Getting Started with VLAN Trunking Protocol (VTP)

By Edward Tetz

VLAN Trunking Protocol (VTP) is a Cisco network protocol that propagates the definition of Virtual Local Area Networks (VLAN) on the whole local area network. Ensuring that all VLANs are configured on all switches is important because if you are not careful with the configuration, you can find that systems on the same VLAN are not able to communicate with each other.

The following figure illustrates how this problem can happen. Notice that Switch 1 and Switch 3 are configured for VLAN2 and both have users; but these devices cannot communicate with each other because Switch 2 is not configured to support VLAN2.

Because Switch2 is not configured for VLAN2, it will not pass traffic for VLAN2. The users on Switch 1 and Switch 2 on VLAN3 are able to communicate with each other without an issue because there is a direct link on the correct VLAN between the systems.

image0.jpg

VTP alleviates this issue by automatically replicating information about your VLANs from one switch to another so that all switches on your network are aware of all VLANs on your network.

Learning how VTP works

A lack of consistency in how you apply the VLAN configuration across your network can lead to communication errors or security issues on your network. One security issue that can arise is having two groups in different parts of the network using the same VLAN ID.

Initially, this is not an issue, but if a link is established between the VLANs, users you want to keep separate will be combined. To resolve this issue, Cisco created a protocol to be used on their switching devices. Because switching operates at Layer 2, this new solution operates at Layer 2 as well.

By making use of trunk links between switches, Cisco added some new network frames to be sent over those links. These additional frames were designed to pass VLAN information over the trunk links — thereby being a VLAN Trunking Protocol. So the information that is sent over these links allows modification of VLAN information between switches on either side of the trunk link, including adding, removing, and renaming VLANs, assuming they all belong to a common VTP domain.

A VTP domain is a grouping mechanism used to amalgamate a group of switches into a single management unit. Depending on the roles assigned to each switch, you can create and manage the VLAN configuration on any switch, and those changes will be relayed to all other switches on your network. This also eliminates the chance of having duplicate names or VLAN IDs intended for different types of users or roles.

When adding a new switch to a network, ensuring that it has your entire current network VLANs added to its configuration is very important. VTP makes this last task as easy as plug-and-play.

Implementing VTP

The first step in implementing VTP is to configure or create a VTP domain. All switches within the same VTP domain will share VLAN information. If you have groups of switches that you do not want to share information, just be sure to use two different VTP domains.

Remember though, if you have a switch that has never been configured and you connect it via a trunk port, it will automatically take the VTP domain of the switch on the other end of the trunk port. In this case, you need to configure the VTP domain prior to configuring the trunk port.

The information shared through VTP includes the following:

  • Management Domain

  • Known VLANs and VLAN configuration

  • VTP configuration revision number