On this lesson, pag- uusapan naman natin ang basic ng VTP (VLAN Trunking Protocol).
Let’s begin.
What is VTP (VLAN Trunking Protocol)?
Sa isang simpleng paliwanag, ang VTP or VLAN Trunking Protocol ay ginagamit upang mapadali at maging-organize ang pag-manage ng mga VLANs. That’s just it. That’s the basic and foundation.
Para mas maintindihan, narito kung pano ito gumagana.

As you can see in our illustration above, if we have 3 switches, we have to manually configure the vlans to all of them manually. If we need to modify and delete vlans, ganun din. We need to do it manually on the switches itself. Isa-isa.
Now, with VTP, we can setup a vtp domain. In that vtp domain meron tayong ise-set na vtp server at mga vtp clients(mga switches ito ha). If we need to create, manage and delete vlans, sa switch na acting as vtp server na lang natin ito gagawin.
Automatic na itong mag-uupdate at magpo-propagate sa ibang switches(vtp clients) in our vtp domain. It will help as manage kahit madami pa tayong switches in the network. It can also save our time.
Here’s a simple illustration.

As you can see in our illustration, we have a vtp server and vtp clients. Our switches(both vtp server and vtp clients) are members of our vtp domain na ccnaphilippines.
If we need to create, update or delete vlans, sa vtp server na lang natin ito gagawin instead na isa-isa pa sa mga switches. Everytime na may ginawa tayong changes sa vtp server, the “configuration revision number” will increase tracking those changes and will update all switches in the vtp domain. Yun lang un!
Sisiw mga idol diba?
What is VTP domain?
Ang function ng vtp domain ay para mai-group ang mga switches. Simple lang, lahat ng member ng naturang domain ay magkaka-group. Gaya ng nabanggit ko sa taas, all vlan updates and changes are propagated from vtp server in that specific domain.
As you can see in our previous sample diagram, the vtp domain is ccnaphilippines. Meaning all switches na member ng naturang domain ay magiging “magkaka-group”. And then the ‘vtp server’ all provide them all the information to all the switches(members) of that specific domain(group).
Gets?
Let’s talk about the different VTP modes para mas ma-gets mo pa.
Different VTP Modes
Sa VLAN trunking protocol, meron tayong mga modes ng switches. At depende sa mode nila ang kanilang magiging functions. Let’s see them below.
1. VTP server
Gaya ng binanggit ko, ang vtp server ang ginagamit natin para mag-add, update at delete ng VLANs. By default, all Cisco switches are operating in VTP server. So bago tayo mag-add ng switch sa network, kelangan muna natin i-make sure na hindi nito maapektuhan ang current configuration ng ating network.
We can delete the vlan.dat file(explained below) and set the switch to vtp client or vtp transparent mode.
2. VTP Client
Ang vtp client mode naman is mag-accept lamang s’ya ng vtp updates and i-sysynchronize n’ya ang sarili n’ya from that updates. Then it will forward the updates sa ibang switch na naka- connect sa kanya. VTP client cannot add, modify or delete vlans
3. VTP transparent
Sa vtp transparent mode, hindi n’ya ina-update ang sarili n’ya sa mga vtp updates na natatanggap n’ya kundi ifo-forward n’ya lamang ito sa switches na naka-connect sa kanya. Gotcha?
4. Off
Kelangan pa ba ipaliwanag? 😀 Pag-off syempre hindi s’ya magpaparticipate sa kahit anong vtp activities. That’s just it!
Major Advantages of VTP
1. Easy VLAN management
Sa pamamagitan ng VTP, nagiging madali ang pag-mamanage at pag-oorganize ng mga VLANs sa isang network. Bakit? Dahil we can centralize the process and creation of VLANs on a single switch and then all of the other switches will be updated automatically.
Meaning, we can just simply create a vlan on a particular switch and then all of other switches on the network will have that vlan. So ibig sabihin, hindi na natin kelangan mag-login sa bawat switches natin sa network para lang mag-create ng naturang vlan. Those are already “automatically propagated” sa tulong ng VLAN Trunking Protocol.
Malaking tulong at malaking bagay ito lalo na sa malalaking network or company. For example, sa Company A ay meron 50 switches sa isang building then kelangan mag-add ng VLAN 50 para sa Sales department. At isang network admin lang ang gagawa nito.
Without VTP, the network admin need to login and configure VLANs on all those 50 switches manually. Yes, isa isa kapatid. Ma-trabaho, mabagal at sympre hindi smart.
With the help of VTP, the network admin just need to create the VLAN 50 on the server switch and then it automatically populates on all of the switches in the “domain”. In this way, mas mabilis ang trabaho at mas naka-tipid tayo sa oras.
Once the VLAN is populated, pwede ka na mag-assign ng mga ports on VLAN 50 on every switch.
2. Auto-obtain VLANs
Kung meron kang new switch na need ikabit or iconnect sa network, once the switch has been configured, it can automatically obtain all the VLANs on the network too. Kagaya ng sabi ko sa #1, it will automatically obtain all the VLAN configurations from the “main switch” and will be setup automatically. All VLANs are obtained without you creating those sa new switch.
Note: On VTP version 1 and 2, there is a drawback when you add a new switch na meron mas mataas na revision #. If the new switch contains higher configuration revision #, pwede sy’ang maging “main switch” at iupdate n’ya ang network kung saan s’ya naka-connect.
Ibig sabihin, kung ang “VLAN.dat” file sa switch ay hindi na-erase at meron itong mga VLAN configuration, pwede itong maka-apekto sa network na pagkakabitan mo ng new switch. That’s one of the draw back. More on this later.
3. VTP Pruning
Once enabled, ang VTP pruning ay isang simpleng process sa VTP kung saan ang mga switch ay “intelligently” nag-dedecide at nag-cocommunicate kung anong VLANs ang meron at ginagamit sa ibang switches.
Sa pamamagitan ng VTP pruning, hindi na nagpapadala ng “VLAN updates/information” sa isang switch kung hindi naman ito kailangan. Naiiwasan ang congestion at nama-maximize ang resources ng mga switches.
For example, merong 5 switches sa 2nd floor ng Company building A. Lahat ng switches ay may VLAN 50 pero si switch-05 ay wala pa namang port na naka-assign sa VLAN 50. If updates or communication goes out for VLAN 50, tanging ang switch-01 to switch-04 lamang ang makaka-receive ng updates.
Since hindi naman kailangan ni switch-05 ang VLAN 50 updates or info (kasi wala ngang port ang naka-assign sa kanya sa VLAN 50) “ipinu-prune” ito para hindi na s’ya padalhan ng updates. That’s how VTP pruning works!
Gotcha?
Major Dis-advantage of VTP
Ang pinaka-drawback ng VLAN Trunking Protocol is pwede itong mag-cause ng network outage at ma-override ang existing network configurations. Lalo na sa versions 1 and 2.
Kagaya ng nabanggit ko kanina, kung nag-add tayo ng new switch sa network na may existing configurations at mas mataas ang configuration revision number, pwede nitong i-override ang VLAN configurations ng lhat ng switches at palitan ng configuration na galing sa kanya. Dahil dito, maapektuhan ang lahat ng mga devices na connected sa mga naturang switches.
Since ang default mode ng mga Cisco switches ay “server mode” pwede nitong ma-override ang existing configurations kung mas mataas ang revision number nito kesa sa existing server.
Sa version VTP version 3, pwede na itong maiwasan dahil meron ng tinatawag ng “primary server”. Ibig sabihin, tanging ang primary server lamang ang pwedeng mag-update, add, delete ng mga VLANs.
What is VLAN.dat?
Ang VLAN.dat ay ang VLAN database containing the VLAN information at VLAN configurations na naka-save sa mga switches. Kasama dito ang configuration revision number.
Hindi ito nabubura sa pagdelete ng running configurations ng isang cisco switch. Ito any MANUALLY na binubura or inaalis.
How to delete vlan.dat in a Cisco switch
Simple lang ang pag-delete ng vlan.dat, kung tayo ay mag-coconfigure ng new switch. Just follow the command below.

After reload, pwede nating i-check ang VLAN information with the show vlan command. The user-configured VLANs no longer appear in the command output. Only factory-default VLAN information is on the switch.

From here, pwede na natin ituloy ang pag-configure ng switch. I hope you get it mga idol. Kung may tanong, email or comment na lang.
Now, you probably asked or wondering, what the heck is a trunk port. As a bonus, let’s talk about it before we move on to another lesson.
What is a trunk port?
Before we continue, daanan muna natin saglit ang trunk port. Mahalaga na maintindihan din natin ito para mas maintindihan pa natin ang VTP.
Ang trunk link(switch ports that in trunking state) ay kailangan upang “maka-pagpasa” ng VLAN information and updates between switches. Ito ang basic port state ng karaniwang Cisco switch ports. Ang trunk port gaya nga ng nabanggit ko, ito ang state ng port kung saan magka-connect ang dalawang switch.
By default, ang trunk port ay member ng lahat ng VLANs at nag-papadala at nag-sesend ito ng VLAN information at update sa other switch na naka-connect sa kanya. May kakayahan ito na “i-tag” ang bawat traffic kung para kaninong VLAN gaya ng nakikita n’yong larawan sa baba.

Trunking Protocols
We will discuss this under DTP(Dynamic Trunking Protocol) pero as a refresh, I’m including them here.
- 802.1Q: This is the most common trunking protocol. It’s a standard and supported by many vendors.
- ISL: This is the Cisco proprietary trunking protocol. Ibig sabihin, tanging mga Cisco devices lang ang pwedeng gumamit ng ISL.
How to configure trunk ports

Given our sample illustration, we will configure the port or interface of each switch connecting each other.

Sa sample natin sa taas, we configure port 0/1 ng SwitchA and SwitchB to trunk ports using dot1q encapsulation. By having this, we can now connect each switch to each other on interface fa0/1.
How to configure VTP
Before we go to the vtp configuration, we can easily check the status and settings of vtp sa pamamagitan ng command na “show vtp status“. We will also use the same illustration above to make it simple. From here, makikita natin ang vtp information para sa isang switch gaya ng sample natin sa baba.

Mahalaga na mag-verify muna tayo bago tayo mag-simula ng changes. Sabi ko nga before, dapat meron na tayong step by step plan sa ating gagawin lalo na sa production network. Here’s the basic steps kung pano tayo magco-configure ng VTP.

Sa sample configuration natin sa taas, nai-configure ko na ang SwitchA as the vtp server in the ccnaphilippines vtp domain at may password na “cisco”. Again we can verify using the show vtp status command like below.

All we need to do in other switches is to join them in “ccnaphilippines” domain and use vtp password “cisco”.
Let’s do it.

Kung transparent naman ang gusto natin, palitan lang natin ung mode as transparent(vtp mode transparent) and make sure na tama yung vtp domain and vtp password. From there, once we create, update, and delete VLAN on the SwitchA(server mode), all updates will be “automatically” populated on other switches, in our example Switch B.
Make sense idol?
Kung meron 200 switches sa network under that domain, hindi mo na kailangan mag-create, mag-update at mag-delete ng VLANs manually sa bawat isang switches, it happens automatically by the help of VTP.
If you reached this far, I hope you now understand the basic operation and configuration of VTP or VLAN trunking protocol.
Note: VTP has been removed in the new CCNA exam topics. Pero since isa ito sa mga fundamentals I included them here. Consider this as a bonus lesson.
Again, if you want to learn other topics na covered at part ng new CCNA(CCNA 200-301) you can check the new CCNA Fundamentals Ebook. It’s also written in tagliash(like this one), himay-himay ang bawat lessons at mas maraming samples and deeper explanations.
Isa pa, mas maraming topics ang covered kagaya ng wireless, security fundamentals, NAT, ACL and more.
Click here to see the details of the new CCNA Fundamentals Ebook.
We’re moving on to another lesson.
Hi Billy,
Salamat sa blog malaking tulong ‘to 🙂
laging kong tinitingnan ‘tong blog mo..
sana magtuloy-tuloy hehe
Thanks Kevin. Just stick around, in time makukumpleto ntin yan! 🙂
ayos! 🙂
idol may tanong ako pano itroubleshoot eto hnd kc nag update ung VLAN ko sa client n galing kay server eh 🙂 salamat idol :)…
Match naman mga VTP config idol? Kelangan match sila para ma-update.
Idol,
Bakit yng iba kapag nag configured sa trunk port nagcchange pa ng native vlan?
Ano purpose ng changing native vlan sa trunk port?
And ano ang native vlan?
Bakit nagcchange at ano ang purpose – for security purposes. Ang default vlan is 1 sa mga cisco devices so alam ng lahat yan pati hackers, intruders etc. Pwede nla ma-exploit if ever. In short, kung gusto mong secured, dapat internal lang ang nakaka-alam. And again, bihira ang gumagamit ng mga default settings sa enterprise.
Native vlan = Default vlan. In almost all Cisco devices it’s vlan 1.
Hope it helps. Thanks!
Sir Billy,
Diba ndi advicesable na gumamit ng vtp mode for security reasons?
Depende sa goal at requirements ng network idol. Thanks!
Sir, verify ko lang po. Isang port ba sa switch ay equivalent ng 1 device or PC? Thank you sir!
Yes!
idol ask ko lang kung pano baguhin yung version nung VTP ? or default na sya sa mga new switches na VTP version 3 na agad?
Default is ver 1 idol and then you can change it in the global config SW1(config)#vtp version 2. Thanks!
sir bakit ayaw mag vtp version 3 yung sakin…
nasa global configuration naman yung switch…?
Di na po ma next bakit po? pls help.
Sir Hindi na sya tumuloy DTP lesson after ko maclick