dynamic auto also does not send DTP -> a trunk link cannot be created -> E is not correct.

Also, when setting ports to nonegotiate, that port will not send DTP. We can set both interfaces to trunk link -> a trunk link can be created between two different VTP domains -> F is correct.

79
Q

The Company switches have all been upgraded to use VTP version 2. What are two benefits provided in VTP Version 2 that are not available in VTP Version 1? (Choose two)

A. VTP version 2 supports Token Ring VLANs.
B. VTP version 2 allows VLAN consistency checks.
C. VTP version 2 saves VLAN configuration memory.
D. VTP version 2 reduces the amount of configuration necessary.
E. The VTP version 2 allows active redundant links when used with spanning tree.

A

Answer: A B

Explanation

The major difference is that VTP V2 introduces support for Token Ring VLANs. If you use Token Ring VLANs, you must enable VTP V2 -> A is correct.

In VTP version 2, VLAN consistency checks (such as VLAN names and values) are performed only when you enter new information through the command-line interface (CLI) or Simple Network Management Protocol (SNMP). Consistency checks are not performed when new information is obtained from a VTP message or when information is read from NVRAM. If the digest on a received VTP message is correct, its information is accepted without consistency checks -> B is correct.

(Reference: http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml)

80
Q

Switch R1 is configured to use the VLAN Trunking Protocol (VTP). What does R1 advertise in its VTP domain?

A. The VLAN ID of all known VLANs, the management domain name, and the total number of trunk links on the switch.
B. The VLAN ID of all known VLANs, a 1-bit canonical format (CF1 Indicator), and the switch configuration revision number.
C. The management domain name, the switch configuration revision number, the known VLANs, and their specific parameters.
D. A 2-byte TPID with a fixed value of 0×8100 for the management domain number, the switch configuration revision number, the known VLANs, and their specific parameters.

A

Answer: C

Explanation

VTP advertises its management domain name, the switch configuration revision number, the known VLANs, and their specific parameters -> C is correct.

Note: IEEE 802.1Q VLAN (not VTP) tag uses the tag protocol identifier (TPID) field to identify the protocol type. The Default TPID value in IEEE 802.1Q, is 0×8100 -> D is not correct.

81
Q

Which two statements correctly describe VTP? (Choose two.)

A. Transparent mode always has a configuration revision number of 0.
B. Transparent mode cannot modify a VLAN database.
C. Client mode cannot forward received VTP advertisements.
D. Client mode synchronizes its VLAN database from VTP advertisements.
E. Server mode can synchronize across VTP domains.

A

Answer: A D

82
Q

Command to show interfaces that VTP is enabled on?

A

switch#show vtp interfaces

83
Q

Command to show switches participating in VTP?

A

switch#show vtp devices

(requires vtp v3)

84
Q

Command to show the vtp password

A

switch#show vtp password

85
Q

Command to show vtp statistics

A

switch#show vtp counters

86
Q

Several new switches have been added to the existing network as VTP clients. All of the new switches have been configured with the same VTP domain, password, and version. However, VLANs are not passing from the VTP server (existing network) to the VTP clients. What must be done to fix this?

A

Ensure that all switch interconnects are configured as trunks to allow VTP information to be transferred

87
Q

After implementing VTP, the extended VLANs are not being propagated to other VTP switches. What should be configured for extended VLANs?

A

Enable VTP version 3, which supports extended VLAN propagation

88
Q

Which technique automatically limits VLAN traffic to only the switches that require it?

A

VTP pruning

89
Q

Switch A, B, and C are trunked together and have been properly configured for VTP. Switch C receives VLAN information from the VTP server Switch A, but Switch B does not receive any VLAN information. What is the most probable cause of this behavior?

A

Switch B is configured in transparent mode

90
Q

A network is running VTPv2. After verifying all VTP settings, the network engineer notices that the new switch is not receiving the list of VLANs from the server. Which action resolves this problem?

A

Verify connected trunk ports.

91
Q

After configuring new data VLANs 1020 through 1030 on the VTP server, a network engineer notices that none of the VTP clients are receiving the updates. What is the problem?

A

The VTP version number must be set to version 3.

92
Q

A network engineer is extending a LAN segment between two geographically separated data centers. Which enhancement to a spanning-tree design prevents unnecessary traffic from crossing the extended LAN segment?

A

Use VTP pruning on the trunk interfaces

93
Q

When you design a switched network using VTPv2, how many VLANs can be used to carry user traffic?

A

1001

94
Q

A new network that consists of several switches has been connected together via trunking interfaces. If all switches currently have the default VTP domain name “null”, which statement describes what happens when a domain name is configured on one of the switches?

A

VTP summary advertisements are sent out of all ports with the new domain name.

95
Q

Which VTP mode is needed to configure an extended VLAN, when a switch is configured to use VTP versions 1 or 2?

A

Extended VLANs are only supported in version 3 and not in versions 1 or 2

96
Q

Which VLAN range is eligible to be pruned when a network engineer enables VTP pruning on a switch?

A

VLANs 2-1001

97
Q

Which feature must be enabled to eliminate the broadcasting of all unknown traffic to switches that are not participating in the specific VLAN?

A

VTP pruning

98
Q

Switch1(config)#vlan 10
VTP vlan configuration not allowed when device is in CLIENT mode.
Switch1#show interfaces trunk
Switch1#

The users in an engineering department that connect to the same access switch cannot access the network. The network engineer found that the engineering VLAN is missing from the database. Which action resolves this problem?

A

Change VTP mode to server and enable 802.1q.

99
Q

The network switches for two companies have been connected and manually configured for the required VLANs, but users in company A are not able to access network resources in company B when DTP is enabled. Which action resolves this problem?

A

Manually force trunking with switchport mode trunk on both switches

100
Q

A network engineer must improve bandwidth and resource utilization on the switches by stopping the inefficient flooding of frames on trunk ports where the frames are not needed. Which Cisco IOS feature can be used to achieve this task?

A

VTP pruning

101
Q

Which action allows a network engineer to limit a default VLAN from being propagated across all trunks?

A

Manually prune default VLAN with switchport trunk allowed vlans remove.

102
Q

Switch A, B, and C are trunked together and have been properly configured for VTP. Switch B has all VLANs, but Switch C is not receiving traffic from certain VLANs. What would cause this issue?

A

VTP pruning is configured globally on all switches and it removed VLANs from the trunk interface that is connected to Switch C.

103
Q

You are connecting the New_Switch to the LAN topology; the switch has been partially configured and you need to complete the rest of configuration to enable PC1 communication with PC2. Which of the configuration is correct?

A

vtp domain CCNP
vtp password cisco
vtp version 3
vtp mode client
interface e0/0
switchport mode access
switchport access vlan 100

105
Q

Examine the VTP configuration. You are required to configure private VLANs for a new server deployment connecting to the SW4 switch. Which of the following configuration steps will allow creating private VLANs?

A

Disable VTP pruning on SW4 only

(as this implies putting SW4 in Transparent mode)

106
Q

What are some Private VLAN restrictions?

A

Private VLAN Restrictions:

  • MUST be in VTP Transparent mode (except in VTPv3)
  • Must select unused VLANs for Primary and Secondary assignment
  • PVLAN configuration must be consistent across all switches to trunk properly as only the secondary VLAN is transmitted across the link.
  • Etherchannel must not have any PVLAN configuration
107
Q

What is new in VTPv3?

A

VTPv3 supports the following now:

  • Extended VLAN support: VTP can be used to also propagate VLANs with numbers 1017-4094 (1006-1017 and 4095-4096 are reserved).
  • Domain name is not automatically learned: With VTPv2, a factory default switch that receives a VTP message will adapt the new VTP domain name. Since this action is a very dangerous behavior, VTPv3 forces manual configuration.
  • Better security: The VTP domain password is secured during transmission and in the switch database.
  • Better database propagation: Only the primary server is allowed to update other devices and only one server per VTP domain is allowed to have this role.
  • MST support: VTPv3 adds support for propagation of MST instances.

Primary Server concept.

Backward compatible with Version 2 on a per-link basis (as long as you are not using it to propagate private or extended VLANs.)

108
Q

What does VTP stand for?

A

VLAN Trunking Protocol

109
Q

What is VTP?

A

VTP is a Cisco proprietary protocol that was created to propagate VLAN information on all switches in the domain.

110
Q

How does the revision system work in VTP?

A

In VTP, every time a new change is done to VLANs, a revision number on the switch is increased. Highest revision wins so any switch receiving an update with a higher revision number than its own will replace its vlan information with the advertised data.

111
Q

What are the minimum requirements to run VTP?

A
  1. All switches need to be in the same VTP domain.
  2. Switches must be connected via VLAN trunks.
  3. Switches must have the same VTP password.
  4. Switches must communicate with the same version of VTP across a link.
112
Q

What is new in VTPv2?

A
  • Version-dependent transparent mode: In VTP version 1, a VTP transparent network device inspects each VTP message for the domain name, and version, and forwards a message only if the version and domain name match. Because only one domain is supported in the supervisor engine software, VTP version 2 forwards VTP messages in transparent mode, without checking the version.
  • Consistency check: In VTP version 2, VLAN consistency checks, such as VLAN names and values, are performed. However, this check is only done when you enter information through the CLI or SNMP. Consistency checks are not performed when new information is obtained from a VTP message or when information is read from NVRAM. If the digest on a received VTP message is correct, its information is accepted without consistency checks.
  • Token ring support: VTP version 2 supports Token Ring LAN switching and VLANs.
  • Unrecognized TLV support: VTP version 2 switches propagate received configuration change messages out other trunk links, even if they are not able to understand the message. Instead of dropping the unrecognized VTP message, version 2 still propagates the information and keeps a copy in NVRAM.
113
Q

What is a VTP Server?

A

A VTP Server are switches that can add or remove VLANs.

114
Q

What is a VTP Client?

A

A VTP Client are switches that can only receive VLAN updates.

115
Q

What is VTP Transparent?

A

VTP Transparent is a mode that tells switches to hear and pass VTP messages, but not to use it.

116
Q

What is VTP Off?

A

VTP Off is a feature only available in VTPv3. It tells switches to turn off VTP as well, but to also reject VTP messages instead of passing it through.

117
Q

What is a VTPv3 Primary Server?

A

A VTPv3 Primary Server is an elected switch in a domain that is allowed to update the VLAN Database. There can only be one Primary Server switch.

118
Q

How do you promote a new VTPv3 Primary Server?

A

The only way to promote a new Primary Server in VTPv3 is to demote the existing one.

119
Q

What is a VTPv3 Secondary Server?

A

A VTPv3 Secondary Server is similar to a VTP Client in the sense that it is not allowed to do any manual changes of VLANs.

120
Q

What is VTP Pruning?

A

VTP Pruning is a feature in VTP that dynamically allows trunks to remove VLANs if they are not going to be used across the link. This saves resources for any broadcast traffic.

121
Q

What are the VTP Pruning Rules?

A

VTP Pruning Rules

  1. VLAN is activated on a switch (an access port joins the domain)
  2. Triggered Join will be sent out all Forwarding Ports of that switch.
  3. The switch RECEIVING the Triggered Join AND the port is forwarding will UNLOCK the prune state for that port on that VLAN.
  4. The switch SENDING the Triggered Join does not get out of pruned state until it also receives a Triggered Join by the switch (thus establishing a requirement for bidirectional communication).
122
Q

What configuration command changes the VTP version?

A

Switch# vtp version <#>

123
Q

What configuration command disables VTP entirely in VTPv3?

A

Switch(config)# no vtp

Switch(config-if)# no vtp

124
Q

What configuration commands set VTP password?

A

Switch# vtp password <password> (clear-text)</password>

Switch(config)# vtp password <password> (clear-text)</password>

Switch(config)# vtp password <password> hidden</password>

Switch(config)# vtp password <32-hex> secret

Last option is used if copying a generated hidden password from other devices.

125
Q

What configuration command changes the VTP mode?

A

Switch(config)# vtp mode transparent

126
Q

What configuration command sets up a primary server in VTPv3?

A

Switch# vtp primary vlan

127
Q

What configuration command enabled *VTP Pruning*?

A

Switch(config)# vtp pruning

128
Q

Why does Cisco recommend Transparent mode?

A

VTP can be a liablity in a large network. An accidental vlan deletion could be destructive.

129
Q

What are the default VTP values for a switch?

A

The following is a common set of default VTP values on Cisco Catalyst switches:

  • VTP domain name: <null></null>
  • VTP mode: Server mode
  • VTP password: None
  • VTP version: Version 1
  • Configuration Revision: 0
130
Q

How do you set a VTP domain back to <null>?</null>

A

Only way is to delete the vlan database.

131
Q

True/False - a VTP domain can be autoconfigured?

A

True (v1 and v2 only)

By default, a Cisco Catalyst switch is in the no-management-domain state or “<null>" until it receives an advertisement for a domain over a trunk link or until you configure a management domain.</null>

v3 removes that functionality.

132
Q

What switchport types will VTP run on?

A

Trunk only

133
Q

Why don’t VTP v1 and v2 support extended vlans (excluding Transparent mode)?

A

They were designed to work with ISL

134
Q

What takes higher priority, vlan.dat or startup config?

A
  • The VLAN database (vlan.dat) is stored in NVRAM
  • If during startup the VTP mode is detected as transparent, the VLANs are loaded from the startup-config and the VLAN database contents are ignored
  • Does not merge VLAN databases and only overwrites by comparing the MD5 hash
  • The highest revision # will win and overrides the other switches database (see Pruning / Auth / Misc)
  • Devices with same revision number will not update each other when first coming online, because the hash is different
  • Fix this by creating and deleting a VLAN which will increment the revision # by 2
  • VTP authentication alters the MD5 hash of the database (see Pruning / Auth / Misc)
  • The VLAN database name can be changed with the vtp file command, this does not create a new database and will only change the name
135
Q

Define VTP pruning

A

VTP process that prevents the flow of broadcasts and unknown unicast Ethernet frames in a VLAN from being sent to switches that have no ports in that VLAN

136
Q

What is the default VTP state?

A

VTP server for domain null with no password or secure mode

137
Q

Does VTP pass private VLAN configuration?

A

no

138
Q

If a switch recieves a VTP advertisement with a lower configuration revision number, what will it do?

A

It will send the originator an update containing its higher revision number.

139
Q

Is VTP version 1 compatible with version 2? How do you enable version 2 across an entire VTP domain?

A

-No, version 2 is NOT compatible with version 1.-Enabling VTP version 2 on the VTP server will enable it on all connected domain members capable of supporting it.

140
Q

What is VTP?

A

VLAN Trunking Protocol, Cisco proprietary.

141
Q

What are the three types of VTP advertisements?

A

-Summary, send every 300 seconds or when a change occurs(like a heads-up)-Subset, sent only when changes occur, and contain only the changes.-Request, sent when a client needs info (like when it reboots or changes domains)

142
Q

VTP advertisements are sent as what type of frame? (Unicast, Broadcast, Multicast?)

A

Multicast frames when there is a change.

143
Q

How do you enable vtp pruning?

A

(config)vtp pruning. Done on the server, this will enable it for an entire domain.

144
Q

What are the three roles for a VTP switch?

A

-Server, create delete and rename.-Client, cannot make changes.-Transparent, local only create delete and rename.

145
Q

What VTP version do switches use by default?

A

Version 1.

146
Q

How often does VTP send out advertisements, by default, and what do they contain?

A

Every 5 minutes, they contain the configuration revision number.

147
Q

What are the differences between VTP version 1 and version 2?

A

Version 2 supports Token Ring VLANs, transparent switches will pass both versions, and consistency checks are only performed when changes are manually configured.

148
Q

What is the command to remove a VTP password from a VTP Domain?

A

(config)no vtp password

149
Q

A network engineer wants to ensure Layer 2 isolation of customer traffic using a private VLAN. Which configuration must be made before the private VLAN is configured?

A

Configure VTP Transparent Mode.

150
Q

What is *Manual Pruning*?

A

Manual Pruning is the kind of pruning that occurs without utilizing VTP to do it dynamically.

151
Q

What configuration command manually prunes VLANs on a trunk link?

A

Switch(config-if)# switchport trunk allowed vlan remove <vlan-list></vlan-list>

152
Q

What configuration command prevents a VLAN from being pruned via VTP?

A

Switch(config-if)# switchport trunk pruning vlan remove <vlan-list></vlan-list>