VTP Flashcards
What is the purpose of the VTP client advertisement request?
It allows a client device to request VTP summary and subset advertisement from the server.
What does the VTP summary advertisement carry?
Synchronization information. Domain name, CRN, VTP version, MD5 hash code, timestamp, and the number of subset advertisements to follow.
What does the VTP subset advertisement carry?
Updated VLAN information.
What is VTP Pruning?
If a VLAN is not present on any ports on a switch, VTP will automatically remove that VLAN from trunks leading to that switch.
VTP version 3 introduced ___, ___. ___ and ___.
The “off” mode, the primary server, encrypted passwords and support for all VLANs.
List the VTP versions.
Versions 1, 2 and 3. 1 is ran by default.
List the three VTP advertisement types.
Summary advertisements, subset advertisements, client advertisement requests.
In VTP, client devices can still make changes when they send a ___.
Full summary advertisement.
Define the CRN.
Configuration revision number. In VTP, the advertisement with the highest CRN is used. The CRN is incremented on a switch whenever a VLAN change is made.
List the VTP roles.
Server, client, transparent, off.
To participate in VTP, devices must be part of the same ___ and have the correct ___.
VTP domain and VTP password.
Briefly describe VTP.
VLAN trunking protocol. Replicates VLANs across devices in a whole network.
Which command will show VTP config information?
Show VTP status
Each switch can only be in one ___.
VTP domain.
What VTP version do switches run in by default?
VTP version 1.
What is the default VTP domain?
“Null”. Will still run VTP.
Are VTP domains case sensitive?
Yes.
Describe the VTP server mode.
The switch will send out VTP subset advertisements. Only one serve is allowed in later VTP versions.
Describe the VTP client mode.
The switch will listen for VTP subset advertisements and update it’s VLANs accordingly.
Describe the VTP transparent mode.
The switch will ignore VTP packets but will forward them along.
Describe the VTP off mode.
The switch will ignore VTP packets and will not forward them. Only available in version 3.
Will a client switch ever send a VTP advertisement?
Yes, when it first boots and enters a domain. This can affect the network.
What port types are VTP advertisements sent over?
Trunk ports.
When is a VTP summary advertisement sent?
Every 5 minutes or whenever any changes are made to the VLAN database.
What happens when the CRN for an advertisement matches the CRN of the recieving switch?
The advertisement will be rejected.
The CRN is incremented ___ the VTP advertisement is sent.
Before.
What are two ways to reset the CRN number?
Change the VTP domain to a non-existent domain and then change it back; change the VTP mode to transparent and then back. ALWAYS VERIFY.
When are subset advertisements sent?
Whenever a change to the VLAN database is made.
Can local VLAN changes be made to a VTP mode client device?
No, changes can only be made on a server, transparent, or off mode device.
When would a VTP client advertisement request be needed?
When the client device’s VLAN database is corrupted or deleted.
What’s the difference between transparent mode in version 1 and 2?
In version 1 transparent mode will only forward VTP advertisements within its own domain, in version 2 transparent mode will forward all VTP advertisements.
VTP version 3 allows you to configure VTP on a ___ by ___ basis.
Port by port.
In VTP versions 1 and 2, which file can the VTP password be viewed in?
the VLAN.dat file. This was fixed in VTP version 3.
How does VTP version 3 fix the VTP synch issue?
With the introduction of the primary server. Only the primary server can make changes to other switch’s VLAN databases.
How do you make a switch the primary VTP server?
With the “VTP primary” command.
Which VLAN are VTP advertisements sent across?
The untagged VLAN.
Which VTP versions are compatible?
VTP versions 2 and 3 are “compatible”. VTP version 1 is not compatible with any other version.
What’s the command to enable VTP pruning?
“VTP pruning” from global config mode. Can be edited on a port-by-port basis.
What are the 3 modes of VTP?
Client- 1. Can’t modify, create of delete VLANs. 2. Forwards advertisments. 3. Only sends advertisements at bootup.
Server- Can modify, create of delete VLANs. 2. Originate VTP advertisments. 3. Accepts advertisements from Servers/Clients
Transparent- 1. Can modify, create of delete VLANs. 2. Does NOT advertise anything. 3. Forwards advertisments from other switches (does not look at them)
- Same as disabling VTP
- Needed for private VLAN. (can’t do private VLAN and VTP)
- Needed for extended VLAN 1006-4094
What does VTP do?
- Cisco Proprietary
- Used to Dynamicly to manage VLANs across multiple switches.
How does VTP Work?
- All Switches must belong to the same domain to exchange info.
- Server is the default mode.
- Highest revision # is considered newest DB. (a switch in client mode could update VLAN DB at bootup with higher Revision #)
- VTP is only advertised over Trunk Ports
Describe VTP version 1
- Supports VLAN 1-1005
- If a switch with version 1 detects a switch with version 3, the switch with version 1 will try to upgrade itself.
Describe VTP version 2
- supports VLAN 1-1005
- Consistenty checks when changes are made to VLAN or VTP configuration
- Transparent VTP switches will forward advertisments via trunk enen if domain name is different
Describe VTP version 3
- Into off mode
- able to disable VTP at port level
- Secure Mode
- Hidden (hash, not visable)
- Secret (encrypted)
- VTP Primary Server Feature
- Supports VLAN 1-4094
- Supports Private VLAN
What are 2 ways to reset the VTP reversion #?
- Change Domain Name
- Change mode to Transparent and back to desirered mode.
What are the 3 VTP advertisments types?
- Summary advertisments
- Subset advertisments
- client advertisment request
What do VTP summary advertisments contain?
- Domain
- Config Revision #
- MD5
- Timestamp
How often are VTP Summary advertisments sent?
- Every 5 minutes by VTP Server
- Everytime a DB change
What are VTP subset advertisments?
VLAN Config change
When would a VTP client advertisment request be sent?
- If the client switch VLAN DB comes corrupt
- If client DB get deleted
What is VTP Prunning?
When enabled a switch will not send broadcast, multicast and unicast down a trunk to another switch when it knows there is not a port with that VLAN on it.
What is the command to enable VPT Prunning?
(config)#vtp pruning
The network operations center has received a call stating that Users in VLAN 107 are unable to access resources through R1. From the information contained in the graphic, what is the cause of this problem?
vtp_pruning
vtp_pruning_output.jpg
A – spanning tree is not enabled on VLAN 107
B – VTP is pruning VLAN 107
C – VLAN 107 does not exist on switch SA
D – VLAN 107 is not configured on the trunk
Exhibit 2 on answer slide
Answer: B
Explanation:
“VLAN allowed on trunk” – Each trunk allows all VLANs by default. However, administrator can remove or add to the list by using the “switchport trunk allowed” command.
“VLANs allowed and active in management” – To be active, a VLAN must be in this list.
“VLANs in spanning tree forwarding state and not pruned” – This list is a subset of the “allowed and active” list but with any VTP-pruned VLANs removed.
All VLANs were configured except VLAN 101 so D is not correct. VLAN 107 exists in the “allowed and active” section so A and C are not correct, too. In the “forwarding state and not pruned” we don’t see VLAN 107 so the administrator had wrongly configured this VLAN as pruned.
Question 3:
The network administrator needs to enable VTP pruning within the network. What action should a network administrator take to enable VTP pruning on an entire management domain?
A – enable VTP pruning on every switch in the domain
B – enable VTP pruning on any client switch in the domain
C – enable VTP pruning on any switch in the management domain
D – enable VTP pruning on a VTP server in the management domain
Answer: D
Exhibit 2 on answer slide
Study the diagram below carefully, which three statements are true? (Choose three)
dtp_diagram
dtp
A – DTP packets are sent from Switch SB.
B – DTP is not running on Switch SA.
C – A trunk link will be formed.
D – The native VLAN for Switch SB is VLAN 1.
Answer: A C D
Explanation:
Dynamic Trunking Protocol (DTP) is the Cisco-proprietary that actively attempts to negotiate a trunk link between two switches. If an interface is set to switchport mode dynamic desirable, it will actively attempt to convert the link into trunking mode. If the peer port is configured as switchport mode trunk, dynamic desirable, or dynamic auto mode, trunking is negotiated successfully -> C is correct.
SB is in “dynamic desirable” mode so it will send DTP packets to SA to negotiate a trunk link -> A is correct.
On an 802.1Q trunk, DTP packets are sent on the native VLAN. By default, it is VLAN 1 (notice that SA’s native VLAN is 5) -> D is correct.
(Note: an 802.1Q trunk’s native VLAN is the only VLAN that has untagged frames)
Below is the switchport modes for easy reference:
Mode Function
Dynamic Auto Creates the trunk based on the DTP request from the neighboring switch.
Dynamic Desirable Communicates to the neighboring switch via DTP that the interface would like
to become a trunk if the neighboring switch interface is able to become a trunk.
Trunk Automatically enables trunking regardless of the state of the neighboring switch
and regardless of any DTP requests sent from the neighboring switch.
Access Trunking is not allowed on this port regardless of the state of the neighboring
switch interface and regardless of any DTP requests sent from the neighboring
switch.
Nonegotiate Prevents the interface from generating DTP frames. This command can be
used only when the interface switchport mode is access or trunk. You must
manually configure the neighboring interface as a trunk interface to establish a
trunk link.
Two switches SA and SB are connected as shown below. Given the below partial configuration, which two statements are true about VLAN traffic? (Choose two)
vtp_traffic
A – VLANs 1-5 will be blocked if fa0/10 goes down.
B – VLANs 6-10 have a port priority of 128 on fa0/10.
C – VLANs 6-10 will use fa0/10 as a backup only.
D – VLANs 1-10 are configured to load share between fa0/10 and fa0/12.
Answer: C D
Explanation:
Let’s assume that SA is the root bridge for all VLANs, it will make the explanation a bit clearer…
First we should understand what will happen if nothing is configured (use default values). Because we assumed that SA is the root bridge so all of its ports will forward. SB will need to block one of its ports to avoid a bridging loop between the two switches. But how does SB select its blocked port? Well, the answer is based on the BPDUs it receives from SA. A BPDU is superior than another if it has:
- A lower Root Bridge ID
- A lower path cost to the Root
- A lower Sending Bridge ID
- A lower Sending Port ID
These four parameters are examined in order. In this specific case, all the BPDUs sent by SA have the same Root Bridge ID, the same path cost to the Root and the same Sending Bridge ID. The only parameter left to select the best one is the Sending Port ID (Port ID = port priority + port index). If using default values, the default port priority’s value is 32 or 128 (128 is much more popular today but 32 is also a default port priority’s value), so SB will compare port index values, which are unique to each port on the switch, and because Fa0/12 is inferior to Fa0/10, SB will select the port connected with Fa0/10 (of SA) as its root port and block the other port.
vtp_traffic_explanation_blockFa012
To change the default decision of selecting root port, we can change the port priority of each interface. The above picture is true for VLAN 1-5 because port Fa0/10 has a lower port-priority so the peer port will be chosen as the root port. For VLAN 6-10, port Fa0/12 has higher priority ID (lower port priority value) so SB will block its upper port.
For answer A – “VLANs 1-5 will be blocked if fa0/10 goes down” – is not correct because if Fa0/10 goes down, SB will unblock its lower port therefore VLANs 1-5 will still operate.
For answer B – “VLANs 6-10 have a port priority of 128 on fa0/10″ – is not always correct because VLAN 6-10 can have a different port priority (of 32) according to the Cisco’s link below.
Answer C is correct because VLAN 6-10 uses Fa0/12 link as it main path. Fa0/10 is the backup path and is only opened when port Fa0/12 fails.
Answer D is correct because this configuration provide load-balance traffic based on VLAN basis. VLANs 1-5 use Fa0/10 and VLANs 6-10 use Fa0/12 as their main paths.
Note: We can not assure the answer B is always correct so we should choose C and D if the question asks us to give only 2 choices).
Reference (and good resource, too):
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96a.shtml
Regarding the exhibit and the partial configuration of switch SA and SB. STP is configured on all switches in the network. SB receives this error message on the console port:
00:06:34: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/5 (not half duplex), with SA FastEthernet0/4 (half duplex), with TBA05071417(Cat6K-B) 0/4 (half duplex).
What would be the possible outcome of the problem?
STP_mismatched_duplex.jpg
A – The root port on switch P4S-SB will fall back to full-duplex mode.
B – The interfaces between switches P4S-SA and P4S-SB will transition to a blocking state.
C – The root port on switch P4S-SA will automatically transition to full-duplex mode.
D – Interface Fa0/6 on switch SB will transit to a forwarding state and create a bridging loop.
Answer: D
Explanation:
From the output, we learned that the interfaces on two switches are operating in different duplex modes: Fa0/4 of SA in half-duplex mode & Fa0/5 of SB in full-duplex mode. In this case, because SB is operating in full duplex mode, it does not check the carrier sense before sending frames (CSMA/CD is not used in full-duplex mode). Therefore, SB can start to send frames even if SA is using the link and a collision will occur. The result of this is SA will wait a random time before attempting to transmit another frame. If B sends enough frames to A to make every frame sent from A (which includes the BPDUs) get dropped then SB can think it has lost root bridge (B does not receive BPDUs from A anymore). Therefore SB will unblock its Fa0/6 interface for transmitting and cause a bridging loop.
What action should a network administrator take to enable VTP pruning on an entire management domain?
A. Enable VTP pruning on any switch in the management domain.
B. Enable VTP pruning on any client switch in the management domain.
C. Enable VTP pruning on a VTP server in the management domain.
D. Enable VTP pruning on every switch in the management domain.
E. Disable VTP pruning on a VTP server in the management domain.
Answer: C
Explanation
VTP pruning should only be enabled on VTP servers, all the clients in the VTP domain will automatically enable VTP pruning -> C is correct.
Refer to the exhibit. VTP has been enabled on the trunk links between all switches within the Certprepare domain. An administrator has recently enabled VTP pruning. Port 1 on Switch 1 and port 2 on Switch 4 are assigned to VLAN 2. A broadcast is sent from the host connected to Switch 1. Where will the broadcast propagate?
VTP_pruning_broadcast.jpg
A. Every switch in the network receives the broadcast and will forward it out all ports.
B. Every switch in the network receives the broadcast, but only Switch 4 will forward it out port 2.
C. Switches 1, 2, and 4 will receive the broadcast, but only Switch 4 will forward it out port 2.
D. Only Switch 4 will receive the broadcast and will forward it out port 2.
Answer: C
Explanation
With VTP pruning enabled network-wide, switch 2 and switch 4 automatically use VTP to learn that none of the switches in the lower-left part of the figure have any ports assigned to VLAN 10. As a result, switch 2 and switch 4 prune VLAN 2 from the trunks connected to these switches. The pruning causes switch 2 and switch 4 to not send frames in VLAN 2 out these trunks -> Switches 3, 5 and 6 will not receive the broadcast while Switch 4 will receive it and forward out to port 2 -> C is correct.
The network operations center has received a call stating that users in VLAN 107 are unable to access resources through Router 1. From the information contained in the graphic, what is the cause of this problem?
VTP_pruning_VLAN.jpg
A. VLAN 107 does not exist on switch A.
B. VTP is pruning VLAN 107.
C. VLAN 107 is not configured on the trunk.
D. Spanning tree is not enabled on VLAN 107.
Answer: B
Explanation
From the “VLANs in spanning tree forwarding state and not pruned” we can deduce that VLAN 107 is currently pruned on switch A.
How does VTP pruning enhance network bandwidth?
A. by restricting unicast traffic to across VTP domains
B. by reducing unnecessary flooding of traffic to inactive VLANs
C. by limiting the spreading of VLAN information
D. by disabling periodic VTP updates
Image in question is second image in explanation
Answer: B
Explanation
VTP Pruning makes more efficient use of trunk bandwidth by forwarding broadcast and unknown unicast frames on a VLAN only if the switch on the receiving end of the trunk has ports in that VLAN.
The following example shows the operation of a VTP domain without and with VTP Pruning.
Without VTP Pruning:
VTP_Pruning_example.jpg
VTP domain without VTP Pruning
When PC A sends a broadcast frame on VLAN 10, it travels across all trunk links in the VTP domain. Switches Server, Sw2, and Sw3 all receive broadcast frames from PC A. But only Sw3 has user on VLAN 10 and it is a waste of bandwidth on Sw2. Moreover, that broadcast traffic also consumes processor time on Sw2. The link between switches Server and Sw2 does not carry any VLAN 10 traffic so it can be “pruned”.
VTP_Pruning_Enabled.jpg
VTP domain with VTP Pruning
-> B is correct.
The Company switches are configured to use VTP. What’s true about the VLAN trunking protocol (VTP)? (Choose two)
A. VTP messages will not be forwarded over nontrunk links.
B. VTP domain names need to be identical. However, case doesn’t matter.
C. A VTP enabled device which receives multiple advertisements will ignore advertisements with higher configuration revision numbers.
D. A device in “transparent” VTP v.1 mode will not forward VTP messages.
E. VTP pruning allows switches to prune VLANs that do not have any active ports associated with them.
Answer: A D
Explanation
Answer A is obviously correct as VTP advertisements only travel through trunk ports.
VTP domain names are case-sensitive. That means the domain “certprepare” is different from “Certprepare”. There is no exception -> B is not correct.
A VTP enabled device which receives multiple advertisements will update (not ignore) advertisements with higher configuration revision numbers, provided that it has the same VTP domain name and password -> C is not correct.
Answer D is not clear. In VTP Version 1, a VTP transparent switch inspects VTP messages for the domain name and version and forwards a message only if the version and domain name match. Because VTP Version 2 supports only one domain, it forwards VTP messages in transparent mode without inspecting the version and domain name. So in this case we don’t have enough information to conclude about answer D.
Answer E is not clear too. VTP will prune VLANs on trunks connected to switches that do not have ports associated with the VLANs. I am not sure what Cisco wants to say in answer E.
But if we consider answer E to be incorrect then the best answers should be A and D.
VTP_Pruning_Enabled.jpg
(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_50_se/configuration/guide/swvtp.html#wp1035121)
Command to show interfaces that VTP is enabled on?
switch#show vtp interfaces
Command to show switches participating in VTP?
switch#show vtp devices
(requires vtp v3)
Command to show the vtp password
switch#show vtp password
Command to show vtp statistics
switch#show vtp counters
You are connecting the New_Switch to the LAN topology; the switch has been partially configured and you need to complete the rest of configuration to enable PC1 communication with PC2. Which of the configuration is correct?
vtp domain CCNP
vtp password cisco
vtp version 3
vtp mode client
interface e0/0
switchport mode access
switchport access vlan 100
