ccnpv7 switch lab4-1 stp student

8/16/2019 Ccnpv7 Switch Lab4-1 Stp Student

1/24


2/24


3/24

CCNPv7 SWITCH' Lab 4-1 – Implement Spanning Tree Protocols

?inally0 configure all four switches as 9TP version $ servers in domain S


4/24


37& O"erating (o$e Server

2um


5/24


DLSH#sho! span %lan ))

3L:2,,AA

S"anning tree ena


6/24


while the root secon#ary command will set the priority on the secondary root to the 2C0&=2 *one 3step6lower than the default priority+.

odify 1S) and 1S2 so that 1S ) is elected the primary root bridge for 9-s (( and )'' and 1S2 iselected the primary root bridge for 9- ))' and )2'. 1S) should be elected as the secondary root bridgefor 9- ))' and )2'0 and 1S2 should be elected as the secondary root bridge for 9-s ((0 and )''.

Eou will need to make configuration changes on both 1S) and 1S2. -n eAample from 1S)B

DLS1# conf t

Enter configuration comman$s% one "er line- En$ with C27LF-

DLS1config# spanning-tree %lan ))(100 root pri*ary

DLS1config# spanning-tree %lan 110(10 root secon#ary

DLS1config# e'it

DLS1#

9erification from 1S)B

DLS1# sho! spanning-tree root

oot Bello (aK Jw$

3lan oot 6D Cost 7ime :ge Dly oot &ort

3L:2,,AA H+I)9 e*+,-+,If-)H*, , H H, 19

3L:2,1,, H+I)I e*+,-+,If-)H*, , H H, 19

3L:2,11, H+I*I e*+,-+,If-Ie,, 1A H H, 19 Ja,11

3L:2,1H, H+IAI e*+,-+,If-Ie,, 1A H H, 19 Ja,11

3L:2,III ..+.+ ,,1)-A9cf-1I*, 1A H H, 19 Ja,A

DLS1#

The sho! spanning-tree ri#ge command also provides detailed information about the currentconfiguration of the local bridgeB

DLS1# sho! spanning-tree ri#ge >

a$$ress (ac a$$ress of this


7/24


DLS1# sho! spanning-tree ri#ge

Bello (aK Jw$

3lan 5ri$ge 6D 7ime :ge Dly &rotocol

3L:2,,AA H+I)9 H+9)I% AA e*+,-+,If-)H*, H H, 19 ieee

3L:2,1,, H+I)I H+9)I% 1,, e*+,-+,If-)H*, H H, 19 ieee

3L:2,11, H*)*H H*I)H% 11, e*+,-+,If-)H*, H H, 19 ieee

3L:2,1H, H*)AH H*I)H% 1H, e*+,-+,If-)H*, H H, 19 ieee

3L:2,III ..+.+ .H)I*% III e*+,-+,If-)H*, H H, 19 ieee

DLS1#

Step 4' anip%late port an& path costs

-s the network is implemented right now0 there are two paths between each directly connected switch. -s theRoot Port is elected0 path and port costs are evaluated to determine the shortest path to the root bridge.

In the case where there are multiple e!ual cost paths to the root bridge0 additional attributes must beevaluated. In our case0 the lower interface number *for eAample0 ?';))+ is chosen as the Root Port0 and thehigher interface number *for eAample0 ?';)2+ is put into a spanning tree /locking state.

Eou can see which ports are blocked with the sho! spanning-tree vlan-id command or the sho!spanning-tree loc"e#ports command. ?or now eAamine 9- ))' on 1S).

DLS1# sho! spanning-tree %lan 110

3L:2,11,

S"anning tree ena


8/24


DLS1# sho! spanning-tree loc"e#ports

2ame 5loc>e$ 6nterfaces List

3L:2,11, Ja,1H

3L:2,1H, Ja,1H

3L:2,III Ja,)% Ja,*% Ja,1,% Ja,11% Ja,1H

2um


9/24


3L:2,1H, H+IAI e*+,-+,If-Ie,, .* H H, 19 Ja,)

3L:2,III ..+.+ ,,1)-A9cf-1I*, 1A H H, 19 Ja,11

:LS1#

The election of the Root Port is based on the lowest total path cost to the root bridge. The root path cost is asum of all of the Root Port costs between the local bridge and the root bridge. If the total path cost to the rootbridge is the same over multiple ports0 then the port towards the neighbor switch that has the lowest /ridge I1is chosen as the Root Port.

If the local bridge has multiple connections to a neighbor bridge that is in the lowest4cost path0 /1P>s sentfrom that neighbor are eAamined and the /P1> containing the lowest sending Port4I1 is chosen as the RootPort. In this case the term "sending" refers to the switch and its port that forwarded the /P1>.

otice in the output above that the root bridge for 9-))' is reachable from -S) via ?a';= with a total rootpath cost of $C *)( for the ?a';= trunk between -S) and 1S)0 and )( for the trunk between 1S) and1S2+.

On -S20 change the spanning tree cost on interface ?a';= to )2.

:LSHconfig# int f0/7

:LSHconfigif# spanning-tree cost 1

:LSHconfigif# e'it

:LSHconfig#

ow go back to -S) and see the impactB

:LS1# sho! span root

oot Bello (aK Jw$


3L:2,,AA H+I)9 e*+,-+,If-)H*, 1A H H, 19 Ja,)

3L:2,1,, H+I)I e*+,-+,If-)H*, 1A H H, 19 Ja,)

3L:2,11, H+I*I e*+,-+,If-Ie,, .1 H H, 19 Ja,11

3L:2,1H, H+IAI e*+,-+,If-Ie,, .1 H H, 19 Ja,11

3L:2,III ..+.+ ,,1)-A9cf-1I*, 1A H H, 19 Ja,11

:LS1#

-S)s Root Port changed to ?';))0 and the path cost to the Root /ridge changed to $) *)( K )2+.

The change you Lust made on -S2 did not impact the Root Port from its perspectiveF it is still ?a';=.

eAt you will use port priority to modify which port is selected as the Root Port. ?or this eAercise0 we will focuson 9- )''.

On 1S)0 use sho! span %lan 100 to see what the priorities are *default to )2C+

: 2')5 #isco and;or its affiliates. -ll rights reserved. This document is #isco Public. Page 3 of *4


10/24


DLS1# sho! span %lan 100

3L:2,1,,

S"anning tree ena


11/24


3L:2,1,, H+I)I e*+,-+,If-)H*, 1A H H, 19 Ja,*

:LS1# sho! span %lan 100

3L:2,1,,

S"anning tree ena


12/24


'(ar 1 ,,.1,.-.H) S7& 3L:2,11, Ja,1H @ learning

DLS1configif#

'(ar 1 ,,.11*-..9 S7&[11,] enerating 7C tra" for "ort JastEthernet,1H

'(ar 1 ,,.11*-..9 S7& 3L:2,11, sent 7o"ology Change 2otice on Ja,1H

'(ar 1 ,,.11*-..9 S7& 3L:2,11, Ja,1H @ forwar$ing

DLS1configif#$o sho s"an vlan 11,

3L:2,11,

S"anning tree ena


13/24


Cost 1A

&ort 1. JastEthernet,11

Bello 7ime H sec (aK :ge H, sec Jorwar$ Delay 19 sec

5ri$ge 6D &riority H*)*H "riority H*I)H sysi$eKt 11,

:$$ress e*+,-+,If-)H*,

Bello 7ime H sec (aK :ge H, sec Jorwar$ Delay 19 sec

:ging 7ime 19 sec

6nterface ole Sts Cost &rio-2 stored on a porteApires is called max_age and is 2' seconds by default. 1epending on the nature of a topological change0STP re!uires between $' and %' seconds to converge on a new loop4free topology.

Rapid Spanning Tree significantly reduces the time it takes to go from the 1iscarding *P9STB /locking+ to the?orwarding state.

#onfigure Rapid Spanning Tree Protocol on 1S). >se the clear spanning-tree #etecte#- protocols privileged ,7,# command to flush any stored P9ST information.

DLS1# conf t

DLS1config# spanning-tree *o#e rapi#-p%st

DLS1config# en#

DLS1#clear spanning-tree #etecte#-protocols

: 2')5 #isco and;or its affiliates. -ll rights reserved. This document is #isco Public. Page 1. of *4


14/24


15/24


16/24


17/24


:LS1configif# shut

:LS1configif#

'(ar H ,11+9)-.,1 S7&1H, transmitting a "ro"osal on Ja,I

'(ar H ,119,,-,IA /L629CB:2ED 6nterface JastEthernet,I% change$ state toa$ministratively $own

'(ar H ,119,1-,)I /L62E&O7O9G&DO=2 Line "rotocol on 6nterface JastEthernet,I%

change$ state to $own:LS1configif#

-s you can see in the output above0 RSTP sees the interface come up0 recogniJes it as a 1esignated port0and starts sending proposals. ow we will add the spanning-tree portfast command to the interface*the debug is still running+B

:LS1configif# spanning-tree portfast

/=arning "ortfast shoul$ only


18/24


&ort "ath cost 1A% &ort "riority 1H*% &ort 6$entifier 1H*-I-

Designate$ root has "riority H+IAI% a$$ress e*+,-+,If-).*,

Designate$


19/24


:LSHconfigif# e'it

:LSHconfig#

'(ar H ,1+I11-HH. /S&:27EEH5LOC45&DGG:D eceive$ 5&DG on "ort Ja,11 with5&DG uar$ ena


20/24


Eou should see a /P1> being received at your host every 2 seconds.

ow configure /P1> ?ilter on -S) interface ?a';&

:LS1# conf t


:LS1config# int f0/&

:LS1configif# spanning-tree p#ufilter enale

:LS1configif# e'it

:LS1config#

#lear the s.

Step 4' Implement an& !bserve (oot that would normally cause the port to become a Rootport0 the /P1> will be discarded and the port will be moved to the Root4Inconsistent state. -n STPinconsistent state differs from the err4disabled state that the port is not disabled entirelyF instead0 it is only putinto the /locking *1iscarding+ state and will be put back into its proper role and state once the cause for itsinconsistent state disappears. s.

NoteB /P1> Root @uard is a protective mechanism in situations when your network and the network of yourcustomer need to form a single STP domain0 yet you want to have the STP root bridge in your network partand you do not want your customer to take over this root switch selection0 or back up the connectivity in yournetwork through the customer. In these cases0 you would put the Root @uard on ports toward the customer.Mowever0 inside your own network0 using Root @uard would actually be harmful. Eour network can beconsidered trustworthy and there is no rogue root switch to protect against. >sing Root @uard in your ownnetwork would cause it to be unable to converge on a new workable spanning tree if any of the primary links

failed0 and it would also prevent your network from converging to a secondary root switch if the primary rootswitch failed entirely.

To illustrate the behavior of Root @uard0 we will configure it on a designated port on 1S) for 9- )''.1S) is the root bridge for 9- )''0 so all trunk ports are designated.

DLS1# sho! span root

oot Bello (aK Jw$


: 2')5 #isco and;or its affiliates. -ll rights reserved. This document is #isco Public. Page * of *4


21/24


3L:2,,AA H+I)9 e*+,-+,If-*


22/24


To clear this0 go back to -S) and issue the command no spanning-tree %lan 100 priority1&?@. Once you do this0 you will see the following SESO@ message at 1S)0 and the interface willbecome consistent again.

DLS1#

'(ar H ,.1*.)-,+1 /S&:27EEHOO7G:D4G25LOC oot guar$ uning "ortJastEthernet,) on 3L:2,1,,-

DLS1# sho! spanning-tree interface f0/7 ; inc 2,A0100

3L:2,1,, Desg J=D 1A 1H*-A &H"

DLS1#

?or completeness0 remove Root @uard from ?a';= on 1S)

DLS1# conf t


DLS1config# int f0/7

DLS1configif# no spanning-tree guar# root

DLS1configif# e'it

DLS1config#

Step /' Implement an& !bserve Loop s suddenly cease to be received on them

In a normal STP network0 all ports receive and process /P1>s0 even /locking *1iscarding+ ports. This is howthey know that the device at the other end of the link is alive and still superior to them. If a /locked port stopsreceiving these /P1>s0 it can only assume that the device on the other side is no longer there and they arenow superior0 and should be in ?orwarding state for the given segment. -n eAample of when this could occuris the instance where the RA fiber in an optical cable becomes disconnected0 cut0 or connected to a different

port or device than the corresponding TA fiber0 in essence creating an uni4directional link.

This could cause permanent switching loops in the network0 so oop @uard helps to prevent them.

?or this eAample0 we will configure oop @uard on an -lternate port on -S20 and then stop sending out/P1>s from the corresponding 1esignated port on the other end of the link0 and observe the behavior.

:LSH# sho! span %lan 100

3L:2,1,,

S"anning tree ena


23/24


6nterface ole Sts Cost &rio-2


24/24

ccnpv7 switch lab4-1 stp student

Documents