VLAN Trunking

The concept of trunking began with the telephone industry.

Multiple calls were moved between customers and central
offices or between the offices themselves over a single
physical connection.

VLAN Trunking
In network switching technologies, a trunk:
carries traffic of multiple VLANs over the singular
physical link
is a point-to-point connection between a switch interface
and an interface of another device, e.g. a switch or a router
No trunk

Trunk

Frame Tagging
Remember that switches are Layer 2 devices.
Only use the Ethernet frame header information.
Frame header does not contain information about VLAN
membership.

VLAN membership (i.e. VLAN ID or VLAN Number) must be

identified for each frame that is transferred over the trunk.
The process is called VLAN Tagging.

Frame Tagging
Different tagging schemes exist. The two most common
tagging schemes for Ethernet segments are:
ISL (Inter-Switch Link) A Cisco proprietary protocol
802.1Q An IEEE standard

Each protocol defines how VLAN IDs get incorporated into

an Ethernet frame.
VLAN ID can be in a normal range, 1-1005, or an extended
range, 1006-4094.

ISL - Frame Tagging

Ethernet Frame
1500 bytes plus 18 byte header
(1518 bytes)

Standard NIC cards and networking devices dont understand

this giant frame (up to 1548 bytes long). A Cisco switch must
remove this encapsulation before sending the frame out on an
access link.
An Ethernet frame is encapsulated with a header that transports VLAN IDs

It adds overhead to the packet as a 26-byte header containing a 15-bit

VLAN ID.
In addition, a 4-byte cyclic redundancy check (CRC) is appended to the
end of each frame.
6
This CRC is in addition to any frame checking that an Ethernet

IEEE 802.1Q Frame Tagging

NIC cards and networking devices can understand this baby
giant frame (up to 1522 bytes). However, a Cisco switch must
remove this encapsulation before sending the frame out on an
access link. Must recalculate CRC.
SA
802.1q
SA and
and DASA and
DA
MACs
Tag
MACs

2-byte TPID

2-byte TCI

Type/Length
Field

Data (max 1500

bytes)

CRC
New
CRC

Ether Type -Tag Protocol Identifier

Tag Control Info (includes 12-bit
VLAN ID)

Significantly less overhead than the ISL

As opposed to the 30 bytes added by ISL, 802.1Q inserts only an
additional 4 bytes into the Ethernet frame
7

ISL vs. 802.1q Frame Tagging

ISL

IEEE 802.1q

Cisco proprietary protocol

IEEE standard

Is supported only on certain Cisco devices

Allow trunks between different vendors

devices

Encapsulate the original Ethernet frame

the original frame is placed in between the
header and trailer.

Modify the original frame a tag is inserted

into the middle of the original frame.

More overhead (30 bytes addition)

Less overhead (4 bytes addition)

Untagged frames received from an ISL

trunk port are dropped.

Support both tagged and untagged traffic

(native VLAN).

May still be used in

legacy networks

Today
use

Native VLANs
Tagged Frames on the native VLAN.
Some devices that support trunking tag native VLAN traffic as a
default behavior.
If an 802.1Q trunk port receives a tagged frame on the NATIVE
VLAN ONLY, it drops the frame.
When configuring a switch port on a Cisco switch, you need to
identify these devices and configure them so that they do not
send
Devices from other vendors that support tagged frames on the native
tagged frames on the native VLAN.
VLAN include IP phones, servers, routers, and switches.
Control traffic sent on the native VLAN should be untagged

Native VLANs
Un-Tagged Frames on the native VLAN.
When a Cisco switch trunk port receives untagged frames it forwards
those frames to the native VLAN.
Default native VLAN is VLAN 1.
When you configure an 802.1Q trunk port, a
Port VLAN ID (PVID) is assigned the value of the native VLAN.
All untagged traffic coming in or out of the 802.1Q port is forwarded
based on the PVID value.

Trunking Operation
PC1 and
and PC3
PC3
PC1
send a broadcast.

The
The tagged
tagged frames
frames are
are sent
sent
across
across the
the trunk
trunk links
links between
between
S2
S2 and
and S1
S1 and
and S1
S1 and
and S3.
S3.

10
10

10
10

20
20

20
20

30

S2 receives the frames and

S2 receives
the frames
and ID.
tags
them
with
the
VLAN
tags them with the VLAN ID.

S3
3030
S3 strips
strips the
the tags
tags and
and30
forwards
the destination.
destination.
forwards to
to the

VLANs and Trunking

Non-Trunk Links
Trunk Link
Non-Trunk Links

It is important to understand that a trunk link does not

belong to a specific VLAN.
The responsibility of a trunk link is to act as a conduit for
VLANs between switches and routers (or switches and
switches).
12

Dynamic Trunking Protocol (DTP)

Cisco proprietary protocol:
Negotiate status of trunk ports AND trunk encapsulation of trunk
ports.
Automatically enabled on a switch port when certain trunking
modes are configured on the switch port.
DTP manages trunk negotiation only if the port on the other switch is
configured in a trunk mode that supports DTP.
DTP supports both ISL and 802.1Q trunks.
Some Cisco switches and routers (older versions) do not support
DTP.

Dynamic Trunking Protocol (DTP)

On (default):

(switchport mode trunk)

Periodically sends DTP advertisements, to the remote port that it

is dynamically changing to a trunking state.

Dynamic Auto: (switchport

mode dynamic auto)

The switch port periodically sends DTP frames to the remote

port. It advertises to the remote switch port that it is able to trunk
but does not request to go to the trunking state.
If both ports are set to auto, they do not negotiate to be in a trunking
state will be in access mode state.

Dynamic Desirable:
(switchport

mode dynamic desirable)

DTP frames are sent periodically to the remote port. It advertises

to the remote switch port that it is able to trunk and asks the
remote switch port to go to the trunking state.

Dynamic Trunking Protocol (DTP)

Turn off DTP: (switchport

nonegogiate)

The local port does not send out DTP frames to the remote port.
The local port is then considered to be in an unconditional
trunking state.
Use this feature when you need to configure a trunk with a
switch from another switch vendor.

VLAN Trunking Protocol (VTP)

VTP is a Cisco proprietary protocol that allows VLAN configuration to be

consistently maintained across a common administrative domain.
VTP minimizes the possible configuration inconsistencies that arise when
changes are made.
VTP reduces the complexity of managing and monitoring VLAN networks,
allowing VLAN changes on one switch to be propagated to other switches
via VTP.
On most Cisco switches, VTP is running and has certain defaults already
configured.
VTP is not necessary in order to configure VLANs or Trunking on Cisco
Switches.
16

VTP Components
VTP Domain:
Consists of one or more interconnected switches.
All switches in a domain share VLAN
configuration
details using VTP advertisements.
Router or Layer 3 switch defines the boundary of
domain.

08 W2 VLAN Trunking and Inter-VLAN Routing

VTP Components
VTP Modes:
Three different modes:
Server, Client, Transparent

VTP Components
VTP Server:
VTP servers advertise the VTP VLAN information to other switches in
the same VTP domain.
The server is where VLANs can be created, deleted, or renamed for
the domain.

VTP Components
VTP Client:
VTP clients Forward advertisements to other clients.
You cannot create, change, or delete VLANs.
You must configure VTP Client mode.

VTP Components
VTP Transparent mode:

Forward VTP advertisements but ignore information contained in the

message.
A transparent switch will not modify its database when updates are
received, nor will the switch send out an update indicating a change in its
own VLAN status.
Except for forwarding VTP advertisements, VTP is disabled on a
transparent switch.

VTP Implementation
Configuration Revision Number
Each advertisement starts as configuration revision number 0. As changes are made, the configuration revision number is
increased incrementally by one, or n + 1. The revision number continues to increment until it reaches 2,147,483,648.
When it reaches that point, the counter will reset back to zero.
There are three types of VTP messages:
Advertisement requests
clients request VLAN information
and the server responds with summary
and subset advertisements

Summary advertisements
By default, server and client Catalyst
switches issue summary
advertisements every five minutes.

Servers inform neighbour switches

what they believe to be the current
VTP revision number.
Subset advertisements
Subset advertisements contain detailed
information about VLANs such as VTP
version type, domain name and related
fields, and the configuration revision
number.

22

VTP Server to Client

VTP Server to Transparent to Client

S1
Periodic
S1S1
Updates
S1
S1 S1
PeriodicPeri
Response
ResponseResp
odic Updat
onse
esUpdates

S4
Requests
ests
sts

S4

S4
Requ e

VTP Components
VTP Pruning:
VTP pruning increases network available bandwidth by restricting
flooded traffic to those
trunk links used to reach the
destination devices.
Without VTP pruning, broadcasts,
multicasts and unknown unicasts
are flooded across all trunk links
within a VTP domain.
What it means is that the
destination switch does not have
the same VLAN as the switch
that initiates the broadcast.

VTP Pruning
Prevents unnecessary flooding of broadcast information from
one VLAN across all trunks in a VTP domain.
Permits switches to negotiate which VLANs are assigned to
ports at the other end of a trunk and prune the VLANs that
are not assigned to ports on the remote switch.
Disabled by default.
Enabled using the
configuration
vtp pruning global
command.

VTP Pruning

No pruning

VLAN20

VLAN 10, 20

VLAN 20

Pruning enabled on S1
Pruning enabled on S1