Cisco CCNA - VTP | Matt Carey | Skillshare

Playback Speed

  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x

Watch this class and thousands more

Get unlimited access to every class
Taught by industry leaders & working professionals
Topics include illustration, design, photography, and more

Watch this class and thousands more

Get unlimited access to every class
Taught by industry leaders & working professionals
Topics include illustration, design, photography, and more

Lessons in This Class

4 Lessons (25m)
    • 1. VTP Basics

    • 2. VTP Versions

    • 3. VTP Configurations

    • 4. VTP Gotchas

  • --
  • Beginner level
  • Intermediate level
  • Advanced level
  • All levels
  • Beg/Int level
  • Int/Adv level

Community Generated

The level is determined by a majority opinion of students who have reviewed this class. The teacher's recommendation is shown until at least 5 student responses are collected.





About This Class

Master the CCNA exam topics

Learn about how VTP can be used to propagate VLAN information within a Cisco switching topology. The VTP feature is a key topic to understand for the CCNA exam. 

Meet Your Teacher

Teacher Profile Image

Matt Carey

Cisco Instructor


I have been addicted to networking ever since the first time I heard about the CCNA certification. I remember hearing everyone say how big of a deal it was, which made me want it more than anything. I was climbing towers for a living at the time in sub zero temperatures. All I could think about was how getting my CCNA certification could be a way to a better opportunity. I told myself that one day I would be CCNA certified. After a lot of studying and time in the lab.....I passed!!! Now I am a Systems Engineer and all I do is Cisco networking. Every time I pass a cell tower I think about how much the CCNA has changed my life and I am grateful.

I decided to become a CCNA instructor during my path to the CCNA certification. While I tried different courses with terrible instructors.... See full profile

Related Skills

Technology CCNA Data Science

Class Ratings

Expectations Met?
  • Exceeded!
  • Yes
  • Somewhat
  • Not really
Reviews Archive

In October 2018, we updated our review system to improve the way we collect feedback. Below are the reviews written before that update.

Why Join Skillshare?

Take award-winning Skillshare Original Classes

Each class has short lessons, hands-on projects

Your membership supports Skillshare teachers

Learn From Anywhere

Take classes on the go with the Skillshare app. Stream or download to watch on the plane, the subway, or wherever you learn best.


1. VTP Basics: in this section, we're going to talk about V TP villain trunk protocol. BTP is used to communicate bill an information between switches connected via trunk ports, any switched apology. Any time you need to add the lands to the network, you have to go to each switch. That needs to ford traffic for that villain and configure each villain. Now that may not seem like a big deal when we're talking about three switches, like in this diagram. But imagine if you have 22 hundreds of switches to manage that need to contain all of the villains that are used on your network. While V TP has a simpler solution than manually configuring each switch with the proper villains with BTP, you create what's called a BTP domain, and then you have different roles that your switches are assigned to. One or more switches in the topology can be BTP servers, and then the rest of the switches would be VTB clients. With BTP. Any villains that are configured on the VT P server can be pushed out to the V TP client switches in your network. So by simply configuring the lands on one device in your network. You could potentially propagate those V lands to every switch in the network. And don't forget that. For VT. Pito work The ports between the VTB switches have to be trump ports with BTP BTP domains are defined in the BTP switch configurations to segment BTP messages between switches. One example of why you would want to use different BTP domains would be if different groups of switches in your apology, we're going to use different V lands. So let's say I wanted to use BTP in my network. But half of my network used one set of villains, while the other side of the network used a completely different set of villains. Well, I could break up my topology into separate BTP domains so that my V TP messages would be isolated per domain, and I could have unique villains for those groups of switches. BTP is going to have three different modes. That you can set your switches for server mode is the mode you would want to use on whichever switches you define in your network that would be used for adding villains that would be forded out to the rest of the topology. So when server mode. You can create the lens on those switches, and they have the ability to process and Ford V TP messages, and they store villains in their villain database. In client mode, you cannot create villain. So once you put your switch and BTP client mode, if you try to add a villain, you will not be able to, because it's simply relying on learning villains from the VTB servers and this. Make sure that you have some consistency and in a way can provide some security because any random edge switches that are in client mode cannot be configured for villains. Client mode also can process and, of course, Ford VTB messages, and they also store their V lands in the villain database. Transparent mode is a VTB mode that you would want to use if you basically did not want to run BTP. So in transparent mode you can create the lands. But the switches in transparent mode will not process BTP messages, but they can afford BTP messages, and it's important to know that transparent boat is different from server and client mode. And instead of storing the villains in the villain database, transparent moats, which is actually store that every lands in the running configuration. One important concept to understand with BTP is V TP revision numbers. BTP switches keep track of one of the latest and greatest V TP messages based on their revision number. Every time there's an update to BTP villains on a V TP switch, the revision number is incremental. So the higher the revision number. The batter BTP switches will only accept V tp messages from servers with the highest revision number. So, for example, of Switch three had a V TP revision number of 100 for its current BTP villain information, and the VTB server advertised a B two B message with a revision number of 101 since the revision number is higher than it's current V TP revision number than the switch would accept the update. Now, if the switches revision number in the VTB message happened to be lower, then switch threes. Current meets people Revision number. Let's say it was 90 than sorts. Three would not accept that BTP update. So that's how VTB switches know which VTB messages are the latest and greatest, because switches don't want to update their V lands based on old be TPV land information. One more thing I wanted Teoh talk about in this section is BTP. Pruning BTP Pruning is a feature that's not enabled by default that you can enable on your VTB switches that basically gives you the ability to dynamically prune the trunk allowed of the land lists on your trunk port. The whole idea behind BTP is to not have to go and configure all your switches when you make the land change as well. If you manually prune your trunk links with specific villains, then you still have to go in and configure your switches, even though you have the V lands being dynamically pushed out. So VTB pruning it basically works by switches inform each other of which villains they have actively running on their switches via V TP. Messages and switches can dynamically prune their trunk allowed Listo only include the villains that the Jason switches informed them of, so in this example, so which one learned from sweats to that it was only running deal in two and three, so switch one dynamically pruned that trunk port to switch to to only allow the land two and three and then the same on the connection to switch three. It it learned that so it's three was only running three and four. So it prune those villains on that trunk port. I will say Use BTP pruning with caution. I really don't like to use. It is because I have had issues and I have some co workers that have also had issues with it, so be careful with it. Make sure you you test it out and definitely don't just turn on during production. 2. VTP Versions: in this section, we're going to go over the different BTP versions. One thing I want to point out. Only versions one and two are actually in the sea. Seen exam topics but version threes becoming more popular and spent around for kind of a while now. So I didn't feel right about talking about VTV without including it. So I guess consider it on added bonus that will include it in here. Help you out with some real world scenarios. Back to the ceasing exam topic business, though Version one. There's a couple things that you need to understand for differences between version one and two version one Transparent mode switches would only Ford BTP messages if the domain inversion matched their own. So let's look at a diagram to show you an example of what I mean. In this diagram, you'll notice that so which one is running VTB transparent mode and it's in a different BTP domain They Anna switched to in Switz three. So with version one, the problem you would have would be in a topology like this if switched to wanted to advertise villains over to switch three Switch one would check the V tp domain, and in this set up it would not afford that. B two b message to switch three of the VTB client. It's one thing you know, of course, transparent, but it's not gonna process the BT messages because it's running transparent mode. But you still wanted to be able to four those messages to other devices participating in BTP with version one. You know, you could have its apology like this with version two, even if the V tp domain did not match the transparent switch. Well, actually, four those messages. So it's kind of a big difference between version one and version two that I wanted to point out to you. So Version one and version two last big thing to mention. They both do not support private or extended range villians. So if you want to use private or ex entering range the lands, then in those versions we're gonna have to use transparent mode. So if you actually try to create the lands that were private or extended, you won't be able Teoh inversion one or two if you're in client or server mode. Version two also has token ring support, which never really had to worry about that. But now you know that that has that support. Its home version three l just touched on real quick, since it's not in the topics, but I want you to know about it. Version three has something called primary and secondary VTB server. So how we have the VTB servers that we talked about in the last section. You have a primary obviously server, which basically means that you have to manually nominate a V TP server switch as a primary , and you can only have one active primary V to be server on the network. So basically, it gives you more control on which BTP switches can update the BTP domain. It's ah also introduces support for private and extended range violence. That's a pretty big deal in networks that have those types of the lands. You can also disabled. The to be purport with version three. I believe that's a Version three specific option. The biggest thing of all, Version three. After our next section, which is BTP gotchas, you'll find that there's a lot of risks with running version one and two with accidentally corrupting your villian database in your apology, Silvers and three. With its extra primary VTB server functionality, you really have a lot of protection against accidentally or someone maliciously messing up your BTP topology. There is backwards compatibility between these versions, while version two and three can play well together in version one in two Can. Version three does not have backward compatibility with version one. So if you are gonna use version three, make sure you're non version three switches a released running version, too. If I was going to deploy a new BTP configuration on a new network, I would definitely go with version three. Mean there's some intimidation there because it's new and and there are some weird things with it. But, I mean, just look up going. Siskel's website and Google version BTB Version three and just just read up on the documentation on and it's not that bad. I mean, there are a few things that you need to understand, but definitely don't be intimidated by, and I've deployed in multiple large networks, and it's worked great for me. So definitely don't be afraid to use that 3. VTP Configurations: B two b configurations. Pretty simple. I'll jump into the lab switches here, and we will configure some of the different beats P parameters as we learn how to verify you are BTP information. Let's start off by making sure we're running VTB Version two for this example. So it's as we're already running version two and then we're gonna make the motive. This switch, the server. So let's make BTP mode server and then I want to run a new BTP domain so we'll say VTB domain and we'll say lab. And then let's go ahead and a sign of each be password of Cisco. It's telling me, have already settle this up. So we have our version are mode, our domain and our password. Now let's go ahead and verify that information by running show B two B status. This is the best meat to be command that's going Teoh show you all of your BTP information . So I run showed me to be status, and it shows me the version. I'm running my domain name my operating mode, the number of existing the lands and one of the most important ones your configuration revision number. So you can see it zero right now, because when you are in transparent mode, your revision number automatically resets to zero. And that's a great thing to know, because if you're adding new, switch the network. One thing I would always recommend doing first thing is go btp mo transparent just to ensure that you don't have a high revision number on some new switcher. Adding to the network. If you run VTB more transparent and then put it back into whatever mode you wanted to be running in, you know that you're gonna introduce it onto the network with a revision. Number of zero. So then you don't have to worry about it. Updating your existing BTP databases. If I go ahead and out of the land an exit out of my village database, we should see that my configuration revision number has been incremental to one now, and you can see that now I have a configuration vision number one. Let's go ahead and remove. I hope I'm not using that beeline for anything I don't think I am. Let's remove that 1,000,000,000 and we can see it's updated my revision number again. So every time I make a view and change and add or a removal. I'm going Teoh, get an updated revision number. So I've configured my VTB server. Let's go ahead on our adjacent client switch here and we'll configure it as of yet to be client. I see So domain, it's gonna be lab and then BTP mode is gonna be a client and another good BTP verification commanded. You can run show v tp password and that's going to show me what my current password is. I can see that I don't have to configure the past because I already have need to be password of Cisco. Now when I run, so would be to be status. I can see that my configuration revision number is two and it was last modified to day a couple minutes ago so I can see that it's already received information from my server here . Let's go ahead and add this peeling back so we can watch the villain update on this clients which you can see on the client. It's already received the new villain update, and I should have the land 1 15 created in my database. Now another awesome thing about BTP If I update the name on the server. It will also update it. Let's say let's call a data. It will also update it to my clients so I can see currently they had, um, the default name of Dylan 01 15. Now when we run it, it received the updated villain name information from my V to be server. If I go ahead and try to out of you went on the client, you're going to see that BTP viewing figuration not allowed when devices and client mode. So clients can only receive the lands from you're DTB servers. If I put this, let's say I had a client switch and I wanted to just add a 1,000,000,000 on real quick. I could put in transparent mode without worrying about affecting anything who had an ad, my villain. And then we put it back and client mode. You can see that even though I added it and then went back in a client mode, I end up just getting the villain wiped out because of the servers update, cause when I went to transparent mode, I made my revision number zero and then I put it back in client mode. It rejoined the BTP domain with a reversion number of zero and then it was updated by the server. So I lost every land. So really, there's nothing tricky to transparent mode you put in transparent mode, and then you can add the lands and run like a standalone switch. That's really it. I mean, so VTB status is gonna be the go to command. And then if you're troubleshooting, uh, be to be appearing is not coming up, you can run show be to be passed to make sure that your BTP credentials are correct. You can run. Um, it's It's not just debug switch BTP. It's kind of weird. I think it's switched. Dilan BTP. It's important to know it's not something that you could just do de Balkan question mark and fine so we can run D Box, which 1,000,000,000 BTP would say events. Let's take a look at some of these debug events. Let me add a villain since I wanted to be a long 1 16 I'll add it over here and we can see if we get some debug output from that PTP event. Maybe I'll run V to be packets too. Okay, I'm trying to make btp debugging fire for you. I have the book spanning tree onto what's do on the bog All. So what if I don't see less? Oh, duh. I run. Show me to be status. I'm in transparent mode. So I shouldn't see any debugging information if I go in a client mode and I'm actually participating and BTP There we go. Now I'm going to see some BTP stuff. Whoa! I think we go. You can see all of your If you actually look at this data, you can see your V lands and the names come in in your BTP summary advertisements. You can see the domain name the revision number coming here so I could be very useful for BTP troubleshooting. 4. VTP Gotchas: in this section, we're going to look at BTP. Gatch is in the whole point of the section. I just want to prepare you for the real world. So you understand some key things about deploying BTP things to watch out for kind of some horror stories of what can happen. Basically, what it comes down to is with versions BTP one and two. If a old or road BTP server happens to be introduced to the VTB domain and most likely it's going to be just some old DTP switch. You mean someone could put in a row b two b server on purpose and break your network. But typically it's gonna be some old switch that was in a closet somewhere that was reacted to the network or something. And let's say that this older row BTP server that was introduced to your domain happen to have a higher revision number than the rest of the BTP switches. Well, since it's the higher revision number, the switches are going Teoh. Consider that update to be the latest and update their V lands based on that update. Well, what if this older rogue VTB server only had a deal in one. So it just advertised to their whole switched apology that Hey, I don't care what villains are using today. You should only have you and one, and it wipes out all of your V lands and then every switch all of a sudden only as viewing one in their beeline database. You can imagine how that could break a network. So and that this has happened. It's happened to me. I've I heard many other ah stories from co workers and customers. So definitely something you want to watch out for and typically what happens is you know, either somebody doesn't realize what they're doing and they're connecting a switch to use for testing or for lab ing. And maybe the switch was off line for years. And they added the lands or movie lands. The revision number grew and grew and grew. And then a switch dies and they have toe replace and they plug in this old switch and all of a sudden, boom, your BTB is broken and all your villains are gone. So that's what can happen. There's, ah, a couple things you can do toe. Make sure that never happens to you first thing you can do if you're introducing a new or old switch to the network. If you put a switch into BTP transparent mode, it automatically reverts its revision number down to zero. So right away, you know that. OK, my revision number is set sent back, Teoh zero. I know that's gonna be higher than anything on the network, so I can feel safe that when I do connect this Switzer the network, it's not going to have a high revision number and take over the land advertisements. So that's rule number one. Always just leave a note for yourself, or just try to always remember to do that. In addition to doing the transparent motor change, you can use BTP authentication for your BTP configuration. So basically you're BTP piers within your domain are gonna authenticate each other's messages, and this would prevent switches that were accidentally added to the domain from having their advertisements be processed. Because if they don't have the BTP password than the VTB, advertisements will not be accepted and we dropped by the other BTP switches. So not only does VTB authentication protect you from somebody, adding a rogue BTP service to the network, but by default switches that don't have a BTP domain configured on them have a knoll domain , and we'll actually be able to connect to your configure domain and dynamically just take on that BTP domain configuration. So, like in this topology here, if we we weren't using authentication, we connected switch four and had no BTP domain configured on it. It would learn what BTP domain is being used and then be able to join it. So I would just always make sure you do the transparent mode change and use BTP authentication. You shouldn't have any worries when using BTP versions one and two.