VLAN Trunking & VTP

A trunk port carries traffic for multiple VLANs across a single link — typically between switches or from a switch to a router. VTP (VLAN Trunking Protocol) is a Cisco-proprietary protocol that propagates VLAN definitions across switches automatically.

Trunk ports

A trunk port is a switch port configured to carry tagged traffic for multiple VLANs simultaneously, using 802.1Q. It's what connects switches to other switches, and switches to routers. An access port carries one VLAN untagged; a trunk carries many VLANs tagged.

When you add a new VLAN to a trunk, you're extending it across the link — traffic for that VLAN can now flow between the connected devices. You control which VLANs are allowed on each trunk, which is another layer of segmentation.

VTP

VTP is a Cisco protocol that synchronizes VLAN databases across switches in the same VTP domain. Add a VLAN on the VTP server and it propagates to all client switches automatically. Useful for large environments where managing VLAN configs manually across dozens of switches would be error-prone.

The risk: VTP can propagate deletions too. A misconfigured switch added to a domain in server mode can wipe the VLAN database across all switches in the domain — a production-down event. For this reason, many shops run VTP in transparent mode (the switch ignores VTP updates but passes them along) and manage VLANs manually, or use VTP version 3 which added safeguards. VTP is Cisco-specific; other vendors have no equivalent.