VTP is Cisco proprietary protocol and abbreviation for VLAN Trunking Protocol. It propagates VLAN information throughout a network. VTP reduces administration in a switched network. When we configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere.
Understanding the concept: VTP Bomb
Now let’s understand how VTP can be disaster in a network – but before that it’s imperative to know that Switch with higher VTP revision number in the LAN will cause VLAN information to be overwritten in all switches. This happens since it is considered that latest VLAN information is available with switch which has highest VTP revision number.
It could happen somebody would disconnect a switch from a production LAN environment, make a test lab on it by deleting/changing VLANs and then reconnecting the same switch back to the LAN. In that case the revision number would get increased and VLANs would be deleted/changed from all switches which are in LAN.
Now, the entire network effectively “dies” and this term is known as a “VTP Bomb” where a switch with higher revision number creates havoc in network by propagating incorrect database to the domain and the overwriting the stable database.
What is the resolution?
VTP Version 3 (VTPv3) which was introduced in Cisco NX-OS release 7.2(0) has the resolution to the issue of VTP bombing.
With VTP version 3, only a switch can be a primary server which is allowed to update other devices in LAN. Secondary servers will update its database from the Primary exclusively. This resolves the issue faced in VTP bombing in VTP version 1 and 2.