VLAN Trunking Protocol (VTP)

Recall that the purpose of configuring VLAN tagging is to enable traffic from multiple VLANs to cross a trunk link interconnecting switches. However, VLAN tagging does not help ease the burden of configuring individual VLANs on multiple switches; this is where the Cisco VLAN Trunking Protocol (VTP) can help.



The VTP is a Cisco-proprietary protocol and is useful in large Cisco switch-based environments that include multiple VLANs.

The purpose of VTP is to provide a way to manage Cisco switches as a single group for VLAN configuration purposes. For example, if VTP is enabled on Cisco switches, the creation of a new VLAN on one switch makes that VLAN available to all switches within the same VTP management domain. A switch can be part of only one VTP management domain at a time, and is part of no VTP management domain by default.

Envision an environment in which you must manage 10 switches, as illustrated in Figure 8-16.

Figure 8-16. 10-Switch Network


Without VTP, the creation of a new VLAN would require you to define that new VLAN individually on all necessary switches, a process that is subject to error and that is time-consuming to say the least. Instead, with VTP, you define the VLAN once and have VTP spread the information to all other switches in the same domain automatically, as illustrated in Figure 8-17.

Figure 8-17. 10 Switches in 1 VTP Management Domain

[View full size image]

The primary benefit of VTP is that in large environments it facilitates adding and deleting VLANs, as well as making changes to VLAN configurations. Without VTP you would have to add a VLAN manually to each switch; with VTP you can add a VLAN to one switch and let the switches propagate the changes throughout the VTP management domain, and all before lunch!

When a VTP management domain name is defined on each switch, the switches exchange VTP information automatically and require no further configuration or day-to-day management.

VTP Modes

If you intend to make a switch part of a VTP management domain, each switch must be configured in one of four possible VTP modes: server, client, transparent, and off. The VTP mode assigned to a switch determines how the switch interacts with other VTP switches within the VTP management domain.

The following list details each of these four VTP modes:

  • Server mode? A switch configured in server mode can be used to add, delete, and change VLANs within the VTP management domain. Server is the default mode used after a VTP has been configured on a Cisco switch. Within any VTP management domain, at least one switch must be in server mode. When in server mode, changes are passed to all other switches within the VTP management domain.

  • Client mode? A switch configured in client mode is the recipient of any changes within the VTP management domain, such as the addition, deletion, or modification of VLANs by a server mode switch. A switch in VTP client mode cannot make any changes to VLAN information.

  • Transparent mode? A switch configured in transparent mode passes VTP updates received by switches in server mode to other switches in the VTP management domain, but does not process the contents of these messages. When individual VLANs are added, deleted, or changed on a switch running in transparent mode, the changes are local to that particular switch only, and are not passed to other switches within the VTP management domain.

  • Off? With the introduction of COS version 7.1.1, the option now exists to disable VTP completely on a switch.

Figure 8-18 illustrates the use of each VTP mode.

Figure 8-18. VTP Modes in Action

[View full size image]

For example, think of the 10-switch network described earlier in this chapter. You could configure each switch to be in the same VTP management domain. Although each could be left in the default server mode, it might be easier to leave only one switch in server mode and configure all remaining switches for VTP client mode. When you need to add, delete, or change a VLAN, the change can be carried out on the VTP server-mode switch and passed to all client-mode switches automatically. When you need a switch to act in a relatively standalone manner, or don't want it to propagate information about its configured VLANs, transparent mode should be used.

VTP Pruning

Although the configuration of trunk links by using protocols such as ISL enables traffic from multiple VLANs to travel across a single link, this is not always the optimal choice. For example, suppose three switches are connected by two trunk links, as illustrated in Figure 8-19.

Figure 8-19. VTP Pruning

[View full size image]

In this example, all three switches include ports that are part of VLAN 1, but only Switches A and C include ports in VLAN 2. Without VTP pruning, traffic for VLAN 2 will be passed to Switch B, even though it does not have any ports configured for VLAN 2.

When VTP pruning is implemented within a VTP management domain, traffic for a given VLAN is passed only to a switch across a trunk link if necessary. In Figure 8-19, for example, implementing VTP pruning in the management domain would ensure that traffic for VLAN 2 is never passed to Switch B until Switch B has VLAN 2 ports configured.

VTP advertisements are sent every 5 minutes or when a change occurs. Switches overwrite only information with a higher revision number. If a switch receives an update with VTP revision 14 but the switch is running on VTP revision 16, for example, it ignores the older revision, much as you ignore yesterday's newspaper when today's arrives on your doorstep.

IEEE 802.1q

The Institute of Electrical and Electronics Engineers (IEEE) has defined the 802.1q standard for VLANs, ensuring the interoperability of VLAN implementations between switches and network interface cards (NICs) from different vendors. Because of the various types of VLAN definitions, each vendor has developed its own unique and proprietary VLAN solution and product, such as the Cisco VTP. Without some common ground, such as an open standard, switches from one vendor will not interoperate with VLANs from other vendors.