VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol that propagates the

definition of Virtual Local Area Networks (VLAN) on the whole local area network.[1] To
do this, VTP carries VLAN information to all the switches in a VTP domain. VTP
advertisements can be sent over ISL, 802.1Q, IEEE 802.10 and LANE trunks. VTP is
available on most of the Cisco Catalyst Family products. Using VTP, each Catalyst
Family Switch advertises the following on its trunk ports:

Management domain

Configuration revision number

Known VLANs and their specific parameters

There are three versions of VTP, namely version 1, version 2, version 3.

The comparable IEEE standard in use by other manufacturers can be implemented
with GVRP or the more recent MVRP.

Implementation details[edit]

Example without and with VTP (Click to Play)

On Cisco Devices, VTP (VLAN Trunking Protocol) maintains VLAN configuration

consistency across the entire network. VTP uses Layer 2 trunk frames to manage the
addition, deletion, and renaming of VLANs on a network-wide basis from a centralized
switch in the VTP server mode. VTP is responsible for synchronizing VLAN information
within a VTP domain and reduces the need to configure the same VLAN information
on each switch.

VTP minimizes the possible configuration inconsistencies that arise when changes are
made. These inconsistencies can result in security violations, because VLANs can
cross connect when duplicate names are used. They also could become internally
disconnected when they are mapped from one LAN type to another, for example,
Ethernet to ATM LANE ELANs or FDDI 802.10 VLANs. VTP provides a mapping
scheme that enables seamless trunking within a network employing mixed-media
technologies.

Upside[edit]
VTP provides the following benefits:

VLAN configuration consistency across the network

Mapping scheme that allows a VLAN to be trunked over mixed media

Accurate tracking and monitoring of VLANs

Dynamic reporting of added VLANs across the network

Plug-and-play configuration when adding new VLANs

Downside[edit]
As beneficial as VTP can be, it does have disadvantages that are normally related to
the spanning tree protocol (STP) as a bridging loop propagating throughout the
network can occur. Cisco switches default run an instance of STP for each VLAN, and
since VTP propagates VLANs across the campus LAN, VTP effectively creates more
opportunities for a bridging loop to occur.
Before creating VLANs on the switch that will propagate via VTP, a VTP domain must
first be set up. A VTP domain for a network is a set of all contiguously trunked switches
with the matching VTP settings (domain name, password and VTP version). All
switches in the same VTP domain share their VLAN information with each other, and a
switch can participate in only one VTP management domain. Switches in different
domains do not share VTP information. Non-matching VTP settings might result in
issues in negotiating trunks, port-channels or VPC.
Another, even greater concern with VTP is the issue known colloquially as the "VTP
Bomb". When a new switch is added to the network, by default it is configured with no

VTP domain name or password, but in VTP server mode. If no VTP Domain Name has
been configured, it assumes the one from the first VTP packet it receives. Since a new
switch has a VTP configuration revision of 0, it will accept any revision number as
newer and overwrite its VLAN information if the VTP passwords match. However, if
you were to accidentally connect a switch to the network with the correct VTP domain
name and password but a higher VTP revision number than what the network currently
has, then the entire network would adopt the VLAN configuration of the new switch likely bringing down your entire network, or at least that VTP domain.