. What is DTP?
Dynamic Trunking Protocol (DTP) is a Cisco-proprietary protocol that automates trunk formation between switches. It allows switch ports to dynamically negotiate whether they should be in access mode or trunk mode, reducing the need for manual configuration.
Key Features of DTP:
✅ Automatically forms trunks between Cisco switches.
✅ Negotiates trunking mode without manual intervention.
✅ Supports 802.1Q and ISL (Cisco’s older VLAN tagging protocol).
✅ Can be disabled for security to prevent unauthorized trunking.
2. DTP Modes
DTP has four operating modes:
| Mode | Description | Effect When Connected to Another Switch |
|---|---|---|
| Trunk | Forces the port into trunk mode | Always trunks, regardless of the other switch’s mode. |
| Access | Forces the port into access mode | Never forms a trunk. |
| Dynamic Auto | Passively waits for a trunk request but does not initiate one | If the other switch is dynamic auto, no trunk forms. If desirable/trunk, a trunk forms. |
| Dynamic Desirable | Actively tries to form a trunk | If the other switch is trunk, desirable, or auto, a trunk forms. |
3. DTP Mode Interaction
| Local Mode → | Trunk | Access | Dynamic Auto | Dynamic Desirable |
|---|---|---|---|---|
| Trunk | ✅ Trunk | ❌ Access | ✅ Trunk | ✅ Trunk |
| Access | ❌ Access | ❌ Access | ❌ Access | ❌ Access |
| Dynamic Auto | ✅ Trunk | ❌ Access | ❌ Access | ✅ Trunk |
| Dynamic Desirable | ✅ Trunk | ❌ Access | ✅ Trunk | ✅ Trunk |
🚨 Important Note: If both ports are set to Dynamic Auto, no trunk will form because neither initiates the trunk negotiation.
4. Configuring DTP
Enable Trunking with DTP (Dynamic Desirable)
bashCopyEditinterface GigabitEthernet0/1
switchport mode dynamic desirable
exit
👉 This makes the port actively negotiate a trunk.
Enable Passive DTP (Dynamic Auto)
bashCopyEditinterface GigabitEthernet0/2
switchport mode dynamic auto
exit
👉 This port will form a trunk only if the other switch actively requests it.
Disable DTP (For Security)
DTP can be a security risk if an attacker plugs in a switch and forces a trunk. To disable it:
bashCopyEditinterface GigabitEthernet0/3
switchport mode trunk
switchport nonegotiate
exit
👉 This forces the port into trunk mode but stops DTP messages from being sent.
5. When to Use or Disable DTP?
✅ Use DTP when:
- You have Cisco switches and want automatic trunk formation.
- You need dynamic VLAN management with VTP.
❌ Disable DTP when:
- You want better security (to prevent VLAN hopping attacks).
- Your network includes non-Cisco switches (since DTP is Cisco-proprietary).
The Lazy Networker 
Leave a comment