When you configure an EtherChannel, you create a port-channel logical interface, L2 interface, and assign an interface
to the EtherChannel. Use the channel-group interface configuration command to dynamically create the
port-channel logical interface. This command binds the physical and logical ports together.
For Layer 3 interfaces, you manually create the logical interface by using the interface port-channel global configuration command. Then you manually assign an interface to the EtherChannel by using the channel-group interface configuration command.
For Layer 3 interfaces, you manually create the logical interface by using the interface port-channel global configuration command. Then you manually assign an interface to the EtherChannel by using the channel-group interface configuration command.
Excerpts from Quick Reference book by Cisco Press.
Spanning Tree Protocol 802.1D
802.1D Spanning Tree Protocol (STP) is a Layer 2 loop-prevention mechanism. It is an IEEE standards-based
protocol. Over the years, Cisco enhanced this protocol with new features to make much-needed improvements. Layer 2 loops are terrible because of no Time To Live (TTL) value in frames. Loops can cause broadcast
storms, MAC table corruption, and multiple-frame copies.
Path cost is the measure of distance from one bridge to another. Links are assigned a cost value by STP. This cost value is based on bandwidth. Higher-bandwidth links receive a lower-cost value, and STP deems a lower-cost path as preferred to a higher-cost path.
Initially with STP operations, a root bridge must be selected. This root bridge will have all its ports in the forwarding state (designated ports) and will be the central reference point for the creation of a loop-free Layer 2 topology. For the “election” of this device, configuration bridge protocol data units (BPDU) are sent between switches for each port and BIDs are compared. The switch with the lowest priority will be the root bridge. If a tie occurs, the switch with the lowest MAC address will be the root bridge.
STP Process
The bridge ID (BID) is a critical element for the creation of the spanning-tree, loop-free topology. The bridge ID consists of a 2-byte bridge priority and a 6-byte MAC address. The default priority is 32,768. Newer switch operating systems break the priority field into two sections: the 4-bit priority and a 12-bit extended system ID. This extended system ID value is just the VLAN ID. This enables each VLAN to have a unique bridge ID while still using the same MAC address and priority value. Previously, multiple MAC addresses were needed for each VLAN to ensure uniqueness.Path cost is the measure of distance from one bridge to another. Links are assigned a cost value by STP. This cost value is based on bandwidth. Higher-bandwidth links receive a lower-cost value, and STP deems a lower-cost path as preferred to a higher-cost path.
Initially with STP operations, a root bridge must be selected. This root bridge will have all its ports in the forwarding state (designated ports) and will be the central reference point for the creation of a loop-free Layer 2 topology. For the “election” of this device, configuration bridge protocol data units (BPDU) are sent between switches for each port and BIDs are compared. The switch with the lowest priority will be the root bridge. If a tie occurs, the switch with the lowest MAC address will be the root bridge.
After the root bridge for the network has been determined, this reference point can create the loop-free topology.
This initial creation of the loop-free topology takes place in three steps:
Elect a root bridge. The lowest BID wins.
Elect root ports. Every nonroot bridge selects one root port.
Elect designated ports. Each segment has one designated port (the bridge with the designated port is the designated bridge for that segment); all active ports on the root bridge are designated (unless you connect two ports to each other).
Elect root ports. Every nonroot bridge selects one root port.
Elect designated ports. Each segment has one designated port (the bridge with the designated port is the designated bridge for that segment); all active ports on the root bridge are designated (unless you connect two ports to each other).
When convergence occurs, BPDUs radiate out from the root bridge over loop-free paths. Figure 2-1 shows an
example of STP in action.
Ports have a port state under 802.1D STP. Ports begin life on the switch as disabled and gradually transition to a forwarding state when STP deems it is safe to do so. The possible states are listed here along with the timers that control the transition times. The states are carefully ordered to demonstrate the order of transition:
Ports have a port state under 802.1D STP. Ports begin life on the switch as disabled and gradually transition to a forwarding state when STP deems it is safe to do so. The possible states are listed here along with the timers that control the transition times. The states are carefully ordered to demonstrate the order of transition:
-
Disabled: Administratively down
-
Blocking: BPDUs received only (20 sec)
-
Listening: BPDUs sent and received (15 sec)
-
Learning: Bridging table is built (15 sec)
-
Forwarding: Sending/receiving data
STP timers control convergence in the process:
n Hello: 2 sec (time between each configuration BPDU)
n Forward Delay: 15 sec (controls durations of listening/learning states) n Max Age: 20 sec (controls the duration of the blocking state) Default convergence time is 30 to 50 seconds. Timer modification is possible from the root bridge.
n Forward Delay: 15 sec (controls durations of listening/learning states) n Max Age: 20 sec (controls the duration of the blocking state) Default convergence time is 30 to 50 seconds. Timer modification is possible from the root bridge.
Topology Changes
STP uses a Topology Change Notification (TCN) BPDU to alert the root bridge that a topology change to the spanning tree might need to occur. The Type field of the BPDU signifies the TCN BPDU: 0x80. TCN BPDUs improve convergence time when failures in the network occur—primarily because they help in a rapid updating of the MAC address tables. The TCN process of 802.1D is as follows:1. A bridge sends a TCN BPDU in two cases:
-
It takes a port into forwarding and has at least one designated port (DP).
-
A port goes from Forwarding/Learning to Blocking.
-
TCNs are sent out the root port of nonroot devices; they are sent each hello interval until they are acknowl-
edged by the upstream device.
3. The upstream switch sets the Topology Change Acknowledgment (TCA) field of the next configuration BPDU re-
ceived and sends this downstream. This causes the downstream switch to stop sending TCN BPDUs.
4. The upstream switch then sends the TCN further upstream.
5. This continues until the root bridge receives the TCN.
6. The root bridge then sets the TCA and Topology Change flags in the next configuration BPDU sent out down- stream.
7. The root bridge sets the TC flag in all BPDUs sent for Forward Delay + Max Age. This instructs all switches to age MAC table address entries faster.
Root Bridge Placement
You need to set the root bridge location in your network using the appropriate Cisco IOS command.
You should also select a secondary root if the primary root fails.
spanning-tree vlan vlan_ID priority priority_value enables you to modify the priority value and directly manipulate the root election. For example, spanning-tree vlan 100 priority 4096 sets the priority to 4096 for VLAN 100 on the local switch. If all switches are at the default priority value of 32,768, the bridge becomes the root. You can use the priority value of 8192 in this case on another switch to elect it as the secondary root bridge.
The command spanning-tree vlan vlan_ID root primary is actually a macro command that examines the priority of the existing root and sets the priority on the local switch to be 1 less. If the default is used on the root, the priority is set to 8192. To create a secondary root, you can use the following command:
spanning-tree vlan vlan_ID root secondary This command sets the priority value to 16,384.
Remember, in a Cisco environment, by default all spanning-tree mechanisms occur on a VLAN-by-VLAN basis, which is Per-VLAN Spanning Tree (PVST+).
Fast STP Convergence with Cisco-Proprietary Enhancements to 802.1D
n Ports coming up are put directly into the forwarding STP mode.
n The switch does not generate a TCN when a port configured for PortFast is going up or down—for
example, when a workstation power-cycles.
Therefore, consider enabling PortFast on ports connected to end-user workstations. Use caution with PortFast ports to ensure that hubs, switches, bridges, or any other device that might cause a loop do not connect to these ports.
spanning-tree vlan vlan_ID priority priority_value enables you to modify the priority value and directly manipulate the root election. For example, spanning-tree vlan 100 priority 4096 sets the priority to 4096 for VLAN 100 on the local switch. If all switches are at the default priority value of 32,768, the bridge becomes the root. You can use the priority value of 8192 in this case on another switch to elect it as the secondary root bridge.
The command spanning-tree vlan vlan_ID root primary is actually a macro command that examines the priority of the existing root and sets the priority on the local switch to be 1 less. If the default is used on the root, the priority is set to 8192. To create a secondary root, you can use the following command:
spanning-tree vlan vlan_ID root secondary This command sets the priority value to 16,384.
Remember, in a Cisco environment, by default all spanning-tree mechanisms occur on a VLAN-by-VLAN basis, which is Per-VLAN Spanning Tree (PVST+).
Fast STP Convergence with Cisco-Proprietary Enhancements to 802.1D
PortFast
PortFast, as shown in Figure 2-3, is a Cisco enhancement to the 802.1D STP implementation. You apply the command to specific ports, and that application has two effects:n Ports coming up are put directly into the forwarding STP mode.
n The switch does not generate a TCN when a port configured for PortFast is going up or down—for
example, when a workstation power-cycles.
Therefore, consider enabling PortFast on ports connected to end-user workstations. Use caution with PortFast ports to ensure that hubs, switches, bridges, or any other device that might cause a loop do not connect to these ports.
UplinkFast
Configure UplinkFast on wiring closet switches, which detects a directly connected failure and enables a new root
port to come up almost immediately.
When you configure UplinkFast, the local switch has a priority set to 49,152 and adds 3000 to the cost of all links. Finally, a mechanism is included that causes the manipulation of MAC address tables for other bridges.
802.1w Rapid Spanning Tree Protocol
Rapid Spanning Tree Protocol (RSTP or IEEE 802.1w) improves on 802.1D. The protocol incorporates many new features to speed convergence, including incorporation of the ideas presented by Cisco in its enhancements to 802.1D. Although the new technology has many improvements, , the configuration remains almost identical—and the two technologies can coexist. Full benefits are not realized until all systems run RSTP, however.
RSTP requires full-duplex, point-to-point connections between adjacent switches to achieve fast convergence. RSTP defines edge ports as those not participating in STP. Edge ports can be statically configured or will be recognized by the PortFast configuration command.
When you configure UplinkFast, the local switch has a priority set to 49,152 and adds 3000 to the cost of all links. Finally, a mechanism is included that causes the manipulation of MAC address tables for other bridges.
BackboneFast
Configure BackboneFast on all switches to speed convergence when the failure occurs and is indirectly located, such as in the core of the backbone. It reduces convergence from approximately 50 seconds to approximately 30 seconds.802.1w Rapid Spanning Tree Protocol
Rapid Spanning Tree Protocol (RSTP or IEEE 802.1w) improves on 802.1D. The protocol incorporates many new features to speed convergence, including incorporation of the ideas presented by Cisco in its enhancements to 802.1D. Although the new technology has many improvements, , the configuration remains almost identical—and the two technologies can coexist. Full benefits are not realized until all systems run RSTP, however.
RSTP requires full-duplex, point-to-point connections between adjacent switches to achieve fast convergence. RSTP defines edge ports as those not participating in STP. Edge ports can be statically configured or will be recognized by the PortFast configuration command.
RSTP Port States.
RSTP port states are simplified from 802.1D and consist of the following:
n Discarding
n Learning
n Forwarding
Also, the port states are no longer tied directly to port roles. For example, a DP could be Discarding, even though it is destined to transition to the Forwarding state.
RSTP Port Roles
n Root port: This port role exists in 802.1D, too, and is the best path back to the root bridge; it must exist on all nonroot bridges.
n Designated port: This port role exists in 802.1D, too, and there must be a DP on all segments in the topology. By default, all ports on the root bridge are DPs.
n Alternative port: This port role is new to 802.1w and is a quickly converging backup port to the current DP on a segment.
n Backup port: This port role is new to 802.1w and is a quickly converging backup to the root port for a system.
RSTP proposal and agreement process/topology change mechanism
Convergence occurs on a link-by-link basis in 802.1w. No longer does a reliance on timers for convergence exist as in 802.1D. A proposal and agreement process replaces the timer methodology of STP and flows downstream from the root device.
n Forwarding
Also, the port states are no longer tied directly to port roles. For example, a DP could be Discarding, even though it is destined to transition to the Forwarding state.
RSTP Port Roles
n Root port: This port role exists in 802.1D, too, and is the best path back to the root bridge; it must exist on all nonroot bridges.
n Designated port: This port role exists in 802.1D, too, and there must be a DP on all segments in the topology. By default, all ports on the root bridge are DPs.
n Alternative port: This port role is new to 802.1w and is a quickly converging backup port to the current DP on a segment.
n Backup port: This port role is new to 802.1w and is a quickly converging backup to the root port for a system.
RSTP BPDUs
All bridges now send BPDUs every hello time period (2 seconds by default). The BPDUs now act as a keepalive; protocol information is aged if no BPDUs are heard for three consecutive hello times.RSTP proposal and agreement process/topology change mechanism
Convergence occurs on a link-by-link basis in 802.1w. No longer does a reliance on timers for convergence exist as in 802.1D. A proposal and agreement process replaces the timer methodology of STP and flows downstream from the root device.
Implementing RSTP
On most Cisco switches, configuring 802.1s (Multiple Spanning Tree, MST) automatically enables RSTP. Cisco did invent a mode of operation, PVST+ mode, that enables you to use RSTP without the implementation of MST. You can enable PVST+ mode on a switch with the following command:
You configure a set of switches with the same MISTP parameters, and this becomes an MST region. With MISTP, you have an internal spanning tree capable of representing the entire MST region as a common spanning tree for backward compatibility with earlier IEEE implementations.
Follow these steps to configure MISTP:
Step 1. Globally enable MISTP (MSTP) on your switches:
Step 3. Set the MST region name: name name
Step 4. Set a configuration revision number:Step 5. Map your VLANs to MST instances: instance int vlan range
On most Cisco switches, configuring 802.1s (Multiple Spanning Tree, MST) automatically enables RSTP. Cisco did invent a mode of operation, PVST+ mode, that enables you to use RSTP without the implementation of MST. You can enable PVST+ mode on a switch with the following command:
spanning-tree mode rapid-pvst
802.1s Multiple Spanning Tree
MSTP (IEEE 802.1s) is an IEEE standard that enables several VLANs to be mapped to a reduced number of spanning-tree instances. This provides advantages over PVST+ because typical topologies need only a few spanning- tree topologies to be optimized.You configure a set of switches with the same MISTP parameters, and this becomes an MST region. With MISTP, you have an internal spanning tree capable of representing the entire MST region as a common spanning tree for backward compatibility with earlier IEEE implementations.
Follow these steps to configure MISTP:
Step 1. Globally enable MISTP (MSTP) on your switches:
spanning-tree mode mst
Step 2. Enter MST configuration submode:
spanning-tree mst configuration
Step 3. Set the MST region name: name name
Step 4. Set a configuration revision number:Step 5. Map your VLANs to MST instances: instance int vlan range
You can easily verify an MSTP configuration using the following commands:
Loop Guard prevents loops conservatively by preventing alternative or root ports from becoming DPs in the topology. If BPDUs are not received on a non-DP, and Loop Guard is enabled and that port moves into the STP loop- inconsistent Blocking state instead of the Listening/Learning/Forwarding state.
Loop Guard operates only on ports considered point-to-point by the spanning tree and cannot be run with Root Guard on an interface.
To enable Loop Guard, use the following global configuration mode command:
show spanning-tree mst configuration
show spanning-tree mst vlan_id
Loop Guard
As its name implies, Loop Guard is a method for ensuring that STP loops never occur in a particular topology. Even though STP guards against such loops, they can still occur because of things such as unidirectional link failures or switch congestion issues.Loop Guard prevents loops conservatively by preventing alternative or root ports from becoming DPs in the topology. If BPDUs are not received on a non-DP, and Loop Guard is enabled and that port moves into the STP loop- inconsistent Blocking state instead of the Listening/Learning/Forwarding state.
Loop Guard operates only on ports considered point-to-point by the spanning tree and cannot be run with Root Guard on an interface.
To enable Loop Guard, use the following global configuration mode command:
spanning-tree loopguard default
Unidirectional Link Detection
Unidirectional Link Detection (UDLD), as shown in Figure 2-4, detects and disables unidirectional links. A unidirectional link occurs when traffic transmitted from the local switch is received by the neighbor, but traffic sent from the neighbor is not. Unidirectional links can cause a variety of problems, including spanning-tree loops. UDLD performs tasks that autonegotiation cannot perform.
udld enable
You can enable this feature on a port with the following interface configuration command:
Root Guard
Root Guard enables an administrator to enforce the root bridge placement in the network. Service providers that connect switches to customer networks are often interested in this technology because they want to ensure that no customer device inadvertently or otherwise becomes the root of the spanning tree. Root Guard ensures that the port on which Root Guard is enabled is the DP. If the switch receives superior STP BPDUs on a Root Guard-enabled port, the port is moved to a root-inconsistent STP state. This root-inconsistent state is effectively equal to the Listening port state. No traffic is forwarded across this port. This protects the current placement of the root bridge in the infrastructure.You can enable this feature on a port with the following interface configuration command:
spanning-tree guard root
BPDU Guard
This Cisco STP feature protects the network from loops that might occur if BPDUs were received on a PortFast port. Because BPDUs should never arrive at these ports, their reception indicates a misconfiguration or a security breach. BPDU Guard causes the port to error-disable upon the reception of these frames. You can configure BPDU Guard globally to have the feature enabled for all PortFast ports on the system. Following is the command to do this:spanning-tree portfast bpduguard
You can also enable the feature at the interface level. Use this command:
storm-control {broadcast | multicast | unicast} level {level [level-low] | pps pps [pps-low]}
spanning-tree bpduguard enable
You can enable this feature at the interface level even if PortFast is not enabled on the port. Again, the receipt of a
BPDU causes the port to error-disable.
Storm Control
The Storm Control feature protects a LAN from being affected by unicast, broadcast, or multicast storms that might develop. The switch implements storm control by counting the number of packets of a specified type received within the one-second time interval and compares the measurement with a predefined suppression-level threshold. Storm Control can typically enable the administrator to control traffic by a percentage of total bandwidth or the traffic rate at which packets are received. When the rate of multicast traffic exceeds a set threshold, all incoming traffic (broadcast, multicast, and unicast) is dropped until the level drops below the specified threshold level. Only spanning-tree packets are forwarded in this situation. When broadcast and unicast thresholds are exceeded, traffic is blocked for only the type of traffic that exceeded the threshold. Storm Control is configured at the interface level with the following command:storm-control {broadcast | multicast | unicast} level {level [level-low] | pps pps [pps-low]}
Unicast Flooding
If a destination MAC address is not in the MAC address table of the switch, the frame is flooded out all ports for that respective VLAN. Although some flooding is unavoidable and expected, excessive flooding might be caused by asymmetric routing, STP topology changes, or forwarding table overflow. Also, flooding can result from attacks on the network, especially if denial-of-service (DoS) attacks occur. Switches can now implement a unicast flood-prevention feature. This is implemented through the following global configuration command:
An alternative configuration approach found on some Catalyst model devices (such as the 6500 series) is to use Unknown Unicast Flood Blocking (UUFB), which is configured with the following simple interface command:
Production: Formatted below as bulleted list; however, icon doesn’t appear. San Dee
auto: Enables the switch to create a trunk if initiated from the other switch. A switch programmed
with auto does not initiate a trunk but can form a trunk if the other side initiates. The trunk is formed with desirable and on.
desirable: Actively tries to create a trunk link with the peer. The trunk is formed with auto, desirable, and on. on: DTP messages are sent, and a trunk will be formed unless the peer explicitly forbids it. The trunk is formed
with auto, desirable, and on.
off: Trunking is not allowed on the switchport regardless of the DTP status of the peer.
nonegotiate: Disables DTP and will not form a trunk link with a peer which requires trunk negotiation. Trunk is formed with on and nonegotiate.
switchport block unicast
LAN Switching
DTP
Dynamic Trunking Protocol (DTP) is a Cisco proprietary protocol that negotiates the trunking status of a switchport. Connected switches exchange DTP messages that indicate their desirability to create a trunk. The DTP port state dictates its capability to create a trunk. Following are the possible states:Production: Formatted below as bulleted list; however, icon doesn’t appear. San Dee
auto: Enables the switch to create a trunk if initiated from the other switch. A switch programmed
with auto does not initiate a trunk but can form a trunk if the other side initiates. The trunk is formed with desirable and on.
desirable: Actively tries to create a trunk link with the peer. The trunk is formed with auto, desirable, and on. on: DTP messages are sent, and a trunk will be formed unless the peer explicitly forbids it. The trunk is formed
with auto, desirable, and on.
off: Trunking is not allowed on the switchport regardless of the DTP status of the peer.
nonegotiate: Disables DTP and will not form a trunk link with a peer which requires trunk negotiation. Trunk is formed with on and nonegotiate.
VLAN Trunking
802.1Q
The IEEE 802.1Q standard trunking protocol uses an extra tag in the MAC header to identify the VLAN membership of a frame across bridges. This tag is used for VLAN and quality of service (QoS) priority identification.
The VLAN ID (VID) associates a frame with a specific VLAN and provides the information that switches need to process the frame across the network. Notice that a tagged frame is 4 bytes longer than an untagged frame and
contains 2 bytes of Tag Protocol Identifier (TPID) and 2 bytes of Tag Control Information (TCI). These components
of an 802.1Q tagged frame are described in more detail here:
n TPID: The Tag Protocol Identifier has a defined value of 8100 in hex; with the EtherType set at 8100, this frame is identified as carrying the IEEE 802.1Q/802.1p tag.
n Priority: The first 3 bits of the Tag Control Information define user priority; notice the eight (23) possible priority levels; IEEE 802.1p defines the operation for these 3 user-priority bits.
n CFI: The Canonical Format Indicator is a single-bit flag, always set to 0 for Ethernet switches. CFI is used for compatibility reasons between Ethernet networks and the Token Ring.
n VID: VLAN ID identifies the VLAN; notice it enables the identification of 4096 (212) VLANs. Two of these identifications are reserved, permitting the creation of 4094 VLANs.
802.1Q trunks feature a concept called the native VLAN. The native VLAN is a VLAN for which frames are not tagged. Following are the aspects of the native VLAN:
n The VLAN a port is in when not trunking.
n The VLAN from which frames are sent untagged on an 802.1Q port.
n The VLAN to which frames are forwarded if received untagged on an 802.1Q port.
Cisco switches produce errors if the native VLAN does not match at each end of the link. The default native VLAN in Cisco devices is VLAN 1.
You can control the 802.1Q VLAN traffic sent over a trunk, which is possible for security purposes or load balancing.
The command that creates and controls trunks on Cisco IOS-based switches is the interface command:
n TPID: The Tag Protocol Identifier has a defined value of 8100 in hex; with the EtherType set at 8100, this frame is identified as carrying the IEEE 802.1Q/802.1p tag.
n Priority: The first 3 bits of the Tag Control Information define user priority; notice the eight (23) possible priority levels; IEEE 802.1p defines the operation for these 3 user-priority bits.
n CFI: The Canonical Format Indicator is a single-bit flag, always set to 0 for Ethernet switches. CFI is used for compatibility reasons between Ethernet networks and the Token Ring.
n VID: VLAN ID identifies the VLAN; notice it enables the identification of 4096 (212) VLANs. Two of these identifications are reserved, permitting the creation of 4094 VLANs.
802.1Q trunks feature a concept called the native VLAN. The native VLAN is a VLAN for which frames are not tagged. Following are the aspects of the native VLAN:
n The VLAN a port is in when not trunking.
n The VLAN from which frames are sent untagged on an 802.1Q port.
n The VLAN to which frames are forwarded if received untagged on an 802.1Q port.
Cisco switches produce errors if the native VLAN does not match at each end of the link. The default native VLAN in Cisco devices is VLAN 1.
You can control the 802.1Q VLAN traffic sent over a trunk, which is possible for security purposes or load balancing.
The command that creates and controls trunks on Cisco IOS-based switches is the interface command:
n You must configure the VTP domain name identically on each device; domain names are case-sensitive.
n The switches must be adjacent.
n The switches must be connected with trunk links.
n The same VTP password must be configured if used in the domain.
Generally, you find four items in all VTP messages:
n VTP protocol version (either 1,2 or 3) n VTP message type
n Management domain name length
n Management domain name
VTP has four possible message types:
n Summary advertisements
n Subset advertisements
n Advertisement requests
n VTP Join messages (used for pruning)
The VTP configuration revision number is important. This value determines whether a switch has stale information about VLANs and ultimately controls whether the switch overwrites its VLAN database with new information. The revision number increments each time a change is made to the VLAN database on a Server mode VTP system. The number is from 0 to 4,294,967,295. When introducing new Server mode switches, ensure that you do not inadvertently overwrite the VLAN database because of a higher configuration revision number on the new switch. Introducing new switches in Transparent mode helps ensure that this problem never results.
n The switches must be connected with trunk links.
n The same VTP password must be configured if used in the domain.
Generally, you find four items in all VTP messages:
n VTP protocol version (either 1,2 or 3) n VTP message type
n Management domain name length
n Management domain name
VTP has four possible message types:
n Summary advertisements
n Subset advertisements
n Advertisement requests
n VTP Join messages (used for pruning)
The VTP configuration revision number is important. This value determines whether a switch has stale information about VLANs and ultimately controls whether the switch overwrites its VLAN database with new information. The revision number increments each time a change is made to the VLAN database on a Server mode VTP system. The number is from 0 to 4,294,967,295. When introducing new Server mode switches, ensure that you do not inadvertently overwrite the VLAN database because of a higher configuration revision number on the new switch. Introducing new switches in Transparent mode helps ensure that this problem never results.
You have three possible modes for your VTP servers:
n Server: Enables you to create, modify, and delete VLANs; these changes are advertised to VTP Client mode systems; Catalyst switches default to this mode.
n Client: Does not enable the creation, modification, or deletion of VLANs on the local device; VLAN configurations are synchronized from Server mode systems.
n Transparent: Permits the addition, deletion, and modification of VLAN information, but the information resides only locally on the Transparent device; these systems forward advertisements from servers but do not process them. Following is a sample configuration of VTP for a Server mode system in Cisco IOS mode. Note that changing the VTP domain on this system resets the configuration revision number to 0:
Switch# configure terminal Switch(config)# vtp mode server
Setting device to VTP SERVER mode. Switch(config)# vtp domain Lab_Network Setting VTP domain name to Lab_Network Switch(config)# end
Switch#
vtp pruning
When you enable pruning on the switch, all VLANs are pruned by default (with the exception of VLAN 1). You need to configure pruning on only one VTP server, and the setting automatically propagates. You can change this behavior by making select VLANs you choose prune-ineligible. This is done with the following command:
n Server: Enables you to create, modify, and delete VLANs; these changes are advertised to VTP Client mode systems; Catalyst switches default to this mode.
n Client: Does not enable the creation, modification, or deletion of VLANs on the local device; VLAN configurations are synchronized from Server mode systems.
n Transparent: Permits the addition, deletion, and modification of VLAN information, but the information resides only locally on the Transparent device; these systems forward advertisements from servers but do not process them. Following is a sample configuration of VTP for a Server mode system in Cisco IOS mode. Note that changing the VTP domain on this system resets the configuration revision number to 0:
Switch# configure terminal Switch(config)# vtp mode server
Setting device to VTP SERVER mode. Switch(config)# vtp domain Lab_Network Setting VTP domain name to Lab_Network Switch(config)# end
Switch#
VTP Pruning
VTP pruning enables you to limit the amount of traffic sent on trunk ports. It limits the distribution of flooded frames to only switches that have members of the particular VLAN. You can enable VTP pruning with this command:vtp pruning
When you enable pruning on the switch, all VLANs are pruned by default (with the exception of VLAN 1). You need to configure pruning on only one VTP server, and the setting automatically propagates. You can change this behavior by making select VLANs you choose prune-ineligible. This is done with the following command:
switchport trunk pruning vlan {none | {{add | except | remove} vlan[,vlan[,vlan[,...]]}}
Following is the Cisco IOS command:
vtp pruning
Be aware of the following guidelines for EtherChannel:
n All Ethernet interfaces on all modules must support EtherChannel.
n You have a maximum of eight interfaces per EtherChannel.
n The ports do not need to be contiguous or on the same module.
n All ports in the EtherChannel must be set for the same speed and duplex. n Enable all interfaces in the EtherChannel.
n An EtherChannel will not form if one of the ports is a Switched Port Analyzer (SPAN) destination.
n For Layer 3 EtherChannels, assign a Layer 3 address to the port-channel logical interface, not the physical interfaces.
n Assign all EtherChannel ports to the same VLAN or ensure they are all set to the same trunk encapsulation and trunk mode.
vtp pruning
EtherChannel
EtherChannel enables you to bundle redundant links and treat them as a single link, thus achieving substantial bandwidth and redundancy benefits. It is often advisable to use an EtherChannel for key trunks in your campus design. Notice that EtherChannel affects STP because ordinarily one or more of the links would be disabled to prevent a loop.Be aware of the following guidelines for EtherChannel:
n All Ethernet interfaces on all modules must support EtherChannel.
n You have a maximum of eight interfaces per EtherChannel.
n The ports do not need to be contiguous or on the same module.
n All ports in the EtherChannel must be set for the same speed and duplex. n Enable all interfaces in the EtherChannel.
n An EtherChannel will not form if one of the ports is a Switched Port Analyzer (SPAN) destination.
n For Layer 3 EtherChannels, assign a Layer 3 address to the port-channel logical interface, not the physical interfaces.
n Assign all EtherChannel ports to the same VLAN or ensure they are all set to the same trunk encapsulation and trunk mode.
n Interfaces with different STP port path costs can form an EtherChannel.
n After an EtherChannel has been configured, a configuration made to the physical interfaces affects the physical interfaces only.
EtherChannel load balancing can use MAC addresses, IP addresses, or Layer 4 port numbers—either source, destination, or both source and destination addresses.
Here is an example:
Router# configure terminal
Router(config)# interface range fastethernet 2/2 -8
Router(config-if)# channel-group 2 mode desirable
Router(config-if)# end
n 10 Mbps: 10BASE-T Ethernet
n 100 Mbps: Fast Ethernet
n 1000 Mbps: Gigabit Ethernet
n 10,000 Mbps: 10 Gigabit Ethernet
Ethernet has replaced just about every other LAN technology because of the following reasons: n Is easy to understand, implement, manage, and maintain
n After an EtherChannel has been configured, a configuration made to the physical interfaces affects the physical interfaces only.
EtherChannel load balancing can use MAC addresses, IP addresses, or Layer 4 port numbers—either source, destination, or both source and destination addresses.
Here is an example:
Router# configure terminal
Router(config)# interface range fastethernet 2/2 -8
Router(config-if)# channel-group 2 mode desirable
Router(config-if)# end
Ethernet
Ethernet refers to the family of LAN products covered by the IEEE 802.3 standard. This standard defines the carrier sense multiple access collision detect (CSMA/CD) protocol. Four data rates are currently defined for operation over optical fiber and twisted-pair cables:n 10 Mbps: 10BASE-T Ethernet
n 100 Mbps: Fast Ethernet
n 1000 Mbps: Gigabit Ethernet
n 10,000 Mbps: 10 Gigabit Ethernet
Ethernet has replaced just about every other LAN technology because of the following reasons: n Is easy to understand, implement, manage, and maintain
n Has a relatively low cost
n Provides extensive topological flexibility n Is a standards-compliant technology
n Provides extensive topological flexibility n Is a standards-compliant technology
802.3
802.3 defines the original shared media LAN technology. This early Ethernet specification runs at 10 Mbps. Ethernet can run over various media such as twisted pair and coaxial. You often see 802.3 Ethernet referred to as
different terms because of the differences in the underlying media. Here are examples:
n 10BASE-T: Ethernet over Twisted-Pair Media n 10BASE-F: Ethernet over Fiber Media
n 10BASE2: Ethernet over Thin Coaxial Media n 10BASE5: Ethernet over Thick Coaxial Media
802.3u (Fast Ethernet)
Fast Ethernet refers to any one of a number of 100-Mbps Ethernet specifications. As its name implies, Fast Ethernet offers speeds ten times that of the 10BASE-T Ethernet specification.
Although Fast Ethernet is a faster technology, it still preserves such qualities as frame format, MAC mechanisms, and maximum transmission unit (MTU). These similarities permit you to use existing 10BASE-T applications and network management tools on Fast Ethernet networks.
802.3z (Gigabit Ethernet)
This Ethernet technology builds on the foundations of the old but increases speeds tenfold over Fast Ethernet to 1000 Mbps, or 1 gigabit per second (Gbps).
n 10BASE-T: Ethernet over Twisted-Pair Media n 10BASE-F: Ethernet over Fiber Media
n 10BASE2: Ethernet over Thin Coaxial Media n 10BASE5: Ethernet over Thick Coaxial Media
802.3u (Fast Ethernet)
Fast Ethernet refers to any one of a number of 100-Mbps Ethernet specifications. As its name implies, Fast Ethernet offers speeds ten times that of the 10BASE-T Ethernet specification.
Although Fast Ethernet is a faster technology, it still preserves such qualities as frame format, MAC mechanisms, and maximum transmission unit (MTU). These similarities permit you to use existing 10BASE-T applications and network management tools on Fast Ethernet networks.
802.3z (Gigabit Ethernet)
This Ethernet technology builds on the foundations of the old but increases speeds tenfold over Fast Ethernet to 1000 Mbps, or 1 gigabit per second (Gbps).
Gigabit Ethernet over Copper (also known as 1000BASE-T) is another extension of the existing Fast Ethernet
standard. 802.3ab specifies Gigabit Ethernet operation over the Category 5e/6 cabling systems already installed. This
reuse of the existing infrastructure helps make 802.3ab a cost-effective solution.
10 Gigabit Ethernet
The latest in Ethernet technologies, 10 Gigabit Ethernet provides the following features:
n High bandwidth
n Low cost of ownership
n Scalability from 10 Mbps to 10,000 Mbps
Long Reach Ethernet
The Cisco Long Reach Ethernet (LRE) networking solution delivers 5-Mbps to 15-Mbps speeds over existing Category 1/2/3 wiring. As the name conveys, this Ethernet-like performance extends 3500 to 5000 feet.
Gigabit Interface Converter
The Gigabit Interface Converter (GBIC) is a Cisco standards-based hot-swappable input/output device that plugs into a Gigabit Ethernet slot on a Cisco network device. This flexibility enables you to inexpensively adapt your network equipment to any changes in the physical media that might be introduced.
You can intermix GBICs in a Cisco device to support any combination of 802.3z-compliant 1000BASE-SX, 1000BASE-LX/LH, or 1000BASE-ZX interfaces. Upgrading to the latest interface technologies is simple because of these GBICs.
10 Gigabit Ethernet
The latest in Ethernet technologies, 10 Gigabit Ethernet provides the following features:
n High bandwidth
n Low cost of ownership
n Scalability from 10 Mbps to 10,000 Mbps
Long Reach Ethernet
The Cisco Long Reach Ethernet (LRE) networking solution delivers 5-Mbps to 15-Mbps speeds over existing Category 1/2/3 wiring. As the name conveys, this Ethernet-like performance extends 3500 to 5000 feet.
Gigabit Interface Converter
The Gigabit Interface Converter (GBIC) is a Cisco standards-based hot-swappable input/output device that plugs into a Gigabit Ethernet slot on a Cisco network device. This flexibility enables you to inexpensively adapt your network equipment to any changes in the physical media that might be introduced.
You can intermix GBICs in a Cisco device to support any combination of 802.3z-compliant 1000BASE-SX, 1000BASE-LX/LH, or 1000BASE-ZX interfaces. Upgrading to the latest interface technologies is simple because of these GBICs.
No comments:
Post a Comment