Friday 28 December 2018

How to configure spanning tree Port Fast and configuration?


Spanning tree Portfast
Portfast is a Cisco-proprietary enhanced to spanning tree. Port-fast helps to speed up the network convergence on access ports. Portfast bypass the listening and learning states 15 + 15 seconds timer and entering the spanning tree forwarding state immediately.







Portfast feature should be enabled to access port. If you enable Portfast on a port connected to switch then it might be created loops.

Portfast is disabled by default on all switch port. Configuration is simple you can configure it on global mode or interface level.

let see the configuration:-


Topology:
Portfast


Goal:

  • configure the topology as per the diagram, FastEthernet range fa0/1-6
  • observe the convergence before portfast and after, by shutdown the all the range of interface and up.
  • configure portfast in global mode.

SWITCH-1(config)#interface range fastEthernet 0/1-6
SWITCH-1(config-if-range)#shutdown
SWITCH-1(config-if-range)#
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/3, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/4, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/5, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/6, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to down


SWITCH-1(config)#interface range fastEthernet 0/1-6
SWITCH-1(config-if-range)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/3, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/4, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/5, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/6, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to up

SWITCH-1(config-if-range)#end


SWITCH-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 000C.8536.1ABC
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000C.8536.1ABC
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/4 Desg LSN 19 128.4 P2p
Fa0/1 Desg LSN 19 128.1 P2p
Fa0/3 Desg LSN 19 128.3 P2p
Fa0/6 Desg LSN 19 128.6 P2p
Fa0/5 Desg LSN 19 128.5 P2p
Fa0/2 Desg LSN 19 128.2 P2p



SWITCH-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 000C.8536.1ABC
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000C.8536.1ABC
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/4 Desg LRN 19 128.4 P2p
Fa0/1 Desg LRN 19 128.1 P2p
Fa0/3 Desg LRN 19 128.3 P2p
Fa0/6 Desg LRN 19 128.6 P2p
Fa0/5 Desg LRN 19 128.5 P2p
Fa0/2 Desg LRN 19 128.2 P2p

SWITCH-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 000C.8536.1ABC
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000C.8536.1ABC
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/6 Desg FWD 19 128.6 P2p
Fa0/5 Desg FWD 19 128.5 P2p


Fa0/2 Desg FWD 19 128.2 P2p

(we observed its take 30 seconds listening and learning states. we can by pass this by using portfast)

SWITCH-1(config)#spanning-tree portfast default
SWITCH-1(config)#interface range fastEthernet 0/1-6
SWITCH-1(config-if-range)#shutdown

%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/3, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/4, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/5, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down

%LINK-5-CHANGED: Interface FastEthernet0/6, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to down

SWITCH-1(config-if-range)#no shutdown


%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/3, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/4, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/5, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/6, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to up

SWITCH-1(config-if-range)#end
SWITCH-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 000C.8536.1ABC
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000C.8536.1ABC
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/6 Desg FWD 19 128.6 P2p
Fa0/5 Desg FWD 19 128.5 P2p


Fa0/2 Desg FWD 19 128.2 P2p

(after enable portfast all the ports by pass the learning and listening states)
lets configure portfast on interface level, we are going to configure port 1 to 5 portfast. and we will see 6 how it look.

SWITCH-1(config)#no spanning-tree portfast default


SWITCH-1(config)#interface range fastEthernet 0/1-5
SWITCH-1(config-if-range)#spanning-tree portfast

%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION


SWITCH-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 000C.8536.1ABC
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000C.8536.1ABC
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/6 Desg LSN 19 128.6 P2p
Fa0/5 Desg FWD 19 128.5 P2p


Fa0/2 Desg FWD 19 128.2 P2p

(we configure portfast on range fa0/1 to 5 but not port 6. )

 


 


Instagram

Facebook


Twitter



LINKEDIN








By at No comments:
Labels:

Thursday 27 December 2018

Etherchannel and configuration


Ether-channel or (link aggregation). Ether-channel is a technology that allows us to bundle multiple physical links into a single logical link. Ether-channel is used to aggregate bandwidth between multiple layer 2 / layer 3 interfaces.

Ether-channel increases bandwidth and provides redundancy by aggregating individual links between switches. Ether-channel load balances traffic over all the links in the bundle. We can use a maximum 8 physical interfaces to configure the bundle into a single logical link.


when we configure an EtherChannel there are two protocols we can choose from:

  • PAgP (Cisco proprietary)
  • LACP (IEEE standard)




EtherChannel mode


 EtherChannel can be dynamically configured between switches using two protocols

  • PAgP (Port Aggregation Protocol)
  • LACP (Link Aggregation Control Protocol)





PAgP there are a number of options which we can choose from, the interface can be configured as:


On (interface becomes a member of the EtherChannel but it will not negotiate).
Desirable (the interface will actively ask the other side to be an EtherChannel).
Auto (the interface will wait passively for the other side to ask to be an EtherChannel).
Off (no EtherChannel configured on the interface).


Link Aggregation Control Protocol (LACP) is similar to PAgP. We also have different options to choose from when we are going to configure the interface:



On (interfaces become a member of the EtherChannel but it does not negotiate).
Active (the interface will actively ask the other side to be an EtherChannel).
Passive (the interface will wait passively for the other side to ask to be an EtherChannel).
Off (no EtherChannel configured on the interface).

Successful combination of EtherChannel: -

On – On
Desirable –Desirable
Desirable – Auto
Active –Active
Active – passive 




let's see the configuration: -


Topology: -
Link Aggregation
Goal:-
  • configure the topology as per the diagram.
  • configure the four physical links range fa 0/1-4 from switch 1 
  • configure the four physical links range fa0/11-14 from switch 2 
  • configure pagp which is cisco proprietary protocol.



SW-1(config)#interface range fastEthernet 0/1-4


SW-1(config-if-range)#channel-protocol ?
lacp Prepare interface for LACP protocol

pagp Prepare interface for PAgP protocol

SW-1(config-if-range)#channel-protocol pagp

SW-1(config-if-range)#channel-group 11 mode ?

active Enable LACP unconditionally
auto Enable PAgP only if a PAgP device is detected
desirable Enable PAgP unconditionally
on Enable Etherchannel only
passive Enable LACP only if a LACP device is detected


SW-1(config-if-range)#channel-group 11 mode desirable
SW-1(config-if-range)#end

SW-1(config)#interface port-channel 11
SW-1(config-if)#switchport trunk encapsulation dot1q
SW-1(config-if)#switchport mode trunk
SW-1(config-if)#end


SW-2(config)#interface range fastEthernet 0/11-14
SW-2(config-if-range)#channel-protocol pagp
SW-2(config-if-range)#channel-group 11 mode desirable
SW-2(config-if-range)#end


SW-2(config)#interface port-channel 11
SW-2(config-if)#switchport trunk encapsulation dot1q
SW-2(config-if)#switchport mode trunk

SW-2(config-if)#end

SW-1#show etherchannel port-channel
Channel-group listing:
----------------------

Group: 11
----------
Port-channels in the group:
---------------------------

Port-channel: Po11
------------

Age of the Port-channel = 00d:00h:12m:38s
Logical slot/port = 2/11 Number of ports = 4
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel
Protocol = PAGP
Port Security = Disabled

Ports in the Port-channel:


Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Fa0/2 Desirable-Sl 0
0 00 Fa0/3 Desirable-Sl 0
0 00 Fa0/1 Desirable-Sl 0
0 00 Fa0/4 Desirable-Sl 0


Time since last port bundled: 00d:00h:09m:48s Fa0/4


SW-1#show etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated
d - default port


Number of channel-groups in use: 1
Number of aggregators: 1

Group Port-channel Protocol Ports
------+-------------+-----------+----------------------------------------------



11 Po11(SU) PAgP Fa0/1(P) Fa0/2(P) Fa0/3(P) Fa0/4(P)

SW-1#show etherchannel
Channel-group listing:
----------------------

Group: 11
----------
Group state = L2
Ports: 4 Maxports = 8
Port-channels: 1 Max Portchannels = 1
Protocol: PAGP

SW-2#show etherchannel port-channel
Channel-group listing:
----------------------

Group: 11
----------
Port-channels in the group:
---------------------------


Port-channel: Po11
------------

Age of the Port-channel = 00d:00h:16m:06s
Logical slot/port = 2/11 Number of ports = 4
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel
Protocol = PAGP
Port Security = Disabled

Ports in the Port-channel:


Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Fa0/11 Desirable-Sl 0
0 00 Fa0/12 Desirable-Sl 0
0 00 Fa0/13 Desirable-Sl 0
0 00 Fa0/14 Desirable-Sl 0
Time since last port bundled: 00d:00h:07m:03s Fa0/14

SW-2#show etherchannel
Channel-group listing:
----------------------

Group: 11
----------
Group state = L2
Ports: 4 Maxports = 8
Port-channels: 1 Max Portchannels = 1
Protocol: PAGP

SW-1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Port-channel11 unassigned YES unset up up
FastEthernet0/1 unassigned YES NVRAM up up
FastEthernet0/2 unassigned YES NVRAM up up
FastEthernet0/3 unassigned YES NVRAM up up
FastEthernet0/4 unassigned YES NVRAM up up

FastEthernet0/5 unassigned YES NVRAM up up



SW-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0090.0CA7.0E42
Cost 7
Port 27(Port-channel11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 00D0.D363.00A3
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------

Po11 Root FWD 7 128.27 Shr
SW-1#show interfaces trunk
Port      Mode       Encapsulation     Status    Native vlan
Po11       on             802.1q            trunking        1

Port Vlans allowed on trunk
Po11 1-1005

Port Vlans allowed and active in management domain
Po11 1

Port Vlans in spanning tree forwarding state and not pruned


Po11 1

SW-2#show interfaces trunk
Port         Mode     Encapsulation    Status     Native vlan
Po11          on           802.1q           trunking         1

Port Vlans allowed on trunk
Po11 1-1005

Port Vlans allowed and active in management domain
Po11 1

Port Vlans in spanning tree forwarding state and not pruned
Po11 1


Read more »
By at No comments:
Labels:

Friday 21 December 2018

What is Spanning tree protocol (STP)? How STP works?


Spanning tree protocol (STP) is used to preventing network loops on layer 2 network switch. STP
Monitor the network to track all links and shut down the redundant links.  
Redundant links between switches provides us redundancy but it’s also possibility to create loops when switches do broadcasts.





Spanning tree prevent loops when you have multiple redundant links between switches. Spamming tree also help us to avoid broadcast storm, frame copies and instability database. Spanning is a open standard protocol (IEEE 802.1D). Spanning tree is enable by default on all Cisco catalyst switches.

Spanning-tree terms


Root Bridge is the bridge with the lowest best bridge ID. Bridge ID is priority + MAC address of the switch. The switches within the STP network elect a root bridge, and it’s become central point in the network and all the remaining switches will be considered as Non-root Bridge.

Non-root Bridge is the bridge which is not a Root Bridge. There is only one Root Bridge in each LAN and all the remaining bridge will be considered as Non-root Bridge. Non root bridge exchange BPDUs with all the other bridges and update the Spanning tree topology database.


BPDU all switches exchange information to use for the subsequent configuration of the network is called bridge protocol data units (BPDUs). BPDU are sent every 2 seconds and maximum age 20 seconds, inside the BPDU is the bridge ID , BPDU contains information regarding ports, switches, port priority and addresses.

Bridge ID is a combination of the bridge priority 32,768 by default on all Cisco switches and the MAC address. The bridge with the lowest bridge ID becomes the root bridge in the LAN.

Port cost is determine the best path when we are using multiple links between two switches, every bridge find the most efficient path to the root bridge.

Path cost is calculated for each unique path by adding the individual port cost encountered on the way to the root bridge.

Bridge port


Root port is the link with the lowest path cost to the root bridge.


Designating port is lowest cost to get on a given network segment. Designating port is a forwarding port and we can have only one forwarding port per network segment.

Non-designating port is one with a higher cost then the designating port. These ports are put in blocking or discarding mode.

Forwarding port is either a root port or a designating port. Its forwards frames.

Blocking port are not forward frames but its still listen to BPDU frames from its neighbors but never transmit frames.

Spanning-tree Port States.


Disable state is manually disable by administrator.

Blocking state the purpose of this state is preventing loops. When the switch powers up all the ports is in blocking state 20 seconds or no limits.

 Listening state the port in this state listen the BPDU just to ensure there is no loops occur on the network before passing data frames. It takes 15 seconds.


Learning state this state listens to BPDU and learns all the paths in the switch network its take 15 seconds.

Forwarding state sends and receives all the data frames on the bridge port.

lets see the CLI



 Topology:-

Goal:
  • first we will find which switch is root bridge , root port,  block port, and forwarding port.
  • second step we will change the root bridge and we will see changes to STP ports.





sw-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0001.C70C.320A
Cost 19
Port 1(FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 00D0.BCC3.256A
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/1 Root FWD 19 128.1 P2p


sw-2#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0001.C70C.320A
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0001.C70C.320A
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/1 Desg FWD 19 128.1 P2p



(switch 2 is root bridge in our topology)

sw-3#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0001.C70C.320A
Cost 19
Port 2(FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0060.2F17.343E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 19 128.2 P2p

Fa0/3 Desg FWD 19 128.3 P2p


Switch#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0001.C70C.320A
Cost 38
Port 3(FastEthernet0/3)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0060.7062.2A37
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/3 Root FWD 19 128.3 P2p


Fa0/4 Altn BLK 19 128.4 P2p

let change the root bridge for vlan 1, we are going to configure switch 1 as a root bridge 

 sw-1(config)#spanning-tree vlan 1 priority 0
sw-1(config)#end

sw-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 1
Address 00D0.BCC3.256A
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 1 (priority 0 sys-id-ext 1)
Address 00D0.BCC3.256A
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/1 Desg FWD 19 128.1 P2p


sw-3#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 1
Address 00D0.BCC3.256A
Cost 38
Port 2(FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0060.2F17.343E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 19 128.2 P2p
Fa0/3 Altn BLK 19 128.3 P2p



now switch 3 fastethernet 0/3 become alternative block state.

 


 


Instagram

Facebook


Twitter



LINKEDIN








By at No comments:
Labels:

Wednesday 19 December 2018

What is VLAN Trunking Protocol (VTP)? How to configure VTP?




Let’s understand VTP with an example when you have a network with 30 switches and 50 VLANs. Normally you have to configure each and every switch separately and create VLANs on each and every switch in your network. Yes, it’s a time-consuming task so here comes VTP (VLAN Trunking Protocol) to help us. VTP will help us to create VLANs on one switch and all the other remaining switches will synchronize themselves. VTP manages the addition, deletion, and renaming of VLAN across the network from a focal point of control.







VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol, as I already said VTP is used to share the VLAN configuration with other switches and maintain consistency throughout that network but information will be passed only if the switch is connected with fast Ethernet or higher ports and also it must be trunk links.

VTP modes:

Server mode is the default mode and has full control over VLAN, it can create, delete, and modify VLANs configuration and synchronize VLAN configurations, server mode which is by default mode it can send and forward advertisements

Client mode This mode doesn’t store its VLAN configuration information in the NVRAM. Instead, it learns from the server each time when it boots up.  VTP client mode does not allow the administrator to create, delete, and modify any VLAN configurations, client mode is able to forward advertisements and synchronize VLAN configurations but as I said, client mode does not save VLAN configuration in NVRAM.


Transparent mode can add VLAN, modify, and as well it’s delete also VLAN configuration locally transparent mode does not synchronize VLAN configurations. It forwards advertisements and this mode save its VLAN configuration in NVRAM.

Revision number

VTP switch uses an index called the VTP configuration revision number to keep track of the most recent information. The VTP advertisement process always starts with configuration revision number 0. When subsequent change is made on the VTP server, the revision number is incremented before the advertisements are sent.


Note: before adding a switch to an existing VTP domain, make sure your switch has a VTP Revision number set to 0 before adding to the network. For best practice change the switch VTP transparent mode and then back to server mode, change the switch VTP domain name to a non-exist VTP domain, and then change it back to the original name.

VTP version: -

There are three VTP versions are available: -

VTP version 1 supports only one VTP domain. VTP version 1 checks for domain name, if the VTP domain matches then only its forwards VTP messages. It does not support token ring VLAN.


VTP version 2 support multiple VTP domain, it checks for consistency, every time when new information is added but the major difference between version 1 and 2 is version 2 support Token ring VLAN.

VTP version 3 is having features of the VTP primary server the primary server is able to create, delete, and modify VLANs. The secondary server can relay and process and save only. VTP version 3 supports the Extended VLANs range (1006 – 4094). And also support Private VLANs, RSPAN VLANs, and Support MST. VTP version 3 is compatible with version 2, but not with version 1. VTP version 3 is protected against data overwrites its ability to fix the configuration revision number higher updating. VTP version 3 has more secure methods for authentication of clear text or hidden password protection.


Let's see the configuration.


Topology: -




Goal:
  • configure the topology as per the diagram. 
  • configure trunk links as per the diagram.
  • configure VTP version 2 as per the topology and verify it 
  • create VLANs on the server and verify it on the client and transparent.




sw-1client(config)#interface gigabitEthernet 1/0/1
sw-1client(config-if)#switchport trunk encapsulation dot1q
sw-1client(config-if)#switchport mode trunk
sw-1client(config-if)#exit

sw-2server(config)#interface gigabitEthernet 1/0/1
sw-2server(config-if)#switchport trunk encapsulation dot1q
sw-2server(config-if)#switchport mode trunk
sw-2server(config-if)#exit


sw-2server(config)#interface gigabitEthernet 1/0/2
sw-2server(config-if)#switchport trunk encapsulation dot1q
sw-2server(config-if)#switchport mode trunk

sw-2server(config-if)#exit

sw-3transparent(config)#interface gigabitEthernet 1/0/1
sw-3transparent(config-if)#switchport trunk encapsulation dot1q
sw-3transparent(config-if)#switchport mode trunk
sw-3transparent(config-if)#exit

sw-3transparent(config)#interface gigabitEthernet 1/0/2
sw-3transparent(config-if)#switchport trunk encapsulation dot1q
sw-3transparent(config-if)#switchport mode trunk
sw-3transparent(config-if)#exit


sw-4client(config)#interface gigabitEthernet 1/0/1
sw-4client(config-if)#switchport trunk encapsulation dot1q
sw-4client(config-if)#switchport mode trunk

sw-4client(config-if)#exit

(we have configured trunk links between the switches)

 sw-1client#show interfaces trunk
Port          Mode          Encapsulation   Status         Native vlan
Gig1/0/1    on             802.1q               trunking           1

Port Vlans allowed on trunk
Gig1/0/1 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1

Port Vlans in spanning tree forwarding state and not pruned
Gig1/0/1 1



sw-2server#show interfaces trunk
Port             Mode          Encapsulation    Status   Native vlan
Gig1/0/1       on                  802.1q          trunking     1
Gig1/0/2       on                  802.1q          trunking     1

Port Vlans allowed on trunk
Gig1/0/1 1-1005
Gig1/0/2 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1
Gig1/0/2 1

Port Vlans in spanning tree forwarding state and not pruned
Gig1/0/1 1


Gig1/0/2 1

sw-3transparent#show interfaces trunk
Port         Mode           Encapsulation     Status         Native vlan
Gig1/0/1  on                    802.1q            trunking           1
Gig1/0/2  on                    802.1q            trunking           1

Port Vlans allowed on trunk
Gig1/0/1 1-1005
Gig1/0/2 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1
Gig1/0/2 1

Port Vlans in spanning tree forwarding state and not pruned
Gig1/0/1 1
Gig1/0/2 1


sw-4client#show interfaces trunk
Port         Mode           Encapsulation  Status    Native vlan
Gig1/0/1   on                 802.1q          trunking       1


Port Vlans allowed on trunk
Gig1/0/1 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1

Port Vlans in spanning tree forwarding state and not pruned

Gig1/0/1 1
sw-1client(config)#vtp domain internet
Changing VTP domain name from NULL to internet

sw-1client(config)#vtp password internetworks
Setting device VLAN database password to internetworks

sw-1client(config)#vtp version 2
sw-1client(config)#vtp mode client
Setting device to VTP CLIENT mode.


sw-1client(config)#exit

sw-2server(config)#vtp domain internet
sw-2server(config)#vtp password internetworks
Setting device VLAN database password to internetworks

sw-2server(config)#vtp version 2
sw-2server(config)#vtp mode server
Device mode already VTP SERVER.

                                                   

   (Server mode is the default mode)


sw-2server(config)#exit
sw-3transparent(config)#vtp domain internet
.sw-3transparent(config)#vtp password internetworks
sw-3transparent(config)#vtp version 2
sw-3transparent(config)#vtp mode transparent
Setting device to VTP TRANSPARENT mode.


sw-3transparent(config)#exit


sw-1client#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0001.9602.DC00
Configuration last modified by 0.0.0.0 at 3-1-93 01:31:37

Feature VLAN :
--------------
VTP Operating Mode : Client
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 3
MD5 digest : 0x60 0x44 0x82 0xBB 0xDF 0x2A 0x50 0x67

0xC5 0x9E 0x78 0x39 0x55 0x44 0x65 0x58


sw-2server#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0009.7C30.9B00
Configuration last modified by 0.0.0.0 at 3-1-93 01:31:37
Local updater ID is 0.0.0.0 (no valid interface found)

Feature VLAN :
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 3
MD5 digest : 0x60 0x44 0x82 0xBB 0xDF 0x2A 0x50 0x67

0xC5 0x9E 0x78 0x39 0x55 0x44 0x65 0x58


sw-3transparent#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0001.C7D1.B600
Configuration last modified by 0.0.0.0 at 3-1-93 01:31:37

Feature VLAN :
--------------
VTP Operating Mode : Transparent
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 0
MD5 digest : 0x36 0xD0 0x36 0xEB 0x4C 0xC4 0x8D 0x2E

0xAB 0xA6 0xDA 0xAD 0x97 0x37 0x4A 0xB9

( you can see the revision number is 0 the reason is the switch is  VTP transparent mode)

sw-4client#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 00D0.BAA6.DA00
Configuration last modified by 0.0.0.0 at 3-1-93 00:07:21


Feature VLAN :
--------------
VTP Operating Mode : Client
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 2
MD5 digest : 0x0F 0x76 0x3F 0x32 0xAB 0x02 0x87 0x25

0x4C 0x4A 0xB4 0xF2 0x10 0xBB 0x14 0x69

(lets create vlans on server and verify it)

sw-2server(config)#vlan 10
sw-2server(config-vlan)#name HR
sw-2server(config-vlan)#exit

sw-2server(config)#vlan 20
sw-2server(config-vlan)#name SALES
sw-2server(config-vlan)#exit


sw-2server(config)#vlan 30
sw-2server(config-vlan)#name MARKETING
sw-2server(config-vlan)#exit

sw-2server(config)#VLAN 40
sw-2server(config-vlan)#name INFO-TECH

sw-2server(config-vlan)#exit

from switch 1 (VTP client mode)





from switch 2 (VTP mode server)



from switch 3 (VTP mode transparent)
{from the above output you can see there is no synchronization the reason is this switch is configured in transparent mode. but the transparent mode switch can forward the VLAN information. in our case, it's forward the VLAN information to our switch 4 (sw-4 client). you can configure VLAN on a transparent mode switch locally.}



from switch 4 (VTP mode client)

(lets configure VLAN on transparent mode switch)

sw-3transparent(config)#vlan 10
sw-3transparent(config-vlan)#name SALES
sw-3transparent(config-vlan)#exit

sw-3transparent(config)#vlan 20
sw-3transparent(config-vlan)#name HR
sw-3transparent(config-vlan)#exit

sw-3transparent(config)#vlan 30
sw-3transparent(config-vlan)#name MARKETING
sw-3transparent(config-vlan)#exit


sw-3transparent(config)#vlan 40
sw-3transparent(config-vlan)#name INFO-TECH

sw-3transparent(config-vlan)#exit

from switch 3 (VTP  transparent mode)


(in the next section we will see the configuration of VTP version 3)

 


 


Instagram

Facebook


Twitter



LINKEDIN








By at 3 comments:
Labels:
Subscribe to: Posts (Atom)

What is Virtual Router Redundancy Protocol (VRRP)? How to configure Virtual Router Redundancy Protocol (VRRP)?

 Virtual Router Redundancy Protocol (VRRP) is a gateway redundancy networking protocol used to create a virtual gateway similar to HSRP . VR...