2.1.d Flash Cards

Here are my flash cards for 2.1.d Implement and troubleshoot Trunking. I am giving these flash cards in TXT and in an ANKI package.

If you don’t have or know what Anki is, it is my favorite , free flash card program:
https://apps.ankiweb.net/

Here is the Anki package you may import and start using the flash cards right away:
https://upw.io/uf/2.1.d_Implement_and_troubleshoot_trunking.apkg

 

 

What does VTP stand for? vlan trunking protocol

Regarding VTP, what is true about the domain name in V1-2 and V3?
Switches automatically learn the domain name as long as they have an active trunk formed between them (static or DTP).

In V3 it must be statically set on all switches.

What types of ports does VTP require its messages to go across?
VTP requires either static trunks (.1q or ISL) or DTP negotiated trunks

What is true about the VTP password for all switches in 1 VTP domain?
It must be the same for the domain

What show command will display version, domain, operating status and other VTP info?
show vtp status

What other L2 Encapsulation does VTP support besides ethernet?
Token ring, since VTP version 2

Regarding normal, reserved, and extended VLANs, what did VTPv3 introduce?
VTPv3 introduced support for the extended vlan range.

Which versions of VTP support private VLANs?
Only VTP V3

Which versions of VTP allow us to turn it off PER PORT? How about turning it back on? Do it for port g0/1.
Only in V3

en
conf t
int g0/1
no vtp
vtp

What is true about the VTP password and protecting it in all versions of VTP?
The VTP password will not show up in the running config.

How do we show the VTP password?
show vtp password

What hashing algorithm is used to send the VTP password?
MD5

In VTP v1 and 2 can we have multiple VTP servers?
Yes we can have multiple VTP servers by default switches are VTP servers but they can be changed to client.

What is a VTP client not allowed to do? Add or delete vlans

What special command must be run on the server to become the master for VTP v3, in exec or global config?
In exec mode you must run

vtp primary

With VTP v3, what 3 other features do we have available for the password? Give examples..
We have the options for:

vtp password mypassword
the above shows the password when using show vtp password
vtp password mypassword hidden

The above shows the password as an MD5 hash using “show vtp password”

vtp password <hash> secret
The above requires you enter the VTP password as an MD5 hash, and display as it as a hash.

Are VTP messages encapsulated as 802.3 Ethernet or Ethernet II?
802.3 Ethernet

“Configure the 3 switches in the VTP domain of “test” with a password of “mypassword”, use VTP version 3, with a primary server of SW2.

Special requests:
1.make the password hidden when using “”show vtp password””
2.Use Static trunks between SW1 and SW2, use DTP between SW2 and SW3

 

SW1:
conf t
int g1/2
switchport mode trunk
exit
vtp domain test
vtp password mypassword hidden
vtp mode client
vtp version 3
SW2:
conf t
int g1/2
switchport mode trunk
exit
int g1/3
switchport mode dynamic desirable
exit
vtp domain test
vtp password mypassword hidden
vtp mode server
vtp version 3
exit
vtp primary
SW3:
conf t
vtp domain test
vtp password mypassword hidden
vtp mode client
vtp version 3

Configure the 3 switches in the VTP domain of “test” with a password of “mypassword”, use VTP version 2

Special requests:
1.Make the VTP version of 2 propagate down from SW2
2.Make the VTP domain propagate down from SW2
3. Make SW1 a VTP client, SW2 and 3 servers.

” SW2:

conf t
int range g1/2-3
switchport mode trunk
exit
vtp domain test
vtp password mypassword
vtp version 2
#trunks (static or DTP) are required for VTP
SW1:
conf t
int g1/2
switchport mode trunk
exit
vtp password mypassword
vtp mode client
#only VTP password is needed because version and domain are propagated down from SW2
SW3:
conf t
int g1/3
switchport mode trunk
exit
vtp password mypassword
#default VTP mode is server

What is the VTP MD5 digest for?
The VTP MD5 digest is a digest of the password and of the VTP config.

What is the VTP configuration revision?
What issues can arise when the client revision is higher than the server when joining a VTP domain? How do you fix it?
What issue can arise if a server joins a domain with a higher revision number (in VTP v1-2)

The VTP configuration revision number is the number of times VTP has changed its config.
If the client’s revision number exceeds the server it will not properly join the domain. The only fix for this is to raise the revision on the server by changing the config.
If a server joins the domain with a higher revision then he will wipe out the vlan database.

What are the 4 VTP modes possible?
off (v3)

client
server
transparent

In VTPv3, how do you configure a switch as secondary? What is its purpose?
“In VTP we have client and server modes. In VTPv3 we have added the “”vtp primary”” config in exec mode which designates the primary server. Only this server may make changes to the VTP database, no other switch can, no matter their vtp mode. There may only be one active primary.”

In VTP, what command will show all VTP devices participating in the database?
show vtp devices

“In the following network, configure VTP v3, with SW2 being the primary server, and SW1 and 3 being clients. Configure a domain name of test, with a password of mypassword

Finally configure MST propagation via VTP from SW2, show how to verify it, then set SW1 and 3 to use MST.

“SW2:

conf t
int range g1/2-3
switchport mode trunk
exit
vtp mode server mst
vtp mode server vlan
vtp version 3
vtp domain test
vtp password mypassword
spanning-tree mst configuration
name test
revision 0
instance 0 vlan 1-4094
spanning-tree mode mst
exit
vtp primary vlan
vtp primary mst
SW1:
conf t
int g1/2
switchport mode trunk
exit
vtp mode client vlan
vtp mode client mst
vtp version 3
vtp password mypassword
vtp domain test
spanning-tree mode mst
SW3:
conf t
int g1/3
switchport mode trunk
exit
vtp mode client vlan
vtp mode client mst
vtp version 3
vtp password mypassword
vtp domain test
spanning-tree mode mst
Use “show vtp status” to verify it, look at the MST portion.
Or use
“show spanning-tree mst configuration” and verify the clients got the MST config from the primary server.

How do devices running in VTP transparent mode operate?

Devices configured as “vtp mode transparent” do not process VTP updates or use them, however they pass them along the L2 path to other devices.

In the following topology, configure SW1 (server) and SW3 (client) in a VTP domain of test, with a password of mypassword, with VTP version 2. Configure SW2 such that it only passes these messages and does not participate in VTP.

en
conf t
int g1/2
switchport mode trunk
exit
vtp mode server
vtp domain test
vtp password mypassword
vtp version 2
SW2:
en
conf t
int range g1/2-3
switchport mode trunk
exit
vtp mode transparent
SW3:
int g1/3
switchport mode trunk
exit
vtp mode client
vtp password mypassword
#the VTP domain and version are automatically learned from SW1 VTP messages

How do we enable VTP pruning? How do we verify it? What is its behavior in V1-2 vs V3?

In V1-2, VTP pruning can only be enabled on the VTP server(s), then it propagates down.
conf t
vtp pruning
verify it with
show vtp status
In V1-2 the above is true, however in V3 we must explicitly configure all switches with “vtp pruning”.

What 2 ways can we verify which vlans are pruned via VTP from a trunk? Check trunk g0/1
“show interface <int> pruning

The first part is pruned, the second part is allowed.
Also
“”show int trunk””
 should tell us

Are any extra trunk configurations required for VTP pruning or will it just work as long as VTP messages can pass?
“No extra trunk configurations necessary, a trunk may be “”allowed vlan all”” it may also be DTP negotiated or static.”

How do we prevent vlan 5 from being pruned for the Trunk int g0/1? How do we verify it? How does VTP accomplish it?
CONFIG:

en

conf t
int g0/1
switchport trunk pruning vlan remove 5
verify:
show int g0/1 pruning
This command removes vlan 5 from being prune eligible, meaning VTP will always send a join for this vlan even if it does not have to.
NOTE:
the running config shows pruning eligible vlans

In VTP, what is a advertisement request message for ?
It is a message by clients to the servers requesting VTP information (they might have received a summary or seen a different revision number)

In VTP, what is a summary advertisement?
This advertisement happens every 5 minutes, every switch sends out their VTP domain with revision number, this message contains no VLAN info.

In VTP, what is a subset advertisement?
This advertisement contains all of the VLAN info for other switches.

In VTP, what is a join ?
This message is utilized if we have VTP pruning enabled, the join message is used to tell upstream switches to allow the joined vlan on their trunk. These go out every 6 minutes.

What is true about VTP pruning and the extended vlan range?
The extended VLAN is not eligible for VTP pruning

Is VTP pruning enabled by default?
No it is not

What is true about VTP compatability in V1-3?
V1 and 2 are compatible, v2 and 3 are compatible, v1 and 3 are NOT compatible

What command allows us to add vlan 5 to the trunk g0/1?
switchport trunk allowed vlan add 5

What command allows us to delete vlan 10 from the trunk g0/1?
switchport trunk allowed vlan remove 10

By default which vlans are allowed on a trunk?
All

What command will verify which vlans are manually pruned from a trunk?
show interface trunk

What global config command will tag the native vlan on all trunks?
vlan dot1q tag native

What two features detect native VLAN mismatches?
CDP and PVST+

What command allows us to change the vlan encapsulation to ISL, how about 802.1q?
Do it for G0/1 switchport trunk encapsulation isl

switchport trunk encapsulation dot1q

When in VTP mode client what will happen if you create a vlan by configuring the port in that vlan?

en
conf t
int g0/1
switchport access vlan 999

If you create a vlan via assigning a port to it, the switch will accept the commands with no warning, however it will NOT actually work because of being in VTP mode client.

This is different from when you create a vlan in global config where it will warn you that you cannot do that.
en
conf t
vlan 999
ERROR

What command will display general info about DTP and the DTP timers?
show dtp

How do you get the DTP information for an interface ? Do it for g0/1
show dtp int g0/1

How can we change the native vlan on the trunk (int g0/1) to vlan 2?
switchport trunk native vlan 2