Lab Objective
The focus of this lab is to understand basic VLAN, VTP, DTP and STP implementation and configuration in Cisco IOS Catalyst switches.
Lab Topology
The lab network topology is illustrated below:
Topology
Task 1
Enable and configure VTP on the switches illustrated in the topology as follows:
- 1.All switches should reside in VTP domain ‘SWITCH’.
- 2.All switches should run VTP version 2.
- 3.All switches should allow VLAN creation, deletion and modification.
- 4.All switches should use a VTP password of ‘CCNP’
DLS1
DLS1(config)#vtp domain SWITCH
Changing VTP domain name from NULL to SWITCH
DLS1(config)#vtp version 2
DLS1(config)#vtp password CCNP
Setting device VLAN database password to CCNP
DLS1(config)#
DLS2
DLS2(config)#vtp domain SWITCH
Changing VTP domain name from NULL to SWITCH
DLS2(config)#vtp version 2
DLS2(config)#vtp password CCNP
Setting device VLAN database password to CCNP
DLS2(config)#
ALS1
ALS1(config)#vtp domain SWITCH
Changing VTP domain name from NULL to SWITCH
ALS1(config)#vtp version 2
ALS1(config)#vtp password CCNP
Setting device VLAN database password to CCNP
ALS1(config)#
ALS2
ALS2(config)#vtp domain SWITCH
Changing VTP domain name from NULL to SWITCH
ALS2(config)#vtp version 2
ALS2(config)#vtp password CCNP
Setting device VLAN database password to CCNP
ALS2(config)#
Task 2
Configure trunking on the switches as follows:
- 1.Configure DLS1 so that its interfaces will actively attempt to become trunk links.
- 2.Configure DLS2 so that its interfaces will actively attempt to become trunk links
- 3.Configure ALS1 so that its interfaces will only trunk if the upstream switch is trunking.
- 4.Configure ALS2 so that its interfaces will only trunk if the upstream switch is trunking.
DLS1
DLS1(config)#interface range fa0/7,fa0/9,fa0/11
DLS1(config-if-range)#switchport mode dynamic desirable
DLS2
DLS2(config)#interface range fa0/7,fa0/9,fa0/11
DLS2(config-if-range)#switchport mode dynamic desirable
ALS1
ALS1(config)#interface range fa0/7,fa0/9
ALS1(config-if-range)#switchport mode dynamic auto
ALS2
ALS2(config)#interface range fa0/7 , fa0/9
ALS2(config-if-range)#switchport mode dynamic auto
In GNS3, Etherswitch router doesn’t support the bellow commands:
- 1.switchport mode dynamic auto
- 2.switchport mode dynamic desirable
The Etherswitch does support commands such as switchport mode trunk, so here we just trunk those interfaces.
DLS1
- 1.DLS1(config)#interface range fa1/7 , fa1/9 , fa1/11
- 2.DLS1(config-if-range)#switchport mode trunk
DLS2
- 1.DLS2(config)#interface range fa1/7 , fa1/9 , fa1/11
- 2.DLS2(config-if-range)#switchport mode trunk
ALS1
- 1.ALS1(config)#interface range fa1/7 , fa1/9
- 2.ALS1(config-if-range)#switchport mode trunk
ALS2
- 1.ALS2(config)#interface range fa1/7 , fa1/9
- 2.ALS2(config-if-range)#switchport mode trunk
Verify your configuration using the show interfaces trunk command as follows:
DLS1
DLS1#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa1/7 on 802.1q trunking 1
Fa1/9 on 802.1q trunking 1
Fa1/11 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/7 1-4094
Fa1/9 1-4094
Fa1/11 1-4094
Port Vlans allowed and active in management domain
Fa1/7 1
Fa1/9 1
Fa1/11 1
Port Vlans in spanning tree forwarding state and not pruned
Fa1/7 1
Fa1/9 1
Fa1/11 1
DLS1#
DLS2
DLS2#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa1/7 on 802.1q trunking 1
Fa1/9 on 802.1q trunking 1
Fa1/11 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/7 1-4094
Fa1/9 1-4094
Fa1/11 1-4094
Port Vlans allowed and active in management domain
Fa1/7 1
Fa1/9 1
Fa1/11 1
Port Vlans in spanning tree forwarding state and not pruned
Fa1/7 1
Fa1/9 1
Fa1/11 1
DLS2#
ALS1
ALS1#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa1/7 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/7 1-4094
Port Vlans allowed and active in management domain
Fa1/7 1
Port Vlans in spanning tree forwarding state and not pruned
Fa1/7 1
ALS1#
ALS2
ALS2#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa1/7 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/7 1-4094
Port Vlans allowed and active in management domain
Fa1/7 1
Port Vlans in spanning tree forwarding state and not pruned
Fa1/7 1
ALS2#
Task 3
Configure the following VLANs only on switch DLS1:
- 1.VLAN 100 name USER-VLAN
- 2.VLAN 200 name FILE-VLAN
DLS1
DLS1(config)#vlan 100
DLS1(config-vlan)#name USER-VLAN
DLS1(config-vlan)#exit
DLS1(config)#vlan 200
DLS1(config-vlan)#name FILE-VLAN
DLS1(config-vlan)#exit
DLS1(config)#spanning-tree vlan 100 root primary
% This switch is already the root of VLAN100 spanning tree
VLAN 100 bridge priority set to 8192
VLAN 100 bridge max aging time unchanged at 20
VLAN 100 bridge hello time unchanged at 2
VLAN 100 bridge forward delay unchanged at 15
DLS1(config)#spanning-tree vlan 200 root primary
% This switch is already the root of VLAN200 spanning tree
VLAN 200 bridge priority set to 8192
VLAN 200 bridge max aging time unchanged at 20
VLAN 200 bridge hello time unchanged at 2
VLAN 200 bridge forward delay unchanged at 15
DLS1(config)#
DLS2
DLS2(config)#spanning-tree vlan 100 root secondary
VLAN 100 bridge priority set to 16384
VLAN 100 bridge max aging time unchanged at 20
VLAN 100 bridge hello time unchanged at 2
VLAN 100 bridge forward delay unchanged at 15
DLS2(config)#spanning-tree vlan 200 root secondary
VLAN 200 bridge priority set to 16384
VLAN 200 bridge max aging time unchanged at 20
VLAN 200 bridge hello time unchanged at 2
VLAN 200 bridge forward delay unchanged at 15
DLS2(config)#
Verify your configuration using the show spanning-tree root command as follows:
DLS1
DLS1#show spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
—————- ——————– —– —- —- —– —————-
VLAN1 32768 c201.0763.0000 0 2 20 15 This bridge is root
VLAN100 8192 c201.0763.0001 0 2 20 15 This bridge is root
VLAN200 8192 c201.0763.0002 0 2 20 15 This bridge is root
DLS1#
DLS2
DLS2#show spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
—————- ——————– —– —- —- —– —————-
VLAN1 32768 c201.0763.0000 19 2 20 15 FastEthernet1/11
VLAN100 8192 c201.0763.0001 19 2 20 15 FastEthernet1/11
VLAN200 8192 c201.0763.0002 19 2 20 15 FastEthernet1/11
DLS2#
ALS1
ALS1#show spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
—————- ——————– —– —- —- —– —————-
VLAN1 32768 c201.0763.0000 19 2 20 15 FastEthernet1/7
VLAN100 8192 c201.0763.0001 19 2 20 15 FastEthernet1/7
VLAN200 8192 c201.0763.0002 19 2 20 15 FastEthernet1/7
ALS2
ALS2#show spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
—————- ——————– —– —- —- —– —————-
VLAN1 32768 c201.0763.0000 38 2 20 15 FastEthernet1/7
VLAN100 8192 c201.0763.0001 38 2 20 15 FastEthernet1/7
VLAN200 8192 c201.0763.0002 38 2 20 15 FastEthernet1/7
ALS2#
Task 4
NOTE
When selecting a root port, Spanning Tree considers the following:
- 1.Lowest Root Bridge ID
- 2.Lowest Root Path Cost to Root Bridge
- 3.Lowest Sender Bridge ID
- 4.Lowest Sender Port ID
By default, no additional configuration is required to ensure that Fa0/7 and Fa0/9 on switches ALS1 and ALS2, respectively, are the root ports (forwarding) for VLAN 100. However, to ensure that Fa0/9 and Fa0/7 on switches ALS1 and ALS2, respectively, are root ports (forwarding) for VLAN 200, you must increase the cost of the current root ports Fa0/7 and Fa0/9 on switches ALS1 and ALS2, respectively, to make these less desirable (blocking) for VLAN 200.
This value must be higher than the cumulative cost of 19 + 19, which is 38. Any cost value above number 38 on Fa0/7 and Fa0/9 on switches ALS1 and ALS2 for VLAN 200 will satisfy the requirements of this task. Before the change, the current STP status shows the following:
ALS1
ALS1#show spanning-tree interface fa1/7 brief
Vlan Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
——————– ——- —- —– — —– ——————– ——-
VLAN1 128.48 128 19 FWD 0 32768 c201.0763.0000 128.48
VLAN100 128.48 128 19 FWD 0 8192 c201.0763.0001 128.48
VLAN200 128.48 128 19 FWD 0 8192 c201.0763.0002 128.48
ALS1#
DLS1#show spanning-tree interface fa1/9 brief
Vlan Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
——————– ——- —- —– — —– ——————– ——-
VLAN1 128.50 128 19 FWD 0 32768 c201.0763.0000 128.50
VLAN100 128.50 128 19 FWD 0 8192 c201.0763.0001 128.50
VLAN200 128.50 128 19 FWD 0 8192 c201.0763.0002 128.50
DLS1#
ALS2
ALS2#show spanning-tree interface fa1/7 brief
Vlan Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
——————– ——- —- —– — —– ——————– ——-
VLAN1 128.48 128 19 FWD 19 32768 c202.0774.0000 128.48
VLAN100 128.48 128 19 FWD 19 16384 c202.0774.0001 128.48
VLAN200 128.48 128 19 FWD 19 16384 c202.0774.0002 128.48
ALS2#
ALS2#show spanning-tree interface fa1/9 brief
Vlan Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
——————– ——- —- —– — —– ——————– ——-
VLAN1 128.50 128 19 BKN 0 32768 c201.0763.0000 128.50
ALS2#
Configure Spanning Tree on switches ALS1 and ALS2 as follows:
- 1.Port Fa0/7 on ALS1 and port Fa0/9 on ALS2 should be forwarding for VLAN 100.
- 2.Port Fa0/9 on ALS1 and port Fa0/7 on ALS2 should be forwarding for VLAN 200
ALS1
ALS1(config)#interface fa1/7
ALS1(config-if)#spanning-tree vlan 200 cost 40
ALS2
ALS2(config)#interface fa1/9
ALS2(config-if)#spanning-tree vlan 200 cost 40
Task 5
This task requires the implementation of STP backbonefast and uplinkfast. Backbonefast is configured on ALL switches in the network as follows:
DLS1
DLS1(config)#spanning-tree backbonefast
DLS2
DLS2(config)#spanning-tree backbonefast
ALS1
ALS1(config)#spanning-tree backbonefast
ALS2
ALS2(config)#spanning-tree backbonefast
However, uplinkfast is configured only on access switches in the network as follows:
ALS1
ALS1(config)#spanning-tree uplinkfast
ALS2
ALS2(config)#spanning-tree uplinkfast