cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1284
Views
5
Helpful
3
Replies

How to wipe VTP MD5 hash information?

Hello Cisco Support Community--I have this topology: 

VTP Lab.png

(Actually, 1 and 2 and 3 and 4 are connected with two parallel links--one is a Port Channel and the other is a regular Gig E).  Here's what I want to do:

 

 

Create a two VTP domains, with one VLAN in each domain.  Make SW1 the server for one VTP domain and SW3 the server for the other domain.  Make SW2 and SW4 clients of both domains.  Observe the behavior of both client and server switches when you make changes to the VLAN.

 

 

I started by configuring everyone into a bogus domain (BOGUS) and making them transparent in order to wipe the revision number back to 0.  Then I configured SW1 as the server for DRAZI-green domain and created VLAN 2 named GREEN. (Confirmed with sh vlan).  I initially chose version 3 and configured a password also.  When I went to configure SW2, it wouldn't support version 3, so I configured SW2 as a client in DRAZI-green using version 2.  Since I had a version mismatch, I issued no vtp password on both SW1 and SW2.  (I had initially configured a password on SW2.)  And I went back and re-configged SW1 to use version 2.  This is the what I'm getting.

 

SW1(config)#do sh vtp stat

VTP Version capable            : 1 to 3

VTP version running            : 2

VTP Domain Name                : DRAZI-green

VTP Pruning Mode                : Disabled

VTP Traps Generation            : Disabled

Device ID                      : 0019.55e5.3d80

Configuration last modified by 172.16.0.10 at 3-1-93 00:49:22

Local updater ID is 172.16.0.10 on interface Vl1 (lowest numbered VLAN interface found)

 

Feature VLAN:

--------------

VTP Operating Mode                : Server

Maximum VLANs supported locally  : 1005

Number of existing VLANs          : 12

Configuration Revision            : 0

MD5 digest                        : 0x71 0xAB 0x85 0xC4 0x5B 0x74 0xCA 0xD5

                                    0xB5 0x10 0xF3 0xE3 0x6E 0xB6 0x71 0xFB

 

SW2(config)#do sh vtp stat

VTP Version                    : running VTP2

Configuration Revision          : 0

Maximum VLANs supported locally : 1005

Number of existing VLANs        : 11

VTP Operating Mode              : Client

VTP Domain Name                : DRAZI-green

VTP Pruning Mode                : Disabled

VTP V2 Mode                    : Enabled

VTP Traps Generation            : Disabled

MD5 digest                      : 0xF0 0xEC 0xA3 0x3A 0x3C 0x55 0xDA 0x37

*** MD5 digest checksum mismatch on trunk: Po1 ***

*** MD5 digest checksum mismatch on trunk: Gi1/0/3 ***

Configuration last modified by 172.16.0.20 at 3-1-93 06:03:21

 

 

I'm getting an MD5 checksum mismatch on the two links between SW1 and SW2, and SW2 has not synced information about VLAN 2 GREEN.  I've gone through all the VTP troubleshooting steps from both the SWITCH OCG and the TSHOOT OCG with no love. 

 

I'm going to guess that the fact that my MD5 hashes don't match are causing a problem, even though neither SW1 nor SW2 are configured with a password.  Does anyone know how to clear the MD5 information from VTP?  I've tried switching SW2 from transparent mode to client mode, and switching domain from bogus back to DRAZI-green without success.  I've also deleted the vlan.dat file and reloaded SW2.  Also without success.

 

Thanks in advance!  Any thoughts would be greatly appreciated.  MM

3 Replies 3

Hello

The easiest and quickest way would be to delete the vlan.dat file from flash and reboot however its not that simple if this is a production environment.

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Rolf Fischer
Level 9
Level 9

Hi,

the switches do not synchronize because the configuration revision is 0 on both. In order to synchronize, one configuration revision has to be higher ("more up-to-date") than the other. You could simply change the name of one VLAN on the VTP server (or just any change which increases the configuration revision) in order to force a synchronization; the mismatch should disappear then immediately.

HTH
Rolf

P.S.:

Create a two VTP domains, with one VLAN in each domain.  Make SW1 the server for one VTP domain and SW3 the server for the other domain.  Make SW2 and SW4 clients of both domains.

How can the clients be member of two different VTP domains?

thank you, that was my issue

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: