CCNP Switch Lab 3-3 Per-VLAN Spanning Tree Behavior
Topology
Objectives
- Observe the behavior of a separate spanning tree instance per VLAN.
- Change spanning tree mode to rapid spanning tree.
Background
Four switches have just been installed. The distribution layer switches are Catalyst 3560s, and the access layer switches are Catalyst 2960s. There are redundant uplinks between the access layer and distribution layer. Because of the possibility of bridging loops, spanning tree logically removes any redundant links. In this lab, you will see what happens when spanning tree is configured differently for different VLANs.
Note: This lab uses Cisco WS-C2960-24TT-L switches with the Cisco IOS image c2960-lanbasek9-mz.122- 46.SE.bin and Catalyst 3560-24PS with the Cisco IOS image c3560-advipservicesk9-mz.122-46.SE.bin. Other switches (such as a 2950 or 3550), and Cisco IOS Software versions can be used if they have comparable capabilities and features. Depending on the switch model and Cisco IOS Software version, the commands available and output produced might vary from what is shown in this lab.
Required Resources
- 2 switches (Cisco 2960 with the Cisco IOS Release 12.2(46)SE C2960-LANBASEK9-M image or comparable)
- 2 switches (Cisco 3560 with the Cisco IOS Release 12.2(46)SE C3560-ADVIPSERVICESK9-M image or comparable)
- Ethernet and console cables
Step 1 : Prepare the switches for the lab.
a. Delete the vlan.dat file, erase the startup configuration, and reload the switches.
b. Give each switch a hostname according to the topology diagram.
c. Configure ports Fa0/7 through Fa0/12 on all switches to be trunks. On the 3560s, first set the trunk encapsulation to dot1q. On the 2960s, only dot1q is supported, therefore the switchport trunk encapsulation command is unavailable, but the mode still needs to be changed to trunk. If you do not set the mode of the ports to trunk, they will negotiate the operational mode according to their default DTP settings.
Note: The default mode on a 3560 or 2960 is dynamic auto; the default mode on a 3550 or 2950 is dynamic desirable.
DLS1 example:
DLS1(config)# interface range fastEthernet 0/7 - 12 DLS1(config-if-range)# switchport trunk encapsulation dot1q DLS1(config-if-range)# switchport mode trunk
Step 2: Configure VTP.
a. Configure all switches with VTP mode transparent and VTP domain CISCO. Add VLAN 10 and 20 to all of them. Use the show vlan brief command to view the VLAN configurations.
DLS1 example:
b. Issue the show spanning-tree command on any of the four switches. Notice that instead of just one VLAN there are three non-reserved VLANs. VLANs 1002-1005 are reserved for internal switch usage. All other VLANs shown are non-reserved.
Note: By default Cisco switches use PVST+, a Cisco-proprietary IEEE 802.1Q-compatible per-VLAN spanning tree protocol.
Step 3: Assign a root switch for each VLAN.
Notice that all the ports have identical spanning tree behavior for each VLAN. This is because all VLANs are running spanning tree with the default behavior. However, you can modify the default spanning tree behavior on a per-VLAN basis. The default priority is 32768. Configuring a switch with a lower priority value for a given VLAN makes it the root bridge for that VLAN. For this lab, we assign DLS1 as the root bridge for VLAN 10, and DLS2 for VLAN 20.
a. To change the priority for a given VLAN, use the spanning-tree vlan number priority number command. Configure DLS1 with priority 4096 for VLAN 10. Configure DLS2 similarly for VLAN 20.
DLS1(config)# spanning-tree vlan 10 priority 4096 DLS2(config)# spanning-tree vlan 20 priority 4096
b. If you look at the output of show spanning-tree on the four switches, you see that the port states and root switches vary on a per VLAN basis.
Step 4: Configure RSTP.
Other spanning tree modes besides PVST+ are available. One of these is RSTP (rapid spanning tree protocol), which greatly reduces the time for a port to transition to forwarding state while still preventing bridging loops. Cisco-proprietary per-VLAN rapid spanning tree (PVRST+) combines the functionality of RSTP and PVST.
Note: You can use the clear spanning-tree detected-protocols command after configuring different spanning tree modes. This can avoid a mutual deadlock between two switches when they consider themselves as 802.1D legacy bridges when in fact they were configured for RSTP.
a. To change the spanning tree mode to PVRST+, use the global configuration command spanning-tree mode rapid-pvst. Configure this on all four switches. During the transition period, rapid spanning tree falls back to 802.1D spanning tree on the links that have 802.1D spanning tree configured on one side.
DLS1(config)# spanning-tree mode rapid-pvst
b. After configuring all four switches with this command, use the show spanning-tree command to verify the configuration:
Challenge
a. On each switch, add VLANs 50, 60, 70, 80, 90, and 100. Configure ALS1 to be the root bridge for VLANs 50, 60, and 70, and ALS2 to be the root bridge for VLANs 80, 90, and 100. Configure the root bridges with a single line on each switch.
HINT: Use the question mark when you type the global configuration command spanning-tree vlan ?. Notice
that you can modify spanning tree attributes in ranges.
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
The key to accomplishing this part of the challenge is that VLANs can be specified in ranges for per-vlan spanning tree properties. You can use dashes, commas, or both, depending on the situation.
ALS1(config)# vlan 50,60,70,80,90,100 ALS1(config-vlan)# exit ALS1(config)# spanning-tree vlan 50-70 root primary ALS1(config)# ALS2(config)# vlan 50,60,70,80,90,100 ALS2(config-vlan)# exit ALS2(config)# spanning-tree vlan 80,90,100 root primary ALS2(config)#
Notice that one method uses dashes and one method uses commas. Both are acceptable and demonstrate the alternate methods for assigning VLAN ranges.
b. Change the spanning tree cost of VLAN 20 on Fa0/11 and Fa0/12 between DLS1 and DLS2 to 15.
HINT: Use the question mark on the interface level command spanning-tree vlan number ?.
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
This challenge part involves extending the recently learned command knowledge to commands learned in a previous lab. To change the port cost on a per-VLAN basis, use the interface-level command spanning-tree vlan number cost cost, rather than the command spanning-tree cost cost, which applies to all VLANs.
DLS1(config)# interface range fastEthernet 0/11 - 12 DLS1(config-if-range)# spanning-tree vlan 20 cost 15
DLS2(config)# interface range fastEthernet 0/11 - 12 DLS2(config-if-range)# spanning-tree vlan 20 cost 15
Device Configurations (Instructor version)
Switch DLS1
hostname DLS1 ! vtp domain CISCO vtp mode transparent ! spanning-tree mode rapid-pvst ! spanning-tree vlan 10 priority 4096 ! vlan 10,20,50,60,70,80,90,100 ! interface FastEthernet0/7 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/8 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/9 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/10 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/11 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree vlan 20 cost 15 ! interface FastEthernet0/12 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree vlan 20 cost 15 ! end
Switch DLS2
hostname DLS2 ! vtp domain CISCO vtp mode transparent ! spanning-tree mode rapid-pvst ! spanning-tree vlan 20 priority 4096 ! vlan 10,20,50,60,70,80,90,100 ! interface FastEthernet0/7 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/8 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/9 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/10 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/11 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree vlan 20 cost 15 ! interface FastEthernet0/12 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree vlan 20 cost 15 ! end
Switch ALS1
hostname ALS1 ! vtp domain CISCO vtp mode transparent ! spanning-tree mode rapid-pvst ! spanning-tree vlan 50-70 root primary ! vlan 10,20,50,60,70,80,90,100 ! interface FastEthernet0/7 switchport mode trunk ! interface FastEthernet0/8 switchport mode trunk ! interface FastEthernet0/9 switchport mode trunk ! interface FastEthernet0/10 switchport mode trunk ! interface FastEthernet0/11 switchport mode trunk ! interface FastEthernet0/12 switchport mode trunk ! end
Switch ALS2
hostname ALS2 ! vtp domain CISCO vtp mode transparent ! spanning-tree mode rapid-pvst ! spanning-tree vlan 80,90,100 root primary ! vlan 10, 20,50,60,70,80,90,100 ! interface FastEthernet0/7 switchport mode trunk ! interface FastEthernet0/8 switchport mode trunk ! interface FastEthernet0/9 switchport mode trunk ! interface FastEthernet0/10 switchport mode trunk ! interface FastEthernet0/11 switchport mode trunk ! interface FastEthernet0/12 switchport mode trunk ! end
More Resources