What is VLAN Trunking Protocol and where it can be used?
In this blog, we will learn about VLAN Trunking Protocol generally called VTP. We will see why VTP came into existence and will discuss how it works and where it can be deployed. For understanding, we will take some examples.
Before VLAN trunking protocol (VTP), for creation, addition, deletion, renaming of VLAN, we must go to individual switches and do the configuration. This is a very pathetic job and time-consuming for an administrator.
To overcome this situation VLAN trunking protocol (VTP) came into the existence. Now, with the help of VTP, one can easily manage the addition, deletion, and renaming of VLANs across the network from a central point of control called a server of the same domain. VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol that uses layer 2 trunk frames to communicate VLAN information among a group of switches. VTP advertisements will send over 802.1 Q and ISL trunks. VTP is organized into management domains or areas with common VLAN requirements. A switch can belong to one VTP domain, sharing VLAN information only with other switches in the same domain. Similarly, switches belonging to other VTP domains will share the information amongst them however they do not share information for switches in another domain.
VTP Modes
To participate in a VTP management domain, switches need to be configured to operate in different modes. VTP mode determines how the switch will process and advertise VTP information. The different VTP modes are-
Server Mode- Each VTP domain must have at least one server so that VLANs can be created, modified, or deleted and VLAN information can be propagated.
Transparent Mode- Forwards advertisements but do not participate in VTP; VLANs must be configured manually.
Client Mode –VTP clients do not allow the administrator to create, modify, or delete any VLANs. Instead, they listen to VTP advertisements from other switches and modify their VLAN configurations accordingly.
OFF Mode – Do not participate in VTP; however, VTP advertisements are not relayed at all.
Configuration Of VTP Required Is As Follows
(a) Trunk between switches (mandatory)
(b) VTP mode (mandatory)
(c) VTP version (optional) by default, using version 1
(d) Password should match if applied (optional)
(e) VTP domain name must be same (mandatory)
(f) VLANs
VTP Advertisements – VLAN Trunking Protocol
The switches participating in VTP will advertise VLANs, revision numbers, and VLAN parameters on their trunk ports to notify other switches in the management domain. VTP Versions 1 and 2 supports VLAN numbers 1 to 1005, whereas only VTP version 3 supports the full extended VLAN range 1 to 4094.
The VTP advertisement process always starts with configuration revision number 0. VTP switches use CR numbers to keep track of the most recent information and every switch in the VTP domain stores the configuration revision number that it last heard from a VTP advertisement. When subsequent changes are made on the VTP server, the CR is incremented before the advertisements are sent. When listening switches of the same VTP domain as the advertising switch, receive an advertisement with a greater revision number than is stored locally, they assume that the advertisement contains new and updated information.
Types Of VTP Advertisements – VLAN Trunking Protocol
Summary Advertisements: – VTP domain servers send summary advertisements every 300 seconds and when there is a change in the VLAN database. The contents in summary advertisements are VTP version, domain name, configuration revision number, timestamp, MD5 encryption hash code, and the number of subset advertisements to follow.
[Note: – Updater Identity is the IP address of the switch that is the last to have incremented the configuration revision.]
Subset Advertisements: – VTP domain servers send subset advertisements after a VLAN configuration change occurs. The specific change that has been performed in a subset advertisement can be creating or deleting a VLAN, suspending or activating a VLAN, changing a VLAN name, changing a VLAN maximum transmission unit (MTU).
Subset advertisements can list the following VLAN parameters: VLAN status, VLAN type (such as Ethernet or Token Ring), MTU, length of the VLAN name, VLAN number, security association identifier (SAID) value, and VLAN name. VLANs are listed individually in sequential subset advertisements.
VTP Subset Advertisement
VTP VLAN Info Field
Advertisement requests from Clients
If a VTP client receives a higher revision number than it currently has from a VTP domain server, it will request VLAN information that it lacks and the VTP server responds with summary and subset advertisements to bring it up to date.
[Note: – Before adding any new switch to the VTP domain network, it must have revision number 0. Otherwise, switches in the VTP domain receive a greater configuration revision number than they are using, the switches will overwrite their VLAN data with the newer version- even if the newer version contains irrelevant information.]
To initialize the revision number to 0 following methods are used-
Change the switch’s VTP mode to transparent and then change the mode back to the server.
Change the VTP domain to a bogus name and then change the VTP domain back to the original name.
Let take an example, switch A is the server and switch B is a client and both are a member of the Cisco.com VTP domain. By default, the initial value of configuration revision number is 0 for both VLAN 1, VLAN 1002, VLAN 1003, VLAN 1004, and VLAN 1005 are by default in the VLAN database. Suppose when we create a VLAN 10 on Server A, there is an increment of 1 in CR value. Client B receives the summary advertisement with CR value 1, it sends an advertisement request to the server to send the subset advertisement for CR 1.
Hope you understand how VTP works and where it can be used. If you want more information on VTP Pruning then we have a blog on it.
Zindagi Technologies is an IT consulting company having engineers with decades of experience in planning, designing, and implementing Data Centers along with Managed IT Services, cybersecurity, cloud services. If you want to secure your network, we are just a call away. Please ping us on +91-9773973971 or you can also email us.
Author
Prakash Raghav
Senior Consultant Enterprise Networking