1 / 5

Understanding VLAN Trunking Protocol CCNA Study

Understanding VLAN Trunking Protocol | CCNA Study<br>https://www.craw.in/vlan-trunking-protocol/<br>Understanding VLAN Trunking Protocol | CCNA Study, VLAN Trunk Protocol (VTP) reduces administration in a switched network.

crawsecurity
Download Presentation

Understanding VLAN Trunking Protocol CCNA Study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Understanding VLAN Trunking Protocol | CCNA Study Protocol | CCNA Study Understanding VLAN Trunking Understanding VLAN Trunking Protocol | CCNA Study Understanding VLAN Trunking Protocol | Understanding VLAN Trunking Protocol | VLAN Trunking Protocol Introduction VLAN Trunking Protocol is a Cisco exclusive convention that spreads the meaning of Virtual Local Area Networks all in all neighborhoods. To do this, VTP conveys VLAN data to every one of the switches in a VTP space. VTP commercials can be sent over 802.1Q, and ISL trunks.VTP is a cisco switch. Suppose 4800 users are to be connected together but one switch only contains 48 ports. So, we would need 100 such switches in order to establish the connection and would have to do the same configuration over all the 99 switches as done first. So as to avoid manual configuration over 100 switches, the dynamic configuration is done through VTP configuration is done through VTP. VLAN Trunking Protocol is a Cisco exclusive convention that spreads the meaning of Virtual Local Area Networks all in all neighborhoods. To do this, VTP conveys VLAN data to every one of the switches in a VTP space. VTP commercials can be sent over and ISL trunks.VTP is a cisco-proprietary tool that advertises all VLANs on a switch. Suppose 4800 users are to be connected together but one switch only contains 48 ports. So, we would need 100 such switches in order to establish the have to do the same configuration over all the 99 switches as done first. So as to avoid manual configuration over 100 switches, the dynamic done first. So as to avoid manual configuration over 100 switches, the dynamic VLAN Trunking Protocol is a Cisco exclusive convention that spreads the meaning of Virtual Local Area Networks all in all neighborhoods. To do this, VTP conveys VLAN data to every one of the switches in a VTP space. VTP commercials can be sent over proprietary tool that advertises all VLANs on a switch. Suppose 4800 users are to be connected together but one switch only contains 48 ports. So, we would need 100 such switches in order to establish the have to do the same configuration over all the 99 switches as

  2. Conditions The trunk must be enabled. VTP domain/password must be the same VTP domain/password must be the same. Modes of VTP There are three modes of VTP f VTP- Server  Client  Transparent  Configuration Revision Number Configuration Revision Number-

  3. It is a 32-bit number that indicates the number of times changes are being made in the VTP packet. The number of times a VTP packet is revised, +1 is added to the configuration revision number. A switch can only accept packets from another switch either with the same CR number or lower. When a switch receives a packet from a lower CR number than itself, it upgrades itself to the CR number of the sender. While the switch upgrades itself, an attack is possible. Though it can be avoided by using transparent mode (CR no.- 1). Path Redundancy Bridging Network is used to connect two or more different LANs which have a similar protocol. STP (Spanning-Tree Protocol) is a layer-2 protocol 1. It is by default enabled on switches. 2.The key role is to prevent loop formation by using- 3.Forwarding state 4.Blocking state 5.VLAN Trunk Protocol Election Process on Switch When the loop is formed, the switch has the responsibility to select which packet to forward from respective ports and which to block. To perform such a task, the packets go through a root-bridge election. Conditions for election to be in forwarding state- 1. Lowest priority 2. Lowest MAC address Ports of forwarding state are DP (designated port) and RP (root port) while the port available at blocking state is BP (blocking port). There is only one RP on one switch, opposite to BP. The packets are called BPDU (bridge protocol data unit) which are 32-bit in size. Forwarded Delay Timer is of 0-45 seconds. By default all ports of switches are active.

  4. Port Election- On fast ethernet, the cost value is calculated in BPDU. In case the cost value is the same, the sender port ID becomes the new criteria. In case the initially chosen path goes down, ‘topology change’ is being performed. STP Security 1. Security established over root bridge to prevent STP/priority-based attack is Root Guard while for security over non-root bridge is Loop Guard. 2. BPDU Guard blocks the port of attack, along with the user and the communication. 3. BPDU Filter- It filers priority packets rather than blocking them. DHCP Security Man In The Middle attack or DHCP spoofing attack is when a third unwanted party eavesdrop between the conversation of user and application, without being noticed and thus portraying the conversation as normal and secured. Prevention- MITM attack could be prevented by DHCP snooping which divides ports as trusted and untrusted. On untrusted ports, the packets are not negotiated but on trusted. Table of Contents  Understanding VLAN Trunking Protocol | CCNA Study o   Introduction  VLAN Trunking Protocol is a Cisco exclusive convention that spreads the meaning of Virtual Local Area Networks all in all neighborhoods. To do this, VTP conveys VLAN data to every one of the switches in a VTP space. VTP commercials can be sent over 802.1Q, and ISL trunks.VTP is a cisco-proprietary tool that advertises all VLANs on a switch. Suppose 4800 users are to be connected together but one switch only contains 48 ports. So, we would need 100 such switches in order to establish the connection and would have to do the same configuration over all the 99 switches as done first. So as to avoid manual configuration over 100 switches, the dynamic configuration is done through VTP.  Conditions  The trunk must be enabled. VTP domain/password must be the same.  Modes of VTP  There are three modes of VTP-  Server  Client  Transparent  Configuration Revision Number-  It is a 32-bit number that indicates the number of times changes are being made in the VTP packet. The number of times a VTP packet is revised, +1 is added to the configuration revision number.

  5. A switch can only accept packets from another switch either with the same CR number or lower. When a switch receives a packet from a lower CR number than itself, it upgrades itself to the CR number of the sender. While the switch upgrades itself, an attack is possible. Though it can be avoided by using transparent mode (CR no.- 1). Path Redundancy  Bridging Network is used to connect two or more different LANs which have a similar protocol. STP (Spanning-Tree Protocol) is a layer-2 protocol 1. It is by default enabled on switches. 2.The key role is to prevent loop formation by using- 3.Forwarding state 4.Blocking state 5.VLAN Trunk Protocol  When the loop is formed, the switch has the responsibility to select which packet to forward from respective ports and which to block. To perform such a task, the packets go through a root-bridge election. Conditions for election to be in forwarding state-   1. Lowest priority 2. Lowest MAC address  Ports of forwarding state are DP (designated port) and RP (root port) while the port available at blocking state is BP (blocking port). There is only one RP on one switch, opposite to BP. The packets are called BPDU (bridge protocol data unit) which are 32-bit in size. Forwarded Delay Timer is of 0-45 seconds. By default all ports of switches are active.  Port Election-  On fast ethernet, the cost value is calculated in BPDU. In case the cost value is the same, the sender port ID becomes the new criteria.  STP Security  1. Security established over root bridge to prevent STP/priority-based attack is Root Guard while for security over non- root bridge is Loop Guard. 2. BPDU Guard blocks the port of attack, along with the user and the communication. 3. BPDU Filter- It filers priority packets rather than blocking them.  DHCP Security  Man In The Middle attack or DHCP spoofing attack is when a third unwanted party eavesdrop between the conversation of user and application, without being noticed and thus portraying the conversation as normal and secured.  Prevention-  MITM attack could be prevented by DHCP snooping which divides ports as trusted and untrusted. On untrusted ports, the packets are not negotiated but on trusted.  

More Related