In this Nugget, let’s make sure we are up to speed on the basics of VTP version 3 for a variety of Cisco Certifications, including foremost on my mind, the CCIE Security Written.

VTP v3 does everything that your older versions 1 and 2 can do, plus a lot more. Here is a summary of those additional features:

• Enhanced authentication—in VTP version 3, you can configure the authentication password to be hidden using the vtp password command. When you configure the authentication password to be hidden, it does not appear in plain text in the configuration. Instead, the secret associated with the password is saved in hexadecimal format in the running configuration.
• The extended range VLANs and private VLAN features are fully supported!
• VTP v3 supports the synchronization of remote-SPAN VLANs.
• VTP v3 supports MST database propagation finally. This is done separately from the VLAN database.
• VTP status is made up of primary and secondary servers. You use the primary status only when you need to make changes to the VLAN database. By default, your switches come up as secondary servers.
• To communicate across a VTP domain of version 1 or 2, that domain must be configured in transparent mode.
• VTP v3 can be configured on and off on a global or per-trunk basis.

Here is a look at a sample configuration:

vtp domain MYDOMAIN
vtp version 3
vtp primary
vlan 100
!
vtp mode server mst
exit
vtp primary mst