201 lines
6.4 KiB
Markdown
201 lines
6.4 KiB
Markdown
---
|
|
id: 19. DTP - VTP
|
|
aliases: []
|
|
tags: []
|
|
---
|
|
|
|
# DTP - VTP
|
|
|
|
Note: DTP and VTP were removed from the CCNA exam topics list for the new exam (200-301).
|
|
However, it's important to know their function, and you may still get questions about them
|
|
on the exam even though they are not on the topics list
|
|
|
|
## DTP Dynamic Trunking Protocol
|
|
|
|
DTP is a [[Cisco]] proprietary protocol that allows Cisco switches to dynamically determine
|
|
their interface status (access or trunk) without manual configuration
|
|
|
|
DTP is enabled by default on all Cisco switch interfaces.
|
|
|
|
So far, we have been manually configuring switchports using these command :
|
|
- switchport mode access
|
|
- switchport mode trunk
|
|
|
|
For security purposes, manual configuration is recommended. DTP should be disabled on all switchports
|
|
|
|
### CLI
|
|
|
|
```Cisco
|
|
SW2(config-if)#switchport mode ?
|
|
## we will focus on the dynamic option
|
|
|
|
SW2(config-if)#switchport mode dynamic ?
|
|
## we have to mode auto or desirable
|
|
```
|
|
|
|
A switchport in dynamic desirable mode will actively try to form a trunk with other Cisco switches,
|
|
it will form a trunk if connected to another switchport in the following modes:
|
|
|
|
1. switchport mode trunk
|
|
1. switchport mode dynamic desirable
|
|
1. switchport mode dynamic auto
|
|
|
|
to verify you can
|
|
|
|
```Cisco
|
|
SW1# show interfaces g0/0 switchport
|
|
Name: Gi0/0
|
|
Switchport: Enabled
|
|
Administrative Mode: Dynamic desirable
|
|
Operational Mode: trunk
|
|
```
|
|
|
|
### Static access
|
|
|
|
Static access means an access port that belongs to a single VLAN that doesnt change (unless
|
|
you configure a different VLAN).
|
|
|
|
There are also 'dynamic access' ports, in which a server automatically assings the VLAN depending
|
|
on the [[MAC]] address on the connected device.
|
|
(This is out of the scope of the CCNA)
|
|
|
|
|
|
| Administrative mode | Trunk | Dynamic desirable | Access | Dynamic Auto |
|
|
| ------------- | -------------- | -------------- |------------ |------------ |
|
|
| Trunk | Trunk | Trunk | x | Trunk|
|
|
| Dynamic Desirable | Trunk | Trunk | Access | Trunk|
|
|
| Access | x | Access | Access | Access |
|
|
| Dynamic Auto | Trunk | Trunk | Access | Access |
|
|
|
|
|
|
DTP will not form a trunk with a router, PC, etc.
|
|
The switchport will be in access mode
|
|
|
|
On *older* switches, **swithport mode dynamic desirable** is the default administrative mode.
|
|
On *newer* switches, **swithport mode dynamic auto** is the default administrative mode.
|
|
You can disable DTP negotiation on the interface with this command:
|
|
- switchport nonegotiate
|
|
|
|
Configuring an access port with **switchport mode access** also disables DTP negotiation on
|
|
an interface
|
|
|
|
It is recommended that you disable DTP on all switchports and manually confugre them as access or
|
|
trunk ports.
|
|
|
|
### Encapsulation
|
|
|
|
[[Switches]] that support both [[802.1Q]] and ISL trunk encapsulations can use DTP to negotiate
|
|
The encasulation they will use.
|
|
|
|
This negotiation is enabled by default, as the default trunk encapsulation mode is :
|
|
**switchport trunk encapsulation negotiate**
|
|
|
|
*ISL is favored over 802.1Q, so if both switches support ISL, it will be selected*
|
|
|
|
DTP frames are sent in VLAN1 when using ISL or in the [[native VLAN]] whe using 802.1Q
|
|
(the default native VLAN is VLAN1, however)
|
|
|
|
## VTP VLAN Trunking Protocol
|
|
|
|
VTP allows you to configure VLANs on a central VTP server switch, and other switches (VTP client)
|
|
will synchronize their VLAN database to the server.
|
|
It is designed for large networks with many VLANs, so that you don't have to configure each VLAN
|
|
on every switch
|
|
It is rarely used, and it is recommended that you do not use it.
|
|
There are three VTP versions: 1, 2, and 3.
|
|
There are three VTP modes: server, client, and transparent.
|
|
*Cisco switches operate in VTP server mode by default*
|
|
|
|
### VTP Servers
|
|
|
|
Can add/modify/delete VLANs
|
|
Store the VLAN database in non-volatile RAM (NVRAM)
|
|
Will increase the revision number every time a VLAN database on trunk interfaces, and
|
|
The VTP clients will synchronize their VLAN database to it
|
|
VTP servers also function as VTP client
|
|
Therefore, A VTP server will synchronize to anothre VTP server with a higher revision number
|
|
|
|
### VTP clients
|
|
|
|
Cannot add/modify/delete VLANs
|
|
Do not store the VLAN database in NVRAM (in VTPv3 they do)
|
|
Will synchronize their VLAN database to the server with the highest revision number in their VTP domain
|
|
Will advertise their VLAN database, and forward VTP advertisements to other client over their trunk
|
|
ports.
|
|
|
|
### How it's work
|
|
|
|
to see all the VTP type
|
|
|
|
```Cisco
|
|
SW1#Show VTP status
|
|
```
|
|
|
|
VTPvv1/v2 do not support the extended VLAN range (1006-4094) only BTPv3 supports them
|
|
|
|
to set a domain name
|
|
|
|
```Cisco
|
|
SW1#vtp domain cisco
|
|
```
|
|
|
|
now on switch 1 can do
|
|
|
|
```Cisco
|
|
SW1#vlan 10
|
|
SW1#name engineering
|
|
```
|
|
|
|
switch 2 will have the same vtp domain and vlan configured
|
|
pass along to switch 3 and 4
|
|
|
|
|
|
If a switch with no VTP domain (domain NULL) receives a VTP advertisement with a VTP domain name,
|
|
it will automatically join that VTP domain
|
|
|
|
If a switch receives a VTP advertisement in the same VTP domain with a higher revision number
|
|
it will update its VLAN database to match
|
|
|
|
### **ONE DANGER OF VTP**
|
|
|
|
If you connect an old switch with a higher revision number to your network ( and the VTP domain
|
|
matches), all switches in the domain will sync their VLAN database to that switch
|
|
|
|
|
|
### VTP transparent mode
|
|
|
|
Does not participate in the VTP domain (does not sync its VLAN database).
|
|
|
|
Maintains its own VLAN database in NVRAM. it can add/modify/delete VLANs, byt they won't be
|
|
advertised to other switches.
|
|
|
|
Will forward VTP advertisements that are in the same domain as it.
|
|
|
|
NOTE : Changing the VTP domain to an unused domain will reset the revision number to 0
|
|
Changing the VTP mode to transparent will also reset the revision number to 0
|
|
|
|
### VTP version
|
|
You can change the VTP version with this command
|
|
|
|
```Cisco
|
|
SW1(config)#vtp version 2
|
|
```
|
|
|
|
VTP V2 is not much different than VTP V1. The major difference is that VTP V2 introduces support
|
|
for Token RIng VLANs. if you use Token Ring VLANs, you must enable VTP V2. Otherwise there is
|
|
no reason to use VTP V2
|
|
|
|
For the V3 it's Beyond the scope of the CCNA
|
|
|
|
# Review
|
|
|
|
note: Recommended that you disable this protocol for security purposes.
|
|
|
|
DTP (dynamic trunking Protocol)
|
|
a protocol that allows Cisco switches to form trunk connections with other cisco switch without
|
|
manual configuration
|
|
|
|
VTP (VLAN Trunking Protocol)
|
|
Allow to configure VLAN on switches that operate as central VTP servers, which then advertise
|
|
Their VLAN database,and VTP client switches sync their database to it
|