Cisco DTP (Dynamic Trunking Protocol) Negotiation

In this tutorial we’ll take a look at DTP (Dynamic Trunking Protocol) negotiation. DTP is normally used on Cisco IOS switches to negotiate if the interface should become an access port or trunk.

By default DTP is enabled and the interfaces of your switches will be in “dynamic auto” or “dynamic desirable” mode. This means that whenever you receive a DTP packet that requests to form a trunk, your interface will be in trunk mode. If you are unfamiliar with DTP and the different interface settings then you might want to read my “How to configure Trunk on Cisco Catalyst Switch” lesson before continuing.

In this tutorial we'll take a look at DTP (Dynamic Trunking Protocol) negotiation. DTP is normally used on Cisco IOS switches to negotiate if the interface should become an access port or trunk. By default DTP is enabled and the interfaces of your switches will be in "dynamic auto" or "dynamic desir


Let’s take a look at DTP negotiation and how to disable it. I’ll be using two switches for this:

Cisco SW1 SW2 802.1Q Trunk

I didn’t configure anything on my switches, let’s see what the default settings are:

SW1#show interfaces fa0/24 switchport        
Name: Fa0/24
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
SW2#show interfaces fastEthernet 0/24 switchport 
Name: Fa0/24
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: On

Without configuring anything on the interfaces, we are using dynamic auto mode and as a result the interfaces are in access mode.

Depending on the switch model and IOS version, the default might be “dynamic auto” or “dynamic desirable”. The switches in my example are Cisco Catalyst 3560 switches.

There are two ways to disable DTP negotiation:

  • Configure the interface for access mode.
  • Use the switchport nonegotiate command on the interface.

Configuring the interface for trunking does not disable DTP negotiation, let me give you an example. First we’ll configure the interfaces for access mode:

SW1(config)#interface fastEthernet 0/24
SW1(config-if)#switchport mode access
SW2(config)#interface fastEthernet 0/24
SW2(config-if)#switchport mode access 

When we look again at the switchport settings we can see that DTP negotiation is now disabled:

SW1#show interfaces fastEthernet 0/24 switchport 
Name: Fa0/24
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off

So configuring an interface yourself to use access mode disables DTP negotiation. How about creating a trunk ourselves?

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 662 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

525 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,


Forum Replies

  1. Hi Rene

    Please can you advise what I can do, I am trying to create vlan 50 on this switch and keep getting following

    SW1(config)#vlan 50
    VTP VLAN configuration not allowed when device is not the primary server for vlan database.
    
    SW1#sh vtp status
    VTP Version : 3 (capable)
    VTP version running : 3
    VTP Domain Name : CCIE-domain
    VTP Pruning Mode : Disabled (Operationally Disabled)
    VTP Traps Generation : Disabled
    Device ID : aabb.cc00.0700
    
    Feature VLAN:
    --------------
    VTP Operating Mode : Server
    Number of existing VLANs : 8
    Number of existing e
    ... Continue reading in our forum

  2. Hi Mohamed,

    There are two trunking protocols, 802.1q and ISL. Some newer switches only support 802.1Q and in that case this command will be unavailable.

    It’s also possible that packet tracer doesn’t support it, it’s a simulator after all. It doesn’t matter too much though…when this command doesn’t work then the switch will use 802.1Q when you configure the interface as a trunk.

    Rene

  3. Thanks, I will give it a go, I have not done that. I was speaking to a guy in my office and he was explaining that, although I had added VLAN 50, at layer 2 level. I would still need to give the VLAN an address to allow layer 3 routing.

  4. I have got it to work with the suggestions made, the mistake I made was not entering int vlan 50 as I was entering vlan 50 on its own and then trying to add the ip address which fails.

48 more replies! Ask a question or join the discussion by visiting our Community Forum