8th February 2012

Network Dictionary – VTP Bomb

VTP is VLAN Trunking Protocol which propagates VLAN numbers throughout a network. When a switch acting as VTP server with a higher revision number of the VTP database is inserted into the network it can “bomb” the network.

The higher VTP database number will cause VLAN information to be overwritten in all switches. Because the version of the latest database is usually from a switch in the lab which is nothing like the live network, your entire network effectively “dies”.

This is known as a “VTP Bomb”, especially is performed maliciously.

This post is copyright of Thropos Ltd ©2008-2011 at Etherealmind.com - contact | email: greg.ferro@packetpushers.net - twitter: @etherealmind | All rights reserved
About Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus

  • http://blog.ioshints.info Ivan Pepelnjak

    As I’ve said once: VTP = plug-and-play wannabe gone in the wrong direction ;)

    http://blog.ioshints.info/2008/12/should-vtp-be-disabled-by-default.html

    • http://etherealmind.com Greg Ferro
      • http://cisco.markom.info/ Marko Milivojevic

        Unfortunately, v3 is widely unsupported on smaller switches. GVRP would be the right thing, but for some reason, Cisco has been ignoring this for years…

        I’ve seen it mentioned in some 6500 documentation recently, though.

        • http://etherealmind.com Greg Ferro

          Yeah, it will start there and progressively move into the smaller switches over time (I should think and experience suggests). At a guess, 18 months.