6.4 KiB
id, aliases, tags
| id | aliases | tags |
|---|---|---|
| 19. DTP - VTP |
DTP - VTP
Note: DTP and VTP were removed from the CCNA exam topics list for the new exam (200-301). However, it's important to know their function, and you may still get questions about them on the exam even though they are not on the topics list
DTP Dynamic Trunking Protocol
DTP is a Cisco proprietary protocol that allows Cisco switches to dynamically determine their interface status (access or trunk) without manual configuration
DTP is enabled by default on all Cisco switch interfaces.
So far, we have been manually configuring switchports using these command :
- switchport mode access
- switchport mode trunk
For security purposes, manual configuration is recommended. DTP should be disabled on all switchports
CLI
SW2(config-if)#switchport mode ?
## we will focus on the dynamic option
SW2(config-if)#switchport mode dynamic ?
## we have to mode auto or desirable
A switchport in dynamic desirable mode will actively try to form a trunk with other Cisco switches, it will form a trunk if connected to another switchport in the following modes:
- switchport mode trunk
- switchport mode dynamic desirable
- switchport mode dynamic auto
to verify you can
SW1# show interfaces g0/0 switchport
Name: Gi0/0
Switchport: Enabled
Administrative Mode: Dynamic desirable
Operational Mode: trunk
Static access
Static access means an access port that belongs to a single VLAN that doesnt change (unless you configure a different VLAN).
There are also 'dynamic access' ports, in which a server automatically assings the VLAN depending on the MAC address on the connected device. (This is out of the scope of the CCNA)
| Administrative mode | Trunk | Dynamic desirable | Access | Dynamic Auto |
|---|---|---|---|---|
| Trunk | Trunk | Trunk | x | Trunk |
| Dynamic Desirable | Trunk | Trunk | Access | Trunk |
| Access | x | Access | Access | Access |
| Dynamic Auto | Trunk | Trunk | Access | Access |
DTP will not form a trunk with a router, PC, etc. The switchport will be in access mode
On older switches, swithport mode dynamic desirable is the default administrative mode. On newer switches, swithport mode dynamic auto is the default administrative mode. You can disable DTP negotiation on the interface with this command:
- switchport nonegotiate
Configuring an access port with switchport mode access also disables DTP negotiation on an interface
It is recommended that you disable DTP on all switchports and manually confugre them as access or trunk ports.
Encapsulation
Switches that support both 802.1Q and ISL trunk encapsulations can use DTP to negotiate The encasulation they will use.
This negotiation is enabled by default, as the default trunk encapsulation mode is : switchport trunk encapsulation negotiate
ISL is favored over 802.1Q, so if both switches support ISL, it will be selected
DTP frames are sent in VLAN1 when using ISL or in the native VLAN whe using 802.1Q (the default native VLAN is VLAN1, however)
VTP VLAN Trunking Protocol
VTP allows you to configure VLANs on a central VTP server switch, and other switches (VTP client) will synchronize their VLAN database to the server. It is designed for large networks with many VLANs, so that you don't have to configure each VLAN on every switch It is rarely used, and it is recommended that you do not use it. There are three VTP versions: 1, 2, and 3. There are three VTP modes: server, client, and transparent. Cisco switches operate in VTP server mode by default
VTP Servers
Can add/modify/delete VLANs Store the VLAN database in non-volatile RAM (NVRAM) Will increase the revision number every time a VLAN database on trunk interfaces, and The VTP clients will synchronize their VLAN database to it VTP servers also function as VTP client Therefore, A VTP server will synchronize to anothre VTP server with a higher revision number
VTP clients
Cannot add/modify/delete VLANs Do not store the VLAN database in NVRAM (in VTPv3 they do) Will synchronize their VLAN database to the server with the highest revision number in their VTP domain Will advertise their VLAN database, and forward VTP advertisements to other client over their trunk ports.
How it's work
to see all the VTP type
SW1#Show VTP status
VTPvv1/v2 do not support the extended VLAN range (1006-4094) only BTPv3 supports them
to set a domain name
SW1#vtp domain cisco
now on switch 1 can do
SW1#vlan 10
SW1#name engineering
switch 2 will have the same vtp domain and vlan configured pass along to switch 3 and 4
If a switch with no VTP domain (domain NULL) receives a VTP advertisement with a VTP domain name, it will automatically join that VTP domain
If a switch receives a VTP advertisement in the same VTP domain with a higher revision number it will update its VLAN database to match
ONE DANGER OF VTP
If you connect an old switch with a higher revision number to your network ( and the VTP domain matches), all switches in the domain will sync their VLAN database to that switch
VTP transparent mode
Does not participate in the VTP domain (does not sync its VLAN database).
Maintains its own VLAN database in NVRAM. it can add/modify/delete VLANs, byt they won't be advertised to other switches.
Will forward VTP advertisements that are in the same domain as it.
NOTE : Changing the VTP domain to an unused domain will reset the revision number to 0
Changing the VTP mode to transparent will also reset the revision number to 0
VTP version
You can change the VTP version with this command
SW1(config)#vtp version 2
VTP V2 is not much different than VTP V1. The major difference is that VTP V2 introduces support for Token RIng VLANs. if you use Token Ring VLANs, you must enable VTP V2. Otherwise there is no reason to use VTP V2
For the V3 it's Beyond the scope of the CCNA
Review
note: Recommended that you disable this protocol for security purposes.
DTP (dynamic trunking Protocol) a protocol that allows Cisco switches to form trunk connections with other cisco switch without manual configuration
VTP (VLAN Trunking Protocol) Allow to configure VLAN on switches that operate as central VTP servers, which then advertise Their VLAN database,and VTP client switches sync their database to it