Thursday, December 13, 2012

Multilayer Switching- Routed Ports


In this lab I will configured a multilayer switch port to be a routed port. On the router I configured an ip address that goes is directly connected to the l3 switch.

Router#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fa 0/1
Router(config-if)#ip add 210.1.1.1 255.255.255.0

On the l3 switch I configured an SVI for vlan 11 and 33.

Switch(config)#ip routing
Switch(config)#int vlan 11
Switch(config-if)#ip add 201.1.1.254 255.255.255.0

Switch(config)#int fa 0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 11

%LINK-5-CHANGED: Interface Vlan11, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan11, changed state to up
% Access VLAN does not exist. Creating vlan 11

Switch(config-if)#int vlan 33
Switch(config-if)#ip add 30.1.1.254 255.255.255.0
Switch(config-if)#int fa 0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 33

%LINK-5-CHANGED: Interface Vlan33, changed state to up

For the port directly connected to the router I turn off layer2 switching with the no switch port command and then assign an ip address to the interface just like I would a router.

Switch(config)#int fa 0/1
Switch(config-if)#no switchport

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

Switch(config-if)#ip add 210.1.1.2 255.255.255.0

I confirmed connectivity with the router by pinging its interface.

Switch#ping 210.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2

From the host I can ping the switch routed interface but not the router's. The reason for this is that the router doesn't know how to get to those VLANs.

PC>ping 210.1.1.2

Pinging 210.1.1.2 with 32 bytes of data:

Reply from 210.1.1.2: bytes=32 time=27ms TTL=255
Reply from 210.1.1.2: bytes=32 time=4ms TTL=255
Reply from 210.1.1.2: bytes=32 time=4ms TTL=255
Reply from 210.1.1.2: bytes=32 time=3ms TTL=255

Ping statistics for 210.1.1.2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 27ms, Average = 9ms

PC>ping 210.1.1.1

Pinging 210.1.1.1 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 210.1.1.1:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Router has no entries for 20.1.1.0 or 30.1.1.0 networks, a dynamic protocol can be used to solve this problem or static routes.

Router#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

C    210.1.1.0/24 is directly connected, FastEthernet0/0

I configured EIGRP on both the router and the l3 switch so that they can exchange routing tables.

Router(config)#router eigrp 100
Router(config-router)#no auto-summary
Router(config-router)#network 210.1.1.0 0.0.0.255



Switch#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#router eigrp 100
Switch(config-router)#no auto
Switch(config-router)#network 210.1.1.0 0.0.0.255
Switch(config-router)#
%DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 210.1.1.1 (FastEthernet0/1) is up: new adjacency

Switch(config-router)# network 20.1.1.0 0.0.0.255
Switch(config-router)# network 30.1.1.0 0.0.0.255


The router now knows how to reach all networks in this topology.

Router#show ip route eigrp
     20.0.0.0/24 is subnetted, 1 subnets
D       20.1.1.0 [90/25628160] via 210.1.1.2, 00:00:34, FastEthernet0/0
     30.0.0.0/24 is subnetted, 1 subnets
D       30.1.1.0 [90/25628160] via 210.1.1.2, 00:02:28, FastEthern

The ping is successful from the host now.

PC>ping 210.1.1.1

Pinging 210.1.1.1 with 32 bytes of data:

Reply from 210.1.1.1: bytes=32 time=9ms TTL=254
Reply from 210.1.1.1: bytes=32 time=11ms TTL=254
Reply from 210.1.1.1: bytes=32 time=8ms TTL=254
Reply from 210.1.1.1: bytes=32 time=9ms TTL=254

Ping statistics for 210.1.1.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 8ms, Maximum = 11ms, Average = 9ms









Posted by No comments:

Tuesday, December 11, 2012

Multilayer Switching- SVIs



In this lab I created two switch virtual interfaces (SVIs) on int vlan 10 and vlan 192. I assigned fa0/1 with vlan access 10 and fa0/2 with clan access 192.

Switch#config t
Switch(config)#int vlan 10
Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan10, changed state to up

Switch(config-if)#ip add 10.1.1.1 255.255.255.0
Switch(config-if)#exit
Switch(config)#int vlan 192
Switch(config-if)#ip add 192.168.1.1 255.255.255.0


Switch(config)#int fa 0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10


Switch(config-if)#int fa 0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 192

Here I tested that the switch could see the hosts which were configured according to the diagram and with the SVI as the default gateway.


Switch#ping 10.1.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/5/7 ms





Switch#ping 192.168.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Next I tried to ping from host 10.1.1.2 to host 192.168.1.2 but it failed. The reason it did was because my default ip routing is disabled on multilayer switches.



PC>ping 192.168.1.2

Pinging 192.168.1.2 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.1.2:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Here I enabled ip routing and verified with show ip route that connected route when in the routing table.


Switch#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#ip routing
Switch(config)#do show run
Building configuration...

Current configuration : 1295 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
!
!
!
ip routing
!
!


Switch#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Vlan10
C    192.168.1.0/24 is directly connected, Vlan192


Now the ping is successful once routing was enabled.


PC>ping 192.168.1.2

Pinging 192.168.1.2 with 32 bytes of data:

Reply from 192.168.1.2: bytes=32 time=5ms TTL=127
Reply from 192.168.1.2: bytes=32 time=5ms TTL=127
Reply from 192.168.1.2: bytes=32 time=10ms TTL=127
Reply from 192.168.1.2: bytes=32 time=7ms TTL=127

Ping statistics for 192.168.1.2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 5ms, Maximum = 10ms, Average = 6ms





Posted by No comments:

Configuring EtherChannel (PAgP, LACP)



No trunks are currently set between DLS1 and any other switch, I will setup port 7 through 12 to trunk and do the same for the rest of the switches.

DLS1#show int trunk
DLS1#
DLS1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
DLS1(config)#int range fast 0/7- 12

DLS1(config-if-range)#switchport trunk encap dot1q
DLS1(config-if-range)#switchport mode trunk


DLS2  ports directly connected to DLS1 became trunks after I setup DLS1 port 0/11 ,0/12 to trunk because DLS2 ports are in dynamic auto by default.

DLS2#show int trunk
Port        Mode         Encapsulation  Status        Native vlan
Fa0/11      auto         n-802.1q       trunking      1
Fa0/12      auto         n-802.1q       trunking      1

Port        Vlans allowed on trunk
Fa0/11      1-1005
Fa0/12      1-1005

Port        Vlans allowed and active in management domain
Fa0/11      1
Fa0/12      1

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/11      1
Fa0/12      1



DLS2#show interfaces fastEthernet 0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: dynamic auto


..............................................


DLS2(config)#int range fastEthernet 0/7- 12
DLS2(config-if-range)#switchport trunk encap dot1q
DLS2(config-if-range)#switchport mode trunk

I like to make them trunk manually. 

On ALS1 we have the same story dynamic auto is on and once I changed DLS1 to trunk interfaces they dynamically became trunks.

ALS1# show int fast 0/7 switchport 
Name: Fa0/7
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: trunk


ALS1#show int trunk
Port        Mode         Encapsulation  Status        Native vlan
Fa0/7       auto         n-802.1q       trunking      1
Fa0/8       auto         n-802.1q       trunking      1
Fa0/9       auto         n-802.1q       trunking      1
Fa0/10      auto         n-802.1q       trunking      1

Port        Vlans allowed on trunk
Fa0/7       1-1005
Fa0/8       1-1005
Fa0/9       1-1005
Fa0/10      1-1005

Port        Vlans allowed and active in management domain
Fa0/7       1,100,110,120
Fa0/8       1,100,110,120
Fa0/9       1,100,110,120
Fa0/10      1,100,110,120

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/7       100,110,120
Fa0/8       100,110,120
Fa0/9       1,100,110,120
Fa0/10      100,110,120

Ports 0/11 and Port 0/12 aren't trunks because connections with ALS1 and ALS2 are both setup as dynamic auto. ALS1 and ALS2 IOS only supports dot1q so encapsulation doesn't need to be specified.

ALS1(config)#int range fast 0/7- 12
ALS1(config-if-range)#switch mode trunk

ALS2(config)#int range fast 0/7- 12
ALS2(config-if-range)#switch mode trunk

I want to create an etherchannel with ALS1 and ALS2 using Cisco's PAgP. There are some rules I must follow before I combine ports into an etherchannel. They must be the same type of port (trunk,port) , same duplex, same speed , same allowed VLANs and native VLAN.  Here both 11 and 12 are trunks with the same port and VLAN settings.


ALS1(config)#int range fast 0/11- 12
ALS1(config-if-range)#channel-group 1 mode desirable 

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up






ALS2(config)#int range fast 0/11- 12
ALS2(config-if-range)#channel-group 1 mode desirable 

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up
ALS2(config-if-range)#
%LINK-5-CHANGED: Interface Port-channel 1, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel 1, changed state to up

The etherchannel is now a logical interface named po1.

ALS1(config)#int port-channel 1
ALS1(config-if)#switchport mode trunk

ALS2(config)#int po1
ALS2(config-if)#switchport mode trunk

ALS1#show int trunk
Port        Mode         Encapsulation  Status        Native vlan
Fa0/7       on           802.1q         trunking      1
Fa0/8       on           802.1q         trunking      1
Fa0/9       on           802.1q         trunking      1
Fa0/10      on           802.1q         trunking      1
Fa0/11      on           802.1q         trunking      1
Fa0/12      on           802.1q         trunking      1
Po1         on           802.1q         trunking      1

To make sure the etherchannel is up and running , I run the show etherchannel summary command. I can see the ports are layer 2 and in use with PAgP and that 11 and 12 are in the bundle. 

ALS1#show etherchannel summary 
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 1
Number of aggregators:           1

Group  Port-channel  Protocol    Ports
------+-------------+-----------+----------------------------------------------

1      Po1(SU)           PAgP   Fa0/11(P) Fa0/12(P) 
ALS1# 

Now I want to create a LACP etherchannel on ports 7 &8 at ALS1 and DLS1.

ALS1(config)#int range fast 0/7- 8
ALS1(config-if-range)#channel-group 2 mode ?
  active     Enable LACP unconditionally
  auto       Enable PAgP only if a PAgP device is detected
  desirable  Enable PAgP unconditionally
  on         Enable Etherchannel only
  passive    Enable LACP only if a LACP device is detected
ALS1(config-if-range)#channel-group 2 mode active

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
ALS1(config-if-range)#


DLS1(config)#int range fast 0/7- 8
DLS1(config-if-range)#channel-group 2 mode active

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up

DLS1(config-if-range)#
%LINK-5-CHANGED: Interface Port-channel 2, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel 2, changed state to up

ALS1(config)#int po2
ALS1(config-if)#switchport mode trunk

DLS1(config)#int po2
DLS1(config-if)#switchport mode trunk

ALS1#show int trunk
Port        Mode         Encapsulation  Status        Native vlan
Fa0/7       on           802.1q         trunking      1
Fa0/8       on           802.1q         trunking      1
Fa0/9       on           802.1q         trunking      1
Fa0/10      on           802.1q         trunking      1
Fa0/11      on           802.1q         trunking      1
Fa0/12      on           802.1q         trunking      1
Po1         on           802.1q         trunking      1
Po2         on           802.1q         trunking      1

ALS1#show etherchannel summary 
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+----------------------------------------------

1      Po1(SU)           PAgP   Fa0/11(P) Fa0/12(P) 
2      Po2(SU)           LACP   Fa0/7(P) Fa0/8(P) 




Posted by No comments:

Wednesday, November 14, 2012

Static VLAN, VLAN Trunking, VLAN VTP Modes



Initial switch configuration

Switch(config)#hostname ALS1
ALS1(config)#int vlan 1
ALS1(config-if)#ip add 10.1.1.103 255.255.255.0
ALS1(config-if)#no shut


Switch(config)#hostname ALS2
ALS2(config)#int vlan 1
ALS2(config-if)#ip add 10.1.1.104 255.255.255.0
ALS2(config-if)#no shut

Switch(config)#hostname DLS1

 DLS1(config)#int vlan 1
 DLS1(config-if)#ip add 10.1.1.101 255.255.255.0
 DLS1(config-if)#no shut



Switch(config)#hostname DLS2
DLS2(config)#int vlan 1
DLS2(config-if)#ip add 10.1.1.102 255.255.255.0
DLS2(config-if)#no shut




I will configure DLS1 as a vtp server and ALS1 as a VTP client using vtp domain SWLAB


DLS1#
DLS1#show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.1.1.101 on interface Vl1 (lowest numbered VLAN interface found)
DLS1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
DLS1(config)#vtp domain SWLAB
Changing VTP domain name from NULL to SWLAB
DLS1(config)#do show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : SWLAB
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x87 0x67 0x56 0x26 0xCB 0xE7 0x65 0x4D
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.1.1.101 on interface Vl1 (lowest numbered VLAN interface found)



ALS1#show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 255
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.1.1.103 on interface Vl1 (lowest numbered VLAN interface found)
ALS1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
ALS1(config)#vtp mode client
Setting device to VTP CLIENT mode.
ALS1(config)#vtp domain SWLAB
Changing VTP domain name from NULL to SWLAB
ALS1(config)#do show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 255
Number of existing VLANs        : 5
VTP Operating Mode              : Client
VTP Domain Name                 : SWLAB
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x87 0x67 0x56 0x26 0xCB 0xE7 0x65 0x4D
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

The configuration hasn't been modified because there are no trunks setup between these two switches, if I hadn't given the ALS1 the domain name it wouldn't have gotten it automatically because no trunks exist.




ALS1#show interfaces trunk

ALS1#show interfaces fastEthernet 0/7 switchport
Name: Fa0/7
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none





DLS1#show interfaces fastEthernet 0/7 switchport 
Name: Fa0/7
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: All
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

Trunks will not form because port 7 on both switches are setup for dynamic auto, both are listening for instructions to become a trunk. I will setup DLS1's port 7 in trunk mode for all ports that will be used as trunks.


DLS1(config)#int range fastEthernet 0/7-12
DLS1(config-if-range)#switchport trunk encapsulation dot1q
DLS1(config-if-range)#switchport mode trunk

DLS1#show interfaces trunk
Port        Mode         Encapsulation  Status        Native vlan
Fa0/7       on           802.1q         trunking      1
Fa0/8       on           802.1q         trunking      1
Fa0/9       on           802.1q         trunking      1
Fa0/10      on           802.1q         trunking      1
Fa0/11      on           802.1q         trunking      1
Fa0/12      on           802.1q         trunking      1

ALS1(config)#int range fastEthernet 0/7-12
ALS1(config-if-range)#switchport mode trunk

Client ports will be setup as access switches because they do not need to participate in spanning tree.


DLS2(config)#int range fastEthernet 0/7-12
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk



ALS2(config)#int fa0/6
ALS2(config-if)#switchport mode access 



DLS1(config)#int fa0/6
DLS1(config-if)#switchport mode access



ALS1(config)#int fa0/6
ALS1(config-if)#switchport mode access


I created the VLANs on the VTP server which will propagate them to clients and other servers within the domain.

DLS1#config t
DLS1(config)#vlan 100
DLS1(config-vlan)#vlan 110
DLS1(config-vlan)#vlan 120


Now I can assign the ports to their respective VLANs.

DLS1(config)#int fa0/6
DLS1(config-if)#switchport access vlan 100

Client can't not speak with each other because they are in different VLANs without layer 3 routing.
Posted by No comments:

Tuesday, November 6, 2012

Manually Configure Spanning-Tree Root






In this lab, I created two trunk ports on each switch and let spanning-tree run it's default election process.

Sw1(config)#int fa0/11
Sw1(config-if)#switchport trunk encap dot
Sw1(config-if)#switchport mode trunk

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up

Sw1(config-if)#int fa0/12
Sw1(config-if)#switchport trunk encap dot
Sw1(config-if)#switchport mode trunk

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up

Sw2(config)#int fa0/11
Sw2(config-if)#switchport trunk encap dot
Sw2(config-if)#switchport mode trunk
Sw2(config-if)#int fa0/12
Sw2(config-if)#switchport trunk encap dot
Sw2(config-if)#switchport mode trunk

Running the show spanning-tree command by itself will display all spanning tree information for each vlan. There are 4 vlan on each switch, vlan 1,10,20 and 30. Sw1 won the election and is the root switch for all vlans. There are multiple ways of verifying if the switch is the root switch, one is that the show spanning tree command will display "this is the root bridge", the root id information will match the bridge id information and lastly, all ports will be forwarding state.

Sw1#show spanning-tree 
VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     0002.1710.2A57
             This bridge is the root
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0002.1710.2A57
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/11           Desg FWD 19        128.11   P2p
Fa0/12           Desg FWD 19        128.12   P2p

VLAN0010
  Spanning tree enabled protocol ieee
  Root ID    Priority    32778
             Address     0002.1710.2A57
             This bridge is the root
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32778  (priority 32768 sys-id-ext 10)
             Address     0002.1710.2A57
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/11           Desg FWD 19        128.11   P2p
Fa0/12           Desg FWD 19        128.12   P2p

VLAN0020
  Spanning tree enabled protocol ieee
  Root ID    Priority    32788
             Address     0002.1710.2A57
             This bridge is the root
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32788  (priority 32768 sys-id-ext 20)
             Address     0002.1710.2A57
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/11           Desg FWD 19        128.11   P2p
Fa0/12           Desg FWD 19        128.12   P2p

VLAN0030
  Spanning tree enabled protocol ieee
  Root ID    Priority    32798
             Address     0002.1710.2A57
             This bridge is the root
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32798  (priority 32768 sys-id-ext 30)
             Address     0002.1710.2A57
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/11           Desg FWD 19        128.11   P2p
Fa0/12           Desg FWD 19        128.12   P2p


On Sw2 I displayed the information for vlan 30 only, here we don't see "this is the root bridge", the root information doesn't match the bridge ID and not all ports are forwarding 

Sw2# show spanning-tree vlan 30
VLAN0030
  Spanning tree enabled protocol ieee
  Root ID    Priority    32798
             Address     0002.1710.2A57
             Cost        19
             Port        11(FastEthernet0/11)
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32798  (priority 32768 sys-id-ext 30)
             Address     000C.CF68.DC11
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/11           Root FWD 19        128.11   P2p
Fa0/12           Altn BLK 19        128.12   P2p

I want to manually change the SPF root for vlan 20 and 30 to Sw2. I used the spanning-tree vlan root primary command. There is a option for a secondary root if I wanted to create a backup root.

Sw2(config)#spanning-tree vlan 20 root primary 
Sw2(config)#spanning-tree vlan 30 root primary 

I can see now that Sw2 is the root switch for vlan 20 and vlan 30.

Sw2#show span vlan 20
VLAN0020
  Spanning tree enabled protocol ieee
  Root ID    Priority    24596
             Address     000C.CF68.DC11
             This bridge is the root
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24596  (priority 24576 sys-id-ext 20)
             Address     000C.CF68.DC11
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/11           Desg FWD 19        128.11   P2p
Fa0/12           Desg LRN 19        128.12   P2p

Sw2#show span vlan 30
VLAN0030
  Spanning tree enabled protocol ieee
  Root ID    Priority    24606
             Address     000C.CF68.DC11
             This bridge is the root
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24606  (priority 24576 sys-id-ext 30)
             Address     000C.CF68.DC11
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/11           Desg FWD 19        128.11   P2p
Fa0/12           Desg LRN 19        128.12   P2p


Sw2#show span vlan 30
VLAN0030
  Spanning tree enabled protocol ieee
  Root ID    Priority    24606
             Address     000C.CF68.DC11
             This bridge is the root
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24606  (priority 24576 sys-id-ext 30)
             Address     000C.CF68.DC11
             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/11           Desg FWD 19        128.11   P2p
Fa0/12           Desg FWD 19        128.12   P2p


Posted by No comments:

Passed CCNP Route

I will start studying material for the Switch Exam.
Posted by No comments:

BGP Route Reflectors




R1#show ip bgp
BGP table version is 3, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i2.2.2.2/32       172.12.123.2             0    100      0 i
*>i4.4.4.4/32       172.12.123.3             0    100      0 4 i


R2#show ip bgp
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.2/32       0.0.0.0                  0         32768 i




R3#show ip bgp
BGP table version is 2, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 4.4.4.4/32       10.1.1.4                 0             0 4 i


R1(config)#router bgp 1235
R1(config-router)#nei
R1(config-router)#neighbor 172.12.123.2 rou
R1(config-router)#neighbor 172.12.123.2 route-re
R1(config-router)#neighbor 172.12.123.2 route-reflector-client
R1(config-router)#neighbor 172.12.123.2 route-reflector-client
*Mar  1 00:22:49.735: %BGP-5-ADJCHANGE: neighbor 172.12.123.2 Down RR client conf*Mar  1 00:22:52.071: %BGP-5-ADJCHANGE: neighbor 172.12.123.2 Up

R1(config-router)#neighbor 172.12.123.3 route-reflector-client
R1(config-router)#
*Mar  1 00:23:11.183: %BGP-5-ADJCHANGE: neighbor 172.12.123.3 Down RR client config change
*Mar  1 00:23:13.487: %BGP-5-ADJCHANGE: neighbor 172.12.123.3 Up

R2#
*Mar  1 00:22:48.887: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Down Peer closed the session
*Mar  1 00:22:50.867: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Up
R2#show ip bgp
BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.2/32       0.0.0.0                  0         32768 i
*>i4.4.4.4/32       172.12.123.3             0    100      0 4 i

R3#
*Mar  1 00:23:08.943: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Down Peer closed the session
*Mar  1 00:23:11.019: %BGP-5-ADJCHANGE: neighbor 172.12.123.1 Up

R3#show ip bgp
BGP table version is 5, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i2.2.2.2/32       172.12.123.2             0    100      0 i
*> 4.4.4.4/32       10.1.1.4                 0             0 4 i

Posted by No comments:
Subscribe to: Posts (Atom)