Scribd
Upload
22 views64 pages

3.1 Layer 2

The document outlines key concepts and configurations related to Layer 2 networking, focusing on VLANs, trunking protocols (802.1Q and ISL), and EtherChannel configurations. It details troubleshooting methods, Dynamic Trunking Protocol (DTP) modes, and the advantages of using EtherChannels for bandwidth aggregation and redundancy. Additionally, it covers Spanning Tree Protocol (STP) for preventing loops in network topologies and includes sample exam questions for practical understanding.

Uploaded by

solomon yohannes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
22 views64 pages

3.1 Layer 2

The document outlines key concepts and configurations related to Layer 2 networking, focusing on VLANs, trunking protocols (802.1Q and ISL), and EtherChannel configurations. It details troubleshooting methods, Dynamic Trunking Protocol (DTP) modes, and the advantages of using EtherChannels for bandwidth aggregation and redundancy. Additionally, it covers Spanning Tree Protocol (STP) for preventing loops in network topologies and includes sample exam questions for practical understanding.

Uploaded by

solomon yohannes
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 64

350-401 ENCORE

3.0 Infrastructure (30%)

3.1 Layer 2

IP CORE O&M SECTION

Nov 2024

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Table of Contents
3.0 Infrastructure
3.1 Layer 2:
3.1.a Troubleshoot static and dynamic 802.1q trunking protocols
3.1.b Troubleshoot static and dynamic EtherChannels
3.1.c Configure and verify common Spanning Tree Protocols (RSTP and MST)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
3.1.a Troubleshoot static and dynamic 802.1q trunking protocols
Introduction to VLANs
A trunk is able to pass traffic from different VLANs and has a method to separate traffic between
VLANs. Trunks are required to carry VLAN traffic from one switch to another.

There are two trunking protocols:


•802.1Q:
•This is the most common trunking protocol.
•It’s a standard and supported by all vendors.
•ISL:
•This is the Cisco trunking protocol. Not all switches support it.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Assign port to vlan:
SW1(config)#interface fa0/1
Creating a VLAN: SW1(config-if)#switchport access vlan 50
SW1(config)#vlan 50 SW2(config)#interface fa0/2
SW1(config-vlan)#name Computers SW2(config-if)#switchport access vlan 50
SW1(config-vlan)#exit
SW2(config)#vlan 50 Make encapsulation dot.1q
SW2(config-vlan)#name Computers SW1(config-if)#switchport trunk encapsulation dot1q
SW2(config-vlan)#exit SW2(config-if)#switchport trunk encapsulation dot1q

Change SW port mode to truk


SW1(config)#interface fa0/14
SW1(config-if)#switchport mode trunk
SW2(config)#interface fa0/14
SW2(config-if)#switchport mode trunk

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Dynamic Trunking Protocol
DTP Modes

• Trunk - The command switchport mode trunk statically places the switch port as a trunk.
• This mode advertises DTP packets to the other end to establish a dynamic trunk.
• Dynamic desirable - Using the command switchport mode dynamic desirable, the switch port acts as
an access port, but listens for and advertises DTP packets to the other end to establish a dynamic trunk.
If it is successful in negotiation, the port becomes a trunk port.
• Dynamic auto: Using the command switchport mode dynamic auto, the switch port acts as an access
port, but it listens for DTP packets. It responds to DTP packets and upon successful negotiation the port
becomes a trunk port.

Terms Trunk Dynamic Desirable Dynamic Auto


Trunk ✓ ✓ ✓
Dynamic Desirable ✓ ✓ ✓
Dynamic Auto ✓ ✓ X

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Dynamic Trunking Protocol
DTP Mode Configuration
Example 5-5 shows the configuration of DTP on SW1’s Gi1/0/2 as a dynamic auto switch port and
SW2’s Gi1/0/1 as a dynamic desirable switch port.
The trunk port status is verified with the command show interface [interface-id] trunk, as shown in
Example 5-6.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Show dtp interface interface-ID
Note:
TOS: Trunk Operating Status (what mode the port operates in; can be access or trunk)
TAS: Trunk Administrative Status (what mode the port is configured in; can be on, off, desirable or auto)
TNS: Trunk Negotiation Status (what mode DTP negotiated; can be access or trunk)
TOT: Trunk Operating Type (what encapsulation the port currently operates in; can be native, ISL or DOT1Q)
TAT: Trunk Administrative Type (what encapsulation the port is configured for; can be negotiated, native, ISL or DOT1Q)
TNT: Trunk Negotiation Type (what encapsulation DTP negotiated; can be native, ISL or DOT1Q)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Trunk Lab1
PCs are not reachable from each other why?
SW1
interface FastEthernet0/2
description to Sw2
switchport trunk encapsulation dot1q
switchport mode trunk

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Sample Exam
1. An engineer attempts to configure a trunk between switch SW1 and switch SW2 using
DTP, but the trunk does not form. Which command should the engineer apply to switch SW2
to resolve this issue?
A. switchport mode access
B. switchport nonegotiate
C. no switchport
D. switchport mode dynamic desirable

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Sample Exam
1. An engineer attempts to configure a trunk between switch SW1 and switch SW2 using
DTP, but the trunk does not form. Which command should the engineer apply to switch SW2
to resolve this issue?
A. switchport mode access
B. switchport nonegotiate
C. no switchport
D. switchport mode dynamic desirable

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Sample Exam

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Sample Exam

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
EtherChannel Bundle
Multiple Links
Ideally, it would be nice to plug in a second cable and double the bandwidth between the
switches. What is the issue?
However, Spanning Tree Protocol (STP) will place one of the ports into a blocking state to
prevent forwarding loops,
The physical links can be aggregated into a
logical link called an EtherChannel bundle.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
EtherChannel Bundle
EtherChannel Components (Cont.)
What advantage we can get by etherChannel???
• STP operates on a logical link and not on a physical link.

• The logical link will have the bandwidth of any active member interfaces.

• It will load balanced across all the links.

• EtherChannels can be used for either Layer 2 (access or trunk) or Layer 3 links.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
EtherChannel Bundle
EtherChannel Link-State
Dynamic Link and static Aggregation Protocols
EtherChannel may be created statically or dynamically.
Static EtherChannel:
• does not have a health integrity check.
• If the physical medium degrades and keeps the line protocol in an up state, the port channel will
reflect that link as viable for transferring data.
 Dynamic EtherChannel:

• Two common Dynamic Link Aggregation Protocols:


• Link Aggregation Control Protocol (LACP):
• open industry standard
• Port Aggregation Protocol (PAgP):
• Cisco proprietary
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
EtherChannel Bundle
PAgP Port Modes
PAgP advertises messages with the multicast MAC address 0100:0CCC:CCCC and the protocol code
0x0104. PAgP can operate in two modes:

PAgP Port Modes Description

Auto • The interface does not initiate an EtherChannel to be established and does not
transmit PAgP packets out of it.
• If an PAgP packet is received from the remote switch, this interface responds
and then can establish a PAgP adjacency.
• If both devices are PAgP auto, a PAgP adjacency does not form.
Desirable • An interface tries to establish an EtherChannel and transmit PAgP packets out
of it.
• Desirable PAgP interfaces can establish a PAgP adjacency only if the remote
interface is configured to auto or desirable.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
EtherChannel Bundle
LACP Port Modes
LACP advertises messages with the multicast MAC address 0180:C200:0002. LACP can operate in two
modes:

LACP Port Modes Description

Passive • An interface does not initiate an EtherChannel to be established and does not
transmit LACP packets out of it.
• If an LACP packet is received from the remote switch, this interface responds
and then can establish an LACP adjacency.
• If both devices are LACP passive, an LACP adjacency does not form.
Active • An interface tries to establish an EtherChannel and transmit LACP packets out
of it.
• Active LACP interfaces can establish an LACP adjacency only if the remote
interface is configured to active or passive.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
EtherChannel Bundle
EtherChannel Configurations
Steps to configure EtherChannels:
• interface configuration mode for the member interfaces
• assigning them to an EtherChannel ID and configuring the appropriate mode
• Static EtherChannel:
• channel-group etherchannel-id mode on at interface conf mode

• LACP EtherChannel:
• channel-group etherchannel-id mode {active | passive} at interface conf mode

• PAgP EtherChannel:
• channel-group etherchannel-id mode {auto | desirable} at interface conf mode

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
EtherChannel Bundle
EtherChannel Configurations (Cont.)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
EtherChannel Bundle
Minimum Number of Port-Channel Member Interfaces

• An EtherChannel interface becomes active and up


when only
• one member interface successfully forms an
adjacency with a remote device.
• In some design scenarios using LACP, a minimum
number of adjacencies is required before a port-
channel interface becomes active.
• port-channel min-links min-links.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
EtherChannel Bundle
Maximum Number of Port-Channel Member Interfaces
• An EtherChannel can be configured to have a
specific maximum number of member interfaces in
a port channel.
• This may be done to ensure that the active
member interface count proceeds with powers
of two (for example, 2, 4, 8) to accommodate
load-balancing hashes.
• The maximum number of member interfaces in a
port channel can be configured with the port-
channel interface command
• lacp max-bundle max-links.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Sample Exam

1. Which action resolves the EtherChannel issue between


SW2 and SW3?
A. Configure switchport mode trunk on SW2
B. Configure switchport nonegotiate on SW3
C. Configure channel-group 1 mode desirable on both
interfaces
D. Configure channel-group 5 mode active on both interfaces

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Sample Exam

1. Which action resolves the EtherChannel issue between


SW2 and SW3?
A. Configure switchport mode trunk on SW2
B. Configure switchport nonegotiate on SW3
C. Configure channel-group 1 mode desirable on both
interfaces
D. Configure channel-group 5 mode active on both interfaces

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Sample Exam

2. The EtherChannel between SW2 and SW3 is not operational. Which action resolves
this issue?
A. Configure the channel-group mode on SW2 Gi0/1 and Gi0/1 to on
B. Configure the channel-group mode on SW3 Gi0/1 to active
C. Configure the mode on SW2 Gi0/0 to trunk
D. Configure the mode on SW2 Gi0/1 to access

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Sample Exam

2. The EtherChannel between SW2 and SW3 is not operational. Which action resolves
this issue?
A. Configure the channel-group mode on SW2 Gi0/1 and Gi0/1 to on
B. Configure the channel-group mode on SW3 Gi0/1 to active
C. Configure the mode on SW2 Gi0/0 to trunk
D. Configure the mode on SW2 Gi0/1 to access

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Sample Exam
3. An engineer is configuring an EtherChannel between Switch1 and Switch2 and notices the console message on Switch2.
Based on the output, which action resolves this issue?
A. Configure the same port channel interface number on both switches
B. Configure less member ports on Switch2
C. Configure more member ports on Switch1
D. Configure the same EtherChannel protocol on both switches

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Sample Exam
3. An engineer is configuring an EtherChannel between Switch1 and Switch2 and notices the console message on Switch2.
Based on the output, which action resolves this issue?
A. Configure the same port channel interface number on both switches
B. Configure less member ports on Switch2
C. Configure more member ports on Switch1
D. Configure the same EtherChannel protocol on both switches

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Etherchannel Lab
SW1(config)#interface range fa0/2-3
SW1(config-if-range)#channel-group 10 mode on SW2(config)#interface range fa0/2-3
SW1(config)#interface port-channel 10 SW2(config-if-range)#channel-group 10 mode on
SW1(config-if)#switchport trunk encapsulation dot1q SW2(config)#interface port-channel 10
SW1(config)#vlan 10 SW2(config-if)#switchport trunk encapsulation dot1q
SW1(config-vlan)#name PC1 SW2(config)#vlan 10
SW1(config-vlan)#exit SW2(config-vlan)#name PC2
SW1(config)#interface fa0/1 SW2(config-vlan)#exit
SW1(config-if)#switchport mode access SW2(config)#interface fa0/1
SW1(config-if)#switchport access vlan 10 SW2(config-if)#switchport mode access
SW2(config-if)#switchport access vlan 10

Verification
1. show etherchannel port-channel
2. show interfaces port-channel 10
3. show etherchannel summary

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
STP
 Bridging Loops
• Redundant link between switches provides redundancy.
• Also, possibility to create loops when switches do broadcast.
1. Broadcast storms
2. Mac-table instability
3. Multiple frame transmissions

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Spanning-tree will help us to create a loop-free topology by blocking certain interfaces.

Since spanning-tree is enabled, all our switches


will send a special frame to each other called a
BPDU (Bridge Protocol Data Unit). In this
BPDU, there are two pieces of information that
spanning-tree requires:
• MAC address
• Priority

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
Steps for STP algorithm
1. Spanning-tree will elect a root bridge:
• the lowest bridge ID(Mac + priority )
• all ports on Root bridge becomes
designated port

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
Steps for STP algorithm
2. next step for all our “non-root” bridges
will have to find the shortest path to our
root bridge! The shortest path to the root
bridge is called the “root port”.
• Lowest root cost
• Lowest neighbor bridge ID
• Lowest neighbor port ID
• Lowest local port ID

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
3. Designated port selection (one per segment)
• Port on the switch with lowest root cost
• Port on the switch with lowest Bridge ID
• Lowest local port ID

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
•Spanning Tree Port States:
•blocking mode: will last for 20 seconds before it moves to the listening state
•Listening state:
•Only a root or designated port will move to the listening state.
•No data transmission occurs at this state for 15 seconds just to make sure the topology doesn’t change in the
meantime.
•After the listening state, we move to the learning state.
•Learning state:
•At this moment the interface will process Ethernet frames by looking at the source MAC address to fill the mac-
address-table.
•Ethernet frames, however, are not forwarded to the destination.
•It takes 15 seconds to move to the next state, called the forwarding state.
•Forwarding state:
•This is the final state of the interface, and finally, the interface will forward Ethernet frames so that we have data
transmission!
 blocking mode will last for 20 seconds before it moves to the listening state.
 15 (listening)
 15 (listening)
•This means that it takes 20 (blocking) + 15 (listening) + 15 (listening) = 50 seconds before the interface is in the
forwarding state.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
•Spanning Tree Timers:

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
•Spanning Tree Optional features
PortFast is a Spanning-Tree option that causes a port to immediately come up without going
through initial STP learning and listening phases for switch ports connected to PC/ Server (only
on switch access ports.

Switch# configure terminal Switch# configure terminal


Switch(config)# interface FastEthernet 0/1 Switch(config)# spanning-tree portfast default
Switch(config-if)# spanning-tree portfast Switch(config-if)# end
Switch(config-if)# end Switch# show spanning-tree
Switch# show spanning-tree

if the trunk is connected to a server, then you have to put spanning-tree portfast trunk on the
interface itself.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
Spanning-Tree BPDUGuard
Spanning-tree BPDUguard is one of the features that helps you protect your spanning-tree
topology. This is important to make sure no bpd packet came when portfast enabled on that
specific port, by disabling port if bpdu came.
How we can up the port again if we want to use? (shut and unshut)

@ interface level:
switch(config)# interface 1/1/1
switch(config-if)# spanning-tree bpdu-guard enable

@globally:
Switch(config)# spanning-tree portfast bpduguard default

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Spanning-Tree RootGuard

RootGuard will make sure you don’t accept a certain switch as a root bridge. BPDUs are sent and
processed normally but if a switch suddenly sends a BPDU with a superior bridge ID you won’t
accept it as the root bridge

SW2(config)#interface fa0/16
SW2(config-if)#spanning-tree guard root

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
1. Modifying Spanning Tree Priority:
Root Primary and
Root Secondary
Switch0(config)#spanning-tree vlan 1 root primary
The switch sets its own priority for the specified VLAN to 2*4096 less than the lowest spanning tree
switch priority value.
Switch1(config)#spanning-tree vlan 1 root secondary
The switch sets its own priority for the specified VLAN to 4096 less than the lowest spanning tree
switch priority value.
2. Modifying root port cost:
• It can modify the STP forwarding path.
• The spanning tree command modifies the cost for all VLANs unless the optional vlan
keyword is used to specify a VLAN
• Command:
• spanning tree [vlan vlan-id] cost cost
• SW3# conf t
• SW3(config)# interface gi1/0/1
• SW3(config-if)# spanning-tree cost 1 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
3. Modifying STP Port Priority
• The STP port priority impacts which port is an alternate port when multiple links are used
between switches
• The optional vlan keyword allows you to change the priority on a VLAN-by-VLAN basis.
• Command:
• spanning-tree [vlan vlan-id] port-priority priority

• SW4# configure terminal


• SW4(config)# interface gi1/0/6
• SW4(config-if)# spanning-tree port-priority 32

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
Sample Exam

1.How was spanning-tree configured on this interface?


A. By entering the command spanning-tree portfast trunk in the interface configuration mode.
B. By entering the command spanning-tree portfast in the interface configuration mode
C. By entering the command spanning-tree mst1 vlan 10,20,30,40 in the global configuration mode
D. By entering the command spanning-tree vlan 10,20,30,40 root primary in the interface configuration
mode

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Sample Exam

2.How was spanning-tree configured on this interface?


A. By entering the command spanning-tree portfast trunk in the interface configuration mode.
B. By entering the command spanning-tree portfast in the interface configuration mode
C. By entering the command spanning-tree mst1 vlan 10,20,30,40 in the global configuration mode
D. By entering the command spanning-tree vlan 10,20,30,40 root primary in the interface configuration
mode

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
STP labs
Task1 make access ports portfast
Task2 enable bpdu-guard on access interface
Task 3 make SW1the root Bridge
task 4 make make SW2 secondary root Bridge SW2 spanning-tree vlan 1 root
SW1 spanning-tree vlan 1 root primary secondary

interface fa0/1 interface fa0/1


spanning-tree portfast spanning-tree portfast
spanning-tree bpduguard enable spanning-tree bpduguard enable
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
Rapid Spanning-Tree (RSTP)

• As we know, classic SPT (IEEE 802.D) and Cisco's PVST+ can take up to 50 seconds for the
toplogy to converge.
• It can take 20 seconds for the Max Age timer to timeout and another 30 seconds (15
seconds each for the listening and learning states) for the port to transition to the
forwarding state.

RSTP is not time based STP, the heart of the protocol is a new a new bridge to bridge handshake
mechanism, which allows ports to move directly to forwarding.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Comparing STP and RSTP
STP port Roles:
root port
designated port
non-designated port role
RSTP port Roles:
root port
designated port
non-designated port role;
alternate port role
backup port role.

• In STP only root bridge originate bpdu and other switches


forward, in RSTP all switches originate and send their own
bpdus from their designated port
• RSTP is compatible to STP

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Sample Exam
3. Refer to the exhibit. What is the result when
a switch that is running PVST+ is added to this
network?

A. Spanning tree is disabled automatically on


the network
B. DSW2 operates in Rapid PVST+ and the
new switch operates in PVST+
C. Both switches operate in the PVST+ mode
D. Both switches operate in the Rapid PVST+
mode

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
Sample Exam
3. Refer to the exhibit. What is the result when
a switch that is running PVST+ is added to this
network?

A. Spanning tree is disabled automatically on


the network
B. DSW2 operates in Rapid PVST+ and the
new switch operates in PVST+
C. Both switches operate in the PVST+ mode
D. Both switches operate in the Rapid PVST+
mode

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
Multiple Spanning Tree Protocol
• The original 802.1D standard only supported one STP instance for an entire switch
network.
• Which means that it was not possible to load share traffic across links by
blocking for specific VLANs on one line and blocking for other VLANS on
alternate links.
• Multiple Spanning Tree Protocol (MST) maps one or multiple VLANs to one STP
instance
 By default, all vlan are belong to
Instance zero.

VLANs 1 - 4 share the same topology.


Traffic from SW2 to SW3 must pass through SW1

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
Multiple Spanning Tree Protocol
PVST Topologies

• Separate spanning tree instance for each VLAN configured on


the network.
• Different STP topology for each of the four VLANs.
• In environments Per-VLAN Spanning Tree (PVST) provides:
• with thousands of VLANs, maintaining an STP state for every VLAN can
burden the switch’s processor (BIG ISSUE)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
Compare STP, PVST & MSTP
 The figure below shows a Spanning Tree protocol (STp) topology. VLANs 1
- 4 share the same topology. Traffic from SW2 to SW3 must pass through
SW1. If only SW2 and SW3 had end devices in VLAN 4, the topology could
not be tuned to allow traffic to traverse directly between the two switches.

 Per-VLAN Spanning Tree (PVST) provides a separate spanning tree instance for each VLAN configured on the
network. The topologies below show how the switches maintain a different STP topology for each of the four VLANs. In
environments with thousands of VLANs, maintaining an STP state for every VLAN can burden the switch’s processor.

 MST maps one or multiple VLANs into one STP tree, called an MST instance (MSTI). The figure shows how
the switches maintain STP topologies for four VLANs. If more VLANs were added to the environment, the
switches would maintain three STP topologies if the VLANs aligned to one of the existing MSTIs.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
Multiple Spanning Tree Protocol
MST Topology
• MST maps one or multiple VLANs into one STP tree, called
an MST instance (MSTI). It will have three instatnces unlike
PVSTP will have to many instances

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
Multiple Spanning Tree Protocol
MST Region
• MST works with the concept of
regions (appear as a single virtual
switch) to external switches.
• Here are the attributes that need to
match to be same region:
•MST configuration name.
•MST configuration revision number.
•MST instance to VLAN mapping
table.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
Configuration with the following attributes:
•MST configuration name: “NETWORKLESSONS”
•MST configuration revision number: 1
•MST instance to VLAN mapping table:
• Instance 1: VLAN 10, 20, and 30.
• Instance 2: VLAN 40, 50, and 60.
The following steps are used to configure MST:
Step 1. Define MST as the spanning tree protocol with the command spanning-tree mode mst
SW1(config)#spanning-tree mode mst
SW1#show spanning-tree mst configuration
SW1#show spanning-tree mst
Step 2. (Optional) Define MST instance priority, using one of two methods:
spanning-tree mode mst instance-number priority priority
spanning-tree mode mst instance-number root {primary | secondary} [diameter diameter]

SW1(config)#spanning-tree mst 1 priority 8192


© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
Step 3. Associate VLANs to an MST instance
By default, all VLANs are associated to the MST 0 instance.
The MST configuration sub-mode must be entered with the command
spanning-tree mst configuration.
Then the VLANs are assigned to a different MST instance with the command
instance instance-number vlan vlan-id.

SW1(config)#spanning-tree mst configuration


SW1(config-mst)#instance 1 vlan 10,20,30
SW1(config-mst)#instance 2 vlan 40,50,60
SW1(config-mst)#exit

SW1#show spanning-tree mst configuration


SW1#show spanning-tree mst

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
Step 4. Specify the MST version number.
• command revision version.
Step 5. Define the MST region name.
• command name mst-region-name.

SW1(config)#spanning-tree mst configuration


SW1(config-mst)#name NETWORKLESSONS
SW1(config-mst)#revision 1
SW1(config-mst)#exit

SW1#show spanning-tree mst configuration


show spanning-tree mst

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
Cont.…..

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
Sample exam

1.Which command or set of commands


configures switch B as the primary root for
VLANs 10, 15, and 20?

A. SwitchB(config-mst)# instance 1 vlan 10,20


B. SwitchB(config)# spanning-tree vlan 10,20 root primary
C. SwitchB(config)# spanning-tree mst 1 root primary
D. SwitchB(config)# interface range g0/0/0-15
SwitchB(config-if)# spanning-tree port-priority 100
SwitchA (config)# interface range g0/0/0-15
SwitchA(config-if)# spanning-tree port-priority 200
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59
MSTP labs

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
Enter mst configuration MSTP instance configuration
 Switch1(config)# spanning-tree mst configuration Switch 1 (config-mst)# instance 1 vlan 1,3,5,7,9
Switch 1 (config-mst)# instance 2 vlan 2,4,6,8,10
 Switch2(config)# spanning-tree mst configuration
Switch 2 (config-mst)# instance 1 vlan 1,3,5,7,9
 Switch3(config)# spanning-tree mst configuration Switch 2 (config-mst)# instance 2 vlan 2,4,6,8,10
Region configuration Switch 3 (config-mst)# instance 1 vlan 1,3,5,7,9
Switch 3 (config-mst)# instance 2 vlan 2,4,6,8,10
 Switch 1 (config-mst)# name XYZ
Set the root for each instance
 Switch 1 (config-mst)# revision 1
Switch1(config)#spanning-tree mst 1 priority 8192
 Switch 2 (config-mst)# name XYZ Switch2(config)#spanning-tree mst 2 priority 8192
 Switch 2 (config-mst)# revision 1 Switch3(config)#spanning-tree mst 0 priority 8192
 Switch 3 (config-mst)# name XYZ
 Switch 3 (config-mst)# revision 1

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
Sample SIM exam
Tasks
The operations team started configuring
network devices for a new site. Complete the
configurations to achieve these goals:
1. Configure Rapid PVST+ on SW20.
2. The trunk between SW20 and SW30 is not
operational. Troubleshoot the issue and ensure
PC3 can ping PC1 (10.10.100.10) across the
link.
3. The LACP port channel between SW10 and
SW20 is not operational. Troubleshoot the
issue
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63
THANKYOU!

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64

You might also like