VTP Version 3 Question

AlessandroAlise · ‎08-10-2022

Hi all, I know that with vtp version 3, the problem has been solved that a CLIENT switch with a higher revision number than a SERVER switch with a lower revision number, the vlan database of the SERVER is not updated by the CLIENT.

But is it really so? Or is there a condition for which even with VTP version 3 the CLIENT can update the SERVER?

Thank u all.

Georg Pauwen · ‎08-11-2022

Hello,

in theory, not (unless somebody has found a hack to do this). I assume you are asking this question because you have run into a related issue where this has happened ?

AlessandroAlise · ‎08-11-2022

Exact Georg.
Explain quickly:

I have created two L2 Vlans on a Primary Server Router with VTPv3. I saw that on the Switch Clients the Vlan was not created, because on the switches there was a VTP password.
I added the VTP password also on the Router, this operation has transformed the Router to be Server and not to Primary Server.
Finally, I saw that the two Vlan previously created had disappeared on the Router and that the Revision Number of the server was the same as that of the Clients.
I am afraid that one of the clients has updated the Vlan Database of the Server but how? In the VTP Domain there are no other Servers, the only one is the Router, the other members are Clients.
Thank you.

Georg Pauwen · ‎08-12-2022

Hello,

odd indeed. What router and IOS version was that on ? What happened there is exactly the thing VTP version 3 is supposed to prevent, as you stated earlier...

paul driver · ‎08-20-2022

Hello

@AlessandroAlise wrote:

I added the VTP password also on the Router, this operation has transformed the Router to be Server and not to Primary Server..

It sounds like what you did do was promote that switch to be the primary server as such it wrote over the VTP D/B of the other vtp server (now not the primary)

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Meddane · ‎08-11-2022

The main goal of VTP version 3 remains to synchronize VLANs but it has a number for extras.

Here are some of the new additions to VTP version 3:

VTP primary server: only the primary server is able to create / modify / delete VLANs. This is a great change as you can no longer “accidently” wipe all VLANs like you could with VTP version 1 or 2.
Extended VLANs: you can now synchronize VLANs in the extended VLAN range (1006 – 4094).
Private VLANs: if you have VLANs that are configured as private VLANs then you can synchronize them with VTPv3.
RSPAN VLANs: remote SPAN VLANs can now be synchronized.
MST Support: one of the problems of MST is that you had to configure each switch manually. With VTPv3, MST configurations are synchronized.
Authentication improvements: VTPv3 has more secure methods for authentication.
VTP mode off: If you didn’t want to use VTP for version 1 or 2 then you had to use the transparent mode. VTPv3 can be disabled globally or per interface.
Compatibility: VTP version 3 is compatible with version 2, not version 1.

AlessandroAlise · ‎08-11-2022

thanks for the explanation but how is it possible that what I wrote above happened?

MHM Cisco World · ‎08-20-2022

When I review your issue immediately VTP ver downgrade come in my mind
can you share the show vtp status for both Client and Server ??