VLAN Trunking Protocol
 


VTP (VLAN Trunking Protocol) maintains VLAN configuration consistency across the entire network. VTP uses Layer 2 trunk frames to manage the addition, deletion, and renaming of VLANs on a network-wide basis from a centralized switch in the VTP server mode. VTP is responsible for synchronizing VLAN information within a VTP domain and reduces the need to configure the same VLAN information on each switch.

VTP minimizes the possible configuration inconsistencies that arise when changes are made. These inconsistencies can result in security violations, because VLANs can cross connect when duplicate names are used. They also could become internally disconnected when they are mapped from one LAN type to another, for example, Ethernet to ATM LANE ELANs or FDDI 802.10 VLANs. VTP provides a mapping scheme that enables seamless trunking within a network employing mixed-media technologies.

VTP provides the following benefits:

  • VLAN configuration consistency across the network
  • Mapping scheme that allows a VLAN to be trunked over mixed media
  • Accurate tracking and monitoring of VLANs
  • Dynamic reporting of added VLANs across the network
  • Plug-and-play configuration when adding new VLANs

As beneficial as VTP can be, it does have disadvantages that are normally related to the spanning tree protocol (STP) as a bridging loop propagating throughout the network can occur. Cisco switches run an instance of STP for each VLAN, and since VTP propagates VLANs across the campus LAN, VTP effectively creates more opportunities for a bridging loop to occur.

Before creating VLANs on the switch that will propagate via VTP, a VTP domain must first be set up. A VTP domain for a network is a set of all contiguously trunked switches with the same VTP domain name. All switches in the same management domain share their VLAN information with each other, and a switch can participate in only one VTP management domain. Switches in different domains do not share VTP information.

Using VTP, each Catalyst Family Switch advertises the following on its trunk ports:

  • Management domain
  • Configuration revision number
  • Known VLANs and their specific parameters

 

Configuring VLAN Trunks

A VLAN trunk physically links two VLAN-capable switches or a VLAN-capable switch and a VLAN-capable router. VLAN trunks carry the traffic of multiple VLANs so you can extend VLANs from one Catalyst series switch to another.

Note   VLANs cannot be connected by bridge groups.

The Enterprise Edition software for Catalyst 2820 or Catalyst 1900 switches supports a maximum of 27 switched ports. On the Catalyst 2820 switch, you can configure only the single-port 100BaseTX or 100BaseFX and ATM modules as trunks. On the Catalyst 1900, you can configure the 100BaseTX or 100Base FX ports as trunks. 

The Dynamic Inter-Switch Link Protocol (DISL) protocol synchronizes the configuration of two interconnected Fast Ethernet interfaces into an ISL trunk. The DISL protocol ensures that both of the Fast Ethernet interfaces are either in trunking or nontrunking mode.

If you are using VTP to propagate VLAN information, you must enable a trunk to receive and propagate VLAN information through network advertisements. The switch then learns the management domain and the VLANs within it that are defined on all other switches. ISL-capable switch ports process DISL packets from switches that have the same VTP domain name or a null domain name. If a switch port receives a DISL packet with a different VTP domain name than the domain name configured on the switch, the packet is discarded.

shows an example of a Fast Ethernet ISL configuration.

Figure 2-7 Catalyst 2820 Switches and Catalyst 1900 Switches in a Fast Ethernet ISL Configuration

 

DISL Port States

The DISL protocol requires that there is a point-to-point ISL connection between two devices. DISL-capable ports can be configured to be in any of the states described in Table 2-3.

Table 2-3

 
Port State
Description

On

Configures the port in permanent ISL trunk mode and negotiates with the connected device to convert the link to trunk mode. The port converts to a trunk, even if the other end of the link does not. This state is used when an ISL port is connected to another ISL port that does not support the DISL protocol.

Off

Disables port trunking and negotiates with the connected device to convert the link to nontrunk. The port converts to a nontrunk mode, even if the other end of the link does not. This state is used when an ISL port is connected to another ISL port that does not support the DISL protocol. (Default)

Desirable

Triggers the port to negotiate the link from nontrunking to trunking mode. The port negotiates to a trunk port if the connected device is either in the On, Desirable, or Auto state. Otherwise, the port becomes a nontrunk port.

Auto

Enables a port to become a trunk only if the connected device has the state set to On or Desirable.

No-negotiate

Configures the port in permanent ISL trunk mode, but the port does not generate or process DISL frames. Use this state when an ISL port is connected to another ISL port (such as a router ISL port) that does not support the DISL protocol.


DISL Port States

The status of a VLAN port is shown in the grayed out field in the Status column of the web console Port Management Page. These non-configurable VLAN states indicate the DISL status of a port and whether or not the port has been disabled or suspended because no VLAN has been configured for the port. 

Table 2-4 VLAN Port Status

 
VLAN Port Status
Description

Suspended-DISL

The port is suspended due to DISL negotiation.

Suspended No-VLAN

The port is suspended because there is no VLAN assigned to the port.

Disabled No-VLAN

The port is disabled because the VLAN assigned to the port does not exist.

 

Verifying Trunk Configuration

To verify that you have configured the selected port as a trunk port, check the trunking status and encapsulation type at the top of the Trunk Configuration screen. (When a link is present, a Fast Ethernet trunk shows ISL encapsulation. An ATM module shows LANE encapsulation.) From the Main Menu, access the Port Configuration Menu to see the status of each active VLAN.

Adding a VLAN to an Allowed List

Each trunk has a list of VLANs called allowed VLANs that are enabled to receive and transmit all types of traffic on that trunk. You must configure the VLAN and add it to the allowed list for the trunk so that it can receive trunk traffic. By default, all configured VLANs are allowed on a trunk. To add a VLAN to the allowed list, do the following:

 
Step
Action

1 Access the Virtual LAN Menu.

Select [V] from the Main Menu.

2 Access the Trunk Configuration Menu.

Enter [T] Trunk Configuration.

3 Select the appropriate trunk port.

At the next menu, enter [A] or [B] at the selection prompt, and press Return.

4 Add the VLAN to the allowed list for the trunk.

a. Enter [A] Add Allowed VLANs at the selection prompt.

b. Enter the appropriate VLAN number at the selection prompt in the next menu. The Trunk Configuration Menu reappears.


Traffic will not be forwarded to or from a VLAN that is not included in the VLAN allowed list.

Verifying a VLAN Allowed List Addition

To verify that you have added a VLAN to the allowed list, select [V] List Allowed VLANs from the Trunk Configuration Menu, and examine the contents of the display.

Deleting a VLAN from the Allowed List

To delete a VLAN from the allowed list, do the following:

 
Step
Action

1 Access the Virtual LAN Menu.

Select [V] Virtual LAN from the Main Menu.

2 Access the Trunk Configuration Menu.

Enter [T] Trunk Configuration.

3 Delete the VLAN number.

a. Select [D] Delete Allowed VLAN(s).

b. Enter the appropriate VLAN number at the selection prompt in the next menu, and press Return.

 

Viewing the List of Allowed VLANs

To view the list of allowed VLANs, select [V] List Allowed VLANs from the Trunk Configuration Menu.

Adding a Pruning-Eligible VLAN

The flood traffic of a VLAN is typically sent to all switches in the same management domain that are connected by trunks. Pruning VLANs restricts the flood traffic of a VLAN to just those switches that have member ports. When you prune eligible VLANs, you restrict the flood traffic of those VLANsTo add a pruning-eligible VLAN, do the following:

 
Step
Action

1 Access the Virtual LAN Menu.

Select [V] from the Main Menu.

2 Access the Trunk Configuration Menu.

Enter [T] Trunk Configuration.

3 Select the appropriate trunk port.

At the next menu, enter [A] or [B] at the selection prompt, and press Return.

4 Add the pruning eligible VLAN.

a. Enter [E] Add Pruning Eligible VLAN(s) at the selection prompt.

b. Enter the appropriate VLAN number at the selection prompt in the next menu. The Trunk Configuration Menu reappears.

 

Verifying Pruning-Eligible VLAN Additions

To verify that you have added a pruning-eligible VLAN, select [T] Trunk Configuration, and view the contents of the display. To view additional VLAN information, select [F] List Pruning Eligible VLANs.

Deleting a Pruning-Eligible VLAN

To delete a pruning -eligible VLAN, do the following:

 
Step
Action

1 Access the Virtual LAN Menu.

Select [V] from the Main Menu.

2 Access the Trunk Configuration Menu.

Enter [T] Trunk Configuration.

3 Delete the VLAN number.

a. Select [C] Delete Pruning Eligible VLAN(s).

b. Enter the appropriate VLAN number at the selection prompt in the next menu, and press Return.

 

Viewing a List of Pruning-Eligible VLANs

To view the list of pruning-eligible VLANs, select [F] List Pruning Eligible VLANs from the Trunk Configuration Menu.

For more information about pruning.

Displaying VLANs Transmitting and Receiving Flooded Traffic

You can use the Trunk Configuration Menu to display the following lists:

A list of VLANs on which flooded traffic is transmitted over a specified trunk

If a remote switch on a specified trunk requests the local switch to transmit flooded traffic on a specific list of VLANs, you can display that VLAN list on the local switch. At the selection prompt of the Trunk Configuration Menu, select [S] List VLANs that Transmit Flooded Traffic.

A list of VLANs on which flooded traffic is received over a specified trunk

If a local switch on a specified trunk requests the remote switch to transmit flooded traffic on a specific list of VLANs, you can display that VLAN list on the local switch. At the selection prompt of the Trunk Configuration Menu, select [R] List VLANs that Receive Flooded Traffic.

VLAN Trunk Protocol

The VTP maintains VLAN configuration consistency throughout the network. VTP manages the addition, deletion, and modification of VLANs at the system level, automatically communicating this information to all the other switches in the network. In addition, VTP minimizes these possible configuration inconsistencies that can result in security violations:

VLANs can become cross-connected when duplicate names are used.

VLANs can become internally disconnected when they are incorrectly mapped between one LAN type and the other.