What is Spanning tree protocol (STP)? How STP works?

Spanning tree protocol (STP) is used to preventing network loops on layer 2 network switch. STP

Monitor the network to track all links and shut down the redundant links.  

Redundant links between switches provides us redundancy but it’s also possibility to create loops when switches do broadcasts.

Spanning tree prevent loops when you have multiple redundant links between switches. Spamming tree also help us to avoid broadcast storm, frame copies and instability database. Spanning is a open standard protocol (IEEE 802.1D). Spanning tree is enable by default on all Cisco catalyst switches.

Spanning-tree terms

Root Bridge is the bridge with the lowest best bridge ID. Bridge ID is priority + MAC address of the switch. The switches within the STP network elect a root bridge, and it’s become central point in the network and all the remaining switches will be considered as Non-root Bridge.

Non-root Bridge is the bridge which is not a Root Bridge. There is only one Root Bridge in each LAN and all the remaining bridge will be considered as Non-root Bridge. Non root bridge exchange BPDUs with all the other bridges and update the Spanning tree topology database.

BPDU all switches exchange information to use for the subsequent configuration of the network is called bridge protocol data units (BPDUs). BPDU are sent every 2 seconds and maximum age 20 seconds, inside the BPDU is the bridge ID , BPDU contains information regarding ports, switches, port priority and addresses.

Bridge ID is a combination of the bridge priority 32,768 by default on all Cisco switches and the MAC address. The bridge with the lowest bridge ID becomes the root bridge in the LAN.

Port cost is determine the best path when we are using multiple links between two switches, every bridge find the most efficient path to the root bridge.

Path cost is calculated for each unique path by adding the individual port cost encountered on the way to the root bridge.

Bridge port

Root port is the link with the lowest path cost to the root bridge.

Designating port is lowest cost to get on a given network segment. Designating port is a forwarding port and we can have only one forwarding port per network segment.

Non-designating port is one with a higher cost then the designating port. These ports are put in blocking or discarding mode.

Forwarding port is either a root port or a designating port. Its forwards frames.

Blocking port are not forward frames but its still listen to BPDU frames from its neighbors but never transmit frames.

Spanning-tree Port States.

Disable state is manually disable by administrator.

Blocking state the purpose of this state is preventing loops. When the switch powers up all the ports is in blocking state 20 seconds or no limits.

 Listening state the port in this state listen the BPDU just to ensure there is no loops occur on the network before passing data frames. It takes 15 seconds.

Learning state this state listens to BPDU and learns all the paths in the switch network its take 15 seconds.

Forwarding state sends and receives all the data frames on the bridge port.

lets see the CLI

 Topology:-

Goal:

• first we will find which switch is root bridge , root port,  block port, and forwarding port.
• second step we will change the root bridge and we will see changes to STP ports.

sw-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0001.C70C.320A
Cost 19
Port 1(FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 00D0.BCC3.256A
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/1 Root FWD 19 128.1 P2p


sw-2#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0001.C70C.320A
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0001.C70C.320A
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/1 Desg FWD 19 128.1 P2p



(switch 2 is root bridge in our topology)

sw-3#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0001.C70C.320A
Cost 19
Port 2(FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0060.2F17.343E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 19 128.2 P2p

Fa0/3 Desg FWD 19 128.3 P2p


Switch#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0001.C70C.320A
Cost 38
Port 3(FastEthernet0/3)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0060.7062.2A37
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/3 Root FWD 19 128.3 P2p


Fa0/4 Altn BLK 19 128.4 P2p

let change the root bridge for vlan 1, we are going to configure switch 1 as a root bridge 

sw-1(config)#spanning-tree vlan 1 priority 0
sw-1(config)#end

sw-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 1
Address 00D0.BCC3.256A
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 1 (priority 0 sys-id-ext 1)
Address 00D0.BCC3.256A
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/1 Desg FWD 19 128.1 P2p


sw-3#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 1
Address 00D0.BCC3.256A
Cost 38
Port 2(FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0060.2F17.343E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 19 128.2 P2p
Fa0/3 Altn BLK 19 128.3 P2p



now switch 3 fastethernet 0/3 become alternative block state.

 

 

Instagram

YouTube

Facebook

Twitter

LINKEDIN

What is VLAN Trunking Protocol (VTP)? How to configure VTP?

Let’s understand VTP with an example when you have a network with 30 switches and 50 VLANs. Normally you have to configure each and every switch separately and create VLANs on each and every switch in your network. Yes, it’s a time-consuming task so here comes VTP (VLAN Trunking Protocol) to help us. VTP will help us to create VLANs on one switch and all the other remaining switches will synchronize themselves. VTP manages the addition, deletion, and renaming of VLAN across the network from a focal point of control.

VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol, as I already said VTP is used to share the VLAN configuration with other switches and maintain consistency throughout that network but information will be passed only if the switch is connected with fast Ethernet or higher ports and also it must be trunk links.

VTP modes:

Server mode is the default mode and has full control over VLAN, it can create, delete, and modify VLANs configuration and synchronize VLAN configurations, server mode which is by default mode it can send and forward advertisements

Client mode This mode doesn’t store its VLAN configuration information in the NVRAM. Instead, it learns from the server each time when it boots up.  VTP client mode does not allow the administrator to create, delete, and modify any VLAN configurations, client mode is able to forward advertisements and synchronize VLAN configurations but as I said, client mode does not save VLAN configuration in NVRAM.

Transparent mode can add VLAN, modify, and as well it’s delete also VLAN configuration locally transparent mode does not synchronize VLAN configurations. It forwards advertisements and this mode save its VLAN configuration in NVRAM.

Revision number

VTP switch uses an index called the VTP configuration revision number to keep track of the most recent information. The VTP advertisement process always starts with configuration revision number 0. When subsequent change is made on the VTP server, the revision number is incremented before the advertisements are sent.

Note: before adding a switch to an existing VTP domain, make sure your switch has a VTP Revision number set to 0 before adding to the network. For best practice change the switch VTP transparent mode and then back to server mode, change the switch VTP domain name to a non-exist VTP domain, and then change it back to the original name.

VTP version: -

There are three VTP versions are available: -

VTP version 1 supports only one VTP domain. VTP version 1 checks for domain name, if the VTP domain matches then only its forwards VTP messages. It does not support token ring VLAN.

VTP version 2 support multiple VTP domain, it checks for consistency, every time when new information is added but the major difference between version 1 and 2 is version 2 support Token ring VLAN.

VTP version 3 is having features of the VTP primary server the primary server is able to create, delete, and modify VLANs. The secondary server can relay and process and save only. VTP version 3 supports the Extended VLANs range (1006 – 4094). And also support Private VLANs, RSPAN VLANs, and Support MST. VTP version 3 is compatible with version 2, but not with version 1. VTP version 3 is protected against data overwrites its ability to fix the configuration revision number higher updating. VTP version 3 has more secure methods for authentication of clear text or hidden password protection.

Let's see the configuration.

Topology: -

Goal:

• configure the topology as per the diagram. 
• configure trunk links as per the diagram.
• configure VTP version 2 as per the topology and verify it 
• create VLANs on the server and verify it on the client and transparent.

sw-1client(config)#interface gigabitEthernet 1/0/1
sw-1client(config-if)#switchport trunk encapsulation dot1q
sw-1client(config-if)#switchport mode trunk

sw-1client(config-if)#exit

sw-2server(config)#interface gigabitEthernet 1/0/1
sw-2server(config-if)#switchport trunk encapsulation dot1q
sw-2server(config-if)#switchport mode trunk

sw-2server(config-if)#exit


sw-2server(config)#interface gigabitEthernet 1/0/2
sw-2server(config-if)#switchport trunk encapsulation dot1q
sw-2server(config-if)#switchport mode trunk

sw-2server(config-if)#exit

sw-3transparent(config)#interface gigabitEthernet 1/0/1

sw-3transparent(config-if)#switchport trunk encapsulation dot1q
sw-3transparent(config-if)#switchport mode trunk
sw-3transparent(config-if)#exit

sw-3transparent(config)#interface gigabitEthernet 1/0/2
sw-3transparent(config-if)#switchport trunk encapsulation dot1q
sw-3transparent(config-if)#switchport mode trunk
sw-3transparent(config-if)#exit


sw-4client(config)#interface gigabitEthernet 1/0/1
sw-4client(config-if)#switchport trunk encapsulation dot1q
sw-4client(config-if)#switchport mode trunk

sw-4client(config-if)#exit

(we have configured trunk links between the switches)

sw-1client#show interfaces trunk
Port          Mode          Encapsulation   Status         Native vlan
Gig1/0/1    on             802.1q               trunking           1

Port Vlans allowed on trunk
Gig1/0/1 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1

Port Vlans in spanning tree forwarding state and not pruned
Gig1/0/1 1



sw-2server#show interfaces trunk
Port             Mode          Encapsulation    Status   Native vlan
Gig1/0/1       on                  802.1q          trunking     1
Gig1/0/2       on                  802.1q          trunking     1

Port Vlans allowed on trunk
Gig1/0/1 1-1005
Gig1/0/2 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1
Gig1/0/2 1

Port Vlans in spanning tree forwarding state and not pruned
Gig1/0/1 1


Gig1/0/2 1

sw-3transparent#show interfaces trunk
Port         Mode           Encapsulation     Status         Native vlan
Gig1/0/1  on                    802.1q            trunking           1
Gig1/0/2  on                    802.1q            trunking           1

Port Vlans allowed on trunk
Gig1/0/1 1-1005
Gig1/0/2 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1
Gig1/0/2 1

Port Vlans in spanning tree forwarding state and not pruned
Gig1/0/1 1
Gig1/0/2 1


sw-4client#show interfaces trunk
Port         Mode           Encapsulation  Status    Native vlan
Gig1/0/1   on                 802.1q          trunking       1


Port Vlans allowed on trunk
Gig1/0/1 1-1005

Port Vlans allowed and active in management domain
Gig1/0/1 1

Port Vlans in spanning tree forwarding state and not pruned

Gig1/0/1 1


sw-1client(config)#vtp domain internet
Changing VTP domain name from NULL to internet

sw-1client(config)#vtp password internetworks
Setting device VLAN database password to internetworks

sw-1client(config)#vtp version 2
sw-1client(config)#vtp mode client
Setting device to VTP CLIENT mode.


sw-1client(config)#exit

sw-2server(config)#vtp domain internet
sw-2server(config)#vtp password internetworks
Setting device VLAN database password to internetworks

sw-2server(config)#vtp version 2
sw-2server(config)#vtp mode server
Device mode already VTP SERVER.

                                                   

   (Server mode is the default mode)

sw-2server(config)#exit
sw-3transparent(config)#vtp domain internet
.sw-3transparent(config)#vtp password internetworks
sw-3transparent(config)#vtp version 2
sw-3transparent(config)#vtp mode transparent
Setting device to VTP TRANSPARENT mode.


sw-3transparent(config)#exit


sw-1client#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0001.9602.DC00
Configuration last modified by 0.0.0.0 at 3-1-93 01:31:37

Feature VLAN :
--------------
VTP Operating Mode : Client
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 3
MD5 digest : 0x60 0x44 0x82 0xBB 0xDF 0x2A 0x50 0x67

0xC5 0x9E 0x78 0x39 0x55 0x44 0x65 0x58


sw-2server#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0009.7C30.9B00
Configuration last modified by 0.0.0.0 at 3-1-93 01:31:37
Local updater ID is 0.0.0.0 (no valid interface found)

Feature VLAN :
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 3
MD5 digest : 0x60 0x44 0x82 0xBB 0xDF 0x2A 0x50 0x67

0xC5 0x9E 0x78 0x39 0x55 0x44 0x65 0x58


sw-3transparent#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0001.C7D1.B600
Configuration last modified by 0.0.0.0 at 3-1-93 01:31:37

Feature VLAN :
--------------
VTP Operating Mode : Transparent
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 0
MD5 digest : 0x36 0xD0 0x36 0xEB 0x4C 0xC4 0x8D 0x2E

0xAB 0xA6 0xDA 0xAD 0x97 0x37 0x4A 0xB9

( you can see the revision number is 0 the reason is the switch is  VTP transparent mode)

sw-4client#show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : internet
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 00D0.BAA6.DA00
Configuration last modified by 0.0.0.0 at 3-1-93 00:07:21


Feature VLAN :
--------------
VTP Operating Mode : Client
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
Configuration Revision : 2
MD5 digest : 0x0F 0x76 0x3F 0x32 0xAB 0x02 0x87 0x25

0x4C 0x4A 0xB4 0xF2 0x10 0xBB 0x14 0x69

(lets create vlans on server and verify it)

sw-2server(config)#vlan 10
sw-2server(config-vlan)#name HR
sw-2server(config-vlan)#exit

sw-2server(config)#vlan 20
sw-2server(config-vlan)#name SALES
sw-2server(config-vlan)#exit


sw-2server(config)#vlan 30
sw-2server(config-vlan)#name MARKETING
sw-2server(config-vlan)#exit

sw-2server(config)#VLAN 40
sw-2server(config-vlan)#name INFO-TECH

sw-2server(config-vlan)#exit

from switch 1 (VTP client mode)

from switch 2 (VTP mode server)

from switch 3 (VTP mode transparent)

{from the above output you can see there is no synchronization the reason is this switch is configured in transparent mode. but the transparent mode switch can forward the VLAN information. in our case, it's forward the VLAN information to our switch 4 (sw-4 client). you can configure VLAN on a transparent mode switch locally.}

from switch 4 (VTP mode client)

(lets configure VLAN on transparent mode switch)

sw-3transparent(config)#vlan 10
sw-3transparent(config-vlan)#name SALES
sw-3transparent(config-vlan)#exit

sw-3transparent(config)#vlan 20
sw-3transparent(config-vlan)#name HR
sw-3transparent(config-vlan)#exit

sw-3transparent(config)#vlan 30
sw-3transparent(config-vlan)#name MARKETING
sw-3transparent(config-vlan)#exit


sw-3transparent(config)#vlan 40
sw-3transparent(config-vlan)#name INFO-TECH

sw-3transparent(config-vlan)#exit

from switch 3 (VTP  transparent mode)

(in the next section we will see the configuration of VTP version 3)

 

 

Instagram

YouTube

Facebook

Twitter

LINKEDIN

All the methods of Inter-Vlan Routing configuration

When you want to establish communication between different VLANs you will need a device that can do routing. You could use an external router with separate physical gateways or sub-interface (router on stick) method but it’s also possible to use a multilayer switch. 

The router must have a physical or logical connection to each VLAN so that it can forward packets between VLANs.

Let’s see the first method router with separate physical gateways:-

Topology:

Goal:

• configure the topology as per our diagram  and  the assign the IP addresses.
• create VLAN 101 sales and VLAN 102 marketing and assign the interfaces to their VLAN as per the diagram

Router(config)#interface fastEthernet 0/0
Router(config-if)#ip address 192.168.10.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

Router(config)#interface fastEthernet 0/1
Router(config-if)#ip address 192.168.20.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit

%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

Router#show ip interface brief
Interface               IP-Address       OK? Method    Status    Protocol

FastEthernet0/0    192.168.10.1    YES manual     up        up
FastEthernet         192.168.20.1    YES manual     up        up

Switch(config)#vlan 101

Switch(config-vlan)#name sales
Switch(config-vlan)#exit

Switch(config)#vlan 102
Switch(config-vlan)#name marketing

Switch(config-vlan)#exit

Switch(config)#interface range fastEthernet 0/1-2
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 101
Switch(config-if-range)#exit

Switch(config)#interface range fastEthernet 0/3-4
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 102

Switch(config-if-range)#exit

Switch(config)#interface fastEthernet 0/5
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 101
Switch(config-if)#exit

Switch(config)#interface fastEthernet 0/6
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 102

Switch(config-if)#exit

FROM HOST 1

lets see from HOST 4

FROM HOST 4

A router on stick can be used to route between VLANs using either ISL or IEEE 801.1Q as the trunking protocol. its requires sub-interface for each respective VLAN.

NOTE: whatever is your VLAN number its should be exact on sub-interface.

Let see the configuration using sub-interface (router on stick)

Topology:-

Goal:

• configure the topology as per the diagram and assign the IP addresses 
• configure VLAN 101 and VLAN 102
• assign the port to their respective VLANs
• configure sub-interfaces on router fast Ethernet 0/0 assign IP address as per the topology
• ensure the connectivity between VLAN 101 and VLAN 102, make sure HOST 1 (VLAN 101) IS able to ping HOST 4 (VLAN 102).

Switch(config)#vlan 101
Switch(config-vlan)#name sales
Switch(config-vlan)#exit

Switch(config)#vlan 102
Switch(config-vlan)#name marketing
Switch(config-vlan)#exit

Switch(config)#interface range fastEthernet 0/1-2
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 101
Switch(config-if-range)#exit

Switch(config)#interface range fastEthernet 0/3-4
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 102

Switch(config-if-range)#exit

Switch(config)#interface fastEthernet 0/5
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#switchport trunk allowed vlan 101,102

Switch(config-if)#exit

Router(config)#interface fastEthernet 0/0
Router(config-if)#no shutdown
Router(config-if)#exit

Router(config)#interface fastEthernet 0/0.101
Router(config-subif)#encapsulation dot1Q 101
Router(config-subif)#ip address 192.168.10.1 255.255.255.0
Router(config-subif)#exit

Router(config)#interface fastEthernet 0/0.102
Router(config-subif)#encapsulation dot1Q 102
Router(config-subif)#ip address 192.168.20.1 255.255.255.0

Router(config-subif)#exit

%LINK-5-CHANGED: Interface FastEthernet0/0.102, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.102, changed state to up

Router#show ip interface brief
Interface                         IP-Address          OK?      Method   Status          Protocol
FastEthernet0/0             unassigned          YES      manual      up                    up
FastEthernet0/0.101      192.168.10.1       YES      manual      up                    up

FastEthernet0/0.102      192.168.20.1       YES      manual      up                    up

from host 1

from host 4

Dynamic Trunking Protocol (DTP) and configuration

Cisco has implemented a proprietary, point-to-point protocol called Dynamic Trunking protocol (DTP) that negotiates a common trunking mode between two switches. DTP is used on Cisco IOS switches to negotiate if the interface should become an access port or trunk port.

By default Dynamic Trunking Protocol DTP is enabled and the interfaces of our switches will be in (dynamic auto) or (dynamic desirable) mode. Its means that whenever we receive a DTP packet that requests to form a trunk, your interface will be in trunk mode.

You should disable DTP negotiation if a switch has a trunk link connected a non-trunking router or firewall interface because those devices cannot participate in DTP negotiation.

(if you are not familiar with trunk link click Trunk Link and configuration ).

 Dynamic Trunking Protocol modes:-

1. Desirable

• This mode is desire to become trunk. in other words this mode always want to be trunk. desirable mode sends and response (reply) to DTP messages. this mode can beecome a trunk is the other side of switch is set to trunk, dynamic desirable or dynamic auto mode.

2. Auto:

• This mode only response  (reply) to DTP messages but it do not sent. auto mode is default mode  on most of the modern switches. auto mode it only become a trunk if the other switch link is set to trunk or dynamic desirable mode.

3. Trunk:

• this mode configure manually by the command switchport mode trunk. this port also negotiates trunking with the port on the other side switch link.

4. Access:

• This port is also configure manually by the command switchport mode access. access port is a end user port in a single VLAN.

5. NO-Negotiate:

• this mode means DTP is disable, there is no DTP messages. the port is a trunk but does not do DTP negotiation with any side of the link.

                                         

	dynamic auto	dynamic desirable	Trunk	Access
dynamic auto	access	Trunk	Trunk	Access
dynamic desirable	Trunk	Trunk	Trunk	Access
Trunk	Trunk	Trunk	Trunk	limited connectivity (not recommended)
Access	access	access	limited connectivity (not recommended)	Access

NOTE: Configure trunk links statically whenever possible. The default DTP mode is dependent on the Cisco IOS Software version and on the platform.

let see the configuration:-

Topology:-

Goal:

• configure the topology as per the diagram, configure VLAN 10 on both the switch and shift the port to  respective VLAN 10.
• configure fastethernet 0/2 of switch 1 to actively negotiate the DTP messages and switch 2 fastethernet 0/2 port should reply to the DTP messages. make sure host 1 can communicate with his vlan 10 partner host 2 on other switch .

Switch(config)#hostname switch-1
switch-1(config)#vlan 10
switch-1(config-vlan)#name sales
switch-1(config-vlan)#exit

Switch(config)#hostname switch-2
switch-2(config)#vlan 10
switch-2(config-vlan)#name sales
switch-2(config-vlan)#exit

switch-1(config-if)#interface fastEthernet 0/1
switch-1(config-if)#switchport mode access
switch-1(config-if)#switchport access vlan 10
switch-1(config-if)#exit

switch-2(config)#interface fastEthernet 0/1
switch-2(config-if)#switchport mode access
switch-2(config-if)#switchport access vlan 10
switch-2(config-if)#exit

SWITCH -1

SWITCH - 2

switch-1#show interfaces fastEthernet 0/2 switchport
Name: Fa0/2
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On

Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false

Appliance trust: none

switch-1(config)#interface fastEthernet 0/2

switch-1(config-if)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
trunk Set trunking mode to TRUNK unconditionally

switch-1(config-if)#switchport mode dynamic ?
auto Set trunking mode dynamic negotiation parameter to AUTO
desirable Set trunking mode dynamic negotiation parameter to DESIRABLE

switch-1(config-if)#switchport mode dynamic desirable


%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down


%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up

switch-1#show interfaces fastEthernet 0/2 switchport
Name: Fa0/2
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false

Appliance trust: none


(from the above output you can see fastethernet 0/2 is become trunk via DTP negotiation process.)

switch-1#show interfaces trunk
Port          Mode          Encapsulation     Status     Native vlan
Fa0/       desirable          n-802.1q         trunking        1

Port Vlans allowed on trunk
Fa0/2 1-1005

Port Vlans allowed and active in management domain
Fa0/2 1,10

Port Vlans in spanning tree forwarding state and not pruned

Fa0/2 1,10

switch-2#show interfaces trunk
Port          Mode            Encapsulation     Status           Native vlan
Fa0/2       auto                 n-802.1q         trunking             1

Port Vlans allowed on trunk
Fa0/2 1-1005

Port Vlans allowed and active in management domain
Fa0/2 1,10

Port Vlans in spanning tree forwarding state and not pruned


Fa0/2 1,10

switch-1#show dtp
Global DTP information
Sending DTP Hello packets every 30 seconds
Dynamic Trunk timeout is 300 seconds

1 interfaces using DTP

switch-2#show dtp
Global DTP information
Sending DTP Hello packets every 30 seconds
Dynamic Trunk timeout is 300 seconds

1 interfaces using DTP

(let see the connectivity between host 1 and host 2 both are in same VLAN 10  but on different switches.)

from HOST 1

from HOST 2

 

 

Instagram

YouTube

Facebook

Twitter

LINKEDIN