What is VLAN Trunking Protocol (VTP)

For a small network VLAN configuration and VLAN trunking configuration is easy to manage.
But configuring VLAN and VLAN trunking for large networks with many interconnected
switches can be a very difficult task.

VLAN Trunk Protocol (VTP) is a protocol created by Cisco to create and manage VLANs for a
large network with many interconnected switches and to maintain consistency throughout the
network.

In other words, switches use VLAN trunking protocol (VTP) to communicate among themselves
about VLAN configuration.

The VLAN Trunking Protocol (VTP) is a very useful protocol to create, manage and maintain a
large network with many interconnected switches.

The VLAN Trunking Protocol (VTP) can manage the addition, deletion, and renaming of
VLANs from a central point without manual intervention and VLAN Trunk Protocol (VTP) thus
reduces network administration in a switched network.

Currently there are three version of VLAN Trunking Protocol (VTP). The functions of VTP
Version 1 and VTP Version 2 are almost similar. The support for Token Ring VLANs is there
with VTP V2.

According to Cisco VTP V3 documentation, VLAN Trunking Protocol (VTP) Version 3

introduces the concept of transferring an opaque database in situations where VTP version 1 and
VTP version 2 interacted with the VLAN process directly. VTP version 3 includes support for
the MST mapping table.

These are the enhancements made on VLAN Trunk Protocol (VTP) V3.

• Protection from unintended database overrides during insertion of new switches

• Support for VLAN numbers up to 4096

• Support for interaction with VTP Version 1 and VTP Version 2.

• Support for a structured and secure VLAN environment (Private VLAN, or PVLAN)

• Option of clear text or hidden password protection

• Configuration option on a per port base instead of only a global scheme

• Optimized resource handling and more efficient transfer of information

 What is VLAN Trunking Protocol (VTP) Domain

The VLAN Trunking Protocol (VTP) is organized into management domains.

A VLAN Trunking Protocol (VTP) domain is one switch or several interconnected switches
sharing the same VLAN Trunking Protocol (VTP) environment.

A switch can be configured only in one VLAN Trunking Protocol (VTP) domain. Switches in
different VTP domains do not share VLAN Trunking Protocol (VTP) information.

Switches in a VLAN Trunking Protocol (VTP) domain advertise many VLAN attributes to
their VLAN Trunking Protocol (VTP) domain neighbors. These VLAN advertisements contain
information about the VTP management domain, VTP revision number, available VLANs, and
other VLAN parameters.
VLAN Trunking Protocol (VTP) Modes, Server Mode, Client Mode, Transparent Mode

A network switch, which is participating in VLAN Trunking Protocol (VTP), can have three
different modes.

• Server Mode

• Client Mode

• Transparent Mode

VLAN Trunking Protocol (VTP) Server Mode

VLAN Trunking Protocol (VTP) Server mode is the default VTP mode for all Catalyst switches.
At least one server is required in a VTP domain to propagate VLAN information within the VTP
domain.

We can create, add, or delete VLANs of a VTP domain in a Switch which is in VTP Server
mode and change VLAN information in a VTP Server. The changes made in a switch in server
mode are advertised to the entire VTP domain.

VLAN Trunking Protocol (VTP) Client Mode

VLAN Trunking Protocol (VTP) client mode switches listen to VTP advertisements from other
switches and modify their VLAN configurations accordingly.

A network switch in VTP client mode requires a server switch to inform it about the VLAN
changes. We CANNOT create, add, or delete VLANs in a VTP client.
VLAN Trunking Protocol (VTP) Transparent Mode

VLAN Trunking Protocol (VTP) traansparent mode switches do not participate in the VTP
domain, but VTP transparent mode switches can receive and forward VTP advertisements
through the configured trunk links.

VTP Advertisement Messages, Client advertisement request, Summary advertisement,

Subset advertisement

Once the VLAN Trunking Protocol (VTP) is configured on the switches, the switches start
advertising VLAN Trunking Protocol (VTP) information between them on their trunk ports.

The main information which the switches advertise are management VTP Domain name ,
configuration revision number and the configured VLANs. VTP advertisements are sent as
multicast Ethernet frames and all neighbor devices receive the Ethernet frames.

Three types of VLAN Trunking Protocol (VTP) advertisement messages are:

• Client advertisement request: A client advertisement request message is a VTP message

which a client generates for VLAN information to a server. Servers respond with both
summary and subset advertisements.

• Summary advertisement: Summary advertisements are sent out every 300 seconds (5
minutes) by default or when a configuration change occurs, which is the
summarized VLAN information.

• Subset advertisement: Subset advertisements are sent when a configuration change takes
place on the server switch. Subset advertisements are VLAN specific and contain details about
each VLAN.
How to configure VLAN Trunking Protocol (VTP)

Here we are going to configure Switch 1 as VTP server and Switch 2 as VTP client.

Open a console connection to Switch 1 and enter the following IOS commands from global
configuration mode to configure VLAN Trunking Protocol (VTP) in Switch 1.

Here we configure the VTP domain as 'google.com', VTP mode as 'Server' and VTP password
as 'G3IT'.

sw01>enable

sw01#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.

sw01(config)#vtp domain google.com

Changing VTP domain name from NULL to google.com

sw01(config)#vtp mode server

Device mode already VTP SERVER.

sw01(config)#vtp password G3IT

Setting device VLAN database password to G3IT

sw01(config)#exit

Open a console connection to Switch 2 and enter the following IOS commands from global
configuration mode to configure VLAN Trunking Protocol (VTP) in Switch 2. Here we
configure the VTP domain as google.com', VTP mode as 'Client' and VTP password as 'G3IT'.

sw02>enable

sw02#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

sw02(config)#vtp domain google.com

Domain name already set to google.com

sw02(config)#vtp mode client

Setting device to VTP CLIENT mode.

sw02(config)#vtp password G3IT

Setting device VLAN database password to G3IT

sw02(config)#exit

Once the VLAN Trunking Protocol (VTP) is configured on Switch 2, run the 'show vlan'
command from privileged mode on Switch 2 to make sure that the VLAN configuration
information is propagated from Switch 1 to Switch 2.

sw02#show vlan
 How to view VLAN Trunking Protocol (VTP) information using 'show vtp status' IOS
command

To view VLAN Trunking Protocol (VTP) configuration information on Switch 1, open console
connection to Switch 1 and run the "show vtp status" IOS command from privileged mode as
shown below.

sw01>enable

sw01#show vtp status

What is VLAN Trunking Protocol (VTP) Pruning

VLAN Trunking Protocol (VTP) is used to communicate VLAN information between switches
in the same VTP domain. VLAN Trunking Protocol (VTP) pruning is a feature in Cisco
switches, which stops VLAN update information traffic from being sent down trunk links if the
updates are not needed. If the VLAN traffic is needed later, VLAN Trunking Protocol
(VTP) will dynamically add the VLAN back to the trunk link.

In normal operation a switch needs to flood broadcast frames, multicast frames, or unicast
frames where the destination MAC address is unknown to all its ports. If the neighboring
switch doesn’t have any active ports in the source VLAN, this broadcast is unnecessary and
excessive unwanted traffic may create problems on the network.

VLAN Trunking Protocol (VTP) pruning helps in increasing the available bandwidth by
reducing unnecessary flooded traffic. Broadcast frames, multicast frames, or unicast frames
where the destination MAC address is unknown are forwarded over a trunk link only if the
switch on the receiving end of the trunk link has ports in the source VLAN.
What is DTP (Dynamic Trunking Protocol)

Dynamic Trunking Protocol (DTP) is a Cisco proprietary trunking protocol, which is used to
automatically negotiate trunks between Cisco switches. Dynamic Trunking Protocol (DTP) can
be used negotiate and form trunk connection between Cisco switches dynamically.

Dynamic Trunking Protocol (DTP) can also be used for negotiating the encapsulation type of
either IEEE 802.1Q or Cisco ISL (Inter-Switch Link).

Please note that Cisco ISL (Inter-Switch Link) is no more a widely accepted trunking standard.
Many of the recent Cisco switches only support IEEE 802.1Q trunking standard.
Dynamic Trunking Protocol (DTP) can operate in different trunking modes, as shown below.

DTP Mode Description

A switch port configured as DTP dynamic desirable mode will actively try to convert the link to
a trunk link using Dynamic Trunking Protocol (DTP). If the port connected to other port is
capable to form a trunk, a trunk link will be formed.
dynamic
desirable The interface which is configured as DTP dynamic desirable mode will generate DTP messages
on the interface. If the switch receive DTP messages from the other side switch, it will assume
that other side port is capable for handling tagged frames and a trunk link ill be formed between
two switches.

A switch port configured as DTP dynamic auto is capable to form trunk link if the other side
switch interface is configured to form a trunk interface and can negotiate with trunk using DTP.
dynamic
auto A switch interface which is configured as DTP "dynamic auto" mode will not generate DTP
messages on the interface. DTP "dynamic auto" interface will only listen passively for DTP
messages from other side switch's interface. If the DTP dynamic auto interface receives a DTP
message from the interface of the other side switch, a trunk link will be formed.

A switch interface which is configured as trunk mode converts the switche's interface to pure
Trunk trunking mode. A trunk mode interface can also negotiate with the other side switch interface to
form a trunk link between two switches.

The nonegotiate mode disables sending DTP packets from an interface. "nonegotiate" mode is
nonegotiate
possible only when the interface switchport mode is "access" or "trunk". DTP is disabled.

A switch interface which is configured as access mode converts the switche's interface to access
Access mode. "access" mode prevents the use of trunking and make the port as a pure access port. No
frame tagging will happen in an access port. An access port belogs to a VLAN.
Following are the different combinations of switchport modes configured in two connecting
interfaces.

1) Both interfaces are configured with "dynamic desirable" mode

When both the two connecting interfaces are configured as DTP dynamic desirable mode, both
interface will generate DTP messages. Both interface can see that the other interface is capable to
form a trunk.

A trunk link will be established between two switches.

2) One interface is configured with "dynamic desirable" mode and other interface is
configured with "dynamic auto" mode

A switch interface which is configured as DTP "dynamic auto" mode will not generate DTP
messages on the interface. DTP "dynamic auto" interface will only listen passively for DTP
messages from other side switch's interface. If the DTP dynamic auto interface receives a DTP
message from the interface of the other side switch, a trunk link will be formed.

When one interface is configured as DTP "dynamic desirable" mode and other interface is
configured as "dynamic auto" mode, the interface configured with "dynamic desirable" mode
will generate DTP messages and try to convert the interface configured with "dynamic auto"
mode to a trunk interface. Interface configured with "dynamic auto" can see that the other end
interface is capable to form a trunk.

A trunk link will be established between two switches.

3) Both interfaces are configured with "dynamic auto" mode

When both the two connecting interfaces are configured as DTP "dynamic auto" mode, both
interface will not generate DTP messages. Interfaces can not see whether the other interface is
capable to form a trunk.

A trunk link will not be established between two switches.

4) Both interfaces are configured with "trunk" mode

When both interfaces are configured with "trunk" mode, DTP messages are exchanged and trunk
link will be established between two switches.
5) One interface is configured with "trunk" mode and other interface is configured with
"dynamic desirable" mode

When one interface is configured with "trunk" mode and other interface is configured with
"dynamic desirable" mode, DTP messages are exchanged and a trunk link is established between
two switches.
6) One interface is configured with "trunk" mode and other interface is configured with
"dynamic auto" mode

When interface is configured with "trunk" mode and other interface is configured with "dynamic
auto" mode, "trunk" mode interface will generate DTP messages and a trunk link is established
between two switches.

Following table summarizes different combinations of switch port modes.

Switchport Mode dynamic desirable dynamic auto trunk access

dynamic desirable Trunk trunk trunk access

dynamic auto Trunk access trunk access

Trunk Trunk trunk trunk access

Access Access access access access

 Difference Between DTP "dynamic desirable" and "dynamic auto" Modes

Dynamic Trunking Protocol (DTP) is a Cisco proprietary trunking protocol used for negotiating
trunking on a link between two Cisco Switches. Dynamic Trunking Protocol (DTP) can also be
used for negotiating the encapsulation type of either 802.1q or Cisco ISL (Inter-Switch Link).
Please note that Cisco ISL (Inter-Switch Link) is no more a widely accepted trunking standard.
Many of the recent Cisco switches only support IEEE 802.1Q trunking standard.

switchport mode dynamic auto

A switch's interface configured with "dynamic auto" mode will not actively try to convert the
other side switch's interface to form a trunk link. "dynamic auto" interface becomes a trunk
interface only if the other side switch's interface is configured to trunk mode or "dynamic
desirable" mode.

When the interface is configured as "dynamic auto" mode, the interface passively listens
for Dynamic Trunking Protocol (DTP) messages from the other side switch's interface. If a
"dynamic auto" interface receives a Dynamic Trunking Protocol (DTP) message from the other
side switch's interface a trunk link is formed and the interface starts tagging frames. No trunk
link is formed if no message is arrived from other side switch's interface or the trunking
capabilities of two switches are different.

For example, if both switch's interfaces are configured with "dynamic auto" mode, they will
never generate Dynamic Trunking Protocol (DTP) messages and the link will be an access link.

switchport mode dynamic desirable

The interface which is configured as Dynamic Trunking Protocol (DTP) dynamic desirable mode
will generate Dynamic Trunking Protocol (DTP) messages on the interface, and actively try to
convert the other side switch's interface to form a trunk.

A trunk link will be formed if the other side switch's interface is configured with "dynamic
desirable", "dynamic auto" or "trunk" mode.

Case 1: When both sides are "dynamic desirable"

Case 2: When one side is "dynamic desirable" and other side is "dynamic auto"

Case 3: When one side is "trunk" and other side is "dynamic desirable"
 How to configure DTP (Dynamic Trunking Protocol) Modes

Following commands sets can be used to configure different Dynamic Trunking Protocol
(DTP) modes for Switch interface.

How to confgure "dynamic desirable" mode

OmniSecuSw1#configure terminal

OmniSecuSw1(config)#interface gigabitethernet0/0

OmniSecuSw1(config-if)#switchport mode dynamic desirable

OmniSecuSw1(config-if)#exit

OmniSecuSw1(config)#exit

How to confgure "dynamic auto" mode

OmniSecuSw1#configure terminal

OmniSecuSw1(config)#interface gigabitethernet0/0

OmniSecuSw1(config-if)#switchport mode dynamic auto

OmniSecuSw1(config-if)#exit

OmniSecuSw1(config)#exit

OmniSecuSw1#
How to confgure "trunk" mode

OmniSecuSw1#configure terminal

OmniSecuSw1(config)#interface gigabitethernet0/0

OmniSecuSw1(config-if)#switchport mode trunk

OmniSecuSw1(config-if)#exit

OmniSecuSw1(config)#exit

OmniSecuSw1#

How to confgure "trunk" mode with "nonegotiate"

OmniSecuSw1#configure terminal

OmniSecuSw1(config)#interface gigabitethernet0/0

OmniSecuSw1(config-if)#switchport mode trunk

OmniSecuSw1(config-if)#switchport nonegotiate

OmniSecuSw1(config-if)#exit

OmniSecuSw1(config)#exit

OmniSecuSw1#

How to confgure "access" mode

OmniSecuSw1#configure terminal

OmniSecuSw1(config)#interface gigabitethernet0/0

OmniSecuSw1(config-if)#switchport mode access

OmniSecuSw1(config-if)#exit

OmniSecuSw1(config)#exit

OmniSecuSw1#
How to confgure "access" mode with "nonegotiate"

OmniSecuSw1#configure terminal

OmniSecuSw1(config)#interface gigabitethernet0/0

OmniSecuSw1(config-if)#switchport mode access

OmniSecuSw1(config-if)#switchport nonegotiate

OmniSecuSw1(config-if)#exit

OmniSecuSw1(config)#exit

OmniSecuSw1#