NetRef

Search

SearchSearch

DTP & VTP

4 min read

Technically, both of these have been removed from the CCNA topics list, but there might still be questions on them.

DTP

  • DTP = Dynamic Trunking Protocol
  • Old, Cisco-Proprietary automatic trunking protocol. Not commonly used, and should probably be disabled for security purposes.
  • Allows interfaces to dynamically determine their status (access or trunk) without manual configuration.
  • Enabled with switchport mode dynamic
    • Two options: auto and desirable
      • desirable: will actively try to form a trunk with other Cisco switches. It will form a trunk if connected to another switchport in the following modes:
        • switchport mode trunk switchport mode dynamic desirable switchport mode dynamic auto
        • If the connected interface is in access mode, then a trunk cannot be formed and the dynamic desirable interface will act in access mode as well
      • auto: will not actively try to form a trunk, but will form a trunk if the other interface initiates. Will form a trunk if the connected interface is in the following modes:
        • switchport mode trunk switchport mode dynamic desirable
  • DTP will not form a trunk with routers, PCs, etc.; Only with other switches! (And only Cisco switches, at that!)
  • On older switches, switchport mode dynamic desirable was the default administrative mode.
    • On newer switches, switchport mode dynamic auto is the default.
  • You can disable DTP negotiation on an interface with switchport nonegotiate
    • configuring the interface with switchport mode access will also disable DTP negotiation. This obviously only works if you need it to be an access port, though.
  • Again, it is generally recommended to disable DTP on all interfaces for security, and manually configure them as access or trunk ports.
Admin. ModeTrunkDynamic DesirableAccessDynamic Auto
TrunkTrunkTrunkXTrunk
Dynamic DesirableTrunkTrunkAccessTrunk
AccessXAccessAccessAccess
Dynamic AutoTrunkTrunkAccessAccess

DTP and Encapsulation

  • Switches that support both 802.1Q and ISL can use DTP to negotiate which they will use.
    • negotiation is enabled by default as the default trunk encapsulation mode is switchport trunk encapsulation negotiate
    • ISL is given preference. If both are present on both switches, ISL will be selected.

VTP

  • VTP = VLAN Trunking Protocol
  • Allows you to configure VLANs on a central VTP server switch, and other switches (VTP clients) will synchronize their FLAN database to the server.
  • Intended for large networks with many VLANs. Saves time configuring VLANs on every individual switch; you change them on the VTP server switch, and all other switches update from that.
  • Like DTP, it is rarely used and it’s recommended that you do not use it.
  • 3 versions available: 1, 2, and 3
  • 3 modes: server, client, and transparent
    • Cisco switches operate in VTP Server mode by default
    • VTP Servers:
      • Can add/modify/delete VLANs
      • Store database in non-volatile RAM (NVRAM)
      • Increase the revision number every time a VLAN is added/modified/deleted
      • Advertise the latest version of the VLAN database on trunk interfaces, and clients will synchronize their VLAN databases to it.
      • Also function as VTP Clients
        • Therefore, a VTP server will synchronize to another VTP server with a higher revision number
    • VTP Clients:
      • Cannot add/modify/delete VLANs.
      • Do not store the VLAN database in NVRAM. (in VTPv3 they do)
      • Will synchronize their VLAN database to the server with the highest revision number in their VTP domain.
      • Will advertise their VLAN database, and forward VLAN advertisements to other clients over their trunk ports.
    • VTP Transparent:
      • Does not participate in the VTP domain (doesn’t sync its VLAN database).
      • Maintains its own VLAN database in NVRAM. It can add/modify/delete VLANs, but they won’t be advertised to other switches.
      • Will forward VTP advertisements that are in the same domain as it.
  • If a switch with a NULL VTP domain name receives an advertisement from a VTP with a domain name it will join that VTP domain.
  • View info on VTP with show vtp status
  • Change current VTP version with vtp version (version-number)
    • This will increment the revision number and advertise an update to all switches in the domain.
  • A danger of VTP: if you connect an old switch with a higher revision number to your network (and the VTP domain name matches), all switches in the domain will sync their VLAN databases to that switch.
    • Can result in loss of connection for some/all end hosts if the foreign VLAN database is incorrect.
    • Reconnecting an old switch is a likely scenario, but technically any switch with the same domain and a higher revision number could cause this. This could even be done intentionally, if someone were nasty.
    • This is a big reason why it’s recommended you not use VTP.

Graph View

Backlinks

  • No backlinks found