Professional Documents
Culture Documents
Objectives
Configure VTP
Create VLANs
Configure trunking
Configure inter-VLAN routing
Verify correct operation of inter-VLAN routing
Examine STP
Configure RSTP
Lab Diagram
Fa0/0 192.168.xx.2/24
S1/0 192.168.x.102/27 DCE
PxR2
S1/1 192.168.x.202/27
Student PC
Core Router
PxSW 192.168.x.200/27
VLAN 1 192.168.xx.10/24
Fa0/2
Frame Relay
Fa0/1
S1/1 192.168.x.201/27
PxR1
S1/0 192.168.x.101/27 DTE
To Core Switch Fa0/0 192.168.xx.1/24
TFTP Server
10.1.1.1
Procedure
In this lab, you’ll create a new VLAN, assign a switch port to it, configure trunking
between the switch and a router, and test inter-VLAN routing. Following that, you’ll
examine STP, and then implement RSTP.
Note This lab requires that the previous lab was completed correctly. If you have any
doubts, reset to this lab.
2. On both routers, verify that the FastEthernet 0/0 interface is “up/up”, and that the Serial
1/0 and Serial 1/1 interfaces are “administratively down”:
PxRy#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.xx.y YES manual up up
BRI0/0 unassigned YES unset administratively down down
BRI0/0:1 unassigned YES unset administratively down down
BRI0/0:2 unassigned YES unset administratively down down
FastEthernet0/1 unassigned YES unset administratively down down
Serial1/0 192.168.x.10y YES manual administratively down down
Serial1/1 192.168.x.20y YES manual administratively down down
Serial1/2 unassigned YES unset administratively down down
Serial1/3 unassigned YES unset administratively down down
PxRy#
4. On your switch, verify that the switch’s FastEthernet 0/1, 2, 11 and 12 interfaces are
“connected”:
PxSW#show interfaces status
Note Do not pass this point until you have verified that the router and switch
interfaces are correctly configured
Verify Connectivity
8. Verify connectivity by pinging between the R1, R2, and the switch to the target
addresses. Indicate success or failure in the table. Once the ARP caches are loaded, all
pings should be successful (if you don’t get a success rate of 100%, try it again):
PxRy#ping 10.1.1.1
R1 R2 Switch TFTP
10.1.1.1x1 10.1.1.1x2 10.1.1.1x3 10.1.1.1
VLAN 1 VLAN 1 VLAN 1 VLAN 1
R1
R2
Switch
Note Do not pass this point until you are pinging between all sources and targets with
100 percent success.
At this point only VLAN 1 should exist (ignore the reserved FDDI and Token Ring
VLANs of 1002-1005), and all twenty-four interfaces should be in VLAN 1.
10. Configure your switch as a member of VTP domain “Podx”, where “x” is your pod
number (the VTP domain name is case sensitive). To prevent other pods from modifying
your VLAN database, place your switch into transparent mode:
PxSW#configure terminal
PxSW(config)#vtp domain Podx
PxSW(config)#vtp mode transparent
PxSW(config)#end
Your switch should belong to VTP domain “Podx”, and the operating mode should be
“transparent”. Note that while in transparent mode, the “Configuration Revision” is hard-
wired to zero.
12. You will now break the network into two parts. VLAN 1 will contain the core and the
switch management address, and VLAN 2 will contain the two routers. VLAN 1 exists by
default, so create VLAN 2 on the switch:
PxSW#configure terminal
PxSW(config)#vlan 2
13. Change the name of VLAN 2 to “Testx”, where “x” is your pod number:
PxSW(config-vlan)#name Testx
14. Place the switch’s FastEthernet 0/1 and 2 interfaces into VLAN 2, and leave config
mode:
PxSW(config-vlan)#interface range fastethernet 0/1 - 2
PxSW(config-if-range)#switchport access vlan 2
PxSW(config-if-range)#end
CCNA Lab Guide L4-7
© Global Knowledge Training LLC
Configuring Expanded Switched Networks
You should see that FastEthernet 0/1 and 0/2 are now in VLAN 2, and all other interfaces
are still in VLAN 1.
16. View the switch’s FastEthernet 0/1 VLAN-related information:
PxSW#show interface fastethernet0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 2 (Test4)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
PxSW#
Note that the “show interface switchport” command gives an excellent summary of the
interfaces’ VLAN-related information.
L4-8 CCNA Lab Guide
© Global Knowledge Training LLC
Configuring Expanded Switched Networks
Verify Connectivity
17. Test connectivity by attempting to ping per the chart below. Not all pings should be
successful:
PxRy#ping 10.1.1.1
R1 R2 Switch TFTP
10.1.1.1x1 10.1.1.1x2 10.1.1.1x3 10.1.1.1
VLAN 2 VLAN 2 VLAN 1 VLAN 1
R1
R2
Switch
18. Change R1’s FastEthernet 0/0 address back to the old value of 192.168.xx.1/24:
PxR1#configure terminal
PxR1(config)#interface fastethernet 0/0
PxR1(config-if)#ip address 192.168.xx.1 255.255.255.0
PxR1(config-if)#end
The ping should not be successful. Although the routers’ FastEthernet 0/0 interfaces are
both on VLAN 2, they cannot reach each other, because they are in different Layer-3
broadcast domains (subnets) that are not connected by a router.
21. Configure R2’s FastEthernet 0/0 as a trunk port by creating a subinterface for VLAN 2.
Use subinterface of 2, and specify IEEE 802.1q encapsulation (tagging):
PxR2#configure terminal
PxR2(config)#interface fastethernet 0/0.2
PxR2(config-subif)#encapsulation dot1q 2
23. Enable RIP on R2’s FastEthernet 0/0 native VLAN by adding a network statement for
the 10.0.0.0 network (it already has a network statement for 192.168.xx.0):
PxR2(config-subif)#router rip
PxR2(config-router)#network 10.0.0.0
PxR2(config-router)#end
24. View R2’s routing table. R2 should have connected routes for 10.1.1.0/24 (on
FastEthernet 0/0) and 192.168.xx.0/24 (on the FastEthernet 0/0.2 subinterface):
PxR2#show ip route
(output omitted)
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/0
C 192.168.xx.0/24 is directly connected, FastEthernet0/0.2
(output omitted)
PxR2#
Note that R2 has multiple directly-connected routes associated with an interface, one on
the FastEthernet 0/0 main interface, and another on the FastEthernet 0/0.2 subinterface.
This configuration is sometimes referred to as a “router on a stick” (like a lollipop).
25. View R1’s routing table. R1 should have a connected route for 192.168.xx.0/24, and a
RIP route via R2 (192.168.xx.2) to 10.1.1.0/24, both via the FastEthernet 0/0 interface:
PxR1#show ip route
(output omitted)
C 192.168.xx.0/24 is directly connected, FastEthernet0/0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R 10.1.1.0/24 [120/1] via 192.168.xx.2 00:00:24, FastEthernet0/0
(output omitted)
PxR1#
26. Change the switch’s default gateway to R2’s FastEthernet 0/0 (the VLAN 1 interface)
address (10.1.1.1x2):
PxSW#configure terminal
PxSW(config)#ip default-gateway 10.1.1.1x2
PxSW(config)#end
The trunking mode should be “on”, encap of “802.1q”, and status “trunking”.
Verify Connectivity
28. Give RIP a few minutes to converge, and test connectivity. All pings should be
successful:
PxR1#ping 10.1.1.1
R1 R2 Switch TFTP
192.168.xx.1 10.1.1.1x2 10.1.1.1x3 10.1.1.1
VLAN 2 Trunked VLAN 1 VLAN 1
R1
R2
Switch
Note Do not pass this point until you have verified that full connectivity has been
restored.
Note that the running config says that the STP mode is “pvst” (Per-VLAN Spanning
Tree), which means standard STP (IEEE 802.1d) on a per-VLAN basis (every VLAN has
its own tree, each with its own root).
30. Your switch is connected to the core switch by two parallel links, which constitutes a
bridging loop. To prevent adverse looping effects, STP automatically blocks one of the
interfaces for user data. Check the spanning tree status for VLAN 1:
PxSW#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 8193
Address 0012.00c3.5940
Cost 19
Port 11 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
VLAN0002
Spanning tree enabled protocol ieee
Root ID Priority 32770
Address 0012.002d.a640
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Now look at the VLAN 2 section, you should see that FastEthernet 0/1 is listed (it’s the
designated port for the segment between the switch and R1), as well as FastEthernet 0/2.
Why does FastEthernet 0/2 appear for both VLANs? Because it’s a trunk!
33. Leave the pings from R1 running, and shut down the switch’s FastEthernet 0/11
interface:
PxSW#configure terminal
PxSW(config)#interface fastethernet 0/11
PxSW(config-if)#shutdown
34. After the switch’s FastEthernet 0/11 goes down, look at R1’s console display. You
should see an interruption of the stream of pings (it should shift from !’s to dots, and then
back to !’s). Count the number of dots (missed pings):
Number of missed pings:
Since the default ping timeout is 2 seconds, double the number of missed pings to get the
STP convergence time in seconds.
STP convergence time: ____________________________seconds
Based on previous experience with STP on these switches, the expected convergence
time is around 30 seconds.
35. With the pings from R1 still running, bring the switch’s FastEthernet 0/11 interface back
up, leave config mode, and again examine the output on R1:
PxSW(config-if)#no shutdown
PxSW(config-if)#end
36. What happened to R1’s pings after the switch’s FastEthernet 0/0 came back up? Count
the number of dots (missed pings):
Number of missed pings:
Since Cisco’s implementation of ping uses a two-second timeout, double the number of
missed pings to get the STP convergence time in seconds.
STP convergence time: ____________________________seconds
Interestingly, gaining additional connectivity (by bringing a preferred interface on line)
can result in a temporary connectivity loss! For this reason, some people consider STP to
be a “broken” protocol, and avoid it when possible.
37. Stop the pings from R1 using the <CTRL><SHIFT><6> break sequence:
PxR1#<CTRL><SHIFT><6>
Configure RSTP
38. Configure your switch for Rapid Spanning Tree Protocol (IEEE 802.1w):
PxSW#configure terminal
PxSW(config)#spanning-tree mode rapid-pvst
39. First, configure it on the switch’s FastEthernet 0/1, which leads to R1:
PxSW(config)#interface fastethernet 0/1
PxSW(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a
single host. Connecting hubs, concentrators, switches, bridges,
etc... to this interface when portfast is enabled, can cause
temporary bridging loops.
Use with CAUTION
40. Next, configure portfast on the switch’s FastEthernet 0/2, which leads to R2. Since this
interface is trunking, specify the “trunk” option, and then leave config mode:
PxSW(config-if)#interface fastethernet 0/2
PxSW(config-if)#spanning-tree portfast trunk
%Warning: portfast should only be enabled on ports connected to a
single host. Connecting hubs, concentrators, switches, bridges,
etc... to this interface when portfast is enabled, can cause
temporary bridging loops.
Use with CAUTION
PxSW(config-if)#end
Building configuration...
(output omitted)
!
spanning-tree mode rapid-pvst
(output omitted)
44. Leave the pings from R1 running, and shut down the switch’s FastEthernet 0/11
interface:
PxSW#configure terminal
PxSW(config)#interface fastethernet 0/11
PxSW(config-if)#shutdown
45. After the switch’s FastEthernet 0/11 goes down, you might see an interruption on the
stream of pings (shift from !’s to dots, and back to !’s). Count the number of missed
pings.
Number of missed pings:
Since the default ping timeout is 2 seconds, double the number of missed pings to get the
RSTP convergence time in seconds.
RSTP convergence time: ____________________________seconds
How does this compare with the previous result?
46. With the pings from R1 still running, bring the switch’s FastEthernet 0/11 interface back
up:
PxSW(config-if)#no shutdown
Double the number of missed pings to get the RSTP convergence time in seconds.
RSTP convergence time: ____________________________seconds
How does this compare to the time for regular STP?
48. Stop the pings from R1 using the <CTRL><SHIFT><6> break sequence:
PxR1#<CTRL><SHIFT><6>
50. Examine the STP configuration on your switch for VLAN 2 and compare it to the
information you obtained from Step 31. Did the root bridge change?
PxSW#show spanning-tree vlan 2
VLAN0002
Spanning tree enabled protocol rstp
Root ID Priority 24578
Address 0012.002d.a640
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
PxSW#
Note that your switch is the root for VLAN 2 (and it says so), with a priority of well
below the default of 32,768.
STOP! You have completed this lab, you may choose to explore the information that
you entered in more detail before moving on to another lab. Good job!
Review Questions
1. Which command configures trunking on a switch interface?
Sample Configurations
hostname PxSW
!
vtp domain Podx
vtp mode transparent
!
spanning-tree mode rapid-pvst
!
spanning-tree vlan 2 priority 24576
!
vlan 2
name Testx
!
interface FastEthernet0/1
description To PxR1
switchport access vlan 2
switchport mode access
speed 100
duplex full
spanning-tree portfast
!
interface FastEthernet0/2
description To PxR2
switchport access vlan 2
switchport mode trunk
speed 100
duplex full
spanning-tree portfast trunk
!
interface FastEthernet0/11
description To core switch
switchport mode access
!
interface FastEthernet0/12
description To core switch
switchport mode access
!
interface Vlan1
ip address 10.1.1.1x3 255.255.255.0
no ip route-cache
!
ip default-gateway 10.1.1.1x2
!
end
hostname PxR1
!
interface FastEthernet0/0
CCNA Lab Guide L4-21
© Global Knowledge Training LLC
Configuring Expanded Switched Networks
description To PxSW
ip address 192.168.xx.1 255.255.255.0
speed 100
full-duplex
!
interface Serial1/0
description To PxR2
bandwidth 128
ip address 192.168.x.101 255.255.255.224
shutdown
no fair-queue
!
interface Serial1/1
description To core router
bandwidth 128
ip address 192.168.x.201 255.255.255.224
encapsulation frame-relay
shutdown
!
router rip
version 2
network 192.168.x.0
network 192.168.xx.0
no auto-summary
!
end
hostname PxR2
!
interface FastEthernet0/0
description To PxSW
ip address 10.1.1.1x2 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/0.2
encapsulation dot1Q 2
ip address 192.168.xx.2 255.255.255.0
no snmp trap link-status
!
interface Serial1/0
description To PxR1
bandwidth 128
ip address 192.168.x.102 255.255.255.224
shutdown
no fair-queue
clock rate 128000
no dce-terminal-timing-enable
!
interface Serial1/1
L4-22 CCNA Lab Guide
© Global Knowledge Training LLC
Configuring Expanded Switched Networks