Files
CCNA-Notes/19. DTP - VTP.md
2026-05-13 17:26:51 +02:00

6.4 KiB

id, aliases, tags
id aliases tags
19. DTP - VTP

DTP - VTP

Note: DTP and VTP were removed from the CCNA exam topics list for the new exam (200-301). However, it's important to know their function, and you may still get questions about them on the exam even though they are not on the topics list

DTP Dynamic Trunking Protocol

DTP is a Cisco proprietary protocol that allows Cisco switches to dynamically determine their interface status (access or trunk) without manual configuration

DTP is enabled by default on all Cisco switch interfaces.

So far, we have been manually configuring switchports using these command :

  • switchport mode access
  • switchport mode trunk

For security purposes, manual configuration is recommended. DTP should be disabled on all switchports

CLI

SW2(config-if)#switchport mode ?
## we will focus on the dynamic option

SW2(config-if)#switchport mode dynamic ?
## we have to mode auto or desirable

A switchport in dynamic desirable mode will actively try to form a trunk with other Cisco switches, it will form a trunk if connected to another switchport in the following modes:

  1. switchport mode trunk
  2. switchport mode dynamic desirable
  3. switchport mode dynamic auto

to verify you can

SW1# show interfaces g0/0 switchport
Name: Gi0/0
Switchport: Enabled
Administrative Mode: Dynamic desirable 
Operational Mode: trunk

Static access

Static access means an access port that belongs to a single VLAN that doesnt change (unless you configure a different VLAN).

There are also 'dynamic access' ports, in which a server automatically assings the VLAN depending on the MAC address on the connected device. (This is out of the scope of the CCNA)

Administrative mode Trunk Dynamic desirable Access Dynamic Auto
Trunk Trunk Trunk x Trunk
Dynamic Desirable Trunk Trunk Access Trunk
Access x Access Access Access
Dynamic Auto Trunk Trunk Access Access

DTP will not form a trunk with a router, PC, etc. The switchport will be in access mode

On older switches, swithport mode dynamic desirable is the default administrative mode. On newer switches, swithport mode dynamic auto is the default administrative mode. You can disable DTP negotiation on the interface with this command:

  • switchport nonegotiate

Configuring an access port with switchport mode access also disables DTP negotiation on an interface

It is recommended that you disable DTP on all switchports and manually confugre them as access or trunk ports.

Encapsulation

Switches that support both 802.1Q and ISL trunk encapsulations can use DTP to negotiate The encasulation they will use.

This negotiation is enabled by default, as the default trunk encapsulation mode is : switchport trunk encapsulation negotiate

ISL is favored over 802.1Q, so if both switches support ISL, it will be selected

DTP frames are sent in VLAN1 when using ISL or in the native VLAN whe using 802.1Q (the default native VLAN is VLAN1, however)

VTP VLAN Trunking Protocol

VTP allows you to configure VLANs on a central VTP server switch, and other switches (VTP client) will synchronize their VLAN database to the server. It is designed for large networks with many VLANs, so that you don't have to configure each VLAN on every switch It is rarely used, and it is recommended that you do not use it. There are three VTP versions: 1, 2, and 3. There are three VTP modes: server, client, and transparent. Cisco switches operate in VTP server mode by default

VTP Servers

Can add/modify/delete VLANs Store the VLAN database in non-volatile RAM (NVRAM) Will increase the revision number every time a VLAN database on trunk interfaces, and The VTP clients will synchronize their VLAN database to it VTP servers also function as VTP client Therefore, A VTP server will synchronize to anothre VTP server with a higher revision number

VTP clients

Cannot add/modify/delete VLANs Do not store the VLAN database in NVRAM (in VTPv3 they do) Will synchronize their VLAN database to the server with the highest revision number in their VTP domain Will advertise their VLAN database, and forward VTP advertisements to other client over their trunk ports.

How it's work

to see all the VTP type

SW1#Show VTP status

VTPvv1/v2 do not support the extended VLAN range (1006-4094) only BTPv3 supports them

to set a domain name

SW1#vtp domain cisco

now on switch 1 can do

SW1#vlan 10
SW1#name engineering

switch 2 will have the same vtp domain and vlan configured pass along to switch 3 and 4

If a switch with no VTP domain (domain NULL) receives a VTP advertisement with a VTP domain name, it will automatically join that VTP domain

If a switch receives a VTP advertisement in the same VTP domain with a higher revision number it will update its VLAN database to match

ONE DANGER OF VTP

If you connect an old switch with a higher revision number to your network ( and the VTP domain matches), all switches in the domain will sync their VLAN database to that switch

VTP transparent mode

Does not participate in the VTP domain (does not sync its VLAN database).

Maintains its own VLAN database in NVRAM. it can add/modify/delete VLANs, byt they won't be advertised to other switches.

Will forward VTP advertisements that are in the same domain as it.

  NOTE : Changing the VTP domain to an unused domain will reset the revision number to 0
  Changing the VTP mode to transparent will also reset the revision number to 0

VTP version

You can change the VTP version with this command

SW1(config)#vtp version 2

VTP V2 is not much different than VTP V1. The major difference is that VTP V2 introduces support for Token RIng VLANs. if you use Token Ring VLANs, you must enable VTP V2. Otherwise there is no reason to use VTP V2

For the V3 it's Beyond the scope of the CCNA

Review

note: Recommended that you disable this protocol for security purposes.

DTP (dynamic trunking Protocol) a protocol that allows Cisco switches to form trunk connections with other cisco switch without manual configuration

VTP (VLAN Trunking Protocol) Allow to configure VLAN on switches that operate as central VTP servers, which then advertise Their VLAN database,and VTP client switches sync their database to it