CCNP Switch Lab 3-4, Multiple Spanning Tree
Topology
Objective
- Observe the behavior of multiple spanning tree (MST).
Background
Four switches have just been installed. The distribution layer switches are Catalyst 3560s, and the access layer switches are Catalyst 2960s. There are redundant uplinks between the access layer and distribution layer. Because of the possibility of bridging loops, spanning tree logically removes any redundant links. In this lab, we will group VLANs using MST so that we can have fewer spanning tree instances running at once to minimize switch CPU load.
Note: This lab uses Cisco WS-C2960-24TT-L with the Cisco IOS image c2960-lanbasek9-mz.122-46.SE.bin and Catalyst 3560-24PS switches with the Cisco IOS image c3560-advipservicesk9-mz.122-46.SE.bin. Other switches (such as a 2950 or 3550), and Cisco IOS Software versions can be used if they have comparable capabilities and features. Depending on the switch model and Cisco IOS Software version, the commands available and output produced might vary from what is shown in this lab.
Note: VTP version 3, is not supported by the IOS used on the switches in this lab. However, it is supported in IOS versions 12.2(52)SE and newer on all platforms eligible for this IOS (2960, 3560, 3750, etc.). VTPv3 has improvements in three major areas.
- Better administrative control over which device is allowed to update other devices’ view of the VLAN topology. The chance of unintended and disruptive changes is significantly reduced, and availability is increased.
- Functionality for the VLAN environment has been significantly expanded. In addition to supporting the earlier ISL VLAN range from 1 to 1001, the new version supports the whole IEEE 802.1Q VLAN range up to 4095. In addition to supporting the concept of normal VLANs, VTP version 3 can transfer information regarding Private VLAN (PVLAN) structures.
- The third area of major improvement is support for databases other than VLAN. For example, VTPv3 supports MST mapping propagation instances, can synchronize MST configuration and be very helpful in maintaining the coherent MST configuration on all switches.
Required Resources
- 2 switch (Cisco 2960 with the Cisco IOS Release 12.2(46)SE C2960-LANBASEK9-M image or comparable)
- 2 switches (Cisco 3560 with the Cisco IOS Release 12.2(46)SE C3560-ADVIPSERVICESK9-M image or comparable)
- Ethernet and console cables
Step 1 : Prepare the switches for the lab.
a. Delete vlan.dat file, erase the startup config, and reload the switches.
b. Give each switch a hostname according to the topology diagram.
c. Configure ports Fa0/7 through Fa0/12 on all switches to be trunks. On the 3560s, first set the trunk encapsulation to dot1q. On the 2960s, only dot1q is supported, therefore the switchport trunk encapsulation command is unavailable, but the mode still needs to be changed to trunk. If you do not set the mode of the ports to trunk, they will negotiate the operational mode according to their default DTP settings.
Note: The default mode on a 3560 or 2960 is dynamic auto; the default mode on a 3550 or 2950 is dynamic desirable.
DLS1 example:
DLS1(config)# interface range fastEthernet 0/7 - 12 DLS1(config-if-range)# switchport trunk encapsulation dot1q DLS1(config-if-range)# switchport mode trunk
Step 2: Configure VTP and VLANs.
a. Configure all switches with VTP mode transparent and VTP domain CISCO. Add VLANs 10, 20, 30, 40, 50, 60, 70, 80, 90 and 100 to all of them.
DLS1 example:
DLS1# configure terminal Enter configuration commands, one per line. End with CNTL/Z. DLS1(config)# vtp mode transparent Setting device to VTP TRANSPARENT mode. DLS1(config) #vtp domain CISCO Changing VTP domain name from NULL to CISCO DLS1(config)# vlan 10,20,30,40,50,60,70,80,90,100 DLS1(config-vlan)# end
b. Issue the show vlan brief command to view the VLAN configurations.
Step 3: Display spanning tree information.
Issue the show spanning-tree command on one of the switches. How many spanning tree instances are running?
__________________________________________________________________________________
__________________________________________________________________________________
Eleven VLANs – The 10 new ones just created and VLAN 1.
Spanning tree is running a separate spanning tree instance for each VLAN created, plus VLAN 1. This method assumes that each VLAN could be running on a differently shaped topology. However, in many networks, multiple VLANs follow the same physical topology, so multiple spanning-tree calculations for the same topologies can get redundant. MST lets you configure different spanning tree instances. Each instance can hold a group of VLANs and manages its own spanning tree calculation.
MST is convenient in that it is backward compatible with PVST and RPVST+. Two switches only run MST with each other if they are in the same MST region. An MST region is defined by switches having identical region names, revision numbers, and VLAN-to-instance assignments. If they differ by any single attribute, they are considered different MST regions and fall back to RPVST+.
Step 4: Configure MST globally.
a. To configure MST, first use the global configuration command spanning-tree mode mst on all four switches. The command is shown for DLS1 only.
DLS1(config)# spanning-tree mode mst
By default, all VLANs are assigned to instance 0, but can be moved around to different instances when MST
is configured.
b. Issue the show spanning-tree command and observe that there is only one spanning tree (instance 0) coming up. Also notice that the mode is listed as MSTP.
c. If you use the show spanning-tree mst configuration command, you can see a switch’s current MST configuration. Because you have not configured any MST region settings, the switch shows the default settings.
DLS1# show spanning-tree mst configuration Name [] Revision 0 Instance Vlans mapped -------- --------------------------------------------------------------- 0 1-4094 -------------------------------------------------------------------------
Step 5: Configure the MST region and instances.
Now that MST has been enabled, we can configure the MST region settings to group VLANs. We use the region name CISCO and a revision number of 1. We put VLANs 20 through 50 into instance 1, and 80 and 100 into instance 2. The rest of the VLANs remain in instance 0, the default.
a. To begin modifying the MST configuration, type the global configuration command spanning-tree mst configuration. Configuring MST is different from other switch configurations, because changes are not applied until you are finished (similar to the deprecated VLAN database mode), and you can abort changes if you wish.
Note: You must apply identical configurations on each switch for MST to work properly. The commands are shown for DLS1 only.
DLS1(config)# spanning-tree mst configuration
DLS1(config-mst)#
b. When you are in MST configuration mode, you can view the current configuration using the show current command. You do not need to leave configuration mode to execute this command. Notice that the output is identical to show spanning-tree mst configuration.
DLS1(config-mst)# show current Current MST configuration Name [] Revision 0 Instance Vlans mapped -------- --------------------------------------------------------------- 0 1-4094 -------------------------------------------------------------------------
Change the region name by typing name name. Change the revision number by typing revision number.
DLS1(config-mst)# name CISCO
DLS1(config-mst)# revision 1
Note: The MST revision number is not like the configuration revision number used with VTP. It does not increment when changes are made. Along with the region name, the revision number identifies the MST domain and must be the same on all systems in the MST region.
c. The last configuration change you have to make is putting VLANs into instances. Use the command instance number vlan vlan_range. The instance number can be between 0 and 15. Remember that 0 is the default instance number.
DLS1(config-mst)# instance 1 vlan 20-50
DLS1(config-mst)# instance 2 vlan 80,100
d. You can verify the changes you are about to make with the show pending command. Remember that the changes that you just entered are not committed until you type exit, end or Ctrl+C. If you do not like the changes you made, you can leave the prompt without committing them by typing abort. In the output below, notice the difference between show current and show pending.
DLS1(config-mst)# show current Current MST configuration Name [] Revision 0 Instance Vlans mapped -------- --------------------------------------------------------------- 0 1-4094 ------------------------------------------------------------------------- DLS1(config-mst)# show pending Pending MST configuration Name [CISCO] Revision 1 Instance Vlans mapped -------- --------------------------------------------------------------- 0 1-19,51-79,81-99,101-4094 1 20-50 2 80,100 ------------------------------------------------------------------------- DLS1(config-mst)# exit
e. If you enter the show spanning-tree mst configuration command, you can see that the current configuration reflects the changes you just committed. Remember to perform the same configuration on all four switches.
DLS1# show span mst configuration Name [CISCO] Revision 1 Instance Vlans mapped -------- --------------------------------------------------------------- 0 1-19,51-79,81-99,101-4094 1 20-50 2 80,100 -------------------------------------------------------------------------
Why do the switches wait until you are finished making changes to MST to commit them, rather than changing MST as you enter commands (like most switch commands)?
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
If switches changed the MST configuration as you entered commands, it could cause instability in the network because two switches will only participate in MST if their parameters match.
f. Verify that separate instances of spanning tree are running.
Challenge
You can modify per-instance MST spanning tree attributes the same way you can modify per-VLAN attributes. Make DLS1 the root of instance 1 and DLS2 the root of instance 2.
HINT: Use a question mark on the global configuration command spanning-tree mst ?.
Making DLS1 the root of instance 1 and DLS2 the root of instance 2 is performed with the command spanning-tree mst instance root primary. You can also achieve this by manually manipulating priorities with spanning-tree mst instance priority number.
DLS1(config)# spanning-tree mst 1 root primary DLS2(config)# spanning-tree mst 2 root primary
You can verify the results of these commands with show spanning-tree:
Device Configurations (Instructor version)
Switch DLS1
hostname DLS1 ! vtp domain CISCO vtp mode transparent ! spanning-tree mode mst ! spanning-tree mst configuration name CISCO revision 1 instance 1 vlan 20-50 instance 2 vlan 80, 100 ! spanning-tree mst 1 root primary ! vlan 10,20,30,40,50,60,70,80,90,100 ! interface FastEthernet0/7 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/8 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/9 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/10 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/11 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/12 switchport trunk encapsulation dot1q switchport mode trunk ! end
Switch DLS2
hostname DLS2 ! vtp domain CISCO vtp mode transparent ! spanning-tree mode mst ! spanning-tree mst configuration name CISCO revision 1 instance 1 vlan 20-50 instance 2 vlan 80, 100 ! spanning-tree mst 2 root primary ! vlan 10,20,30,40,50,60,70,80,90,100 ! interface FastEthernet0/7 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/8 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/9 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/10 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/11 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/12 switchport trunk encapsulation dot1q switchport mode trunk ! end
Switch ALS1
hostname ALS1 ! vtp domain CISCO vtp mode transparent ! spanning-tree mode mst ! spanning-tree mst configuration name CISCO revision 1 instance 1 vlan 20-50 instance 2 vlan 80, 100 ! vlan 10,20,30,40,50,60,70,80,90,100 ! interface FastEthernet0/7 switchport mode trunk ! interface FastEthernet0/8 switchport mode trunk ! interface FastEthernet0/9 switchport mode trunk ! interface FastEthernet0/10 switchport mode trunk ! interface FastEthernet0/11 switchport mode trunk ! interface FastEthernet0/12 switchport mode trunk ! end
Switch ALS2
hostname ALS2 ! vtp domain CISCO vtp mode transparent ! spanning-tree mode mst ! spanning-tree mst configuration name CISCO revision 1 instance 1 vlan 20-50 instance 2 vlan 80, 100 ! vlan 10,20,30,40,50,60,70,80,90,100 ! interface FastEthernet0/7 switchport mode trunk ! interface FastEthernet0/8 switchport mode trunk ! interface FastEthernet0/9 switchport mode trunk ! interface FastEthernet0/10 switchport mode trunk ! interface FastEthernet0/11 switchport mode trunk ! interface FastEthernet0/12 switchport mode trunk ! end
More Resources