2.5 Configure, verify, and troubleshoot interswitch connectivity PART 2

2.5.c DTP, VTP (v1&v2), and 802.1Q

Welcome back! I came to realize that having too much configuration in blog post seems to lead to ” information overload”. But, we are here for learning: exposure + practice would be a great help for us to pass the exam. I realized that it would be better if we will focus on the objective of the exam, this 2.5 topic does not require us to configure, verify or troubleshoot. So let’s deal this theoretically.

c.1 DTP – Dynamic Trunking Protocol

–>Everytime you hear the word Dynamic Trunking Protocol, just think of it as negotiation protocol to dynamically assign a port as either trunk or access. Once again, just think of the abbreviation –> it is a protocol that dynamically assign a port to become either trunk or access port.


DTP is a cisco proprietary protocol with different DTP mode categories:

  1. Administrative Mode–> these are configuration by default or manually configured mode
  2. Operational Mode–> it is the actual mode of the port either access or trunk port mode

Administrative Mode has three submodes:

a.Dynamic Desirable–> this is the configuration by default

–> this actively sends dtp updates to the other ports

b. Dynamic Auto –> this passively sends dtp updates to the other ports

How it works?

Let’s say that port A is configured as Dynamic Desirable and portB as Dynamic Auto, these ports will negotiate what will be their operational mode and since one of the ports is configured as Dynamic Desirable ; it will result that the link will be marked as trunk port.The following combination of administrative mode and the operational mode counterpart are as follows:

1.Dynamic Desirable + Dynamic Auto= trunk link

2.Dynamic Desirable + Dynamic Desirable= trunk link

3.Dynamic Auto + Dynamic Auto= access link ; Since no one is sending DTP updates


c. Trunk–> there can be possibilities that a link will be set us trunk UNCONDITIONALLY it may be for security reasons

c. Access–> there can be possibilities that a link will be set us access UNCONDITIONALLY it may be for security reasons

Since DTP is a cisco proprietary, in the event that you would like it to be connected to a non-Cisco switch, you may need to turn it off by command: dtp no negotiate.

VTP versions

Too much for VTP?, We just need to know the different versions of VTP for a ” Good to Know” Reason and different versions means different like protocols and differences of version may lead to configuration error.

a.) The main difference of Version 1 and Version 2 is that Version 2 supports token ring vlans. Remember VLANS  1002-1005 which is tagged as FDDI and token ring VLANS. Those are vlans supported by Version 2

b.) The main difference of Version 2 and Version 3 is that Version 3 supports extended range of VLANS.

ISL and 802.1q

What are these protocols? ISL stands for Interstate link which is a cisco proprietary protocol while 802.1q is an IEEE standard. These are called trunking encapsulation protocols and want to know what are their purpose?


The problem goes like this:



As you can see in the topology, PC0 is connected to SW0 and PC1 is connected to SW1. The scenario is that PC0 would like to connect to PC1, so it will send an ARP request to SW0 with MAC address of PC0 as SMAC and broadcast adress of FFFF.FFFF.FFFF as DMAC. Since we configured this network with VLANs,the broadcast address will be sent only to VLANS where fa 1/1 belongs,so even though it is not indicated in the network, there are other ports where the broadcast address will be sent.At SW0 since  ports fa0/1 are configured as trunk ports, trunk ports also receives the broadcast arp request.

NOTE: Trunk ports receive broadcasts from all VLANS.

Since trunk ports receive broadcasts from all VLANS, the problem is that we only assigned VLANS as access ports.

NOTE: we only assign vlans to access ports

Since we only assign VLANS to access ports it means to say that trunk ports is not part of any VLANs and therefore the problem with fa 1/1 is that the switch doesn’t know where to send the arp broadcast it receives. Always remember, we implement VLAN  to avoid broadcast to be sent in all ports but only to specific ports where VLAN of the sender belongs. That is the problem, the trunk ports is not part of any VLAN.

SOLUTION:ISL or 802.1q encapsulation

The best way to let the switch know where the trunk port VLAN belongs it to add the frame into encapsulation.



The original frame was added by the VLAN ID which serve as the identifier of VLAN, header and trailer which adds an extra 30 bytes on top of the size of the original frame.

Since there is already an identifier for the trunk ports for its VLAN and therefore SW1 already knows where trunk port VLAN belongs and then broadcast request will be only sent to the VLAN where PC0 belongs and PC0 will be able to communicate to PC1.


The reason why there are two protocols for encapsulation is that ISL is just a Cisco proprietary protocols and that made Cisco devices as top product. IEEE tried to almost imitate the protocol for standardization purposes but with one edge that IEEE protocol makes it outstanding. What IEEE did is that they removed the header and the trailer that makes the size of the encapsulation just 4 bytes. Since 802.1 q is an industry standard, Cisco also adopts the protocol.

The thing here is that old Cisco switches support both protocols with ISL as default enabled protocol and new switches only support  802.1q. Cisco has finally realized that a difference with the size of the frame would also make a slight change in the network.

We should be aware with that concept because interacting with old and new switche in let us say real world might cause something.


I will try to follow-up with the configuration with the protocols mentioned above but for now lemme move on with the next topics so that I can take the exam as soon as possible.

*****************************end of blog********************************


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s