Problem Summary

In an enterprise campus network, a new switch was added to the core distribution layer. After connecting it to the existing VTP domain, several VLANs disappeared across the access layer.

• Existing access switches lost their previously configured VLANs
• Users across multiple departments (e.g., HR, Finance) lost network connectivity
• Trunk links remained up, but show vlan brief on several switches displayed only default VLANs

This triggered a major network outage affecting voice, data, and Wi-Fi.

---

Symptoms Observed

• VLANs not appearing in show vlan brief
• Only VLANs 1, 1002–1005 present (default set)
• Trunk ports (show interface trunk) were up and forwarding
• STP still operational, but with fewer VLANs
• VTP domain name and mode correctly configured
• A newly added switch had lower VLAN count but higher revision number

---

Root Cause Analysis

Upon review, engineers identified the culprit:

• A new switch was added in VTP Server mode
• Its VLAN database was empty (default)
• However, it had a higher VTP revision number than the rest of the network (e.g., 50 vs 15)
• VTP is revision-sensitive — the switch with the highest revision number wins
• So, this new switch overwrote the VLAN database across the VTP domain with its own (empty) version

Root Cause: A switch with a higher VTP revision number and empty VLAN config was introduced into the domain, triggering an overwriting of all VLANs across the network.

---

The Fix

Step-by-Step Resolution:

1. Isolate the Problem Switch

Physically disconnect or shut down the offending switch immediately.

2. Manually Re-create Lost VLANs

Check backups or other switches to manually reconfigure lost VLANs:

vlan 10
 name HR
vlan 20
 name Finance

3. Reset VTP Revision Number on New Switch

Set the switch to transparent mode, then back to server/client. This resets its revision to 0:

vtp mode transparent
write memory
vtp mode client   ! or server, depending on role

4. Reconnect Switch to Network

Once revision number is 0 and VLANs match production config, reconnect the switch.

5. Verify Consistency

Use show vtp status to ensure all switches are in sync:

Switch# show vtp status
VTP Version                     : 2
Configuration Revision          : 15
Maximum VLANs supported locally: 1005
VTP Operating Mode              : Client
VTP Domain Name                 : CORP-DOMAIN

---

EVE-NG Lab Topology

• Simulate SW3 with a higher revision but empty VLANs
• Observe how VTP propagates
• Reproduce and fix the issue in a controlled lab

---

Verification

CLI Commands to Use:

show vlan brief
show vtp status
show interface trunk
show vtp password

Key Checks:

• VLANs present and correctly named
• All switches share the same domain and revision number
• Trunk ports carry all intended VLANs
• No unintended VLAN pruning via VTP

---

Key Takeaways

• VTP is powerful and dangerous if mismanaged
• A higher VTP revision number can override entire VLAN databases
• Always reset revision numbers before adding new switches
• Prefer using VTP Transparent mode or even manual VLAN configuration in high-risk networks
• Maintain VLAN backups for quick recovery

---

Best Practices / Design Tips

1. Always reset VTP revision number before adding a switch to production
2. Use VTP Transparent mode unless dynamic VLAN propagation is strictly needed
3. Disable VTP pruning unless your design accounts for it
4. Monitor VTP status during change windows only
5. Use MD5 authentication for VTP to prevent rogue devices
6. Back up VLAN configurations regularly (show vlan brief)
7. Document your VTP design — who is the server, who are clients
8. Limit the number of VTP servers — only one if possible
9. Prefer manual VLAN creation in small/medium environments
10. Use VTP Version 3 for better control and transparency
11. Track VTP configuration revision numbers in your monitoring tools
12. Add switches first to isolated lab to check VTP behavior

---

FAQs

1. What is a VTP revision number?

Answer: It’s a counter that increases every time the VLAN database is changed on a VTP server. Clients accept VLAN updates only if the revision number is higher than their current.

---

2. How can a new switch erase VLANs?

Answer: If it has a higher revision number and empty VLANs, it will propagate those empties to the domain, wiping out existing configurations.

---

3. How do I reset a VTP revision number?

Answer: Change VTP mode to transparent and back to client/server:

vtp mode transparent
write mem
vtp mode client

---

4. Which VTP mode is safest?

Answer: Transparent mode is safest — it doesn’t participate in VTP updates.

---

5. Is VTP needed in all environments?

Answer: No. In smaller networks, manual VLAN configuration or using transparent mode is often preferred.

---

6. What is the best way to add a new switch?

Answer: Set it to transparent, verify VLANs manually, and then decide if it should be a client/server.

---

7. How can I see my switch’s VTP info?

show vtp status

Shows domain, revision, mode, and VLAN count.

---

8. What if switches have different domain names?

Answer: They will not share VLAN information. VTP only works when domain names match exactly.

---

9. What does “Configuration Revision” mean in show vtp status?

Answer: It’s the number of VLAN database changes made since switch initialization or last reset.

---

10. Can I use authentication in VTP?

Answer: Yes, with MD5 password:

vtp password cisco

Must match across all switches.

---

11. Does VTP sync VLAN names and numbers?

Answer: Yes. It synchronizes VLAN ID and name, but not port assignments.

---

12. Is VTP used over trunks only?

Answer: Yes, only over trunk ports (ISL or 802.1Q).

---

13. Does VTP affect extended VLANs?

Answer: No. VTPv1/v2 supports VLANs 1–1005. VTPv3 supports extended VLANs too (1006–4094).

---

14. What is VTP Pruning?

Answer: It reduces unnecessary VLAN traffic across trunks. However, it must be used carefully to avoid dropping needed VLANs.

---

15. Should I use VTP in a mixed-vendor environment?

Answer: No. VTP is Cisco proprietary. For multi-vendor, prefer manual VLAN management or transparent mode.

---

YouTube Link

Watch the Complete CCNP Enterprise: VLAN Not Propagating Across Switches – VTP Revision Number Conflict Fixed Lab Demo & Explanation on our channel:

---

Final Note

Understanding how to differentiate and implement VLAN Not Propagating Across Switches – VTP Revision Number Conflict Fixed is critical for anyone pursuing CCNP Enterprise (ENCOR) certification or working in enterprise network roles. Use this guide in your practice labs, real-world projects, and interviews to show a solid grasp of architectural planning and CLI-level configuration skills.

If you found this article helpful and want to take your skills to the next level, I invite you to join my Instructor-Led Weekend Batch for:

CCNP Enterprise to CCIE Enterprise – Covering ENCOR, ENARSI, SD-WAN, and more!

Get hands-on labs, real-world projects, and industry-grade training that strengthens your Routing & Switching foundations while preparing you for advanced certifications and job roles.

Email: info@networkjourney.com
WhatsApp / Call: +91 97395 21088

Upskill now and future-proof your networking career!

---