Technically, both of these have been removed from the CCNA topics list, but there might still be questions on them.


  • DTP = Dynamic Trunking Protocol
  • Old, Cisco-Proprietary automatic trunking protocol. Not commonly used, and should probably be disabled for security purposes.
  • Allows interfaces to dynamically determine their status (access or trunk) without manual configuration.
  • Enabled with switchport mode dynamic
    • Two options: auto and desirable
      • desirable: will actively try to form a trunk with other Cisco switches. It will form a trunk if connected to another switchport in the following modes:
        • switchport mode trunk switchport mode dynamic desirable switchport mode dynamic auto
        • If the connected interface is in access mode, then a trunk cannot be formed and the dynamic desirable interface will act in access mode as well
      • auto: will not actively try to form a trunk, but will form a trunk if the other interface initiates. Will form a trunk if the connected interface is in the following modes:
        • switchport mode trunk switchport mode dynamic desirable
  • DTP will not form a trunk with routers, PCs, etc.; Only with other switches! (And only Cisco switches, at that!)
  • On older switches, switchport mode dynamic desirable was the default administrative mode.
    • On newer switches, switchport mode dynamic auto is the default.
  • You can disable DTP negotiation on an interface with switchport nonegotiate
    • configuring the interface with switchport mode access will also disable DTP negotiation. This obviously only works if you need it to be an access port, though.
  • Again, it is generally recommended to disable DTP on all interfaces for security, and manually configure them as access or trunk ports.
Admin. ModeTrunkDynamic DesirableAccessDynamic Auto
Dynamic DesirableTrunkTrunkAccessTrunk
Dynamic AutoTrunkTrunkAccessAccess

DTP and Encapsulation

  • Switches that support both 802.1Q and ISL can use DTP to negotiate which they will use.
    • negotiation is enabled by default as the default trunk encapsulation mode is switchport trunk encapsulation negotiate
    • ISL is given preference. If both are present on both switches, ISL will be selected.


  • VTP = VLAN Trunking Protocol
  • Allows you to configure VLANs on a central VTP server switch, and other switches (VTP clients) will synchronize their FLAN database to the server.
  • Intended for large networks with many VLANs. Saves time configuring VLANs on every individual switch; you change them on the VTP server switch, and all other switches update from that.
  • Like DTP, it is rarely used and it’s recommended that you do not use it.
  • 3 versions available: 1, 2, and 3
  • 3 modes: server, client, and transparent
    • Cisco switches operate in VTP Server mode by default
    • VTP Servers:
      • Can add/modify/delete VLANs
      • Store database in non-volatile RAM (NVRAM)
      • Increase the revision number every time a VLAN is added/modified/deleted
      • Advertise the latest version of the VLAN database on trunk interfaces, and clients will synchronize their VLAN databases to it.
      • Also function as VTP Clients
        • Therefore, a VTP server will synchronize to another VTP server with a higher revision number
    • VTP Clients:
      • Cannot add/modify/delete VLANs.
      • Do not store the VLAN database in NVRAM. (in VTPv3 they do)
      • Will synchronize their VLAN database to the server with the highest revision number in their VTP domain.
      • Will advertise their VLAN database, and forward VLAN advertisements to other clients over their trunk ports.
    • VTP Transparent:
      • Does not participate in the VTP domain (doesn’t sync its VLAN database).
      • Maintains its own VLAN database in NVRAM. It can add/modify/delete VLANs, but they won’t be advertised to other switches.
      • Will forward VTP advertisements that are in the same domain as it.
  • If a switch with a NULL VTP domain name receives an advertisement from a VTP with a domain name it will join that VTP domain.
  • View info on VTP with show vtp status
  • Change current VTP version with vtp version (version-number)
    • This will increment the revision number and advertise an update to all switches in the domain.
  • A danger of VTP: if you connect an old switch with a higher revision number to your network (and the VTP domain name matches), all switches in the domain will sync their VLAN databases to that switch.
    • Can result in loss of connection for some/all end hosts if the foreign VLAN database is incorrect.
    • Reconnecting an old switch is a likely scenario, but technically any switch with the same domain and a higher revision number could cause this. This could even be done intentionally, if someone were nasty.
    • This is a big reason why it’s recommended you not use VTP.