Bu lab Dynamips te yapilmistir.
Her SW de yapilmasi gereken conf :
conf t
hostname SWx
vtp file nvram:vlan.dat
line console 0
loggin syn
end
vlan database
vtp server
vtp domain CCIE
! asagidaki vlanlarin sadece VTP server da olusturulmasi yeterlidir.
vlan 10
vlan 20
vlan 30
vlan 40
exit
SW1(config)#vtp file nvram:vlan.dat
SW1(config)#end
SW1#sh cdp neighbors | b SW3
SW3 Fas 1/12 157 R S I 3640 Fas 1/9
SW3 Fas 1/11 157 R S I 3640 Fas 1/8
SW3 Fas 1/10 157 R S I 3640 Fas 1/7
Gereksiz portlari kapatip CDP ile elde ettgimiz bilgilerle ilgili portlari Trunk yapiyoruz.
SW1(config)#int range f1/0 - 15
SW1(config-if-range)#shut
SW1(config-if-range)#int range f1/10 - 11
SW1(config-if-range)#no shut
SW1(config-if-range)#switchport trunk encapsulation dot1q
SW1(config-if-range)#switchport mode trunk
*Mar 1 00:20:56.495: %DTP-5-TRUNKPORTON: Port Fa1/10-11 has become dot1q trunk
SW1#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/10 on 802.1q trunking 1
Fa1/11 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/10 1-1005
Fa1/11 1-1005
Port Vlans allowed and active in management domain
Fa1/10 1,10,20,30,40
Fa1/11 1,10,20,30,40
Port Vlans in spanning tree forwarding state and not pruned
Fa1/10 1,10,20,30,40
Fa1/11 1,10,20,30,40
SW3#sh cdp neighbors | b SW1
SW1 Fas 1/8 149 R S I 3640 Fas 1/11
SW1 Fas 1/7 149 R S I 3640 Fas 1/10
SW3#sh cdp neighbors | b SW4
SW4 Fas 1/15 146 R S I 3640 Fas 1/15
SW4 Fas 1/14 146 R S I 3640 Fas 1/14
SW4 Fas 1/13 146 R S I 3640 Fas 1/13
SW3(config)#int range f1/0 - 15
SW3(config-if-range)#shut
SW3(config-if-range)#int range f1/7 - 8 , f1/13 - 14
SW3(config-if-range)#no shut
SW3(config-if-range)#switchport trunk encap dot1q
SW3(config-if-range)#switchport mode trunk
SW3#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/7 on 802.1q trunking 1
Fa1/8 on 802.1q trunking 1
Fa1/13 on 802.1q trunking 1
Fa1/14 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/7 1-1005
Fa1/8 1-1005
Fa1/13 1-1005
Fa1/14 1-1005
Port Vlans allowed and active in management domain
Fa1/7 1,10,20,30,40
Fa1/8 1,10,20,30,40
Fa1/13 1,10,20,30,40
Fa1/14 1,10,20,30,40
Port Vlans in spanning tree forwarding state and not pruned
Fa1/7 1,10,20,30,40
Fa1/8 none
Fa1/13 1,10,20,30,40
Port Vlans in spanning tree forwarding state and not pruned
Fa1/14 1,10,20,30,40
!SW4
SW4#sh cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
SW2 Fas 1/12 125 R S I 3640 Fas 1/15
SW2 Fas 1/11 125 R S I 3640 Fas 1/14
SW2 Fas 1/10 125 R S I 3640 Fas 1/13
SW3 Fas 1/14 143 R S I 3640 Fas 1/14
SW3 Fas 1/13 143 R S I 3640 Fas 1/13
SW4(config)#int range f1/0 - 15
SW4(config-if-range)#shut
SW4(config-if-range)#int range f1/10 - 11 , f1/13 - 14
SW4(config-if-range)#switchport trunk encap dot1q
SW4(config-if-range)#switchport mode trunk
SW4(config-if-range)#no shut
SW4#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/10 on 802.1q trunking 1
Fa1/11 on 802.1q trunking 1
Fa1/13 on 802.1q trunking 1
Fa1/14 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/10 1-1005
Fa1/11 1-1005
Fa1/13 1-1005
Fa1/14 1-1005
Port Vlans allowed and active in management domain
Fa1/10 1,10,20,30,40
Fa1/11 1,10,20,30,40
Fa1/13 1,10,20,30,40
Fa1/14 1,10,20,30,40
Port Vlans in spanning tree forwarding state and not pruned
Fa1/10 1,10,20,30,40
Fa1/11 1,10,20,30,40
Fa1/13 1,10,20,30,40
Port Vlans in spanning tree forwarding state and not pruned
Fa1/14 none
! SW2
SW2#sh cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
SW4 Fas 1/14 142 R S I 3640 Fas 1/11
SW4 Fas 1/13 142 R S I 3640 Fas 1/10
SW2(config)#int range f1/13 - 14
SW2(config-if-range)#switchport trunk encapsulation dot1q
SW2(config-if-range)#switchport mode trunk
SW2(config-if-range)#no shut
*Mar 1 00:54:52.475: %DTP-5-TRUNKPORTON: Port Fa1/13-14 has become dot1q trunk
SW2#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/13 on 802.1q trunking 1
Fa1/14 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/13 1-1005
Fa1/14 1-1005
Port Vlans allowed and active in management domain
Fa1/13 1,10,20,30,40
Fa1/14 1,10,20,30,40
Port Vlans in spanning tree forwarding state and not pruned
Fa1/13 1,10,20,30,40
Fa1/14 none
Asagidaki sekilde default ayarlarla tafik akisi kirmizi ile cizilen yerlerde gosterilmistir.
Sekle gore neden bazi portlarin Forwarding (root port yada designated port) oldugunu aciklayalim.
STP hangi portunun block yada designated olacagina nasil karar verir?
Ortamdaki en dusuk bridge ID li Switch Root secildikten sonra BPDU trafigi baslar. Root Switch tarafindan gonderilenler superior BPDU lardir. Superior BPDU alan Switchler asagidaki kriterlere gore hangi portunun block yada designated (Forward) olacagina karar verir.
1- A lower Root Bridge ID.
2- A lower path cost to the Root.
3- A lower Sending Bridge ID.
4- A lower Sending Port ID.
Root birdge in tum portlari forwarding moddadir. 1. kriter ile block port karari verilemezse sonraki adimda asagida sekilde gorulen cost degerleri baz alinir. Cost degeri kucuk olan port Root portdur ve forwarding moda gecer. Cost degerleri esitse BPDU alinan Bridge ID si kucuk olan port, oda esitse bagli SW nin kucuk portuna bagli port root port olur ve forwarding moda gecer.
Bandwidth | STP Cost Value |
4 Mbps | 250 |
10 Mbps | 100 |
16 Mbps | 62 |
45 Mbps | 39 |
100 Mbps | 19 |
155 Mbps | 14 |
622 Mbps | 6 |
1 Gbps | 4 |
10 Gbps | 2 |
Buraya kadar tum SW lerde Vlan lari ve Trunklari olusturduk. Simdi STP ayarlariyla oynayarak VLAN 10 ve 30 un buyuk olan Trunk portlardan, diger VLAN larin kucuk olan Trunk portlardan akmasini saglayarak kismen Load Sharing islemini yapacagiz.
Ilk durumda asagida da goruldugu gibi SW1 root tur.
SW1#sh spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
---------------- -------------------- ----- ---- ---- ----- ----------------
VLAN1 32768 cc00.0e34.0000 0 2 20 15 This bridge is root
VLAN10 32768 cc00.0e34.0001 0 2 20 15 This bridge is root
VLAN20 32768 cc00.0e34.0002 0 2 20 15 This bridge is root
VLAN30 32768 cc00.0e34.0003 0 2 20 15 This bridge is root
VLAN40 32768 cc00.0e34.0004 0 2 20 15 This bridge is root
SW2#sh spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
---------------- -------------------- ----- ---- ---- ----- ----------------
VLAN1 32768 cc00.0e34.0000 57 2 20 15 FastEthernet1/13
VLAN10 32768 cc00.0e34.0001 57 2 20 15 FastEthernet1/13
VLAN20 32768 cc00.0e34.0002 57 2 20 15 FastEthernet1/13
VLAN30 32768 cc00.0e34.0003 57 2 20 15 FastEthernet1/13
VLAN40 32768 cc00.0e34.0004 57 2 20 15 FastEthernet1/13
SW3#sh spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
---------------- -------------------- ----- ---- ---- ----- ----------------
VLAN1 32768 cc00.0e34.0000 19 2 20 15 FastEthernet1/7
VLAN10 32768 cc00.0e34.0001 19 2 20 15 FastEthernet1/7
VLAN20 32768 cc00.0e34.0002 19 2 20 15 FastEthernet1/7
VLAN30 32768 cc00.0e34.0003 19 2 20 15 FastEthernet1/7
VLAN40 32768 cc00.0e34.0004 19 2 20 15 FastEthernet1/7
SW4#sh spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
---------------- -------------------- ----- ---- ---- ----- ----------------
VLAN1 32768 cc00.0e34.0000 38 2 20 15 FastEthernet1/13
VLAN10 32768 cc00.0e34.0001 38 2 20 15 FastEthernet1/13
VLAN20 32768 cc00.0e34.0002 38 2 20 15 FastEthernet1/13
VLAN30 32768 cc00.0e34.0003 38 2 20 15 FastEthernet1/13
VLAN40 32768 cc00.0e34.0004 38 2 20 15 FastEthernet1/13
SW1 in Root bridge olmasinin nedeni tum SW lerin priority leri ayni (32768) olmasi ile Bridge ID (lowest MAC adress) sinin kucuk olmasindandir ve Root olmasinin sonucunda tum portlari FW moddadir.
SW1#sh spanning-tree brief
VLAN1
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address cc00.0e34.0000
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768
Address cc00.0e34.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/10 128.51 128 19 FWD 0 32768 cc00.0e34.0000 128.51
FastEthernet1/11 128.52 128 19 FWD 0 32768 cc00.0e34.0000 128.52
Asagidaki SW3 ornegimizde kendi bridge priority si buyuk oldugundan (cc02>cc00) SW1 in root bridge oldugunu kabul etmistir.
SW3#sh spanning-tree bri
VLAN1
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address cc00.0e34.0000
Cost 19
Port 48 (FastEthernet1/7)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768
Address cc02.0e34.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/7 128.48 128 19 FWD 0 32768 cc00.0e34.0000 128.51
FastEthernet1/8 128.49 128 19 BLK 0 32768 cc00.0e34.0000 128.52
FastEthernet1/13 128.54 128 19 FWD 19 32768 cc02.0e34.0000 128.54
FastEthernet1/14 128.55 128 19 FWD 19 32768 cc02.0e34.0000 128.55
Simdi load sharing icin Vlan 10 ve 30 icin Root bridge’in SW1 digerleri icin SW2 olmasini saglayalim.
SW1(config)#spanning-tree vlan 10 root primary
% This switch is already the root of VLAN10 spanning tree
VLAN 10 bridge priority set to 8192
VLAN 10 bridge max aging time unchanged at 20
VLAN 10 bridge hello time unchanged at 2
VLAN 10 bridge forward delay unchanged at 15
SW1(config)#spanning-tree vlan 30 root primary
% This switch is already the root of VLAN30 spanning tree
VLAN 30 bridge priority set to 8192
VLAN 30 bridge max aging time unchanged at 20
VLAN 30 bridge hello time unchanged at 2
VLAN 30 bridge forward delay unchanged at 15
Bu komutla SW1’in bridge priority leri 4 kat asagi cekilerek bu Vlanlarda root bridge olmasi garantilenmektedir. Diger Vlan larda SW2 yi root bridge yapmak icin;
SW2(config)#spanning-tree vlan 1 root primary
VLAN 1 bridge priority set to 8192
VLAN 1 bridge max aging time unchanged at 20
VLAN 1 bridge hello time unchanged at 2
VLAN 1 bridge forward delay unchanged at 15
SW2(config)#spanning-tree vlan 20 root primary
VLAN 20 bridge priority set to 8192
VLAN 20 bridge max aging time unchanged at 20
VLAN 20 bridge hello time unchanged at 2
VLAN 20 bridge forward delay unchanged at 15
SW2(config)#spanning-tree vlan 40 root primary
VLAN 40 bridge priority set to 8192
VLAN 40 bridge max aging time unchanged at 20
VLAN 40 bridge hello time unchanged at 2
VLAN 40 bridge forward delay unchanged at 15
Simdiki durum;
SW1#sh spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
---------------- -------------------- ----- ---- ---- ----- ----------------
VLAN1 8192 cc01.0e34.0000 57 2 20 15 FastEthernet1/10
VLAN10 8192 cc00.0e34.0001 0 2 20 15 This bridge is root
VLAN20 8192 cc01.0e34.0002 57 2 20 15 FastEthernet1/10
VLAN30 8192 cc00.0e34.0003 0 2 20 15 This bridge is root
VLAN40 8192 cc01.0e34.0004 57 2 20 15 FastEthernet1/10
SW1#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/10 on 802.1q trunking 1
Fa1/11 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/10 1-1005
Fa1/11 1-1005
Port Vlans allowed and active in management domain
Fa1/10 1,10,20,30,40
Fa1/11 1,10,20,30,40
Port Vlans in spanning tree forwarding state and not pruned
Fa1/10 1,10,20,30,40
Fa1/11 10,30
SW2#sh spanning-tree root brief
Root Hello Max Fwd
Vlan Root ID Cost Time Age Delay Root Port
---------------- -------------------- ----- ---- ---- ----- ----------------
VLAN1 8192 cc01.0e34.0000 0 2 20 15 This bridge is root
VLAN10 8192 cc00.0e34.0001 57 2 20 15 FastEthernet1/13
VLAN20 8192 cc01.0e34.0002 0 2 20 15 This bridge is root
VLAN30 8192 cc00.0e34.0003 57 2 20 15 FastEthernet1/13
VLAN40 8192 cc01.0e34.0004 0 2 20 15 This bridge is root
SW2#sh int trunk
Port Mode Encapsulation Status Native vlan
Fa1/13 on 802.1q trunking 1
Fa1/14 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/13 1-1005
Fa1/14 1-1005
Port Vlans allowed and active in management domain
Fa1/13 1,10,20,30,40
Fa1/14 1,10,20,30,40
Port Vlans in spanning tree forwarding state and not pruned
Fa1/13 1,10,20,30,40
Fa1/14 1,20,40
Bu asamada SW1’i Vlan 10 ve 30 da, SW2 yide 1, 20, 40 nolu Vlanlarda root bridge yaptik fakat hala tum trafik Sekil 2 deki gibi kucuk olan portlardan akmaya devam ediyor. Oysaki bizim amacimiz Vlan 10 ve 30 un buyuk olan portlardan diger Vlanlarin kucuk olan portlardan akmasini saglamak.
Duzenleme yapmadan once:
SW1#sh spanning-tree vlan 10 brief
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/10 128.51 128 19 FWD 0 8192 cc00.0fc4.0001 128.51
FastEthernet1/11 128.52 128 19 FWD 0 8192 cc00.0fc4.0001 128.52
SW3#sh spanning-tree vlan 10 brief
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/7 128.48 128 19 FWD 0 8192 cc00.0fc4.0001 128.51
FastEthernet1/8 128.49 128 19 BLK 0 8192 cc00.0fc4.0001 128.52
Yukarida kirmizi olarak gosterdigim gibi Fa1/10 un priority si daha dusuk yani daha degerlidir. Dolayisiyla bu portla birlikte diger SW ye bagli port da root port olur. Vlan 10 ve 30 u buyuk numarali yani Fa1/11 den gecirmek icin ya bu portun priority sini dusurerek yada Fa1/10 unun degerini artirarak Fa1/11’i daha degerli hale getirmemiz gerekir. Ben degerini kucultmeyi tercih ettim defaultu 128.
SW1(config)#int f1/11
SW1(config-if)#spanning-tree vlan 10 port-priority 124
SW1(config-if)# do sh spanning-tree vlan 10 brief
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/10 128.51 128 19 FWD 0 8192 cc00.0fc4.0001 128.51
FastEthernet1/11 124.52 124 19 FWD 0 8192 cc00.0fc4.0001 124.52
Yukarida goruldugu gibi Fa1/11’in Priority’si duserek degerli daha degerli hale geldi. Degerleri 4 un katlari seklinde azaltabiliyoruz.
SW3#sh spanning-tree vlan 10 brief
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/7 128.48 128 19 BLK 0 8192 cc00.0fc4.0001 128.51
FastEthernet1/8 128.49 128 19 FWD 0 8192 cc00.0fc4.0001 124.52
Priority’nin esas etkisi karsi SW portunda oldu. Priority degerini kucultmeden once block modda olan port Forward moda gecti, loop’u onlemek icin bu sefer diger port block moda gecti. Vlan 10 da SW1 root bridge oldugu icin portlarinin ikisi de forward modda kaldi.
Bu islemi SW3 te path cost degerini degistirerek te yapabiliriz:
SW3#sh spanning-tree vlan 10 brief
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/7 128.48 128 19 FWD 0 8192 cc00.0fc4.0001 128.51
FastEthernet1/8 128.49 128 19 BLK 0 8192 cc00.0fc4.0001 128.52
SW3(config-if)#int f1/8
SW3(config-if)#spanning-tree vlan 10 cost 18
SW3(config-if)#do sh spanning-tree vlan 10 brie
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/7 128.48 128 19 BLK 0 8192 cc00.0fc4.0001 128.51
FastEthernet1/8 128.49 128 18 FWD 0 8192 cc00.0fc4.0001 128.52
Yine ayni mantikla SW3 ile SW4 arasinda SW3 un Vlan 10 icin portlari FW modda. SW4 te ise yine kucuk port olan Fa1/13 ten akan trafik icin ya F1/13 un costunu artirip yada F1/14 un costunu dusurerek trafigin buyuk olan F1/14 ten akmasini saglayabiliriz.
SW4(config-if)#int f1/14
SW4(config-if)#spanni vlan 10 cost 18
SW4(config-if)#do sh spann vlan 10 brief
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/13 128.54 128 19 BLK 18 32768 cc02.0fc4.0001 128.54
FastEthernet1/14 128.55 128 18 FWD 18 32768 cc02.0fc4.0001 128.55
SW2 ile SW4 arasindaki segmentte ayni taktiktle trafigi buyuk olan porta yonlendiriyoruz.
SW4(config-if)#int f1/11
SW4(config-if)#spanning-tree vlan 10 port-priority 124
SW4(config-if)#do sh spann vlan 10 brief
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/10 128.51 128 19 FWD 36 32768 cc03.0fc4.0001 128.51
FastEthernet1/11 124.52 124 19 FWD 36 32768 cc03.0fc4.0001 124.52
Sonuc olarak buyuk olan F1/14 portu forward moda gecerek Vlan 10 icin tum trafik buyuk olan portlara yonlendirmis olduk. Vlan 30 icin de ayni adimlari yaparak Bulent Hocamin verdigi odevi yapmis oluyorum.
SW2#sh spanning-tree vlan 10 brief
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/13 128.54 128 19 BLK 36 32768 cc03.0fc4.0001 128.51
FastEthernet1/14 128.55 128 19 FWD 36 32768 cc03.0fc4.0001 124.52
Priority veya path cost degerleri ile Vlan lari farkli trunklardan gondermek "allowed vlan" tanimlamalari yapmaktan daha avantajlidir. Bir portun down olmasi dusumunda trafik diger porttan akmaya devam eder.
Bu yontemle load balancing yapmanin dezavantaji da vardir. Bir porta yonlendirilen trafigin o portun kapasitesinin asmasi durumunda asan trafik diger porta gecmez, oysaki diger vlan larin aktigi bir baska port atil durumda olabilir. Cisco bu dezavantaji ortadan kaldirmak icin "etherchannel" tavsiye etmektedir. Bana bir odev daha mi cikti acaba:)
!!!NOT: Lutfen port altinda konfigirasyon yaparken Vlan numarasini yazmayi unutmayin, aksi takdirde yazdiginiz deger tum Vlan lar icin gecerli olur. Ben yaptim ordan biliyorumJ
Kaynak: Btegitim CCIE Boot Camp ders notlari, Bulent Hoca’nin anlattiklarindan aklimda kalanlar ve ofcourse cisco.com
10 Eylul 2008 Carsamba
mesutcap@gmail.com
