Anda di halaman 1dari 13

1 Boson NetSim Lab Manual

SWITCH Lab: Spanning Tree MST Optimization


Objective
Demonstrate optimizing path selection using PortFast and port priority.
Lab Topology
The Topology diagram below represents the NetMap in the Simulator:
CSW2 DSW2 ASW2
PC2
R2
CSW1 DSW1
PC1
ASW1
R1
Command Summary
Command Description
interface type number changes from global conguration mode to interface
conguration mode
show running-cong displays the active conguration le
show spanning-tree root [detail | priority |
port]
displays the status and conguration of the root bridge
spanning-tree bpduguard enable enables the BPDU guard feature on an interface
spanning-tree mst instance-id root {primary
| secondary}
designates the primary root, secondary root, bridge priority,
and timer value for a Multiple Spanning Tree (MST) instance
spanning-tree mst instance-id port-priority
priority
congures spanning-tree priority for the specied instance on
the interface
spanning-tree portfast congures PortFast on a switch access port
switchport mode {access | dynamic {auto |
desirable} | trunk}
congures the virtual local area network (VLAN) membership
mode of a port
Lab ID: 8.8K312A185.SWP.1
2 Boson NetSim Lab Manual
Lab Tasks
Task 1: Determine STP State and Select Root Bridges
This task involves determining the state of Spanning Tree Protocol (STP) on the network switches and selecting
root bridges for VLANs.
1. Issue the appropriate command to determine the root bridge for each MST instance and to complete the
table below. What command did you issue? _________________________________________________
MST Instance Root Bridge
MST0
MST1
MST2
2. What command should you issue to determine the spanning tree priority congured on the switches? ____
____________________________________________________________________________________
3. DSW1 should be the root bridge for MST1, and DSW2 should be the root bridge for MST2. What
commands did you use to congure these devices as the root bridges? ___________________________
4. After allowing the network time to converge, verify that the DSW1 and DSW2 are the root bridges for the
appropriate MST groups by issuing the show spanning-tree root port command. Your output should
match the following:
DSWI=show spanning-tree root port
MST0 FastEthernet0/I
MSTI This bridge is the root
MST? FastEthernet0/S
DSW?=show spanning-tree root port
MST0 FastEthernet0/
MSTI FastEthernet0/S
MST? This bridge is the root
5. What is the spanning tree priority for MST instance 1 and instance 2? _____________________________
Task 2: Enhance the STP Conguration
This task involves enhancing the network to optimize the spanning tree algorithm using PortFast.
1. Briey explain PortFast. _________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
2. What command causes all ports on a switch to immediately transition to the STP forwarding state,
bypassing the listening and learning states when a link is detected? ______________________________
3 Boson NetSim Lab Manual
3. What command causes an individual port on a switch to immediately transition to the STP forwarding state,
bypassing the listening and learning states when a link is detected? ______________________________
4. How long can it take for the spanning tree to transition ports through the various states? ______________
5. When should ports be congured to immediately transition to the forwarding state? __________________
6. What feature of a Cisco Catalyst switch can be used to prevent bridge protocol data units (BPDUs) from
inuencing the STP topology, and when should this feature be used? _____________________________
____________________________________________________________________________________
7. PC1 and PC2 are connected to the FastEthernet 0/5 interfaces on the access switches. Issue the
commands necessary to enable the ports to immediately transition to the forwarding state when a link is
detected. In addition congure the ports as access ports and issue the command that will prevent BPDUs
from inuencing the STP topology. What commands did you issue? ______________________________
8. Issue the appropriate command to determine the root ports to complete the table below. What command
did you issue? ________________________________________________________________________
Device Root Port MST Group
Number
ASW1
1
2
ASW2
1
2
DSW1
1
2
DSW2
1
2
CSW1
1
2
CSW2
1
2
4 Boson NetSim Lab Manual
9. Every nonroot switch has one root port per VLAN. The root port on a switch is the port that receives the
best BPDU, which indicates the best path to the root bridge based on the best root port cost. A root port is
always in the forwarding state. Because there is only one best path to the root bridge, a switch cannot have
more than one root port. Only the root bridge does not have a root port.
The following table shows the ports that, when the network is optimized, are root ports for each switch:
Device Root Port MST Group
Number
ASW1
Fa0/2 1
Fa0/3 2
ASW2
Fa0/4 1
Fa0/1 2
DSW1
This bridge is the root 1
Fa0/5 2
DSW2
Fa0/6 1
This bridge is the root 2
CSW1
Fa0/8 1
Fa0/5 2
CSW2
Fa0/6 1
Fa0/7 2
10. Set the port priorities to 16 so the appropriate ports on the switches match the root ports in the table in the
previous step. What commands did you issue? ______________________________________________
11. Verify that each switch is using the correct root port. What commands did you issue? ________________
5 Boson NetSim Lab Manual
12. Update the following graphic by showing the paths to the root bridges from each switch, and verify the root
port priorities. Refer to the table in step 9 if necessary.
CSW2 DSW2 ASW2
PC2
R2
CSW1 DSW1
PC1
ASW1
R1
1 1
1 1
1
1
1
1
2
2
2 2
2 2
3
3 3
3
3
3
4
4
4
4
4
4
5
5
5
5
5
5
6
6
6
6
7
7
7
7
8
8
8
8
9
9
10
10
0
0
CSW2 DSW2 ASW2
PC2
R2
CSW1 DSW1
PC1
ASW1
R1
1 1
1 1
1
1
1
1
2
2
2 2
2 2
3
3 3
3
3
3
4
4
4
4
4
4
5
5
5
5
5
5
6
6
6
6
7
7
7
7
8
8
8
8
9
9
10
10
0
0
MST1
MST2
6 Boson NetSim Lab Manual
Lab Solutions
Task 1: Determine STP State and Select Root Bridges
This task involves determining the state of STP on the network switches and selecting root bridges for VLANs.
1. You should issue the show spanning-tree root port command to complete the table below:
MST Instance Root Bridge
MST0
MST1
MST2
Sample output from the show spanning-tree root port command is shown below:
ASWI=show spanning-tree root port
MST0 This bridge is the root
MSTI FastEthernet0/I
MST? FastEthernet0/I
ASW?=show spanning-tree root port
MST0 FastEthernet0/I
MSTI FastEthernet0/I
MST? FastEthernet0/I
DSWI=show spanning-tree root port
MST0 FastEthernet0/I
MSTI FastEthernet0/9
MST? FastEthernet0/I
DSW?=show spanning-tree root port
MST0 FastEthernet0/
MSTI FastEthernet0/I
MST? FastEthernet0/9
CSWI=show spanning-tree root port
MST0 FastEthernet0/S
MSTI This bridge is the root
MST? FastEthernet0/
CSW?=show spanning-tree root port
MST0 FastEthernet0/S
MSTI FastEthernet0/
MST? This bridge is the root
2. You should issue the show running-cong command to determine the spanning tree priority congured
on the switches. If the priority congured on each switch is the same, the switch with the lowest Media
Access Control (MAC) address will be the root bridge for a spanning tree instance. For example, ASW1 is
the root bridge for MST0 because it has the lowest MAC address.
7 Boson NetSim Lab Manual
3. You should issue the following commands to set DSW1 as the root for MST group 1 and DSW2 as the root
for MST group 2:
DSWI(config)=spanning-tree mst I root primary
DSW?(config)=spanning-tree mst ? root primary
4. After allowing the network time to converge, you should issue the show spanning-tree root port
command to verify that DSW1 and DSW1 are the root bridges for the appropriate MST groups. Sample
output is shown below:
DSWI=show spanning-tree root port
MST0 FastEthernet0/I
MSTI This bridge is the root
MST? FastEthernet0/S
DSW?=show spanning-tree root port
MST0 FastEthernet0/
MSTI FastEthernet0/S
MST? This bridge is the root
5. The spanning tree priority for MST instance 1 and instance 2 is 20480 for both because a priority has
already been set on CSW1 and CSW2. When the spanning-tree root primary command is issued the
priority for the device is set at 24576 unless another device in the network has a priority setting of 24576 or
less, in which case the priority is set to 4096 less than the priority of the current root bridge in the VLAN. In
this scenario, 24576 4096 = 20480. The following sample output is from DSW1:
DSWI=show spanning-tree root priority
MST0 ?I88
MSTI ?0480
MST? ?0480
Task 2: Enhance the STP Conguration
This tasks involves enhancing the network to optimize the spanning tree algorithm using PortFast. PortFast allows
a switchport to change from blocking to forwarding immediately upon detection of a link.
1. PortFast is a feature offered by Cisco Catalyst switches that enables faster connectivity for hosts
connected to an access layer switch port. If PortFast is not enabled, a switch port transitions through the
STP listening and learning states before it enters the forwarding state.
2. The spanning-tree portfast default command, when issued in global conguration mode, causes all ports
on a switch to immediately transition to the forwarding state, bypassing the listening and learning states.
3. The spanning-tree portfast command, when issued in interface conguration mode, causes an individual
port to immediately transition to the forwarding state, bypassing the listening and learning states.
8 Boson NetSim Lab Manual
4. The PortFast process can take as long as 30 seconds if the default STP timers are used. Additionally, port
initialization could take as long as 50 seconds if Port Aggregation Protocol (PAgP) is enabled.
5. PortFast should be used only on ports that are connected to an end host, such as an IP phone, a client
workstation, or a server. Typically, servers and client workstations do not perform bridging duties, so
there is no need to delay network connectivity while STP cycles through the listening and learning states.
Conversely, PortFast should not be enabled on a port that is connected to a switch or other networking
device. If PortFast is enabled on a port that is connected to another switch, the potential for creating
spanning tree loops signicantly increases.
6. The BPDU guard feature should be enabled on ports that have been enabled with PortFast so that BPDU
guard can prevent a switch that is subsequently connected to the port from modifying the STP topology
or causing a bridging loop. Because PortFast immediately transitions a port to the STP forwarding state,
skipping over the listening and learning states, steps should be taken to ensure that a switch that is
inadvertently or intentionally connected to the port cannot inuence the STP topology. When a port on a
switch receives a BPDU, BPDU guard immediately puts that port into the err-disable state and shuts down
the port. The port must then be manually re-enabled, or it can be recovered automatically through the err-
disable timeout function.
BPDU guard should not be enabled on ports that are connected to other switches.
You can enable BPDU guard for the entire switch by issuing the spanning-tree portfast bpduguard
default command in global conguration mode, or you can enable BPDU guard on a specic port by
issuing the spanning-tree bpduguard enable command in interface conguration mode.
7. PC1 and PC2 are connected to the FastEthernet 0/5 interfaces on the access switches. You should issue
the following commands to enable Portfast on the access switches for these ports and congure the ports
as access ports.
ASWI(config)=interface fastethernet 0/S
ASWI(config-if)=switchport mode access
ASWI(config-if)=spanning-tree portfast
ASWI(config-if)=spanning-tree bpduguard enable
ASW?(config)=interface fastethernet 0/S
ASW?(config-if)=switchport mode access
ASW?(config-if)=spanning-tree portfast
ASW?(config-if)=spanning-tree bpduguard enable
9 Boson NetSim Lab Manual
8. You should issue the show spanning-tree root port command to determine the root ports. The completed
table is shown below:
Device Root Port MST Group
Number
ASW1
Fa0/1 1
Fa0/3 2
ASW2
Fa0/3 1
Fa0/1 2
DSW1
This bridge is the root 1
Fa0/5 2
DSW2
Fa0/5 1
This bridge is the root 2
CSW1
Fa0/7 1
Fa0/5 2
CSW2
Fa0/5 1
Fa0/7 2
9. Every nonroot switch has one root port per VLAN. The root port on a switch is the port that receives the
best BPDU, which indicates the best path to the root bridge based on the best root port cost. A root port is
always in the forwarding state. Because there is only one best path to the root bridge, a switch cannot have
more than one root port. Only the root bridge does not have a root port.
The following table shows the ports that, when the network is optimized, are root ports for each switch:
Device Root Port MST Group
Number
ASW1
Fa0/2 1
Fa0/3 2
ASW2
Fa0/4 1
Fa0/1 2
DSW1
This bridge is the root 1
Fa0/5 2
DSW2
Fa0/6 1
This bridge is the root 2
CSW1
Fa0/8 1
Fa0/5 2
CSW2
Fa0/6 1
Fa0/7 2
10 Boson NetSim Lab Manual
10. You should use the spanning-tree mst port-priority command to set the port priorities to 16 so they
will each be the root ports matching the table in the previous step. In this scenario, you should use this
command to assign higher priority values (lower numerical values) to interfaces so that they will be
selected as root ports for the MST instances. Lower priority values (higher numerical values) would cause
these interfaces to be selected as root ports last. The priority value must be entered in increments of 16 in
a range between 0 and 240. If all interfaces have the same priority value, MST puts the interface with the
lowest interface number in the forwarding state and blocks other interfaces. The command sequences you
should issue are shown below:
ASWI(config)=interface fastethernet 0/?
ASWI(config-if)=spanning-tree mst I port-priority I8
ASWI(config-if)=interface fastethernet 0/
ASWI(config-if)=spanning-tree mst ? port-priority I8
ASW?(config-if)=interface fastethernet 0/4
ASW?(config-if)=spanning-tree mst I port-priority I8
ASW?(config-if)=interface fastethernet 0/I
ASW?(config-if)=spanning-tree mst ? port-priority I8
DSWI(config)=interface fastethernet 0/S
DSWI(config-if)=spanning-tree mst ? port-priority I8
DSW?(config)=interface fastethernet 0/8
DSW?(config-if)=spanning-tree mst I port-priority I8
CSWI(config)=interface fastethernet 0/8
CSWI(config-if)=spanning-tree mst I port-priority I8
CSWI(config)=interface fastethernet 0/S
CSWI(config-if)=spanning-tree mst ? port-priority I8
CSW?(config)=interface fastethernet 0/8
CSW?(config-if)=spanning-tree mst I port-priority I8
CSW?(config)=interface fastethernet 0/I
CSW?(config-if)=spanning-tree mst ? port-priority I8
11 Boson NetSim Lab Manual
11. You should issue the show spanning-tree root port command to verify that each switch is using the
correct port. Refer to the table in step 9 if necessary. Sample output is shown below:
ASWI=show spanning-tree root port
MST0 This bridge is the root
MSTI FastEthernet0/?
MST? FastEthernet0/
ASW?=show spanning-tree root port
MST0 FastEthernet0/I
MSTI FastEthernet0/4
MST? FastEthernet0/I
DSWI=show spanning-tree root port
MST0 FastEthernet0/I
MSTI This bridge is the root
MST? FastEthernet0/S
DSW?=show spanning-tree root port
MST0 FastEthernet0/
MSTI FastEthernet0/8
MST? This bridge is the root
CSWI=show spanning-tree root port
MST0 FastEthernet0/S
MSTI FastEthernet0/8
MST? FastEthernet0/S
CSW?=show spanning-tree root port
MST0 FastEthernet0/S
MSTI FastEthernet0/8
MST? FastEthernet0/I
12 Boson NetSim Lab Manual
12. After you congure the port priorities as specied in the table in step 9, the paths to the root bridges should
be the same as shown in the following graphic:
CSW2 DSW2 ASW2
PC2
R2
CSW1 DSW1
PC1
ASW1
R1
1 1
1 1
1
1
1
1
2
2
2 2
2 2
3
3 3
3
3
3
4
4
4
4
4
4
5
5
5
5
5
5
6
6
6
6
7
7
7
7
8
8
8
8
9
9
10
10
0
0
CSW2 DSW2 ASW2
PC2
R2
CSW1 DSW1
PC1
ASW1
R1
1 1
1 1
1
1
1
1
2
2
2 2
2 2
3
3 3
3
3
3
4
4
4
4
4
4
5
5
5
5
5
5
6
6
6
6
7
7
7
7
8
8
8
8
9
9
10
10
0
0
MST1
MST2
Root Bridge
Root Bridge
13 Boson NetSim Lab Manual
Sample Conguration Scripts
DSW1 DSW1 (continued)
DSW1#show running-cong
Building conguration...
Current conguration : 1841 bytes
!
Version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname DSW1
ip cef
!
ip subnet-zero
!
no ip domain-lookup
spanning-tree mode mst
spanning-tree mst conguration
name group1
revision 1
instance 0 vlan 7-4094
instance 1 vlan 1-3
instance 2 vlan 4-6
spanning-tree mst 1 priority 20480
spanning-tree extend system-id
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/5
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree mst 2 port-priority 16
!
interface FastEthernet0/6
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/8
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/9
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/10
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan 1
no ip address
no ip route-cache
!
vlan 2 name VLAN0002
vlan 3 name VLAN0003
vlan 4 name VLAN0004
vlan 5 name VLAN0005
vlan 6 name VLAN0006
!
ip classless
no ip http server
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
end