Extended Range VLAN (1006-4094) Not in VTP Database
Presenting Symptom
A VLAN in the extended range (1006-4094) cannot be created or added to the VTP database; the switch reports that the VLAN ID is out of range or not allowed.
Network Context
The network is a small enterprise campus with a mix of Cisco Catalyst 2960 and 3850 switches running IOS 15.x. VTP version 2 is configured in server/client mode. The administrator attempts to create a VLAN with ID 2000 for a new department, but the command fails.
Diagnostic Steps
Check VTP status and version
show vtp statusVTP Version : 2 Configuration Revision : 3 Maximum VLANs supported locally : 255 Number of existing VLANs : 10 VTP Operating Mode : Server VTP Domain Name : CCNA_LAB VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x12 0x34 ...
Look for 'Maximum VLANs supported locally' — if it shows 255, the switch cannot support extended range VLANs. Also check VTP version; VTP version 2 does not support extended range VLANs.
Verify VLAN database limits
show vlanVLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active ... 10 Engineering active ... ... 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup
Note that only VLANs 1-1005 are listed. Extended range VLANs (1006-4094) do not appear in the VLAN database and are not stored in vlan.dat. They are stored in the running configuration.
Attempt to create the extended VLAN and observe error
vlan 2000%VLAN ID 2000 is not valid in this mode. % Failed to create VLAN 2000
The error indicates that the switch is in VTP server or client mode and VTP version is 2, which does not support extended range VLANs. Extended range VLANs can only be configured in VTP transparent mode or when VTP is disabled.
Check VTP mode and version on all switches
show vtp status | include Mode|VersionVTP Version : 2 VTP Operating Mode : Server
If VTP mode is Server or Client and version is 2, extended VLANs cannot be created. The solution is to change VTP mode to Transparent or disable VTP.
Root Cause
The switch is running VTP version 2 in server or client mode. VTP version 2 only supports normal range VLANs (1-1005). Extended range VLANs (1006-4094) are not supported in VTP version 2 and cannot be added to the VTP database. They must be configured in VTP transparent mode or with VTP disabled.
Resolution
Verification
Run 'show vlan id 2000' to confirm the VLAN exists: VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 2000 Department active Also run 'show vtp status' to confirm mode is transparent: VTP Operating Mode : Transparent
Prevention
1. Use VTP transparent mode or disable VTP if extended range VLANs are required. 2. Plan VLAN numbering to avoid extended range unless necessary; use normal range (1-1005) when possible. 3. If VTP must be used, consider VTP version 3 which supports extended range VLANs.
CCNA Exam Relevance
On the CCNA 200-301 exam, this scenario may appear as a multiple-choice question or a troubleshooting drag-and-drop. The exam tests knowledge of VTP versions and VLAN ranges. Key fact: VTP version 2 only supports VLANs 1-1005; extended range VLANs (1006-4094) require VTP transparent mode or VTP version 3.
Exam Tips
Remember that extended range VLANs are not stored in vlan.dat and are not propagated by VTP version 2.
Know that VTP version 3 supports extended range VLANs, but VTP version 2 does not.
Be able to identify the error message: '%VLAN ID ... is not valid in this mode' as a clue to VTP mode/version issue.
Commands Used in This Scenario
Test Your CCNA Knowledge
Practice with scenario-based questions to prepare for the CCNA 200-301 exam.
Practice CCNA Questions