Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementing VLAN Trunks

Published byAurélie Pellerin Modified over 6 years ago

Similar presentations

Presentation on theme: "Implementing VLAN Trunks"— Presentation transcript:

1 Implementing VLAN Trunks

2 Maintaining Specific VLAN Identification
Specifically developed for multi-VLAN interswitch communications Places a unique identifier in each frame Functions at Layer 2

3 VLAN Trunking

4 Comparing ISL and 802.1Q ISL 802.1Q Proprietary Nonproprietary
Encapsulated Tagged Protocol independent Protocol dependent Encapsulates the old frame in a new frame Adds a field to the frame header Note: The 1900 only supports ISL trunking. ISL is Cisco proprietary Q is an IEEE standard. Other trunk types: LANE (VLANSs over ATM) (FDDI trunk)

5 Trunking with ISL Is a Cisco proprietary protocol Supports PVST
Uses an encapsulation process Does not modify the original frame

6 ISL Encapsulation Performed with ASIC
Not intrusive to client stations; client does not see the header Effective between switches, and between routers and switches Note: The 1900 only supports ISL trunking. ISL is Cisco proprietary Q is an IEEE standard. Other trunk types: LANE (VLANSs over ATM) (FDDI trunk)

7 ISL Encapsulation

8 Trunking with 802.1Q An IEEE standard
Adds a 4-byte tag to the original frame Additional tag includes a priority field Does not tag frames that belong to the native VLAN Supports Cisco IP telephony

9 The 802.1Q Tagging Process

10 802.1Q Native VLAN Native VLAN frames are carried over the trunk link untagged.

11 VLAN Ranges and Mappings
Usage 0, 4095 Reserved For system use only 1 Normal Cisco default 2-1001 Normal For Ethernet VLANs Cisco defaults for FDDI and Token Ring Normal Extended For Ethernet VLANs only

12 Trunking Configuration Commands
Trunks can be configured statically or via DTP. DTP provides the ability to negotiate the trunking method. Configuring a Trunk switchport trunk switchport mode switchport nonegotiate

13 Switch Ports and Trunk Ports
Command Function switchport mode access Access port Sets the switch port to unconditionally be an access port switchport mode trunk Trunk port Sets the switch port to unconditionally become a trunk port switchport mode dynamic Dynamic port Sets the switch port to dynamically negotiate the status (access or trunk)

14 Switch Port DTP Modes Mode Function access
Unconditionally sets a switch port to access mode, regardless of other DTP functions trunk Sets the switch port to unconditional trunking mode and negotiates to become a trunk link, regardless of neighbor interface mode nonegotiate Specifies that DTP negotiation packets are not sent on the Layer 2 interface dynamic desirable Sets the switch port to actively send and respond to DTP negotiation frames. Default for Ethernet dynamic auto Sets the switch port to respond but not to actively send DTP negotiation frames

15 Switchport Mode Interactions
Dynamic Auto Dynamic Desirable Trunk Access Not recommended Note: Table assumes DTP is enabled at both ends. show dtp interface – to determine current setting

16 How to Configure Trunking
Enter interface configuration mode. Shut down interface. Select the encapsulation (802.1Q or ISL). Configure the interface as a Layer 2 trunk. Specify the trunking native VLAN (for 802.1Q). Configure the allowable VLANs for this trunk. Use the no shutdown command on the interface to activate the trunking process. Verify the trunk configuration.

17 802.1Q Trunk Configuration Switch(config)#interface fastethernet 5/8 Switch(config-if)#shutdown Switch(config-if)#switchport trunk encapsulation dot1q Switch(config-if)#switchport trunk allowed vlan 1,5,11, Switch(config-if)#switchport mode trunk Switch(config-if)#switchport trunk native vlan 99 Switch(config-if)#switchport nonegotiate Switch(config-if)#no shutdown

18 Verifying the 802.1Q Configuration
Switch#show running-config interface {fastethernet | gigabitethernet} slot/port Switch#show interfaces [fastethernet | gigabitethernet] slot/port [ switchport | trunk ] Switch#show interfaces fastEthernet 5/8 switchport Name: fa5/8 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 99 (trunk_only) Trunking VLANs Enabled: 1,5,11, Pruning VLANs Enabled: . . .

19 Verifying a 802.1Q Dynamic Trunk Link
Switch#show running-config interface fastethernet 5/8 Building configuration... Current configuration: ! interface FastEthernet5/8 switchport mode dynamic desirable switchport trunk encapsulation dot1q Switch#show interfaces fastethernet 5/8 trunk Port Mode Encapsulation Status Native vlan Fa5/8 desirable q trunking Port Vlans allowed on trunk Fa5/ ,5,11, Port Vlans allowed and active in management domain Fa5/ ,5, Port Vlans in spanning tree forwarding state and not pruned

20 ISL Trunk Configuration
Switch(config)#interface fastethernet 2/1 Switch(config-if)#shutdown Switch(config-if)#switchport trunk encapsulation isl Switch(config-if)#switchport trunk allowed vlan 1-5, Switch(config-if)#switchport mode trunk Switch(config-if)#switchport nonegotiate Switch(config-if)#no shutdown

21 Verifying ISL Trunking
Switch#show running-config interface {fastethernet | gigabitethernet} slot/port Switch#show interfaces [fastethernet | gigabitethernet] slot/port [ switchport | trunk ] Switch#show interfaces fastethernet 2/1 trunk Port Mode Encapsulation Status Native VLAN Fa2/1 trunk isl trunking Port VLANs allowed on trunk Fa2/ , Port VLANs allowed and active in management domain Fa2/ , Port VLANs in spanning tree forwarding state and not pruned

22 Problem: A Device Cannot Establish a Connection Across a Trunk Link
Make sure: The Layer 2 interface mode configured on both ends of the link is valid. The trunk encapsulation type configured on both ends of the link is valid. The native VLAN is the same on both ends of the trunk (802.1Q trunks).

23 Summary Trunk links carry traffic from multiple VLANs.
ISL is Cisco proprietary and encapsulates the Layer 2 frames. 802.1Q is an IEEE standard for trunking, which implements a 4-byte tag. The 802.1Q native VLANs forward frames without the tag. VLAN numbers have specific ranges and purposes. Various commands are used to configure and verify ISL and 802.1Q trunk links. Allow only required VLANs over the trunk.

24 Implementing VLAN Trunk Protocol
© 2003, Cisco Systems, Inc. All rights reserved. BCMSN 2.0—2-24

25 Objectives Upon completing this lesson, you will be able to:
Define VTP and explain where to use it on a switched network Describe how VTP versions 1 and 2 operate including domains, modes, advertisements, and pruning Configure VTP domains in server, client, and transparent modes Verify the VTP configuration Troubleshoot the VTP configuration

26 VTP Protocol Features Advertises VLAN configuration information
Maintains VLAN configuration consistency throughout a common administrative domain Sends advertisements on trunk ports only Notes: VTP is a Cisco proprietary feature. VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of VLANs on a network-wide basis. VTP minimizes misconfigurations and configuration inconsistencies that can cause several problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. A VTP domain (also called a VLAN management domain) is one switch or several interconnected switches sharing the same VTP domain. A switch is configured to be in only one VTP domain. You make global VLAN configuration changes for the domain by using the Cisco IOS command-line interface (CLI), Cisco Visual Switch Manager Software, or Simple Network Management Protocol (SNMP). By default, a 1900 switch is in the no-management-domain state until it receives an advertisement for a domain over a trunk link or you configure a management domain. The default VTP mode is server mode, but VLANs are not propagated over the network until a management domain name is specified or learned. If the switch receives a VTP advertisement over a trunk link, it inherits the management domain name and configuration revision number. The switch then ignores advertisements with a different management domain name or an earlier configuration revision number. When you make a change to the VLAN configuration on a VTP server, the change is propagated to all switches in the VTP domain. VTP advertisements are transmitted out all trunk connections, including Inter-Switch Link (ISL), IEEE Q, IEEE , and ATM LAN Emulation (LANE). If you configure a switch from VTP transparent mode, you can create and modify VLANs, but the changes are not transmitted to other switches in the domain, and they affect only the individual switch.

27 VTP Modes Creates, modifies, and deletes VLANs
Sends and forwards advertisements Synchronizes VLAN configurations Saves configuration in NVRAM Cannot create, change, or delete VLANs Forwards advertisements Synchronizes VLAN configurations Does not save in NVRAM Creates, modifies, and deletes VLANs locally only Forwards advertisements Does not synchronize VLAN configurations Saves configuration in NVRAM Emphasize: Default VTP mode on the Catalyst switches is server. Be careful when adding new switches into an existing network. This is covered in more detail later.

28 VTP Operation VTP advertisements are sent as multicast frames.
VTP servers and clients are synchronized to the latest revision number. VTP advertisements are sent every 5 minutes or when there is a change. Layer 2 of 2 Emphasize: The latest revision number is what the switches will synchronize to.

29 VTP Pruning Increases available bandwidth by reducing unnecessary flooded traffic Example: Station A sends broadcast, and broadcast is flooded only toward any switch with ports assigned to the red VLAN. Emphasize: VTP prunning provides optimized flooding. Without VTP prunning, station A’s broadcast will be flooded to all switches whether they have any port in the red VLAN or not. Note: VLAN1 can’t be prunned. STP, CDP, VTP updates are sent on VLAN1. All switches in the switched network must support prunning or prunning will be disabled. Each trunk port maintains a state variable per VLAN indicating if the switch has any port assigned to a particular VLAN or not.

30 All switches in a management domain must run the same version.
VTP Versions All switches in a management domain must run the same version.

31 VTP Configuration Guidelines
Configure the following: VTP domain name VTP mode (server mode is the default) VTP pruning VTP password VTP trap Use caution when adding a new switch into an existing domain. Add a new switch in client mode to prevent the new switch from propagating incorrect VLAN information. Notes: All switches in a VTP domain must run the same VTP version. The password entered with a domain name should be the same for all switches in the domain. If you configure a VTP password, the management domain will not function properly if you do not assign the management domain password to each switch in the domain. A VTP version 2-capable switch can operate in the same VTP domain as a switch running VTP version 1, provided version 2 is disabled on the version 2-capable switch (version 2 is disabled by default). Do not enable VTP version 2 on a switch unless all of the switches in the same VTP domain are version 2-capable. When you enable version 2 on a switch, all of the version 2-capable switches in the domain must have version 2 enabled. If there is a version 1-only switch, it will not exchange VTP information with switches with version 2 enabled. If there are Token Ring networks in your environment, you must enable VTP version 2 for Token Ring VLAN switching to function properly. Enabling or disabling VTP pruning on a VTP server enables or disables VTP pruning for the entire management domain. In the lab, all the switches are set to VTP transparent mode.

32 Configuring a VTP Server
Switch(config)#vtp server Configures VTP server mode Switch(config)#vtp domain domain-name Specifies a domain name Switch(config)#vtp password password Sets a VTP password Layer 2 of 2 Note: The two commands shown in the slide can also be combined into one command: vtp domain switchlab transparent Switch(config)#vtp pruning Enables VTP pruning in the domain

33 Configuring a VTP Server (Cont.)
Switch#configure terminal Switch(config)#vtp server Setting device to VTP SERVER mode. Switch(config)#vtp domain Lab_Network Setting VTP domain name to Lab_Network Switch(config)#end

34 Verifying the VTP Configuration
Switch#show vtp status Switch#show vtp status VTP Version : 2 Configuration Revision : 247 Maximum VLANs supported locally : 1005 Number of existing VLANs : 33 VTP Operating Mode : Client VTP Domain Name : Lab_Network VTP Pruning Mode : Enabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80 Configuration last modified by at :04:49 Switch#

35 Verifying the VTP Configuration (Cont.)
Switch#show vtp counters Switch#show vtp counters VTP statistics: Summary advertisements received : 7 Subset advertisements received : 5 Request advertisements received : 0 Summary advertisements transmitted : 997 Subset advertisements transmitted : 13 Request advertisements transmitted : 3 Number of config revision errors : 0 Number of config digest errors : 0 Number of V1 summary errors : 0 VTP pruning statistics: Trunk Join Transmitted Join Received Summary advts received from non-pruning-capable device Fa5/

36 Problem: VTP Not Updating Configuration on Other Switches
Make sure switches are connected through trunk links. Make sure the VTP domain name is the same on the appropriate switches. Check that the switch is not in VTP transparent mode. Verify the same password used on all switches in the VTP domain.

37 Summary VTP is used to distribute and synchronize information about VLANs configured throughout a switched network. If you use VTP in your network, you must decide whether to use VTP version 1 or version 2. Verify the supervisor support for VTP before making your decision. When a network device is in VTP server mode, you can change the VLAN configuration and have it propagate throughout the network. Use show commands to verify the VTP configuration. Problems with VTP configuration can frequently be traced to improperly configured trunk links, domain names, VTP modes, or passwords.

38 Propagating VLAN Configurations with VTP

39 The VTP Domain Group of switches that exchange VLAN information
VLANs administered centrally at a chosen switch

40 The VTP Protocol Advertises VLAN configuration information
Maintains VLAN configuration consistency throughout a common administrative domain Sends advertisements on trunk ports only

41 VTP Modes Server (default mode) Client Transparent
Creates, modifies, and deletes VLANs Sends and forwards advertisements Synchronizes VLAN configurations Saves configuration in NVRAM Client Cannot create, change, or delete VLANs Forwards advertisements Synchronizes VLAN configurations Does not save in NVRAM Transparent Creates, modifies, and deletes local VLANs Forwards advertisements Does not synchronize VLAN configurations Saves configuration in NVRAM

42 VTP Pruning Uses bandwidth more efficiently by reducing unnecessary flooded traffic Example: Station A sends broadcast; broadcast flooded only toward any switch with ports assigned to the red VLAN Emphasize: VTP prunning provides optimized flooding. Without VTP prunning, station A’s broadcast will be flooded to all switches whether they have any port in the red VLAN or not. Note: VLAN1 can’t be prunned. STP, CDP, VTP updates are sent on VLAN1. All switches in the switched network must support prunning or prunning will be disabled. Each trunk port maintains a state variable per VLAN indicating if the switch has any port assigned to a particular VLAN or not. Pruning Disabled Pruning Enabled

43 VTP Operation VTP advertisements are sent as multicast frames.
VTP servers and clients are synchronized to the latest revision number. VTP advertisements are sent every 5 minutes or when there is a change.

44 VTP Configuration Commands
Configuring VTP vtp domain vtp mode vtp password Verifying VTP show vtp status show vtp counters

45 Configuring a VTP Management Domain
Configure each switch in the following order to avoid dynamic learning of the domain name: VTP password VTP domain name (case sensitive) VTP mode (server mode is the default)

46 Configuring and Verifying VTP
Switch#show vlan brief Displays a list of current VLANs Sets the VTP password Switch(config)#vtp password password_string Switch(config)#vtp domain domain_name Sets the VTP domain name Switch(config)#vtp mode Sets the VTP mode to server, client, or transparent Switch# show vtp status Displays the current settings for VTP

47 Verifying the VTP Configuration
Switch#show vtp status Switch#show vtp status VTP Version : 2 Configuration Revision : 28 Maximum VLANs supported locally : 1005 Number of existing VLANs : 17 VTP Operating Mode : Client VTP Domain Name : BCMSN VTP Pruning Mode : Enabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80 Configuration last modified by at :04:49 Switch#

48 Verifying the VTP Configuration (Cont.)
Switch#show vtp counters Switch#show vtp counters VTP statistics: Summary advertisements received : 7 Subset advertisements received : 5 Request advertisements received : 0 Summary advertisements transmitted : 997 Subset advertisements transmitted : 13 Request advertisements transmitted : 3 Number of config revision errors : 0 Number of config digest errors : 0 Number of V1 summary errors : 0 VTP pruning statistics: Trunk Join Transmitted Join Received Summary advts received from non-pruning-capable device Fa5/

49 Adding a Switch to an Existing VTP Domain
Ensure a new switch has VTP revision 0 before adding it to a network.

50 Summary Switches in a VTP domain share VLAN information.
VTP advertises VLAN information. VTP operates in one of three modes: server, client, or transparent. VTP Pruning uses available bandwidth more efficiently. VTP uses a specific process to distribute and synchronize VLAN information between switches. Various commands are used to configure and verify VTP operation on a switch. VTP commands should be applied in a particular order. Specific steps should be followed when adding a new switch to an existing VTP domain.

51 Correcting Common VLAN Configuration Errors

52 Issues with 802.1Q Native VLAN
Native VLAN frames are carried over the trunk link untagged. A native VLAN mismatch will merge traffic between VLANs.

53 802.1Q Native VLAN Considerations
Native VLAN must match at ends of trunk; otherwise, frames will “leak” from one VLAN to another. By default, the native VLAN will be VLAN1. Avoid using VLAN1 for management purposes. Eliminate native VLANs from 802.1Q trunks by making the native VLAN an “unused” VLAN.

54 Explaining Trunk Link Problems
Trunks can be configured statically or autonegotiated with DTP. For trunking to be autonegotiated, the switches must be in the same VTP domain. Some trunk configuration combinations will successfully configure a trunk, some will not. Will any of the above combinations result in an operational trunk?

55 Resolving Trunk Link Problems
When using DTP, ensure that both ends of the link are in the same VTP domain. Ensure that the trunk encapsulation type configured on both ends of the link is valid. On links where trunking is not required, DTP should be turned off. Best practice is to configure trunk and nonegotiate where trunks are required.

56 Common Problems with VTP Configuration
Updates not received as expected VTP domain and password must match. Missing VLANs Configuration has been overwritten by another VTP device. Too many VLANs Consider making VTP domain smaller.

57 Example of New Switch Overwriting an Existing VTP Domain
New switch not connected VTP Version : 2 Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Client VTP Domain Name : building1 VTP Version : 2 Configuration Revision : 1 Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 VTP Operating Mode : Server VTP Domain Name : building1

58 Example of New Switch Overwriting an Existing VTP Domain (Cont.)
New switch connected VTP Version : 2 Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Client VTP Domain Name : building1 VTP Version : 2 Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Server VTP Domain Name : building1

59 Implementing VTP in the ECNM
Plan VTP domain boundaries. Have only one or two VTP servers. Configure a VTP password. Manually configure the VTP domain name on all devices. When setting up a new domain: Configure VTP client switches first so that they participate passively. When cleaning up an existing VTP domain: Configure passwords on servers first because clients may need to maintain current VLAN information until the server is verified as complete.

60 Summary 802.1Q native VLAN can cause security issues.
Configure the native VLAN to be an “unused” VLAN. Some trunk link configuration combinations can result in problems on the link. Best practice is to configure trunks statically rather than with DTP. Misconfiguration of VTP can give unexpected results. Make only one or two VTP servers; keep the remainder as clients.

61 Implementing Spanning Tree Protocol

62 Transparent Bridging A switch has the same characteristics as a transparent bridge.

63 Redundant Topology Server/host X Router Y Segment 1 Segment 2 Slide 1 of 1 Purpose: Emphasize: Layer 2 has no mechanism (like a TTL) to stop loops. Redundant topology eliminates single points of failure Redundant topology causes broadcast storms, multiple frame copies, and MAC address table instability problems

64 Host X sends a Broadcast
Broadcast Storms Server/host X Router Y Segment 1 Broadcast Switch A Switch B Slide 1 of 3 Purpose: Emphasize: Broadcast frames are flooded. Segment 2 Host X sends a Broadcast

65 Host X sends a Broadcast
Broadcast Storms Server/host X Router Y Segment 1 Broadcast Switch A Switch B Slide 2 of 3 Purpose: Emphasize: Segment 2 Host X sends a Broadcast

66 Broadcast Storms Server/host X Router Y Segment 1 Switch A Broadcast Switch B Slide 3 of 3 Purpose: Emphasize: Layer 2 has no TTL mechanism to stop looping frames. Segment 2 Switches continue to propagate broadcast traffic over and over

67 Multiple Frame Copies Host X sends an unicast frame to router Y
Server/host X Router Y Segment 1 Switch A Switch B Slide 1 of 2 Purpose: Emphasize: This slide assumes Router Y Mac address has not been learned by Switch A and Switch B yet so the unknown unicast frame to Router Y will be flooded. Segment 2 Host X sends an unicast frame to router Y Router Y MAC address has not been learned by either switch yet

68 Multiple Frame Copies Host X sends an unicast frame to Router Y
Server/host X Router Y Segment 1 Unicast Unicast Switch B Switch A Slide 2 of 2 Purpose: Emphasize: Segment 2 Host X sends an unicast frame to Router Y Router Y MAC Address has not been learned by either Switch yet Router Y will receive two copies of the same frame

69 MAC Database Instability
Server/host X Router Y Segment 1 Unicast Unicast Port 0 Port 0 Switch A Switch B Port 1 Port 1 Slide 1 of 2 Purpose: Emphasize: This slide assumes Router Y Mac address has not been learned by Switch A and Switch B yet so the unknown unicast frame to Router Y will be flooded. Segment 2 Host X sends an unicast frame to Router Y Router Y MAC Address has not been learned by either Switch yet Switch A and B learn Host X MAC address on port 0

70 MAC Database Instability
Server/host X Router Y Segment 1 Unicast Unicast Port 0 Port 0 Switch A Switch B Port 1 Port 1 Slide 2 of 2 Purpose: Emphasize: Segment 2 Host X sends an unicast frame to Router Y Router Y MAC Address has not been learned by either Switch yet Switch A and B learn Host X MAC address on port 0 Frame to Router Y is flooded Switch A and B incorrectly learn Host X MAC address on port 1

71 Preventing Bridging Loops
Bridging loops can be prevented by disabling the redundant path.

72 Spanning Tree Algorithm (STA)
Part of 802.1d standard Simple principle: Build a loop-free tree from some identified point known as the root. Redundant paths allowed, but only one active path. Developed by Radia Perlman

73 The Spanning Tree Algorhyme by Radia Perlman
I think that I shall never see A graph more lovely than a tree. A tree whose crucial property Is loop-free connectivity. A tree that must be sure to span. So packets can reach every LAN. First , the root must be selected. By ID, it is elected. Least cost paths from root are traced. In the tree, these paths are placed. A mesh is made by folks like me, Then bridges find a spanning tree.

74 Bridge Protocol Data Unit
BPDUs provide for the exchange of information between switches.

75 Root Bridge Selection

76 The STP Root Bridge Reference point One root per VLAN
Maintains topology Propagates timers

77 Extended System ID in Bridge ID Field
Bridge ID Without the Extended System ID Bridge ID with the Extended System ID

78 802.1D 16-bit Bridge Priority Field Using the Extended System ID
Only four high-order bits of the 16-bit Bridge Priority field carry actual priority. Therefore, priority can be incremented only in steps of 4096, onto which will be added the VLAN number. Example: For VLAN 11: If the priority is left at default, the 16-bit Priority field will hold = 4 bits 12 bits Priority VLAN Number 20 215 Priority Values (Hex) Priority Values (Dec) 8 (default) F

79 Configuring the Root Bridge
Switch(config)#spanning-tree vlan 1 root primary This command forces this switch to be the root. Switch(config)#spanning-tree vlan 1 root secondary This command configures this switch to be the secondary root. Or Switch(config)#spanning-tree vlan 1 priority priority This command statically configures the priority (in increments of 4096).

80 Spanning Tree Protocol Root Bridge Selection
Which switch has the lowest bridge ID?

81 Spanning-Tree Operation
One root bridge per network One root port per nonroot bridge One designated port per segment Nondesignated ports are blocked

82 Four-Step Spanning-Tree Decision Process
Lowest root BID Lowest path cost to root bridge Lowest sender BID Lowest port ID

83 Spanning Tree Port States
Spanning tree transitions each port through several different states.

84 Local Switch Root Port Election

85 Spanning-Tree Path Cost

86 Spanning Tree Protocol Root Port Selection
Fast Ethernet RP Ethernet SW X is the root bridge SW Y needs to elect a root port Which port is the root port on SW Y? FastEthernet total cost = Ethernet total cost =

87 Spanning Tree Protocol Designated Port Selection
Fast Ethernet RP DP DP Ethernet Switch X is the root bridge. All ports on the root bridge are designated ports. Do all segments have a designated port?

88 STP Root Bridge Selection Example
Which bridge will be the root bridge?

89 STP Root Port Selection Example
Which ports will be root ports?

90 STP Designated Port Selection Example
Which port becomes the designated port on segment 3?

91 Example: Layer 2 Topology Negotiation

92 Spanning Tree Protocol
The Spanning Tree Protocol (IEEE 802.1d) specifies an algorithm to be used to maintain a loop-free spanning tree of links between bridges. ID=20 ID=40 ID=10 ID=75 ID=80 The spanning tree algorithm finds a spanning tree starting from a root node. To begin, each bridge must have a unique numeric ID. Typically this is the MAC address plus a priority.

93 Spanning Tree Algorithm
Each node maintains three pieces of information for each port: R = ID of current root node d = distance from root node N = closest upstream node (closer to root node) Denote this as (R, d, N): (Root-ID, dist, NextNode) 20 (20,0,-) (40,0,-) (40,0,-) 40 10 (10,0,-) (40,0,-) (10,0,-) (75,0,-) (75,0,-) (80,0,-) 75 80 (80,0,-) Initially each node designates itself as the root node!

94 Spanning Tree Algorithm
Nodes send out spanning tree updates on each port. For example, node 40 would send out the updates shown at right. 20 (40,0,40) 40 10 (40,0,40) (40,0,40) 75 80

95 Spanning Tree Algorithm
Other nodes would also send configuration updates. The figure at right shows the updates sent by nodes 10 and 75. 20 40 10 (10,0,10) (10,0,10) (75,0,75) 75 80 (75,0,75)

96 Spanning Tree Algorithm
When a node receives an updates from another node, it updates its own port information if: update identifies a root node with a smaller ID update identifies a root node with same ID but smaller distance root node and distance are same, but sending node has a smaller ID 20 (20,0,-) (20,1,20) (10,1,10) 40 10 (10,0,-) (40,0,-) (10,0,-) (40,1,40) (10,1,10) (75,0,-) 75 80 (75,1,75) During the first iteration, the links would update their link information like this.

97 Spanning Tree Algorithm
After a node receives configuration updates, it selects the best configuration and discards the others. 20 (20,0,-) (20,1,20) (10,1,10) 40 10 (10,0,-) (40,0,-) (10,0,-) (40,1,40) (10,1,10) (75,0,-) 75 80 (75,1,75)

98 Spanning Tree Algorithm
When a node receives a configuration message which contains a smaller root ID, then it knows that it is not the root node. So, it stops generating its own configuration messages and only forwards received messages (with distance incremented and upstream node modified). 20 (20,0,-) (10,1,10) 40 10 (10,0,-) (10,0,-) (40,1,40) (10,1,10) 75 80 After 1 iteration, nodes 40, 75, and 80 know that they are not the root node. Node 20 still thinks it is the root.

99 Spanning Tree Algorithm
On the next iteration, nodes that realize they are not the root forward root updates to other nodes. 20 (10,1,40) (10,1,10) 40 10 (10,0,-) (10,0,-) (10,1,40) (10,1,80) (10,1,10) 75 80 (40,1,75) Nodes 40 and 80 forward root updates. Node 75 also forwards an update to node 80, but node 80 discards it.

100 Spanning Tree When the updates stabilize, only the root node is generating configuration messages. Other nodes are forwarding messages only over links which are part of the spanning tree -- called a designated bridge. Links not on the spanning tree are not used to forward frames; such links are said to be blocked. 20 (10,2,40) (10,1,10) 40 10 (10,0,-) (10,0,-) (10,2,40) (10,1,10) 75 80 blocked link: not used When algorithm stabilizes, the active links form a spanning tree.

101 Spanning Tree Properties
20 1. In a connected network, a loop-free spanning tree always exists. 2. The spanning tree algorithm will always stabilize on a loop-free tree after at most (#nodes) iterations. 3. The spanning tree may not be the most efficient path. 4. Spanning tree cannot route around a congested link. 40 10 75 80 The spanning tree may not be the most efficient path between nodes.

102 Example

103 Example

104 Exercise

105 Exercise

106 Exercise

107 Enhancements to STP PortFast Per VLAN Spanning Tree+ (PVST+)
Rapid Spanning Tree Protocol (RSTP) Multiple Spanning Tree Protocol (MSTP) MSTP is also known as Multi-Instance Spanning Tree Protocol (MISTP) on Cisco Catalyst 6500 switches and above Per VLAN Rapid Spanning Tree (PVRST)

108 Describing PortFast

109 Configuring PortFast Configuring Verifying
spanning-tree portfast (interface command) or spanning-tree portfast default (global command) enables PortFast on all nontrunking ports Verifying show running-config interface fastethernet 1/1

110 IEEE Documents IEEE 802.1D - Media Access Control (MAC) bridges
IEEE 802.1Q - Virtual Bridged Local Area Networks IEEE 802.1w - Rapid Reconfiguration (Supp. to 802.1D) IEEE 802.1s - Multiple Spanning Tree (Supp. to 802.1Q) IEEE 802.1t - Local and Metropolitan Area Network: Common Specifications

111 Summary Transparent bridges require no client configuration.
A bridge loop may occur when there are redundant paths between switches. A loop free network eliminates redundant paths between switches. The 802.1D protocol establishes a loop-free network. The root bridge is a reference point for STP. Each STP port will host a specific port role. Enhancements now enable STP to converge more quickly and run more efficiently.

Download ppt "Implementing VLAN Trunks"

Similar presentations

Virtual Trunk Protocol

Virtual Trunk Protocol
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Part 2: Preventing Loops in the Network

Part 2: Preventing Loops in the Network
Virtual LANs.

Virtual LANs.
Switching & Operations. Address learning Forward/filter decision Loop avoidance Three Switch Functions.

Switching & Operations. Address learning Forward/filter decision Loop avoidance Three Switch Functions.
Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.

Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.
VLANs Module 2. 2 VLANs  VLANs  Trunking  VLAN Trunking Protocol (VTP)

VLANs Module 2. 2 VLANs  VLANs  Trunking  VLAN Trunking Protocol (VTP)
Virtual LANs. VLAN Overview Segmentation Flexibility Security 3rd floor 2nd floor 1st floor SALESHRENG A VLAN = A broadcast domain = Logical network (subnet)

Virtual LANs. VLAN Overview Segmentation Flexibility Security 3rd floor 2nd floor 1st floor SALESHRENG A VLAN = A broadcast domain = Logical network (subnet)
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Configuring VLANs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Configuring VLANs.
Layer 2 Switch  Layer 2 Switching is hardware based.  Uses the host's Media Access Control (MAC) address.  Uses Application Specific Integrated Circuits.

Layer 2 Switch  Layer 2 Switching is hardware based.  Uses the host's Media Access Control (MAC) address.  Uses Application Specific Integrated Circuits.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Applying Best Practices for VLAN Topologies.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Applying Best Practices for VLAN Topologies.
VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.

VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.
VLAN Trunking Protocol

VLAN Trunking Protocol
VLAN Trunking Protocol (VTP)

VLAN Trunking Protocol (VTP)
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Spanning Tree Protocols LAN Switching and Wireless – Chapter 5 Part.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Spanning Tree Protocols LAN Switching and Wireless – Chapter 5 Part.
CN2668 Routers and Switches (V2) Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN2668 Routers and Switches (V2) Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Building Cisco Multilayer Switched Networks (BCMSN)

Building Cisco Multilayer Switched Networks (BCMSN)

Similar presentations

Ads by Google