VTP - protecting switches from lower revision numbers

When deploying VTP in a layer 2 topology, the revision number is used to identify newer information that is being shared by the protocol. The danger here is that if a new switch is added to a topology, and it has a higher revision number than the rest of the devices on the network, its VLAN database automatically overwrites those of the rest of the switches on the network. This can result in a disastrous loss of functionality that can be very difficult to recover from.

Indeed if the domain name of a switch is NULL it will automatically change to the domain name of the first VTP message it receives.

For this reason, it is always best practice to define both a domain and a password for your VTP topology. This way, even if a VTP message with a higher revision number is sent by a newly added switch, it will not affect the already established VTP topology since its domain and password are different.

VTP messages will only be received and processed if the domain name and password match those configured on the switch.