2 September 2010

Network Dictionary – VTP Bomb

9 November 2009 By Greg Ferro 4 Comments

VTP is VLAN Trunking Protocol which propagates VLAN numbers throughout a network. When a switch acting as VTP server with a higher revision number of the VTP database is inserted into the network it can “bomb” the network.

The higher VTP database number will cause VLAN information to be overwritten in all switches. Because the version of the latest database is usually from a switch in the lab which is nothing like the live network, your entire network effectively “dies”.

This is known as a “VTP Bomb”, especially is performed maliciously.

Filed Under: Blog, Dictionary Tagged With: dictionary

Please rate this post:

$1 Star - It\\\'s Crud$ $2 Stars - It\\\'s Tosh$ $3 Stars - Something\\\'s missing$ 4 Stars - Needs works

(1 votes, average: 9.00 out of 10)

Loading ...

About Greg Ferro
Greg is a Network and Security Architect / Designer / Engineer working freelance in the UK and worked for Resellers, DotCom's, Large Corporate's and Service Providers across a variety of products & Vendors. He prefers to work for end users, believes in the life cycle, total cost of ownership and that near enough is often good enough. He likes talking about himself in the first person to feel "royal", even when hosting the Packet Pushers Podcast on Data Networking. More about Greg at http://etherealmind.com/who-am-i/ and you can follow him on Twitter.

Comments

Ivan Pepelnjak says:

10 November 2009 at 05:35 +0000

As I’ve said once: VTP = plug-and-play wannabe gone in the wrong direction

http://blog.ioshints.info/2008/12/should-vtp-be-disabled-by-default.html

Reply
- Greg Ferro says:
  
  10 November 2009 at 15:39 +0000
  
  But it’s fixed in VTP v3 – http://etherealmind.com/vtp-3-making-comeback-review/
  
  Reply
  - Marko Milivojevic says:
    
    12 November 2009 at 19:30 +0000
    
    Unfortunately, v3 is widely unsupported on smaller switches. GVRP would be the right thing, but for some reason, Cisco has been ignoring this for years…
    
    I’ve seen it mentioned in some 6500 documentation recently, though.
    
    Reply
    - Greg Ferro says:
      
      13 November 2009 at 16:34 +0000
      
      Yeah, it will start there and progressively move into the smaller switches over time (I should think and experience suggests). At a guess, 18 months.
      
      Reply

Speak Your Mind Cancel reply

Cisco IOS Licensing Petition

EtherealMind's Twitter

RT @DeepStorageNet: RT @etherealmind: Virtual Connect is turds ,-Greg tell us how you really feel <- was I being subtle ? 2 weeks ago
Yesterday I read the Barracuda WAF manual. Today, its Ironport email gateway. #headfeelslikelead and #gladilearnedtospeedread 2 weeks ago
Checkpoint IP595 appliance ~£15K. Mtce contact (3rd party) per YEAR £6.5K. That's how you make the customers bottom line look bad. 2 weeks ago
RT @DalaiLama: Peace does not come through prayer, we human beings must create peace. <-Amen. 2 weeks ago
RT @bradhedlund I'm Baaaack! {Blog} Cisco UCS QoS vs. HP Virtual Connect rate limiting: http://bit.ly/cVyeIv | Virtual Connect is turds 2 weeks ago
More updates...

Kiva (Charity)

My Etherealmind