VLAN Trunking Protocol

From Wikipedia, the free encyclopedia
Jump to: navigation, search

VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol that propagates the definition of Virtual Local Area Networks (VLAN) on the whole local area network.[1] To do this, VTP carries VLAN information to all the switches in a VTP domain. VTP advertisements can be sent over 802.1Q, and ISL trunks. VTP is available on most of the Cisco Catalyst Family products. Using VTP, each Catalyst Family Switch advertises the following on its trunk ports:

  • Management domain
  • Configuration revision number
  • Known VLANs and their specific parameters

There are three versions of VTP, namely version 1, version 2, version 3.

The comparable IEEE standard in use by other manufacturers is GVRP or the more recent MVRP.

Implementation details[edit]

Example without and with VTP (Click to Play)

On Cisco Devices, VTP (VLAN Trunking Protocol) maintains VLAN configuration consistency across a single Layer 2 network. VTP uses Layer 2 frames to manage the addition, deletion, and renaming of VLANs from switches in the VTP client mode. VTP is responsible for synchronizing VLAN information within a VTP domain and reduces the need to configure the same VLAN information on each switch thereby minimizing the possibility of configuration inconsistencies that arise when changes are made.

Upside[edit]

VTP provides the following benefits:

  • VLAN configuration consistency across the layer 2 network
  • Dynamic distribution of added VLANs across the network
  • Plug-and-play configuration when adding new VLANs

Downside[edit]

When a new switch is added to the network, by default it is configured with no VTP domain name or password, but in VTP server mode. If no VTP Domain Name has been configured, it assumes the one from the first VTP packet it receives. Since a new switch has a VTP configuration revision of 0, it will accept any revision number as newer and overwrite its VLAN information if the VTP passwords match. However, if you were to accidentally connect a switch to the network with the correct VTP domain name and password but a higher VTP revision number than what the network currently has (such as a switch that had been removed from the network for maintenance and returned with its VLAN information deleted) then the entire VTP Domain would adopt the VLAN configuration of the new switch which is likely to cause loss of VLAN information on all switches in the VTP Domain, leading to failures on the network. Since Cisco switches maintain VTP configuration information separately from the normal configuration, and since this particular issue occurs so frequently, it has become known colloquially as the "VTP Bomb".


Before creating VLANs on the switch that will propagate via VTP, a VTP domain must first be set up. A VTP domain for a network is a set of all contiguously trunked switches with the matching VTP settings (domain name, password and VTP version). All switches in the same VTP domain share their VLAN information with each other, and a switch can participate in only one VTP management domain. Switches in different domains do not share VTP information. Non-matching VTP settings might result in issues in negotiating VLAN trunks, port-channels or Virtual Port Channels.

See also[edit]

References[edit]

...