Cisco Dynamic Trunk Protocol DTP is all Cisco protocols in the  VLAN  group. It is mainly used to negotiate the relay process on the link between two devices and the type of relay encapsulation  802.1Q . DTP is a cisco proprietary protocol. It can only be used to establish trunk links between switches and send DTP frames every 30s.

DTP uses negotiation to determine whether to configure an interface as a Trunk. When a Trunk link is needed, the interface mode is usually statically configured manually, and the Trunk encapsulation protocol is manually specified.

When the switch is connected to the interface of the switch, most of it needs to be configured in Trunk mode; when the switch is connected to the host, it needs to be configured in Access mode.

There are many different types of relay protocols. If the port is set as a  Trunk  port, then the port has an automatic relay function, and in some cases, it even has the function of negotiating the port relay type. This process of negotiating a relay method with other devices is called dynamic relay technology.

First of all, it is best for both ends of the relay link to understand that they are relay ports, otherwise they will treat relay frames as normal frames. The terminal workstation cannot understand the additional label information added in the message frame header, and its driver cannot recognize the label information, which causes the terminal system to lock or crash. To solve this problem, Cisco introduced a protocol for switches to achieve communication purposes. The first version released is VTP, the VLAN trunking protocol, which works with ISL. The latest version, Dynamic Relay Protocol (DTP), can also work with 802.1q.

There are five configurable interface modes:

1, ON

Manually statically configured as Trunk, and will actively initiate DTP information to the other party. The other party also works in Trunk mode. No matter what mode the neighbor is in, you will always work in Trunk mode.

2, Desirable

This mode is DTP active mode. The interface working in this mode will actively initiate DTP information to the other party, requiring the other party to also work in Trunk mode. If the other party replies with consent Working in Trunk mode, it works in Trunk mode, if there is no DTP reply, it works in access mode.

3, Auto

This mode is DTP passive mode. The interface working in this mode will not actively initiate DTP information, but will only wait for the other party to actively initiate DTP information. If the DTP information requires working in Trunk mode, you will reply that the other party agrees to work in Trunk mode. The final mode is Trunk. If the DTP passive mode cannot receive the information that DTP requires to work in Trunk, it will work in access mode.

4, nonegotiate

Stopping DTP negotiation means that the negotiation mode is forbidden. The port is only allowed to be in one state, either access or trunk.
In other words, if one end The port is enabled in the non-negotiation mode, and the other end of the trunk is auto-negotiation, so it cannot communicate.

5, access

is Access mode, a mode used to connect to the user's computer, only used to access the link. For example: when a port belongs to vlan 10, then the data frame with vlan 10 will be sent to this port of the switch.

Notes:

1. Both parties who initiate DTP negotiation must be in the same VTP domain, otherwise the negotiation will not succeed.

2, the switch model is different, the default DTP mode will be different.

3. After manually configuring the interface to Trunk mode, you can turn off DTP information to save network resources.

4. If both parties have manually configured the Trunk, even if the domain names are inconsistent, the Trunk can be established.

DTP attack:

DTP uses the second layer of relay frames to communicate between the directly connected ports of two switches. DTP packets are limited to the communication between two directly connected ports, and the link type and Ethernet encapsulation type of the two directly connected ports are maintained. If the switch has the DTP protocol enabled, and the attacker fakes the switch and sends Dynamic desirable packets to the target switch, then the target port will be turned into a trunking port, which means that we can enter any VLAN by modifying the configuration of the machine, and at the same time we can attack by VLAN jumping Way to monitor all data.

Although no system is ever 100 percent protected, the ability for differentiating between typical network traffic as well as potentially harmful malware is considered crucial and provides the focus of this associate-level certification path. Also, if you wish to acquire this certification, you should gain the CCNP 350-401 Dumps, which are being offered at the EveDumps.

Comments

Leave a comment