And I always hear something back very common like - VTP helps us managing VLANs throughout switched network. So basically if we create a VLAN on VTP server and then it will reflect over all switches inside switching network very quicly so we need not to hop on to every switch in network in order to create vlans.
So in short it basically - VLAN Trunk Protocol (VTP) reduces administration in a switched network.
So what I always asks them back is - That's it or something else too ?
I mean if you have few months of experience with Cisco Switches or if you have attempted CCNP BCMSN exam AKA SWITCH now, you must be aware that if I go inside interface configuration mode of switch and run the command -> Switch
Even if VLAN didn't exist in vlan database of switch earlier, the switch will create vlan 2 and will move this port to vlan 2.
Lets hop on to Real Switch and test this out:
core-switch(config-if)#switchport access vlan 500
% Access VLAN does not exist. Creating vlan 500
core-switch(config-if)#do sh vlan id 500
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
500 VLAN0500 active Gi0/27
So as you can see in this case the vlan 500 was not in vlan database. But as soon as I tried port Gi0/27 to move into vlan 500, the switch created VLAN 500 and moved port Gi0/27 to it.
On the flip side what you think could be the benefit of creating vlans and propagating them using VTP when in the end of the day it's Admin who has to hop on to different switches inside the network in order to move ports in vlan in order to use it.
So when I have to move port manually into vlan, so why I need vtp? I can just go to the port and move it to vlan and vlan will be created automatically. So what's the real benefit of VTP?
Hmmm...so let me now just kill the suspense with a short scenario presented in the diagram above. (VTP disabled on all three switches)
SW1, SW2 and SW3 are connected to each other through Trunks. On SW1 we have 3 different vlan - Vlan 1,2,3. On SW2 we have 2 VLANs only - VLAN 1,3. Over SW3 we have 3 vlans again - VLAN 1,2,3.
No When SW 1 send traffic from a user sitting in its local vlan 2 to another user sitting in vlan 2 of SW 3, the traffic comes to SW2 over trunk. Now SW2 sees the incoming frame tagged with vlan 2. SW2 checks it's local vlan database and finds no entry about VLAN 2. So all it does now is .....PUMMMMM. It drops the frame silently and frame never reaches to user inside VLAN 2 of SW 3.
So to over come this situation we need VTP. Although once all set we can turn off VTP later. Engineers always debate if we should use VTP or not. But in my personal opinion there are many of them who don't understand the function of VTP which I just explained here. Personally I like VTP...to secure vtp environment further you can use VTP password option. But the funny thing about that is it never shows up in config but only with " sh vtp password" command. :)
So Myth Busted....