Some people hate it, some people love it. It’s the Cisco proprietary VLAN Trunking Protocol (VTP) which in short means that Cisco switches can exchange VLAN configuration, instead of manually configuring each switch with the same VLANs. I also suggest if you don’t know what a VLAN is check out the post Creating VLANs Let’s get right into understanding VTP.
The thing that makes VTP shine is what it does, although simple to understand it saves time by automatically distributing VLAN information. Take for example if you had 20 switches that need the same VLANs you could do it manually but this runs the risk of human error, with VTP if you configure one switch as a server and all other switches as clients then you can configure all of them. VTP uses Layer two messages to exchange information if a server switch changes or removes VLANS VTP will synchronize all switches so all switches have the same VLANs.
- ISL is an older technology along with being Cisco proprietary. ISL also fully encapsulates the original Ethernet frame inside the ISL header remain unchanged. Along with using the source and destination MAC addresses in the ISL header to send and receiving to a switch.
- 802.1Q is an open-standard created by IEEE and uses a different header than ISL to tag frames, with the VLAN number. 802.1Q does not encapsulate the original frame into another Ethernet header and trailer. 802.1Q inserts and extra 4-byte VLAN header into the original frame’s Ethernet header. The frame still has the original source and destination MAC address unlike ISL. Also because the original header has been expanded 802.1Q forces a FCS (Frame check sequence)
By default when a switch is powered on the VTP mode is server, VTP servers and clients can choose whether to react to the received VTP update, by either update their VLAN configuration or ignore it. This is based on the VLAN database configuration revision number. Each time the VTP server modifies its VLAN configuration the VTP server increments the current configuration revision number by 1. If the revision number increases and is higher than a client switch or server switch, it will update its VLAN database. This is where VTP can destroy your network if set up incorrectly or not securely. If you have a “rouge” VTP server that has a higher revision number then the other VTP server, all switches in the domain including the VTP server will change and update the VLAN configuration based on the “rouge” VTP server.
There are three VTP Modes
- Server Mode, Servers can create VLANs and distribute VLAN configuration changes through VTP messages.
- Client Mode, Clients cannot be used to configure VLAN information they only learn about VLANs by VTP servers and only forward VTP messages.
- Transparent Mode, Transparent mode switches never update their VLAN database on incoming VTP messages. Like servers they can however create VLANs, they also will send VTP messages to help out other switches in server or client.
VTP defines three message types
- Summary advertisements – list the revision number, domain name, and other information but no VLAN information. These are summary advertisements that occur every 5 minutes.
- Subset advertisements – occur when a new a larger revision number is introduced which is some subset of the VLAN database.
- Request message – Allows the switch to immediately request VTP messages from a neighboring switch as soon as a trunk comes up.
VTP does have some other features like VTP Pruning, passwords protection and domains but that all in the configuration side. An interesting side note is that VTP cannot be turned off. There is no disable command in the switch IOS, if you want to turn off VTP on a switch change the mode to transparent. You can find additional information about VTP at Cisco.com along with a web search. Like always I hope this information was informative and if you have a topic that deals with either ICND1 or ICND2 material let me know by commenting below.