VLAN Trunking Protocol (VTP) and Dynamic Trunking Protocol (DTP) are Cisco proprietary features aimed at reducing administrative burden and ensuring consistency between network devices. VTP is primarily used to propagate VLAN information between switches, allowing an administrator to configure VLANs on a single switch and let them be advertised to the rest of the switch domain. DTP is a protocol that runs between switches to dynamically negotiate formation of a trunk to carry multiple VLANs. There is plenty of information out there about these protocols in isolation, the focus of this article is to point out how DTP relies on VTP configuration consistency to function.
Demo Network
For demonstration, we’ll be focusing on SW1, SW5, and the link between them. SW1 is participating in an MST region, SW5 is running PVST+.
VTP Configuration
Notice below that the two switches are in different VTP domains.
SW1#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : routingloop
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 5254.0005.8000
Configuration last modified by 0.0.0.0 at 2-15-24 23:06:04
Local updater ID is 0.0.0.0 (no valid interface found)
Feature VLAN:
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 9
Configuration Revision : 5
MD5 digest : 0xFC 0x55 0xDE 0x26 0xEB 0x1A 0xA7 0x58
0x6D 0x4F 0xC0 0xCE 0xD7 0xEB 0xC8 0x2E
SW5#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : CCIE
VTP Pruning Mode : Enabled
VTP Traps Generation : Disabled
Device ID : 5254.0002.8000
Configuration last modified by 0.0.0.0 at 2-16-24 00:59:18
Local updater ID is 0.0.0.0 (no valid interface found)
Feature VLAN:
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 9
Configuration Revision : 6
MD5 digest : 0x12 0xFD 0x12 0x2C 0xCE 0xD2 0xAC 0xFD
0x10 0xA4 0x8A 0x50 0x1A 0x58 0x53 0x8D
Switchport Configuration
Notice in the output below that both switchports are configured for DTP mode dynamic desirable but are in operational mode static access. Dynamic desirable on both sides means that both switches should prefer to form a trunk.
SW1#show interfaces gigabitEthernet 0/2 switchport
Name: Gi0/2
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 1,10,25,43,73
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
SW5#show interface gigabitEthernet 0/2 switchport
Name: Gi0/2
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
The Issue
A trunk is not being formed between SW1 and SW5 via DTP because the VTP domains do not match. The VTP domain name is carried in the DTP frame and must match to dynamically form a trunk.
SW5 printed these logs to the terminal. Once both sides negotiated to operate in access mode and VLAN 1, SW5 unblocked G0/2 in spanning-tree as SW1 is sending CST BPDUs from MST instance 0.
*Feb 16 15:03:06.987: %SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non trunk GigabitEthernet0/2 VLAN1.
*Feb 16 15:03:06.991: %SPANTREE-7-BLOCK_PORT_TYPE: Blocking GigabitEthernet0/2 on VLAN0001. Inconsistent port type.
*Feb 16 15:03:09.252: %DTP-5-DOMAINMISMATCH: Unable to perform trunk negotiation on port Gi0/2 because of VTP domain mismatch.
*Feb 16 15:05:28.592: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking GigabitEthernet0/2 on VLAN0001. Port consistency restored.
A packet capture on the link between SW1 and SW5 confirms that the VTP domain is carried in the DTP messages. Packet capture snippets below.
Changing SW1s VTP domain to match SW5 allowed for dynamic trunk negotiation with DTP.
SW1(config)#vtp domain CCIE
Changing VTP domain name from routingloop to CCIE
SW1(config)#
*Feb 16 15:22:13.049: %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to CCIE.
SW1(config)#^Z
SW1#show interface g0/2 switchport
Name: Gi0/2
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 1,10,25,43,73
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none