3.1.2.12 Lab – Building a Switched Network with Redundant Links (Instructor Version)
Instructor Note: Red font color or Gray highlights indicate text that appears in the instructor copy only.
Topology
Addressing Table
| Device | Interface | IP Address | Subnet Mask |
|---|---|---|---|
| S1 | VLAN 1 | 192.168.1.1 | 255.255.255.0 |
| S2 | VLAN 1 | 192.168.1.2 | 255.255.255.0 |
| S3 | VLAN 1 | 192.168.1.3 | 255.255.255.0 |
Objectives
- Part 1: Build the Network and Configure Basic Device Settings
- Part 2: Determine the Root Bridge
- Part 3: Observe STP Port Selection Based on Port Cost
- Part 4: Observe STP Port Selection Based on Port Priority
Background / Scenario
Redundancy increases the availability of devices in the network topology by protecting the network from a single point of failure. Redundancy in a switched network is accomplished through the use of multiple switches or multiple links between switches. When physical redundancy is introduced into a network design, loops and duplicate frames can occur.
The Spanning Tree Protocol (STP) was developed as a Layer 2 loop-avoidance mechanism for redundant links in a switched network. STP ensures that there is only one logical path between all destinations on the network by intentionally blocking redundant paths that could cause a loop.
In this lab, you will use the show spanning-tree command to observe the STP election process of the root bridge. You will also observe the port selection process based on cost and priority.
Note: The switches used are Cisco Catalyst 2960s with Cisco IOS Release 15.0(2) (lanbasek9 image). Other switches and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and output produced might vary from what is shown in the labs.
Note: Make sure that the switches have been erased and have no startup configurations. If you are unsure, contact your instructor.
Instructor Note: Refer to the Instructor Lab Manual for the procedures to initialize and reload devices.
Required Resources
- 3 Switches (Cisco 2960 with Cisco IOS Release 15.0(2) lanbasek9 image or comparable)
- Console cables to configure the Cisco IOS devices via the console ports
- Ethernet cables as shown in the topology
Part 1: Build the Network and Configure Basic Device Settings
In Part 1, you will set up the network topology and configure basic settings on the switches.
Step 1: Cable the network as shown in the topology.
Attach the devices as shown in the topology diagram, and cable as necessary.
Step 2: Initialize and reload the switches as necessary.
Step 3: Configure basic settings for each switch.
a. Disable DNS lookup.
b. Configure the device name as shown in the topology.
c. Assign class as the encrypted privileged EXEC mode password.
d. Assign cisco as the console and vty passwords and enable login for console and vty lines.
e. Configure logging synchronous for the console line.
f. Configure a message of the day (MOTD) banner to warn users that unauthorized access is prohibited.
g. Configure the IP address listed in the Addressing Table for VLAN 1 on all switches.
h. Copy the running configuration to the startup configuration.
Step 4: Test connectivity.
Verify that the switches can ping one another.
Can S1 ping S2? _________Yes
Can S1 ping S3? _________Yes
Can S2 ping S3? _________Yes
Troubleshoot until you are able to answer yes to all questions.
Part 2: Determine the Root Bridge
Every spanning-tree instance (switched LAN or broadcast domain) has a switch designated as the root bridge. The root bridge serves as a reference point for all spanning-tree calculations to determine which redundant paths to block.
An election process determines which switch becomes the root bridge. The switch with the lowest bridge identifier (BID) becomes the root bridge. The BID is made up of a bridge priority value, an extended system ID, and the MAC address of the switch. The priority value can range from 0 to 65,535, in increments of 4,096, with a default value of 32,768.
Step 1: Deactivate all ports on the switches.
S1(config)# interface range f0/1-24, g0/1-2
S1(config-if-range)# shutdown
S1(config-if-range)# end
S2(config)# interface range f0/1-24, g0/1-2
S2(config-if-range)# shutdown
S2(config-if-range)# end
S3(config)# interface range f0/1-24, g0/1-2
S3(config-if-range)# shutdown
S3(config-if-range)# end
Step 2: Configure connected ports as trunks.
S1(config)# interface range f0/1-4
S1(config-if-range)# switchport mode trunk
S1(config-if-range)# end
S2(config)# interface range f0/1-4
S2(config-if-range)# switchport mode trunk
S2(config-if-range)# end
S3(config)# interface range f0/1-4
S3(config-if-range)# switchport mode trunk
S3(config-if-range)# end
Step 3: Activate ports F0/2 and F0/4 on all switches.
S1(config)# interface range f0/2, f0/4
S1(config-if-range)# no shutdown
S1(config-if-range)# end
S2(config)# interface range f0/2, f0/4
S2(config-if-range)# no shutdown
S2(config-if-range)# end
S3(config)# interface range f0/2, f0/4
S3(config-if-range)# no shutdown
S3(config-if-range)# end
Step 4: Display spanning tree information.
Issue the show spanning-tree command on all three switches. The Bridge ID Priority is calculated by adding the priority value and the extended system ID. The extended system ID is always the VLAN number. In the example below, all three switches have equal Bridge ID Priority values (32769 = 32768 + 1, where default priority = 32768, VLAN number = 1); therefore, the switch with the lowest MAC address becomes the root bridge (S2 in the example).
S1# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0cd9.96d2.4000
Cost 19
Port 2 (FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd9.96e8.8a00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 19 128.2 P2p
Fa0/4 Altn BLK 19 128.4 P2p
S2# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0cd9.96d2.4000
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd9.96d2.4000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/4 Desg FWD 19 128.4 P2p
S3# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0cd9.96d2.4000
Cost 19
Port 2 (FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd9.96e8.7400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 19 128.2 P2p
Fa0/4 Desg FWD 19 128.4 P2p
Note: The default STP mode on the 2960 switch is Per VLAN Spanning Tree (PVST).
In the diagram below, record the Role and Status (Sts) of the active ports on each switch in the Topology.
Based on the output from your switches, answer the following questions.
Which switch is the root bridge? ___________
Answers will vary, the above output shows S2 as the root bridge.
Why did spanning tree select this switch as the root bridge? ___________
The root bridge was chosen because it had the lowest bridge ID (Priority value + extended system ID (VLAN) + MAC address of switch).
Which ports are the root ports on the switches? ___________
Answers will vary, the above output shows S1 – F0/2, and S3 – F0/2.
Which ports are the designated ports on the switches? ___________
Answers will vary, the above output shows S2 – F0/2 and F0/4, S3 – F0/4
What port is showing as an alternate port and is currently being blocked? ___________
Answers will vary, the above output shows S1 – F0/4.
Why did spanning tree select this port as the non-designated (blocked) port? ___________
The spanning tree algorithm (STA) uses the root bridge as the reference point and then determines which ports to block based on path cost. If path costs are equal it then compares BIDs. Lower numbers are preferred. In the output above, the link between S1 and S3 has the highest cost to the root bridge. The path cost through both switches is the same, so STA selected the path through the switch with the lower BID, and blocked the port (F0/4) on the switch with the higher BID (S1).
Part 3: Observe STP Port Selection Based on Port Cost
The spanning tree algorithm (STA) uses the root bridge as the reference point and then determines which ports to block, based on path cost. The port with the lower path cost is preferred. If port costs are equal, then spanning tree compares BIDs. If the BIDs are equal, then the port priorities are used to break the tie. Lower values are always preferred. In Part 3, you will change the port cost to control which port is blocked by spanning tree.
Step 1: Locate the switch with the blocked port.
With the current configuration, only one switch should have a port that is blocked by STP. Issue the show spanning-tree command on both non-root switches. In the example below, spanning tree is blocking port F0/4 on the switch with the highest BID (S1).
S1# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0cd9.96d2.4000
Cost 19
Port 2 (FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd9.96e8.8a00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 19 128.2 P2p
Fa0/4 Altn BLK 19 128.4 P2p
S3# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0cd9.96d2.4000
Cost 19
Port 2 (FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd9.96e8.7400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 19 128.2 P2p
Fa0/4 Desg FWD 19 128.4 P2p
Note: Root bridge and port selection may differ in your topology.
Step 2: Change port cost.
In addition to the blocked port, the only other active port on this switch is the port designated as the root port. Lower the cost of this root port to 18 by issuing the spanning-tree cost 18 interface configuration mode command.
S1(config)# interface f0/2 S1(config-if)# spanning-tree cost 18
Step 3: Observe spanning tree changes.
Re-issue the show spanning-tree command on both non-root switches. Observe that the previously blocked port (S1 – F0/4) is now a designated port and spanning tree is now blocking a port on the other non-root switch (S3 – F0/4).
S1# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0cd9.96d2.4000
Cost 18
Port 2 (FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd9.96e8.8a00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 18 128.2 P2p
Fa0/4 Desg FWD 19 128.4 P2p
S3# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0cd9.96d2.4000
Cost 19
Port 2 (FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd9.96e8.7400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/2 Root FWD 19 128.2 P2p
Fa0/4 Altn BLK 19 128.4 P2p
Why did spanning tree change the previously blocked port to a designated port, and block the port that was a designated port on the other switch? ___________
STP looks at path cost first. The port with the lower path cost will always be preferred over a port with a higher path cost.
Step 4: Remove port cost changes.
a. Issue the no spanning-tree cost 18 interface configuration mode command to remove the cost statement that you created earlier.
S1(config)# interface f0/2 S1(config-if)# no spanning-tree cost 18
b. Re-issue the show spanning-tree command to verify that STP has reset the port on the non-root switches back to the original port settings. It takes approximately 30 seconds for STP to complete the port transition process.
Part 4: Observe STP Port Selection Based on Port Priority
If port costs are equal, then spanning tree compares BIDs. If the BIDs are equal, then the port priorities are used to break the tie. The default port priority value is 128. STP aggregates the port priority with the port number to break ties. Lower values are always preferred. In Part 4, you will activate redundant paths to each switch to observe how STP selects a port using the port priority.
a. Activate ports F0/1 and F0/3 on all switches.
S1(config)# interface range f0/1, f0/3
S1(config-if-range)# no shutdown
S1(config-if-range)# end
S2(config)# interface range f0/1, f0/3
S2(config-if-range)# no shutdown
S2(config-if-range)# end
S3(config)# interface range f0/1, f0/3
S3(config-if-range)# no shutdown
S3(config-if-range)# end
b. Wait 30 seconds for STP to complete the port transition process, and then issue the show spanning-tree command on the non-root switches. Observe that the root port has moved to the lower numbered port linked to the root switch, and blocked the previous root port.
S1# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0cd9.96d2.4000
Cost 19
Port 1 (FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd9.96e8.8a00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/1 Root FWD 19 128.1 P2p
Fa0/2 Altn BLK 19 128.2 P2p
Fa0/3 Altn BLK 19 128.3 P2p
Fa0/4 Altn BLK 19 128.4 P2p
S3# show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0cd9.96d2.4000
Cost 19
Port 1 (FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0cd9.96e8.7400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/1 Root FWD 19 128.1 P2p
Fa0/2 Altn BLK 19 128.2 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/4 Desg FWD 19 128.4 P2p
What port did STP select as the root port on each non-root switch? ___________
Answers will vary, but in the example above S1 – F0/1, and S3 – F0/1.
Why did STP select these ports as the root port on these switches? ___________
The default port value of the ports is 128; therefore, STP used the port number to break the tie. It selected the lower port number as the root port, and blocked the higher-numbered port with the redundant path to the root bridge.
Reflection
- After a root bridge has been selected, what is the first value STP uses to determine port selection? ___________
Path cost. It selects the path with the lower accumulated cost. - If the first value is equal on the two ports, what is the next value that STP uses to determine port selection? ___________
BID by selecting the lower value. - If both values are equal on the two ports, what is the next value that STP uses to determine port selection? ___________
An aggregation of the port priority and the port number, the lower value is preferred.
Device Configs – Final
S1# show run Building configuration... Current configuration : 1829 bytes ! version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname S1 ! boot-start-marker boot-end-marker ! enable secret 4 06YFDUHH61wAE/kLkDq9BGho1QM5EnRtoyr8cHAUg.2 ! no aaa new-model system mtu routing 1500 ! no ip domain-lookup ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 switchport mode trunk ! interface FastEthernet0/3 switchport mode trunk ! interface FastEthernet0/4 switchport mode trunk ! interface FastEthernet0/5 shutdown ! interface FastEthernet0/6 shutdown ! interface FastEthernet0/7 shutdown ! interface FastEthernet0/8 shutdown ! interface FastEthernet0/9 shutdown ! interface FastEthernet0/10 shutdown ! interface FastEthernet0/11 shutdown ! interface FastEthernet0/12 shutdown ! interface FastEthernet0/13 shutdown ! interface FastEthernet0/14 shutdown ! interface FastEthernet0/15 shutdown ! interface FastEthernet0/16 shutdown ! interface FastEthernet0/17 shutdown ! interface FastEthernet0/18 shutdown ! interface FastEthernet0/19 shutdown ! interface FastEthernet0/20 shutdown ! interface FastEthernet0/21 shutdown ! interface FastEthernet0/22 shutdown ! interface FastEthernet0/23 shutdown ! interface FastEthernet0/24 shutdown ! interface GigabitEthernet0/1 shutdown ! interface GigabitEthernet0/2 shutdown ! interface Vlan1 ip address 192.168.1.1 255.255.255.0 ! ip http server ip http secure-server ! ! banner motd ^C Unauthorized Access is Prohibited! ^C ! line con 0 password cisco logging synchronous login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end
S2# show run Building configuration... Current configuration : 1827 bytes ! version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname S2 ! boot-start-marker boot-end-marker ! enable secret 4 06YFDUHH61wAE/kLkDq9BGho1QM5EnRtoyr8cHAUg.2 ! no aaa new-model system mtu routing 1500 ! no ip domain-lookup ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 switchport mode trunk ! interface FastEthernet0/3 switchport mode trunk ! interface FastEthernet0/4 switchport mode trunk ! interface FastEthernet0/5 shutdown ! interface FastEthernet0/6 shutdown ! interface FastEthernet0/7 shutdown ! interface FastEthernet0/8 shutdown ! interface FastEthernet0/9 shutdown ! interface FastEthernet0/10 shutdown ! interface FastEthernet0/11 shutdown ! interface FastEthernet0/12 shutdown ! interface FastEthernet0/13 shutdown ! interface FastEthernet0/14 shutdown ! interface FastEthernet0/15 shutdown ! interface FastEthernet0/16 shutdown ! interface FastEthernet0/17 shutdown ! interface FastEthernet0/18 shutdown ! interface FastEthernet0/19 shutdown ! interface FastEthernet0/20 shutdown ! interface FastEthernet0/21 shutdown ! interface FastEthernet0/22 shutdown ! interface FastEthernet0/23 shutdown ! interface FastEthernet0/24 shutdown ! interface GigabitEthernet0/1 shutdown ! interface GigabitEthernet0/2 shutdown ! interface Vlan1 ip address 192.168.1.2 255.255.255.0 ! ip http server ip http secure-server ! banner motd ^C Unauthorized Access is Prohibited! ^C ! line con 0 password cisco logging synchronous login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end
S3# show run Building configuration... Current configuration : 1829 bytes ! version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname S3 ! boot-start-marker boot-end-marker ! enable secret 4 06YFDUHH61wAE/kLkDq9BGho1QM5EnRtoyr8cHAUg.2 ! no aaa new-model system mtu routing 1500 ! ! no ip domain-lookup ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 switchport mode trunk ! interface FastEthernet0/3 switchport mode trunk ! interface FastEthernet0/4 switchport mode trunk ! interface FastEthernet0/5 shutdown ! interface FastEthernet0/6 shutdown ! interface FastEthernet0/7 shutdown ! interface FastEthernet0/8 shutdown ! interface FastEthernet0/9 shutdown ! interface FastEthernet0/10 shutdown ! interface FastEthernet0/11 shutdown ! interface FastEthernet0/12 shutdown ! interface FastEthernet0/13 shutdown ! interface FastEthernet0/14 shutdown ! interface FastEthernet0/15 shutdown ! interface FastEthernet0/16 shutdown ! interface FastEthernet0/17 shutdown ! interface FastEthernet0/18 shutdown ! interface FastEthernet0/19 shutdown ! interface FastEthernet0/20 shutdown ! interface FastEthernet0/21 shutdown ! interface FastEthernet0/22 shutdown ! interface FastEthernet0/23 shutdown ! interface FastEthernet0/24 shutdown ! interface GigabitEthernet0/1 shutdown ! interface GigabitEthernet0/2 shutdown ! interface Vlan1 ip address 192.168.1.3 255.255.255.0 ! ip http server ip http secure-server ! banner motd ^C Unauthorized Access is Prohibited! ^C ! line con 0 password cisco logging synchronous login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end
