add DTP VLAN and Subnetting
This commit is contained in:
200
19. DTP - VTP.md
Normal file
200
19. DTP - VTP.md
Normal file
@@ -0,0 +1,200 @@
|
||||
---
|
||||
id: 19. DTP - VTP
|
||||
aliases: []
|
||||
tags: []
|
||||
---
|
||||
|
||||
# DTP - VTP
|
||||
|
||||
Note: DTP and VTP were removed from the CCNA exam topics list for the new exam (200-301).
|
||||
However, it's important to know their function, and you may still get questions about them
|
||||
on the exam even though they are not on the topics list
|
||||
|
||||
## DTP Dynamic Trunking Protocol
|
||||
|
||||
DTP is a [[Cisco]] proprietary protocol that allows Cisco switches to dynamically determine
|
||||
their interface status (access or trunk) without manual configuration
|
||||
|
||||
DTP is enabled by default on all Cisco switch interfaces.
|
||||
|
||||
So far, we have been manually configuring switchports using these command :
|
||||
- switchport mode access
|
||||
- switchport mode trunk
|
||||
|
||||
For security purposes, manual configuration is recommended. DTP should be disabled on all switchports
|
||||
|
||||
### CLI
|
||||
|
||||
```Cisco
|
||||
SW2(config-if)#switchport mode ?
|
||||
## we will focus on the dynamic option
|
||||
|
||||
SW2(config-if)#switchport mode dynamic ?
|
||||
## we have to mode auto or desirable
|
||||
```
|
||||
|
||||
A switchport in dynamic desirable mode will actively try to form a trunk with other Cisco switches,
|
||||
it will form a trunk if connected to another switchport in the following modes:
|
||||
|
||||
1. switchport mode trunk
|
||||
1. switchport mode dynamic desirable
|
||||
1. switchport mode dynamic auto
|
||||
|
||||
to verify you can
|
||||
|
||||
```Cisco
|
||||
SW1# show interfaces g0/0 switchport
|
||||
Name: Gi0/0
|
||||
Switchport: Enabled
|
||||
Administrative Mode: Dynamic desirable
|
||||
Operational Mode: trunk
|
||||
```
|
||||
|
||||
### Static access
|
||||
|
||||
Static access means an access port that belongs to a single VLAN that doesnt change (unless
|
||||
you configure a different VLAN).
|
||||
|
||||
There are also 'dynamic access' ports, in which a server automatically assings the VLAN depending
|
||||
on the [[MAC]] address on the connected device.
|
||||
(This is out of the scope of the CCNA)
|
||||
|
||||
|
||||
| Administrative mode | Trunk | Dynamic desirable | Access | Dynamic Auto |
|
||||
| ------------- | -------------- | -------------- |------------ |------------ |
|
||||
| Trunk | Trunk | Trunk | x | Trunk|
|
||||
| Dynamic Desirable | Trunk | Trunk | Access | Trunk|
|
||||
| Access | x | Access | Access | Access |
|
||||
| Dynamic Auto | Trunk | Trunk | Access | Access |
|
||||
|
||||
|
||||
DTP will not form a trunk with a router, PC, etc.
|
||||
The switchport will be in access mode
|
||||
|
||||
On *older* switches, **swithport mode dynamic desirable** is the default administrative mode.
|
||||
On *newer* switches, **swithport mode dynamic auto** is the default administrative mode.
|
||||
You can disable DTP negotiation on the interface with this command:
|
||||
- switchport nonegotiate
|
||||
|
||||
Configuring an access port with **switchport mode access** also disables DTP negotiation on
|
||||
an interface
|
||||
|
||||
It is recommended that you disable DTP on all switchports and manually confugre them as access or
|
||||
trunk ports.
|
||||
|
||||
### Encapsulation
|
||||
|
||||
[[Switches]] that support both [[802.1Q]] and ISL trunk encapsulations can use DTP to negotiate
|
||||
The encasulation they will use.
|
||||
|
||||
This negotiation is enabled by default, as the default trunk encapsulation mode is :
|
||||
**switchport trunk encapsulation negotiate**
|
||||
|
||||
*ISL is favored over 802.1Q, so if both switches support ISL, it will be selected*
|
||||
|
||||
DTP frames are sent in VLAN1 when using ISL or in the [[native VLAN]] whe using 802.1Q
|
||||
(the default native VLAN is VLAN1, however)
|
||||
|
||||
## VTP VLAN Trunking Protocol
|
||||
|
||||
VTP allows you to configure VLANs on a central VTP server switch, and other switches (VTP client)
|
||||
will synchronize their VLAN database to the server.
|
||||
It is designed for large networks with many VLANs, so that you don't have to configure each VLAN
|
||||
on every switch
|
||||
It is rarely used, and it is recommended that you do not use it.
|
||||
There are three VTP versions: 1, 2, and 3.
|
||||
There are three VTP modes: server, client, and transparent.
|
||||
*Cisco switches operate in VTP server mode by default*
|
||||
|
||||
### VTP Servers
|
||||
|
||||
Can add/modify/delete VLANs
|
||||
Store the VLAN database in non-volatile RAM (NVRAM)
|
||||
Will increase the revision number every time a VLAN database on trunk interfaces, and
|
||||
The VTP clients will synchronize their VLAN database to it
|
||||
VTP servers also function as VTP client
|
||||
Therefore, A VTP server will synchronize to anothre VTP server with a higher revision number
|
||||
|
||||
### VTP clients
|
||||
|
||||
Cannot add/modify/delete VLANs
|
||||
Do not store the VLAN database in NVRAM (in VTPv3 they do)
|
||||
Will synchronize their VLAN database to the server with the highest revision number in their VTP domain
|
||||
Will advertise their VLAN database, and forward VTP advertisements to other client over their trunk
|
||||
ports.
|
||||
|
||||
### How it's work
|
||||
|
||||
to see all the VTP type
|
||||
|
||||
```Cisco
|
||||
SW1#Show VTP status
|
||||
```
|
||||
|
||||
VTPvv1/v2 do not support the extended VLAN range (1006-4094) only BTPv3 supports them
|
||||
|
||||
to set a domain name
|
||||
|
||||
```Cisco
|
||||
SW1#vtp domain cisco
|
||||
```
|
||||
|
||||
now on switch 1 can do
|
||||
|
||||
```Cisco
|
||||
SW1#vlan 10
|
||||
SW1#name engineering
|
||||
```
|
||||
|
||||
switch 2 will have the same vtp domain and vlan configured
|
||||
pass along to switch 3 and 4
|
||||
|
||||
|
||||
If a switch with no VTP domain (domain NULL) receives a VTP advertisement with a VTP domain name,
|
||||
it will automatically join that VTP domain
|
||||
|
||||
If a switch receives a VTP advertisement in the same VTP domain with a higher revision number
|
||||
it will update its VLAN database to match
|
||||
|
||||
### **ONE DANGER OF VTP**
|
||||
|
||||
If you connect an old switch with a higher revision number to your network ( and the VTP domain
|
||||
matches), all switches in the domain will sync their VLAN database to that switch
|
||||
|
||||
|
||||
### VTP transparent mode
|
||||
|
||||
Does not participate in the VTP domain (does not sync its VLAN database).
|
||||
|
||||
Maintains its own VLAN database in NVRAM. it can add/modify/delete VLANs, byt they won't be
|
||||
advertised to other switches.
|
||||
|
||||
Will forward VTP advertisements that are in the same domain as it.
|
||||
|
||||
NOTE : Changing the VTP domain to an unused domain will reset the revision number to 0
|
||||
Changing the VTP mode to transparent will also reset the revision number to 0
|
||||
|
||||
### VTP version
|
||||
You can change the VTP version with this command
|
||||
|
||||
```Cisco
|
||||
SW1(config)#vtp version 2
|
||||
```
|
||||
|
||||
VTP V2 is not much different than VTP V1. The major difference is that VTP V2 introduces support
|
||||
for Token RIng VLANs. if you use Token Ring VLANs, you must enable VTP V2. Otherwise there is
|
||||
no reason to use VTP V2
|
||||
|
||||
For the V3 it's Beyond the scope of the CCNA
|
||||
|
||||
# Review
|
||||
|
||||
note: Recommended that you disable this protocol for security purposes.
|
||||
|
||||
DTP (dynamic trunking Protocol)
|
||||
a protocol that allows Cisco switches to form trunk connections with other cisco switch without
|
||||
manual configuration
|
||||
|
||||
VTP (VLAN Trunking Protocol)
|
||||
Allow to configure VLAN on switches that operate as central VTP servers, which then advertise
|
||||
Their VLAN database,and VTP client switches sync their database to it
|
||||
Reference in New Issue
Block a user