![VTP Modes Explained: Master Server, Client & Transparent Mode with Labs & CLI. [CCNP ENTERPRISE]](https://networkjourney.com/wp-content/uploads/2025/06/VTP-Modes-Explained-Master-Server-Client-Transparent-Mode_networkjourney.png)
Today I want to take you back to a real-world scenario from one of my classroom labs. A student configured VLANs on one switch, expecting them to magically appear on the others—but nothing worked. The culprit? Misunderstood VTP modes.
If you’re building scalable LANs or studying for your CCNA/CCNP Enterprise, mastering VTP (VLAN Trunking Protocol) is a must. It can save you hours of manual VLAN configuration—but misuse can wipe your entire VLAN database in seconds. In this blog, I’ll simplify Server, Client, and Transparent modes with hands-on CLI, EVE-NG lab, troubleshooting tips, and real-world use cases.
Let’s make VTP a strength, not a surprise!
Table of Contents
Theory in Brief – What is VTP?
VTP (VLAN Trunking Protocol) is a Cisco proprietary Layer 2 messaging protocol used to propagate VLAN information across switches in the same domain.
Instead of manually creating VLANs on each switch, you can configure them on one VTP Server, and the others (in Client mode) will learn and apply those VLANs automatically—provided they’re in the same VTP domain and using the same password (if configured).
Three VTP Modes
- Server Mode
- The master switch that creates, modifies, and deletes VLANs.
- Stores VLAN info in NVRAM (startup-config).
- Advertises VLAN updates to other switches.
- Client Mode
- Cannot create or delete VLANs.
- Receives and applies VLAN updates from the Server.
- Doesn’t store VLANs in NVRAM (relearns every boot).
- Transparent Mode
- Does not participate in VTP advertisements.
- Doesn’t update VLANs from Server or Client.
- Forwards VTP updates to maintain continuity in multi-switch environments.
- VLANs created locally are not shared.
Key Terms
- VTP Domain: Logical name for VTP group—must match on all switches.
- VTP Revision Number: Tracks the latest configuration change.
- VTP Pruning: Reduces unnecessary VLAN traffic on trunks.
Summary / Comparison
| Feature | Server Mode | Client Mode | Transparent Mode |
|---|---|---|---|
| Can create VLANs? | Yes | No | Yes (local only) |
| Receives updates? | Yes | Yes | No |
| Forwards updates? | Yes | Yes | Yes |
| Stores VLANs in NVRAM? | Yes | No | Yes (locally only) |
| Affects other switches? | Yes | No | No |
| Supports pruning? | Yes | Yes | No |
Pros and Cons
| Mode | Pros | Cons |
|---|---|---|
| Server | Central VLAN control, auto-propagation | One mistake can affect entire network |
| Client | Easy to manage, no config required | Cannot create or modify VLANs |
| Transparent | Full local control, safe from domain-wide changes | VLANs not shared; requires manual sync |
Essential CLI Commands
| Task | Command | Description |
|---|---|---|
| Set VTP domain | vtp domain NETWORKJOURNEY | Must match across all switches |
| Set VTP mode | vtp mode server / client / transparent | Sets switch VTP behavior |
| Set VTP password | vtp password secure123 | Optional security layer |
| Show VTP status | show vtp status | Displays current mode, revision, domain |
| Create VLAN (Server or Transparent) | vlan 10 → name HR | Only in Server or Transparent mode |
| Enable pruning | vtp pruning | Reduces VLAN traffic on unused trunk links |
| Verify VLANs | show vlan brief | Confirm created/received VLANs |
Real-World Use Cases
| Scenario | Mode Used | Why It Works |
|---|---|---|
| Central VLAN control for 50-switch enterprise | Server & Clients | Admin only configures on Server, Clients learn automatically |
| Isolated lab switch that shouldn’t affect others | Transparent | VLANs created locally without affecting production VLANs |
| Multi-floor building with local VLANs per floor | Transparent | Each floor manages its own VLANs independently |
| Misconfigured client wiped VLANs across site | Server | If wrong revision is higher, it propagates and overwrites |
EVE-NG Lab – VTP Modes Configuration
Lab Objective:
- Create VLANs centrally using Server
- Sync them to Clients
- Test Transparent switch isolation
Lab Topology
- SW1: VTP Server
- SW2: VTP Client
- SW3: VTP Transparent
Configurations
SW1 (Server):
vtp domain NETWORKJOURNEY vtp mode server vtp password cisco123 vtp pruning vlan 10 name HR vlan 20 name IT
SW2 (Client):
vtp domain NETWORKJOURNEY vtp mode client vtp password cisco123
SW3 (Transparent):
vtp domain NETWORKJOURNEY vtp mode transparent vtp password cisco123 vlan 100 name DEV
Verification:
show vtp status show vlan brief
- SW2 should show VLANs 10 & 20 (from SW1)
- SW3 shows only VLAN 100 (local)
Troubleshooting Tips
| Symptom | Possible Cause | Fix / Command |
|---|---|---|
| VLANs not syncing on Client | Domain/password mismatch | show vtp status & vtp domain |
| VLANs wiped after reboot | Client mode doesn’t save VLANs | Expected behavior |
| VTP updates not received | Transparent mode or revision issues | Use show vtp status, check mode |
| Trunk links not carrying VLANs | Missing pruning config | Use vtp pruning, verify trunk settings |
| VTP Revision number high, but empty | VLANs deleted and synced | Reset revision: change domain temporarily |
Frequently Asked Questions (FAQ)
1. What is VTP and why is it used in enterprise networks?
Answer:
VTP (VLAN Trunking Protocol) is a Cisco proprietary protocol used to centralize and synchronize VLAN configuration across multiple switches in a Layer 2 domain. It reduces the administrative burden by allowing VLAN changes on a server switch, which are then propagated automatically to client switches.
2. What are the different VTP modes and their functions?
Answer:
VTP operates in three main modes:
- Server: Can create, delete, and modify VLANs and propagate changes to other switches.
- Client: Receives and applies VLAN changes but cannot create/modify VLANs locally.
- Transparent: Does not participate in VTP synchronization, but forwards VTP messages. It maintains local VLANs independently.
3. Can a VTP client switch store VLANs in its VLAN database?
Answer:
No. A switch in VTP Client mode does not save VLANs to its NVRAM (vlan.dat). All VLAN data is stored in RAM, so if the switch reboots, it must relearn VLANs from the server unless it’s changed to a different mode.
4. What is the VTP domain name and why must it match?
Answer:
The VTP domain name is the logical name that binds switches into a single VTP management group. For VTP messages to be accepted between switches, the domain name must match across all switches. A mismatch causes switches to ignore VTP advertisements.
5. How does the VTP revision number affect VLAN updates?
Answer:
The VTP configuration revision number determines which VLAN database is more current. A higher revision number overwrites lower ones. If a switch with an empty or incorrect VLAN config and a high revision joins the network, it can wipe out VLANs on all clients and servers. This is a common misconfiguration error.
6. What are the risks of connecting a switch in server mode to an existing VTP domain?
Answer:
If a new server-mode switch with a higher revision number and empty VLAN database is added to an existing VTP domain, it can erase all VLANs across the network. This is why it’s best to:
- Clear vlan.dat
- Reset the VTP revision number
- Set mode to transparent when connecting new switches
7. How do you reset the VTP revision number on a Cisco switch?
Answer:
To reset the VTP revision number:
- Change the switch to transparent mode
- Delete the
vlan.datfile:delete flash:vlan.dat - Reload the switch:
reload
Once the switch restarts, its revision number resets to 0.
8. Can you use VTP across different Cisco switch models and IOS versions?
Answer:
Yes, but with caution. While most Cisco switches support VTP v1/v2, some newer platforms (like 9200/9300) use VTPv3, which adds:
- Support for extended VLANs (1006–4094)
- Authentication and password protection
- Pruning for extended VLANs
Ensure all switches support the same VTP version and are configured consistently.
9. What is VTP pruning and how does it improve network performance?
Answer:
VTP pruning limits VLAN traffic to only those trunk links where the VLAN is actually needed. By preventing unnecessary VLAN traffic from being forwarded across the entire Layer 2 network, it reduces broadcast storms and improves efficiency.
Enable it with:
vtp pruning
on the server switch.
10. How do you verify VTP configuration and VLAN propagation?
Answer:
Use these commands:
show vtp status
Displays:
- VTP mode
- Domain name
- Revision number
- Operating version
show vlan brief
Checks if VLANs have propagated.
show vtp password
Verifies VTP authentication if configured.
These help confirm domain consistency, mode correctness, and propagation success across the network.
YouTube Link
Watch the Complete CCNP Enterprise: VTP Modes Explained: Master Server, Client & Transparent Mode with Lab Demo & Explanation on our channel:
Final Note
Understanding how to differentiate and implement VTP Modes Explained: Master Server, Client & Transparent Mode is critical for anyone pursuing CCNP Enterprise (ENCOR) certification or working in enterprise network roles. Use this guide in your practice labs, real-world projects, and interviews to show a solid grasp of architectural planning and CLI-level configuration skills.
If you found this article helpful and want to take your skills to the next level, I invite you to join my Instructor-Led Weekend Batch for:
CCNP Enterprise to CCIE Enterprise – Covering ENCOR, ENARSI, SD-WAN, and more!
Get hands-on labs, real-world projects, and industry-grade training that strengthens your Routing & Switching foundations while preparing you for advanced certifications and job roles.
Email: info@networkjourney.com
WhatsApp / Call: +91 97395 21088
Upskill now and future-proof your networking career!
![Native VLAN Mismatch Detection_The Hidden Threat to Your Network [CCNP ENTERPRISE]](https://networkjourney.com/wp-content/uploads/2025/06/Native-VLAN-Mismatch-Detection_networkjourney.png)