Solved: What does 'vtp primary' command check for?

DJW487 · ‎07-07-2025

I was in the midst of trying to write a Cat Centre template to handle the prompt when using 'vtp primary' exec command for a vtp v3 server.

Then I realised I could just tack on the 'force' option and bypass the check. But I wanted to know what it was checking for. One site I read said it checks to make sure there is no other vtp primary server on the domain. To test this and what prompt message I get when that check finds another vtp primary, I configured two switches up on a vtp v3 domain and set both to vtp primary. Guess what? No issues were discovered in the check. So now I want to know, what the check is actually checking for.
Process I used:

'Core'

'Access'

Then set 'Access' to vtp primary:

(I confirmed on 'Core' that the access was seen as Primary Server)

Then set 'Core' to vtp primary:

(Confirmed on 'access' that 'core' was seen as primary)

M02@rt37 · ‎07-07-2025

Hello @DJW487

This command in vtp version 3 doesn't check the network for other primary servers. It only perform a local check to confirm the switch's readiness (vtp version, previous primary status, password match...) and prompt for user confirmation unless the force option is used.

It does not detect or prevent multiple primary servers from existing in the domain, so it's up to the network design to ensure only 1 active primary exist at a time.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

M02@rt37 · ‎07-07-2025

Hello @DJW487

This command in vtp version 3 doesn't check the network for other primary servers. It only perform a local check to confirm the switch's readiness (vtp version, previous primary status, password match...) and prompt for user confirmation unless the force option is used.

It does not detect or prevent multiple primary servers from existing in the domain, so it's up to the network design to ensure only 1 active primary exist at a time.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

DJW487 · ‎07-08-2025

Thank you for the tip about it checking for passwords etc.

I just set the 'access' switch to vtp primary server, then on the 'core' I changed the vtp password from TST01 to TST011, then I attempted to make the core the primary server and you can see the prompt shows the 'access' switch which doesn't match anymore:

And now VTP is broken between the two switches as the core believes it is the primary server, and the access believes it is still the primary server.
If I now go back to the access and change the vtp password to TST011 to match the core...The access immediately rejoins the VTP domain and recognises the core as the rightful primary server.

MHM Cisco World · ‎07-08-2025

Can you make sure vtp is work' add vlan in core and check this vlan in access

I think you dont have trunk between core and SW and hence each can config as primary

MHM

DJW487 · ‎07-08-2025

I can confirm that the access sees the core as primary, and when adding vlan to core, it appears on access.

MHM Cisco World · ‎07-09-2025

If access see vlan add to core and both primary how then vtp is broke?

Also you mentioned key, I think you enter different key, I am not sure but I want from you if you have time to check

Md5 when you use same key and use different key

Md5 is hash for domain+key

If it not same then I think you SW accept two primary if it same the SW not accept two primary

Check this and update me

Thanks

MHM

MHM Cisco World · ‎07-09-2025

I need also

Debug vtp event

Debug vtp error

MHM

DJW487 · ‎07-09-2025

The 'VTP broke' part was when I tested changing the password on one device, which broke the VTP as expected.

It's all good, the question has been answered. The check performed when doing 'vtp primary' doesn't check if there is an existing primary server, it just checks if the devices in the domain have things like correct version and password set already

MHM Cisco World · ‎07-10-2025

sorry that not correct
switch# show vtp devices [conflict] <<- check by this command when both run primary
MHM