Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
703
Views
0
Helpful
4
Replies

Details about VTP MD5 computation, anyone?

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎06-16-2011 01:31 PM - edited ‎03-07-2019 12:51 AM

Dear friends,

Does anybody know how the MD5 checksum is computed for VTPv1/VTPv2 in detail, i.e. what exact data is covered by the MD5 sum and how is it structured, how does the VTP password come in, etc.? I am currently creating some low-level tools to analyze and possibly generate my own VTP messages, and I am having troubles with the MD5 checksum computation.

In addition, I have been looking how the VTP version change and pruning activation/deactivation is signalled in VTP, and it turned out that there is a small "lump" of data in the VTP Summary Advertisements at their very end, saying:

VTPv1, Pruning Off: 0x01 0x01 0x00 0x02 0x00

VTPv1, Pruning On:  0x01 0x01 0x01 0x02 0x00

VTPv2, Pruning Off: 0x00 0x00 0x00 0x01 0x06 0x01 0x00 0x02

VTPv2, Pruning On:  0x00 0x00 0x00 0x01 0x06 0x01 0x00 0x01

Debugs say these are "TLVs" but I have troubles discerning their Type, Length and Value parts. Wireshark has no clue what these mean, and neither have I.

Can anybody shed more light on these issues, either the MD5 or these TLVs? This is particularly a plea to Cisco developers hopefully reading these forums - guys, please, if at all possible, share the knowledge!

Best regards,

Peter

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame

‎06-17-2011 02:32 AM

Peter,

even if they wanted to help, Cisco folks may be limited by employer's NDA.

VTP may be patented, try looking in the public database.

Good luck!

View solution in original post

0 Helpful
4 Replies 4

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame

‎06-17-2011 02:32 AM

Peter,

even if they wanted to help, Cisco folks may be limited by employer's NDA.

VTP may be patented, try looking in the public database.

Good luck!

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to paolo bevilacqua

‎06-17-2011 04:34 AM

Paolo,

Those are my thoughts exactly, and I am aware that there may be strong limitations about the amount of information Cisco developers may provide to the public, but I guess that at least asking won't do any harm In any case, Cisco has already provided great info about details about their other protocols...

Best regards,

Peter

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to paolo bevilacqua

‎06-18-2011 12:12 AM

Paolo,

You knew well, didn't you?

I was able to dig up the U.S. Patent 6,304,901 "Multiple VLAN Architecture System" in which the basic VTPv1 is described, including the method for the MD5 computation. Thank you for the hint!

The TLV block at the end of VTP Summary Advertisement message is not described in that patent but I actually had some luck with injecting deliberately incorrect VTP messages into a network, yielding some interesting debugs from the devices, so I've eventually learned what those TLVs stand for (although they are formatted/processed in a slightly different way than usual TLV records).

Thank you once again!

Best regards,

Peter

0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to paolo bevilacqua

‎06-18-2011 05:45 AM

Paolo,

Well... It seems that my exhilaration was somewhat premature - the aforementioned patent does describe the VTP alright but apparently, only one of its very early incarnations. In any case, the MD5 computed according to the patent description does not match. Drat

Nevertheless, I still consider this a step forward.

Best regards,

Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card