CCNP Enterprise Workbook v1.0
Uploaded by
ajaxnethCCNP Enterprise Workbook v1.0
Uploaded by
ajaxnethCCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.
COM/C/NETWORKJOURNEY
CCNP ENTERPRISE 2020
ENCOR 350-401
ENARSI 300-410
WORKBOOK
For enrolling in Online “CCNP Enterprise” batch
• Whatsapp me: https://wa.me/919739521088 (Mr. Sagar, Core Trainer)
Whatsapp me: https://wa.me/919049852904 (Mr. Abdul Azeem, Lab Support)
• Email me: networkjourneydotcom@gmail.com
• Class#1: https://youtu.be/SKHYLoXnggE
• Class# 2: https://youtu.be/TzJHkwt5EqM
April 24, 2020 1
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Table of Contents
Device Initial Configuration -Switches 4
CCNP LAB TOPOLOGY {FULL} 5
LAB #1 CREATE - VLAN, MANAGEMENT INTERFACE, TELNET & SSH 6
Configuration: 7
Verifications: 8
LAB #2 CONFIGURE - TRUNK and VTP version 2 10
Configuration: 10
Verifications: 13
LAB #3 CONFIGURE – VTP version 3 16
Configuration: 17
VERIFICATIONS: 18
LAB #4 CONFIGURE – STP, MANIPULATE PRIMARY ROOT SWITCH, PATH COST 20
CONFIGURATION FOR TASK#1: 21
CONFIGURATION FOR TASK#2: 23
Verifications: 26
LAB #5 CONFIGURE – RSTP, PORTFAST, BPDUGUARD, BPDUFILTER, ROOTGUARD,
LOOPGUARD 27
CONFIGURATION FOR TASK#1: 28
Enable RSTP on all switches: 28
Manipulating Root Bridge Switches: 30
CONFIGURATION FOR TASK#2: To configure & verify Portfast 32
TASK#2: To configure & verify BPDUGuard 35
TASK#3: To configure & verify BPDUFilter 38
TASK#4: To configure & verify RootGuard 41
LAB #6 CONFIGURE – MSTP 43
CONFIGURATION TASK#1,2 & 3: To configure & verify MST Region 1, Region 2 and
Interoperability 44
VERIFICATION TASK#1: To configure & verify MST Region 1 44
CONFIGURATION TASK#4: To manipulate “instance priority” in SCOTSW01, SCOTSW02 49
VERIFICATION TASK#4: To manipulate “instance priority” in SCOTSW01, SCOTSW02 49
April 24, 2020 2
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#5: To manipulate “port cost” between SCOTSW02_Gi0/2-3 <->
SCOTSW04_Gi0/2-3 50
CONFIGURATIONS: 50
VERIFICATION TASK#5 50
CONFIGURATION TASK#6: To manipulate “port priority” between SCOTSW02_Gi0/2-3 <->
SCOTSW04_Gi0/2-3 51
VERIFICATION TASK#6 51
CONFIGURATION TASK#7: To manipulate “hello timer” in MST switch SCOTSW02 51
VERIFICATION TASK#7: 51
CONFIGURATION TASK#8: To manipulate “forward timer” in MST switch SCOTSW02 51
VERIFICATION TASK#8: 52
CONFIGURATION TASK#9: To manipulate “max age timer” in MST switch SCOTSW02 52
VERIFICATION TASK#9: 52
IMPORTANT FACT!!! 52
April 24, 2020 3
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Device Initial Configuration -Switches
To make switches usable for new/next labs.
If incase there are vlans or configs already present in the switches, clear all the configurations to
have brand new switch for your new/next lab.
Switch#erase /all nvram:
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
Switch#
Switch#reload
Proceed with reload? [confirm]
This will clear all the previous configs on the switch.
April 24, 2020 4
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CCNP LAB TOPOLOGY {FULL}
April 24, 2020 5
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #1 CREATE - VLAN, MANAGEMENT INTERFACE, TELNET & SSH
Objectives: Configure SCOTSW01, SCOTSW02, SCOTSW03, SCOTSW04,
SCOTSW05, SCOTSW06, SCOTSW07, SCOTSW08 with the following:
1. Define Hostname accordingly as per the above topology section
2. Create VLANs as below:
!
vlan 99
name MANAGEMENT
!
April 24, 2020 6
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
vlan 100
name SERVERS
!
vlan 110
name GUEST
!
vlan 120
name OFFICE
!
vlan 999
name PARKING_LOT
state suspend
!
vlan 666
name NATIVE_DO_NOT_USE
exit
3. Create Management Interface on Vlan 99
4. Enable Telnet and SSH for Remote connection for user id “admin” with privilege level
“15” with password “cisco”
Configuration:
SCOTSW01
Switch#configure terminal
Switch(config)#hostname SCOTSW01
SCOTSW01(config)#vlan 99
SCOTSW01(config-vlan)#name MANAGEMENT
SCOTSW01(config-vlan)#!
SCOTSW01(config-vlan)#vlan 100
SCOTSW01(config-vlan)#name SERVERS
SCOTSW01(config-vlan)#!
SCOTSW01(config-vlan)#vlan 110
SCOTSW01(config-vlan)#name GUEST
SCOTSW01(config-vlan)#!
SCOTSW01(config-vlan)#vlan 120
SCOTSW01(config-vlan)#name OFFICE
SCOTSW01(config-vlan)#!
SCOTSW01(config-vlan)#vlan 999
SCOTSW01(config-vlan)#name PARKING_LOT
SCOTSW01(config-vlan)#state suspend
SCOTSW01(config-vlan)#!
SCOTSW01(config-vlan)#vlan 666
SCOTSW01(config-vlan)#name NATIVE_DO_NOT_USE
SCOTSW01(config-vlan)#exit
NOTE: The VLANs will not appear in the VLAN database until the exit command is issued
April 24, 2020 7
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
To globally suspend a VLAN, use the state suspend command in the VLAN configuration mode.
This state is propagated by VTP to all other switches in the VTP domain if VTP is in use.
To locally shut down a VLAN, use the shutdown command in the VLAN configuration mode. This
setting is not propagated through VTP
SCOTSW01(config)#interface vlan 99
SCOTSW01(config-if)#ip address 192.168.99.101 255.255.255.0
SCOTSW01(config-if)#no shutdown
SCOTSW01(config-if)#exit
NOTE: Interface Vlan 99 will be initially Down as the Vlan 99 (broadcast) is not mapped with any
interface.
Wait for some time. We will make Trunking between inter-switch’s and allow Vlan 99
Create Telnet for remote connection:
SCOTSW01(config)#line vty 0 15
SCOTSW01(config-line)#login local
SCOTSW01(config-line)#transport input all
SCOTSW01(config)#username admin privilege 15 password cisco
NOTE: We are creating user “admin” with highest privilege of 15 level. Hence, no need to creating
“enable secret “ or “enable password “
Create SSH for remote connections:
SCOTSW01(config)#ip domain-name networkjourney.com
SCOTSW01(config)# crypto key zeroize
SCOTSW01(config)#crypto key generate rsa modulus 1024
Do not forget to configure above configurations on other Switches - SCOTSW02, SCOTSW03,
SCOTSW04, SCOTSW05, SCOTSW06, SCOTSW07, SCOTSW08 accordingly.
The Hostname, Management IP address will differ for each switch. So please refer the topology
for the right hostname and management IP address.
Verifications:
After configuring the VLANs, issue the show vtp status command and you will see that the all-
important configuration revision number has increased based on these changes to the VLAN
database. Note that the revision number you have when performing this lab may be different.
SCOTSW01#sh vtp status | i Revision
Configuration Revision :6
SCOTSW01#show vlan brief
April 24, 2020 8
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/0, Gi0/2, Gi0/3, Gi1/0
Gi1/1, Gi1/2, Gi1/3, Gi2/0
Gi2/1, Gi2/2, Gi2/3, Gi3/0
Gi3/1, Gi3/2, Gi3/3
99 MANAGEMENT active
100 SERVERS active
110 GUEST active
120 OFFICE active
666 NATIVE_DO_NOT_USE active
999 PARKING_LOT suspended
Management IP is configured on Interface Vlan 99
SCOTSW01#sh run interface vlan 99
interface Vlan99
ip address 192.168.99.101 255.255.255.0
end
You can test if telnet and ssh are configured rightly or not by doing self-connection test
To self-test telnet:
SCOTSW01#telnet 192.168.99.101
Trying 192.168.99.101 ... Open
To self-test SSH:
SCOTSW01#ssh -l admin 192.168.99.101
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************
Password:
Do not forget to configure above configurations on other Switches - SCOTSW02, SCOTSW03,
SCOTSW04, SCOTSW05, SCOTSW06, SCOTSW07, SCOTSW08 accordingly.
The Hostname, Management IP address will differ for each switch. So please refer the topology
for the right hostname and management IP address.
Verify the configured commands with the help of above “show ….” Commands accordingly.
April 24, 2020 9
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #2 CONFIGURE - TRUNK and VTP version 2
Objectives: Configure SCOTSW01, SCOTSW02, SCOTSW03, SCOTSW04,
SCOTSW05, SCOTSW06, SCOTSW07, SCOTSW08 as following:
1. The VTP domain should be configured to “CCNP_ENTERPRISE” (without the quotes)
2. Ensure that VTP traffic is MD5 secured using a password of “cisco” (without quotes)
3. Use VTP version 2
“Server” mode on SCOTSW01 and SCOTSW02.
“Transparent” mode on SCOTSW03 and SCOTSW04
“Client” mode on SCOTSW05 and SCOTSW06
“Transparent” mode on SCOTSW07 and SCOTSW08
4. Configure 802.1q trunk links between the switches according to the Layer 2 Diagram show
above
5. Only active VLANs should be allowed on trunk links
6. VLAN 811 MTU(Maximum Transmission Unit) should be set to 1400
7. Ensure that VLAN 666 traffic is not tagged when sent over the trunk links
SCOTSW01#
int range gi0/0-1
no switchport trunk native vlan 666
SCOTSW02#
int range gi0/0-1
no sw trunk native vlan 666
8. After synchronization both switches must not propagate VLAN configuration changes to
each other
Configuration:
SCOTW01
hostname SCOTSW01
vtp domain CCNP_ENTERPRISE
vtp version 2
vtp password cisco
vtp mode server
vlan 811
mtu 1400
interface range gi0/0-3
switchport trunk enc dot1q
sw tr native vlan 666
sw tr all vlan 99,100,110,120,666,999
sw mo trunk
vtp mode transparent (task#8)
SCOTSW02
hostname SCOTSW02
April 24, 2020 10
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
vtp domain CCNP_ENTERPRISE
vtp version 2
vtp password cisco
vtp mode server
interface range gi0/0-3
switchport trunk enc dot1q
sw tr native vlan 666
sw tr all vlan 99,100,110,120,666,999
sw mo trunk
vtp mode transparent (task#8)
SCOTSW03
hostname SCOTSW03
vtp domain CCNP_ENTERPRISE
vtp version 2
vtp password cisco
vtp mode transparent
interface range gi0/0-3, gi1/0
switchport trunk enc dot1q
sw tr native vlan 666
sw tr all vlan 99,100,110,120,666,999
sw mo trunk
SCOTSW04
hostname SCOTSW04
vtp domain CCNP_ENTERPRISE
vtp version 2
vtp password cisco
vtp mode transparent
interface range gi0/0-3, gi1/0
switchport trunk enc dot1q
sw tr native vlan 666
sw tr all vlan 99,100,110,120,666,999
sw mo trunk
SCOTSW05
hostname SCOTSW05
vtp domain CCNP_ENTERPRISE
vtp version 2
vtp password cisco
vtp mode client
April 24, 2020 11
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
interface range gi0/0-3, gi1/0
switchport trunk enc dot1q
sw tr native vlan 666
sw tr all vlan 99,100,110,120,666,999
sw mo trunk
SCOTSW06
hostname SCOTSW06
vtp domain CCNP_ENTERPRISE
vtp version 2
vtp password cisco
vtp mode client
interface range gi0/0-3, gi1/0
switchport trunk enc dot1q
sw tr native vlan 666
sw tr all vlan 99,100,110,120,666,999
sw mo trunk
SCOTSW07
hostname SCOTSW07
vtp domain CCNP_ENTERPRISE
vtp version 2
vtp password cisco
vtp mode transparent
interface range gi0/0-3, gi1/0
switchport trunk enc dot1q
sw tr native vlan 666
sw tr all vlan 99,100,110,120,666,999
sw mo trunk
SCOTSW08
hostname SCOTSW08
vtp domain CCNP_ENTERPRISE
vtp version 2
vtp password cisco
vtp mode transparent
interface range gi0/0-3, gi1/0
switchport trunk enc dot1q
sw tr native vlan 666
sw tr all vlan 99,100,110,120,666,999
sw mo trunk
NOTE: The VTP will only start working once “trunking” is configured and activated.
VTP is functional only on over Trunking interface.
April 24, 2020 12
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Verifications:
**GNS3 and EVE-NG both failed at task 3. This might be due to IOS version used inside Emulators
**I got successful output with Packet-Tracer.
**As a turnover fix on GNS/Eveng, make SCOTSW03 SCOTSW04 as “client mode”
VERIFICATION TASK 1: To verify the VTP DOMAIN name
SCOTSW01#show vtp status
VTP Version capable : 1 to 3
VTP version running :2
VTP Domain Name : CCNP_ENTERPRISE
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0c67.916e.8000
Configuration last modified by 0.0.0.0 at 4-12-20 19:49:46
Local updater ID is 0.0.0.0 (no valid interface found)
Feature VLAN:
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 27
Configuration Revision : 18
MD5 digest : 0x25 0xB6 0x82 0xAA 0x89 0xE6 0xBE 0x33
0xD7 0x6E 0xA6 0x03 0x19 0x4D 0xE5 0xAD
Note: MD5 digest changes everytime because the configuration revision number is used to calculate the
hash and as it is different after creating the vlan then the md5 will be different.
VERIFICATION TASK 2: Verify VTP password
SCOTSW01#show vtp password
VTP Password: cisco
VERIFICATION TASK 3: Verify VTP mode
SCOTSW01#show vtp status | i Operating
VTP Operating Mode : Server
VERIFICATION TASK 4 & 5: VERIFY TRUNK ALLOWED ON INTERFACE
SCOTSW01#show running-config interface gigabitEthernet 0/3
!
interface GigabitEthernet0/3
switchport trunk allowed vlan 99,100,110,120,666,999
switchport trunk encapsulation dot1q
switchport trunk native vlan 666
April 24, 2020 13
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
switchport mode trunk
media-type rj45
negotiation auto
end
Second way to check if the Trunking vlans allowed in switches
SCOTSW01#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Gi0/0 on 802.1q trunking 666
Gi0/1 on 802.1q trunking 666
Gi0/2 on 802.1q trunking 666
Gi0/3 on 802.1q trunking 666
Port Vlans allowed on trunk
Gi0/0 99-100,110,120,666,999
Gi0/1 99-100,110,120,666,999
Gi0/2 99-100,110,120,666,999
Gi0/3 99-100,110,120,666,999
VERIFICATION TASK 6: Verify MTU size for VLAN 811
SCOTSW01#show vlan id 811
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
811 VLAN0811 active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
811 enet 100811 1400 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
VERIFICATION TASK 7: Verify Native VLAN behavior
Tagged traffic on Wireshak for TRUNK interface:
April 24, 2020 14
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Native VLAN = untagged traffic
Untagged traffic capture on Wireshark for NATIVE VLAN:
VERIFICATION TASK 8:
Config:
SCOTSW01(config)#vtp mode transparent
SCOTSW02(config)#vtp mode transparent
Verifications:
SCOTSW01#sh vtp status | i Operating
VTP Operating Mode : Transparent
SCOTSW02#sh vtp status | i Operating
VTP Operating Mode : Transparent
April 24, 2020 15
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #3 CONFIGURE – VTP version 3
VTP version 3 is backwards compatible with VTP version 2; at the boundary of the two protocols, a
VTP version 3 switch will send out both version 3 and version 2-compatible messages. Version 2
messages received by a version 3 switch are discarded.
Objectives: Configure SCOTSW01, SCOTSW03, SCOTSW05, SCOTSW07 as
following:
VTP version 3 cannot be enabled unless a VTP domain name has been set, so for this step, setting
the domain name is not needed as we are using the Lab#2 and upgrading some of the Switches to
VTP 3 as per the diagram shown.
Switch(config)#vtp version 3
Cannot set the version to 3 because domain name is not configured
1. The VTP domain should be configured to “CCNP_ENTERPRISE” (without the quotes) since it
is already done in Lab#2, goto Task#2.
2. Configure VTP version 3 on SCOTSW01, SCOTSW03, SCOTSW05, SCOTSW07.
April 24, 2020 16
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
3. Configure VTP version 3 on below switches
“Primary Server” mode on SCOTSW01
“Transparent” mode on SCOTSW03
"Server" mode on SCOTSW05
"Client" mode on SCOTSW07
4. Configure 802.1q trunk links between the switches according to the Layer 2 Diagram show
above, this is already done from Lab#2, goto next Task#5
5. Create new Vlan 444 and see the VTP 3 and VTP 2 advertisements on the borders.
Configuration:
SCOTW01
vtp version 3
SCOTSW01#vtp primary vlan [to be configured on user privilege mode]
This system is becoming primary server for feature vlan
No conflicting VTP3 devices found.
Do you want to continue? [confirm]
!
Vlan 444
exit
!
SCOTW03
SCOTSW03(config)#vtp version 3
SCOTSW03(config)#vtp mode transparent
SCOTW05
SCOTSW05(config)#vtp version 3
SCOTSW05(config)#vtp mode server
SCOTW07
SCOTSW07(config)#vtp version 3
SCOTSW07(config)#vtp mode client
Answer for #4
SCOTW01
!
Vlan 444
exit
!
April 24, 2020 17
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
VERIFICATIONS:
VERIFICATION TASK 1:
Verify VTPv3 status on SCOTSW01
SCOTSW01#show vtp status
VTP Version capable : 1 to 3
VTP version running :3
VTP Domain Name : CCNP_ENTERPRISE
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0c67.916e.8000
Feature VLAN:
--------------
VTP Operating Mode : Primary Server
Number of existing VLANs :5
Number of existing extended VLANs : 0
Maximum VLANs supported locally : 4096
Configuration Revision :1
Primary ID : 0c67.916e.8000
Primary Description : SCOTSW01
MD5 digest : 0x74 0xEB 0x87 0xFF 0xA2 0x91 0x60 0x2D
0xFD 0x82 0x67 0x93 0xC4 0x6C 0x2B 0xB4
Feature MST:
--------------
VTP Operating Mode : Transparent
Feature UNKNOWN:
--------------
VTP Operating Mode : Transparent
VERIFICATION TASK 2:
Verify VTP packet versions getting by VTPv3 switch to another VTPv3 and also VTPv3 switch to VTPv2
using Wiresharks:
Wireshark capture between SCOTSW01 and SCOTSW03 (VTPv3 <-> VTPv3)
April 24, 2020 18
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
VTPv3 Primary Server Switch will advertise advertisement of version 3 to Switch running on VTPv3
mode.
Wireshark capture between SCOTSW01 and SCOTSW02 (VTPv3 <-> VTPv2)
VTPv3 Primary Server Switch will advertise advertisement of version 2 to Switch running on VTPv2
mode.
VERIFICATION TASK 3:
All other Switches are pointing to SCOTSW01 which is VTPv3 Primary Server.
SCOTSW01#show vtp status | i ID
Device ID : 0c67.916e.8000
Primary ID : 0c67.916e.8000
SCOTSW02#show vtp status | i ID
Device ID : 0c67.9159.8000
SCOTSW02#show vtp status | i ID
Device ID : 0c67.912e.8000
April 24, 2020 19
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #4 CONFIGURE – STP, MANIPULATE PRIMARY ROOT SWITCH, PATH COST
Objectives: Observe on SCOTSW01, SCOTSW02, SCOTSW03, SCOTSW04,
SCOTSW05, SCOTSW06, SCOTSW07, SCOTSW08 as following:
1. Identify and modify the Root bridge
2. Manipulate port and path costs
3. Examine Re-convergence Time
April 24, 2020 20
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION FOR TASK#1:
Use the show spanning-tree root command on all of the switches to find the root switch for all of the VLANs.
Note: Your results may vary from the examples.
SCOTTSW06#show spanning-tree root {currently acting as Root Bridge}
Root Hello Max Fwd
Vlan Root ID Cost Time Age Dly Root Port
---------------- -------------------- --------- ----- --- --- ------------
VLAN0001 32769 0c67.9114.be00 0 2 20 15
SCOTTSW01#show spanning-tree root
Root Hello Max Fwd
Vlan Root ID Cost Time Age Dly Root Port
---------------- -------------------- --------- ----- --- --- ------------
VLAN0001 32769 0c67.9114.be00 8 2 20 15 Gi0/2
SCOTTSW05#show spanning-tree root
Root Hello Max Fwd
Vlan Root ID Cost Time Age Dly Root Port
---------------- -------------------- --------- ----- --- --- ------------
VLAN0001 32769 0c67.9114.be00 4 2 20 15 Gi0/0
The current root bridge was elected based on the lowest Bridge ID (consisting of the Priority,
extended system ID equal to the VLAN ID, and base MAC address values). In the output above, the
root’s MAC is 0c67.9114.be00
BRIDGE ID = PRIORITY (Base Priority + Sys-ext-ID) + MAC ADDRESS
There are two basic ways to manipulate the configuration to control the location of the root bridge.
• The spanning-tree vlan vlan-id priority value command can be used to manually set a
priority value
• The spanning-tree vlan vlan-id root { primary | secondary } command can be
used to automatically set a priority value.
The difference between the two is the priority command will set a specific number (multiple of
4096) as the priority, while the root primary command will set the local bridge's priority to 24,576 (if
the local bridge MAC is lower than the current root bridge's MAC) or 4096 lower than the current
root's priority (if the local bridge MAC is higher than the current root bridge's MAC).
The logic behind this operation is straight-forward. The root primary command tries to lower the
priority only as much as is needed to win the root election, while leaving priorities between 24576
and the default 32768 for use by secondary bridges. The command always takes the entire Bridge ID
into account when computing the resulting priority value.
April 24, 2020 21
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
SCOTTSW01# conf t
Enter configuration commands, one per line. End with CNTL/Z.
SCOTTSW01(config)# spanning-tree vlan 1 root primary
SCOTTSW02(config)# exit
SCOTTSW02# conf t
SCOTTSW02(config)# spanning-tree vlan 1 root secondary
SCOTTSW02(config)# exit
The Priority is lowered to 24,576 on Primary Root (Calculation: 32768-8192 for primary root)
SCOTTSW01# sh spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0c67.916e.7e00
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24577 (priority 24576 sys-id-ext 1)
Address 0c67.916e.7e00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
The Priority is lowered by 28,672 on Secondary Root (Calculation: 32768-4096 for secondary root)
SCOTTSW02# sh spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0c67.916e.7e00
Cost 4
Port 1 (GigabitEthernet0/0)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28673 (priority 28672 sys-id-ext 1)
Address 0c67.9159.b100
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15 sec
The show spanning-tree bridge command also provides detailed information about the current
configuration of the local bridge:
SCOTTSW01# show spanning-tree bridge
Hello Max Fwd
Vlan Bridge ID Time Age Dly Protocol
---------------- --------------------------------- ----- --- --- --------
VLAN0001 24577 (24576, 1) 0c67.916e.7e00 2 20 15 ieee
April 24, 2020 22
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
SCOTTSW02# show spanning-tree bridge
Hello Max Fwd
Vlan Bridge ID Time Age Dly Protocol
---------------- --------------------------------- ----- --- --- --------
VLAN0001 28673 (28672, 1) 0c67.9159.b100 2 20 15 ieee
CONFIGURATION FOR TASK#2:
MANIPULATE PORT and PATH COSTS
As the network is implemented right now, there are two paths between each directly connected
switch. As the Root Port is elected, path and port costs are evaluated to determine the shortest path
to the root bridge.
In the case where there are multiple equal cost paths to the root bridge, additional attributes must
be evaluated. In our case, the lower interface number (for example, Gi0/1) is chosen as the Root
Port, and the higher interface number (for example, Gi0/2) is put into a spanning tree Blocking state.
You can see which ports are blocked with the show spanning-tree vlan-id command or the show
spanning-tree blockedports command. For now, examine VLAN 1 on SCOTTSW02, SCOTTSW03,
SCOTTSW04.
SCOTTSW02#show spanning-tree blockedports
Name Blocked Interfaces List
-------------------- ------------------------------------
VLAN0001 Gi0/1
Number of blocked ports (segments) in the system : 1
SCOTTSW02#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0c67.916e.7e00
Cost 4
Port 1 (GigabitEthernet0/0)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28673 (priority 28672 sys-id-ext 1)
Address 0c67.9159.b100
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0 Root FWD 4 128.1 P2p
Gi0/1 Altn BLK 4 128.2 P2p
Gi0/2 Desg FWD 4 128.3 P2p
Gi0/3 Desg FWD 4 128.4 P2p
Gi1/0 Desg FWD 4 128.5 P2p
Gi1/1 Desg FWD 4 128.6 P2p
Gi1/2 Desg FWD 4 128.7 P2p
April 24, 2020 23
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
TIME TO MANIPULATE USING STP COST:
It is possible to manipulate which port becomes the Root Port on non-root bridges by manipulating
the port cost value, or by changing the port priority value. Remember that this change could have an
impact on downstream switches as well. For this example, we will examine both options.
Note: The changes you are about to implement are considered topology changes and could have a
significant impact on the overall structure of the spanning tree in your switch network. Do not
make these changes in a production network without careful planning and prior coordination.
Goto SCOTTSW03 and Manipulate the Cost for Gi0/3 (currently STP blocked port)
SCOTTSW03#show spanning-tree blockedports
Name Blocked Interfaces List
-------------------- ------------------------------------
VLAN0001 Gi0/3
Number of blocked ports (segments) in the system : 1
SCOTTSW03#sh spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0c67.916e.7e00
Cost 4
Port 3 (GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0c67.912e.9400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 4 128.1 P2p
Gi0/1 Desg FWD 4 128.2 P2p
Gi0/2 Root FWD 4 128.3 P2p
Gi0/3 Altn BLK 4 128.4 P2p
Gi1/0 Desg FWD 4 128.5 P2p
Gi1/1 Desg FWD 4 128.6 P2p
Gi1/2 Desg FWD 4 128.7 P2p
SCOTTSW03# conf t
Enter configuration commands, one per line. End with CNTL/Z.
SCOTTSW03(config)#int ran gi0/2-3
SCOTTSW03(config-if-range)#shut
SCOTTSW03(config-if-range)#exit
SCOTTSW03(config)#interface gi0/3
SCOTTSW03(config-if)#spanning-tree cost 2
April 24, 2020 24
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
SCOTTSW03(config-if)#exit
SCOTTSW03(config)#int ran gi0/2-3
SCOTTSW03(config-if-range)#no shut
SCOTTSW03(config-if-range)#end
SCOTTSW03#sh spanning-tree blockedports
Name Blocked Interfaces List
-------------------- ------------------------------------
VLAN0001 Gi0/2
Number of blocked ports (segments) in the system : 1
SCOTTSW03#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0c67.916e.7e00
Cost 2
Port 4 (GigabitEthernet0/3)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0c67.912e.9400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 4 128.1 P2p
Gi0/1 Desg FWD 4 128.2 P2p
Gi0/2 Altn BLK 4 128.3 P2p
Gi0/3 Root FWD 2 128.4 P2p
Gi1/0 Desg FWD 4 128.5 P2p
Gi1/1 Desg FWD 4 128.6 P2p
Gi1/2 Desg FWD 4 128.7 P2p
Alternatively, you can modify this behaviour with manipulating Port-Priority as well:
SCOTTSW03 (config)#int gi0/0
SCOTTSW03 (config-if)#spanning-tree port-priority ?
<0-224> port priority in increments of 32
April 24, 2020 25
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Verifications:
Examine Re-convergence Time:
Enable Debug STP command to see the convergence timers
SCOTTSW03#debug spanning-tree events
SCOTTSW03#
*Apr 20 13:13:57.732: STP: VLAN0001 Gi0/2 -> listening
*Apr 20 13:13:58.090: STP: VLAN0001 heard root 24577-0c67.916e.7e00 on Gi0/2
*Apr 20 13:13:58.091: supersedes 32769-0c67.9114.be00
*Apr 20 13:14:12.731: STP: VLAN0001 Gi0/2 -> learning
*Apr 20 13:14:27.738: STP[1]: Generating TC trap for port GigabitEthernet0/2
*Apr 20 13:14:27.740: STP: VLAN0001 sent Topology Change Notice on Gi0/2
*Apr 20 13:14:27.740: STP: VLAN0001 Gi0/2 -> forwarding
*Apr 20 13:14:29.156: STP: VLAN0001 Topology Change rcvd on Gi0/0
*Apr 20 13:14:29.158: STP: VLAN0001 sent Topology Change Notice on Gi0/2
April 24, 2020 26
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #5 CONFIGURE – RSTP, PORTFAST, BPDUGUARD, BPDUFILTER, ROOTGUARD, LOOPGUARD
Objectives: Observe on SCOTSW01, SCOTSW02, SCOTSW03, SCOTSW04,
SCOTSW05, SCOTSW06, SCOTSW07, SCOTSW08 as following:
1. Configure Rapid-STP and verify its behaviour
2. Configure and Verify Portfast
3. Configure and Verify BPDUGuard
4. Configure and Verify BPDUFilter
5. Configure and Verify RootGuard
6. Configure and Verify LoopGuard
April 24, 2020 27
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION FOR TASK#1:
RSTP is backward compatible with legacy STP 802.1D
Enable RSTP on all switches:
SCOTSW01(config)#spanning-tree mode rapid-pvst
SCOTSW01(config)#end
SCOTSW02(config)#spanning-tree mode rapid-pvst
SCOTSW02(config)#end
SCOTSW03(config)#spanning-tree mode rapid-pvst
SCOTSW03(config)#end
SCOTSW04(config)#spanning-tree mode rapid-pvst
SCOTSW04(config)#end
SCOTSW05(config)#spanning-tree mode rapid-pvst
SCOTSW05(config)#end
SCOTSW06(config)#spanning-tree mode rapid-pvst
SCOTSW06(config)#end
SCOTSW07(config)#spanning-tree mode rapid-pvst
SCOTSW07(config)#end
SCOTSW08(config)#spanning-tree mode rapid-pvst
SCOTSW08(config)#end
Upon activating RSTP on every switch, you can see “proposal” and “agreements”
To enable debug for rstp
SCOTSW01#debug spanning-tree events
Debug Packets for RSTP on Root Bridge Switch
*Apr 21 20:46:00.427: RSTP(1): Gi2/2 fdwhile Expired
*Apr 21 20:46:00.445: STP[1]: Generating TC trap for port GigabitEthernet1/1
*Apr 21 20:46:00.446: STP[1]: Generating TC trap for port GigabitEthernet1/2
*Apr 21 20:46:00.447: STP[1]: Generating TC trap for port GigabitEthernet1/3
*Apr 21 20:46:00.505: RSTP(1): transmitting a proposal on Gi2/3
*Apr 21 20:46:00.506: RSTP(1): Gi2/3 fdwhile Expired
*Apr 21 20:46:00.509: RSTP(1): transmitting a proposal on Gi3/0
*Apr 21 20:46:00.512: RSTP(1): transmitting a proposal on Gi3/1
*Apr 21 20:46:00.515: RSTP(1): transmitting a proposal on Gi3/2
*Apr 21 20:46:00.519: RSTP(1): transmitting a proposal on Gi3/3
Debug Packets for RSTP on Non Root-bridge switch
*Apr 21 20:49:38.033: RSTP(1): Gi0/2 rcvd info expired
*Apr 21 20:49:38.033: RSTP(1): Gi0/2 is now designated
April 24, 2020 28
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
*Apr 21 20:49:38.054: RSTP(1): updt roles, received superior bpdu on Gi0/2
*Apr 21 20:49:38.055: RSTP(1): Gi0/2 is now alternate
SCOTSW05#sh spanning-tree
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 0c67.9114.be00
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0c67.9114.be00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 4 128.1 P2p Peer(STP)
Gi0/1 Desg FWD 4 128.2 P2p
Gi0/2 Desg FWD 4 128.3 P2p
Gi0/3 Desg FWD 4 128.4 P2p
Gi1/0 Desg FWD 4 128.5 P2p
Gi1/1 Desg FWD 4 128.6 P2p
Gi1/2 Desg FWD 4 128.7 P2p
Gi1/3 Desg FWD 4 128.8 P2p
P2p Peer(STP) is for interoperability.
It is seen between RSTP and legacy STP running on interface.
RSTP will fallback to legacy STP behaviour of 50 sec of transition period on such interoperability
interfaces.
In addition to above output, we can see additional two features “ALT BLK” port and “BACKUP BLK”
port in RSTP.
SCOTSW01#sh spanning-tree
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 4097
Address 0c67.91c0.f900
Cost 12
Port 3 (GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0c67.916e.7e00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
April 24, 2020 29
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
<!output omitted>
Gi0/3 Altn BLK 4 128.4 P2p Altn BLK = Uplinkfast (Alternate port)
SCOTSW08#show spanning-tree
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 0c67.9114.be00
Cost 4
Port 3 (GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0c67.911c.e000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
<!output omitted>
Gi0/3 Back BLK 4 128.4 P2p Back BLK = Backbonefast (Backup port)
Manipulating Root Bridge Switches:
Make SCOTSW01 to be Root Bridge:
This can be done as similar as done on legacy STP.
Manipulate the priority or set keyword “primary” on SCOTSW01 as shown below:
SCOTSW01(config)#spanning-tree vlan 1 priority 4096
Or
SCOTSW01(config)#spanning-tree vlan 1 root primary
Make SCOTSW03_Gi0/3 to be DSG FWD:
By default, due to STP calculations:
SCOTSW03_Gi0/2 = DSG FWD
SCOTSW03_Gi0/3 = ALT BLK
However, I want to make SCOTSW03_Gi0/3 as DSG FWD
Method 1: Manipulate using STP Path Cost:
SCOTTSW03(config)#int ran gi0/2-3
SCOTTSW03(config-if-range)#shut
SCOTTSW03(config-if-range)#exit
SCOTTSW03(config)#interface gi0/3
April 24, 2020 30
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
SCOTTSW03(config-if)#spanning-tree cost 2
SCOTTSW03(config-if)#exit
SCOTTSW03(config)#int ran gi0/2-3
SCOTTSW03(config-if-range)#no shut
SCOTTSW03(config-if-range)#end
Method 2: Alternatively, you can modify this behaviour with manipulating Port-Priority as well:
Switch(config)#int gi0/0
Switch(config-if)#spanning-tree port-priority ?
<0-224> port priority in increments of 32
April 24, 2020 31
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION FOR TASK#2: To configure & verify Portfast
Initial Config PC1, PC2 and SCOTSW07:
PC1:
#
#
# This is a sample network config uncomment lines to configure the network
#
# Static config for eth0
auto eth0
iface eth0 inet static
address 192.168.99.1
netmask 255.255.255.0
gateway 192.168.99.100
up echo nameserver 192.168.0.1 > /etc/resolv.conf
# DHCP config for eth0
# auto eth0
# iface eth0 inet dhcp
PC2:
#
# This is a sample network config uncomment lines to configure the network
#
# Static config for eth0
auto eth0
iface eth0 inet static
address 192.168.99.2
netmask 255.255.255.0
gateway 192.168.99.100
up echo nameserver 192.168.0.1 > /etc/resolv.conf
April 24, 2020 32
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
# DHCP config for eth0
# auto eth0
# iface eth0 inet dhcp
SCOTSW07:
interface vlan 99
ip address 192.168.99.107 255.255.255.0
no shut
exit
int gi0/0
switchport mode access
switchport access vlan 99
no shut
int gi0/3
switchport mode access
switchport access vlan 99
no shut
Now ping from PC1 to PC2 over RSTP, it would take 1 second to switchport transit from “Learning”
to “Forwarding”
SCOTSW07#sh span int gi0/3
Vlan Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
VLAN0099 Desg LRN 4 128.4 P2p
Switch#sh span int gi0/3
Vlan Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
VLAN0099 Desg LRN 4 128.4 P2p
Switch#sh span int gi0/3
Vlan Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
VLAN0099 Desg LRN 4 128.4 P2p
Switch#sh span int gi0/3
Vlan Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
VLAN0099 Desg FWD 4 128.4 P2p
Let us see by enabling the “Portfast” features on Egde port, SCOTSW07_Gi0/0 and Gi0/3
SCOTSW07(config)#int gi0/0
SCOTSW07(config-if)#spanning-tree portfast
SCOTSW07(config)#int gi0/3
SCOTSW07(config-if)#spanning-tree portfast
April 24, 2020 33
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast has been configured on GigabitEthernet0/0 but will only
have effect when the interface is in a non-trunking mode.
To test the “portfast” behaviour, shut/no shutdown SCOTSW07_Gi0/0 and observe the time it takes
to allow PING reachability between PC1 and PC2
SCOTSW07(config-if)#int gi0/0
SCOTSW07(config-if)#shut
SCOTSW07(config-if)#no shut
SCOTSW07# show spanning interface gi0/0
Vlan Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
VLAN0099 Desg FWD 4 128.1 P2p Edge
*Apr 21 21:30:29.503: RSTP(99): initializing port Gi0/0
*Apr 21 21:30:29.504: RSTP(99): Gi0/0 is now designated
*Apr 21 21:30:29.686: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to down
*Apr 21 21:30:32.568: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to up
It was instantaneous without any delay.
Portfast is enabled between Switch and Non-BPDU end host only.
Do not enable between two BPDU switches will result in looping and layer 2 security attacks.
April 24, 2020 34
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
TASK#2: To configure & verify BPDUGuard
BPDU Guard feature can be enabled globally at Global configuration mode or per interface
at Interface configuration mode.
When a BPDU Guard enabled port receive BPDU from the connected device, BPDU Guard
disables the port and the port state is changed to Errdisable state.
Global and Interface config has the same impact on receiving any BPDU, they would put the
switchport in “err-disabled” state.
**Initial Config PC1, PC2 and SCOTSW07 as above done for “portfast” lab
Considering the fact, you have already configured “portfast” on SCOTSW07_Gi0/0 in the previous
Task.
Now let us enable “BPDUGuard” on SCOTSW07_Gi0/0
SCOTSW07(config)#interface gigabitEthernet 0/0
SCOTSW07(config-if)#spanning-tree bpduguard enable
Remove the cable between SCOTSW07 and PC1, plug the same cable between SCOTSW07 <-> BAD-
SWITCH
April 24, 2020 35
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
SCOTSW07(config-if)#
*Apr 21 21:42:19.264: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port Gi0/0 with BPDU
Guard enabled. Disabling port.
*Apr 21 21:42:19.264: %PM-4-ERR_DISABLE: bpduguard error detected on Gi0/0, putting Gi0/0 in
err-disable state
*Apr 21 21:42:20.264: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0,
changed state to down
*Apr 21 21:42:21.265: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to down
Interface is down due to bpduguard impact:
SCOTSW07#sh ip int br | i 0/0
GigabitEthernet0/0 unassigned YES unset down down
SCOTSW07#show inter gi0/0
GigabitEthernet0/0 is down, line protocol is down (err-disabled)
<output omitted>
The reason for detection and going into errdisable state is because by default “bpduguard”
detection is enabled on all switches as shown below:
SCOTSW07#show errdisable detect | i bpdu
bpduguard Enabled port
April 24, 2020 36
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
As of now the automatic recovery is set to “disabled”
SCOTSW07#show errdisable recovery | i bpdu
bpduguard Disabled
We can set the automatic recovery for “bpduguard” for every “30” seconds
SCOTSW07(config)#errdisable recovery interval 30
SCOTSW07(config)#errdisable recovery cause bpduguard
SCOTSW07#sh errdisable recovery
ErrDisable Reason Timer Status
----------------- --------------
arp-inspection Disabled
bpduguard Enabled
The interface is back to “connected” mode:
SCOTSW07#
SCOTSW07#sh int gi0/0
GigabitEthernet0/0 is up, line protocol is up (connected)
April 24, 2020 37
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
TASK#3: To configure & verify BPDUFilter
• BPDU Filtering at the global level will work with Portfast interfaces, and simply kick them
out of portfast if a BPDU is received.
• BPDU Filtering configured on the interface level will COMPLETELY stop send/receive
BPDU, and if you plug in two switches then you may have a loop because they don't 'see'
each other as a problem.
BPDUFILTER AT INTERFACE LEVEL:
SCOTSW07(config-if)#int e0/0
SCOTSW07(config-if)# spanning-tree portfast edge
SCOTSW07(config-if)# spanning-tree bpdufilter enable
Let’s verify the output of BPDUFilter at Interface level
BPDUs are stopped now as we configured the BPDUFilter interface level
SW01#sh spanning-tree interface gi0/0 detail
Port 1 (Ethernet0/0) of VLAN0001 is designated forwarding
Port path cost 100, Port priority 128, Port Identifier 128.1.
Designated root has priority 32769, address aabb.cc00.0300
Designated bridge has priority 32769, address aabb.cc00.0300
Designated port id is 128.1, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type is shared by default
Bpdu filter is enabled
BPDU: sent 3576, received 3 (do not increment)
April 24, 2020 38
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Now let us assume someone disconnected the PC1 and connected that cable to another BPDU
switch “BAD-SWITCH” as show in diagram below:
Also, both Switch SCOTSW07 <-> BAD-SWITCH becomes Root Bridge for Vlan 1 because BPDU are
not sent/received
SCOTSW07(config)#show spanning vlan 1
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address aabb.cc00.0300
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
BAD-SWITCH# show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address aabb.cc00.0400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
April 24, 2020 39
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
BPDUFILTER AT GLOBAL LEVEL:
SW01(config-if)# spanning-tree portfast bpdufilter default (upon receiving any BPDUs, it kicks the
switchport out of portfast mode)
SCOTSW07 (config)#spanning-tree portfast bpdufilter default
SCOTSW07# show spanning-tree int gi0/0 detail
<<output truncated >>
The port is in the portfast mode
Link type is shared by default
Bpdu filter is enabled by default
BPDU: sent 9, received 0
Let’s connect the cable to BAD-SWITCH_Eth0/0 and watch the changes:
The BPDU FILTER mode is removed in Global mode once BPDU is rcvd
SCOTSW07 #show spanning-tree int gi0/0 det
<<output truncated >>
The port is in the portfast mode
Link type is shared by default
BPDU: sent 12, received 18
April 24, 2020 40
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
TASK#4: To configure & verify RootGuard
If a root-guard-enabled port receives BPDUs that are superior to those that the current root
bridge is sending, then that port is moved to a root-inconsistent state, which is effectively equal to
an STP listening state, and no data traffic is forwarded across that port.
I want SCOTSW01 to be my Root Switch always.
BEFORE ROOTGUARD:
SCOTSW01(config)#do sh span
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 0c67.912e.9400
Cost 4
Port 3 (GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
AFTER ROOTGUARD:
Let us make SCOTSW01 as ROOT SWITCH.
If SCOTSW01 received any superior BPDU it will put that switchport into “root-inconsistent state”.
SCOTSW01 (config)#int range gi0/0-3
SCOTSW01 (config-if-range)#spanning-tree guard root
April 24, 2020 41
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
*Apr 22 15:46:36.056: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port
GigabitEthernet0/0.
*Apr 22 15:46:36.086: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port
GigabitEthernet0/1.
*Apr 22 15:46:36.113: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port
GigabitEthernet0/2.
*Apr 22 15:46:36.158: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port
GigabitEthernet0/3.
*Apr 22 15:46:36.408: %SPANTREE-2-ROOTGUARD_BLOCK: Root guard blocking port
GigabitEthernet0/2 on VLAN0001.
Detected Superior BPDU receiving from the neighbouring switch.
SCOTSW01#show spanning-tree inconsistentports
Name Interface Inconsistency
-------------------- ------------------------ ------------------
VLAN0001 GigabitEthernet0/2 Root Inconsistent
VLAN0001 GigabitEthernet0/3 Root Inconsistent
Number of inconsistent ports (segments) in the system : 2
SCOTSW01#show spanning-tree
<!output omitted>
Gi0/2 Desg BKN*4 128.3 P2p Peer(STP) *ROOT_Inc
Gi0/3 Desg BKN*4 128.4 P2p Peer(STP) *ROOT_Inc
Remove that Switch which is sending Superior BPDU to SCOTSW01, you can remove the switch or
shutdown that interface.
Bounce the switchport (Shut/No Shutdown) on SCOTSW01 to rectify the “Inconsistency” mode:
SCOTSW01 (config)#int range gi0/0-3
SCOTSW01 (config-if-range)# shutdown
SCOTSW01 (config-if-range)# no shutdown
*April 7 16:49:36.362: %SPANTREE-2-ROOTGUARD_UNBLOCK: Root guard unblocking port Gi0/2 on
VLAN0001.
SCOTSW01# show spanning inconsistentports
Name Interface Inconsistency
-------------------- ------------------------ -----------------
Number of inconsistent ports (segments) in the system : 0
April 24, 2020 42
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #6 CONFIGURE – MSTP
Objectives: Observe on SCOTSW01, SCOTSW02, SCOTSW03, SCOTSW04 as
following:
1. Configure MSTP Region 1 on SCOTSW01, SCOTSW02 and verify its behaviour
2. Configure MSTP Region 1 on SCOTSW01, SCOTSW02 and MSTP Region 2 on SCOTSW04 and
verify its behaviour
3. Configure MSTP Region 1 on SCOTSW01, SCOTSW02 and RSTP on SCOTSW03 and verify its
behaviour
4. To manipulate “instance priority” between SCOTSW01 <-> SCOTSW02
5. To manipulate “port cost” between SCOTSW02_Gi0/2-3 <-> SCOTSW04_Gi0/2-3
6. To manipulate “port priority” between SCOTSW02_Gi0/2-3 <-> SCOTSW04_Gi0/2-3
7. To manipulate “hello timer” in MST switch SCOTSW02
8. To manipulate “forward timer” in MST switch SCOTSW02
9. To manipulate “max age timer” in MST switch SCOTSW02
April 24, 2020 43
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#1,2 & 3: To configure & verify MST Region 1, Region 2 and
Interoperability
SCOTSW01 (config)#
spanning-tree mode mst
spanning-tree mst configuration
name region1
revision 1
instance 1 vlan 99,100
instance 2 vlan 110,120
spanning-tree mst 1 priority 0
spanning-tree mst 2 priority 4096
SCOTSW02 (config)#
spanning-tree mode mst
spanning-tree mst configuration
name region1
revision 1
instance 1 vlan 99,100
instance 2 vlan 110,120
spanning-tree mst 1 priority 4096
spanning-tree mst 2 priority 0
SCOTSW03 (config)#
spanning-tree mode rapid-pvst
SCOTSW04 (config)#
spanning-tree mode mst
spanning-tree mst configuration
name region2
revision 1
instance 1 vlan 99,100
instance 2 vlan 110,120
spanning-tree mst 1 priority 8192
spanning-tree mst 2 priority 8192
VERIFICATION TASK#1: To configure & verify MST Region 1
SCOTSW01 switching running MST ROOT for VLAN 99,100
SCOTSW01#sh spanning-tree mst 0
##### MST0 vlans mapped: 1-98,101-109,111-119,121-4094
Bridge address 0c67.916e.7e00 priority 32768 (32768 sysid 0)
Root address 0c67.9159.b100 priority 32768 (32768 sysid 0)
port Gi0/0 path cost 0
Regional Root address 0c67.9159.b100 priority 32768 (32768 sysid 0)
internal cost 20000 rem hops 19
Operational hello time 2 , forward delay 15, max age 20, txholdcount 6
Configured hello time 2 , forward delay 15, max age 20, max hops 20
Interface Role Sts Cost Prio.Nbr Type
April 24, 2020 44
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Root FWD 20000 128.1 P2p
Gi0/1 Altn BLK 20000 128.2 P2p
Gi0/2 Desg FWD 20000 128.3 P2p Bound(PVST)
Gi0/3 Desg FWD 20000 128.4 P2p Bound(PVST)
SCOTSW01#sh spanning-tree mst 1
##### MST1 vlans mapped: 99-100
Bridge address 0c67.916e.7e00 priority 1 (0 sysid 1)
Root this switch for MST1
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 20000 128.1 P2p
Gi0/1 Desg FWD 20000 128.2 P2p
Gi0/2 Desg FWD 20000 128.3 P2p Bound(PVST)
Gi0/3 Desg FWD 20000 128.4 P2p Bound(PVST)
SCOTSW01#sh spanning-tree mst 2
##### MST2 vlans mapped: 110,120
Bridge address 0c67.916e.7e00 priority 4098 (4096 sysid 2)
Root address 0c67.9159.b100 priority 2 (0 sysid 2)
port Gi0/0 cost 20000 rem hops 19
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Root FWD 20000 128.1 P2p
Gi0/1 Altn BLK 20000 128.2 P2p
Gi0/2 Desg FWD 20000 128.3 P2p Bound(PVST)
Gi0/3 Desg FWD 20000 128.4 P2p Bound(PVST)
SCOTSW02 running MST ROOT for VLAN 110, 120
SCOTSW02 elected AS IST MASTER = CIST due to superior BPDU [Bridge ID = PRI+MAC ADD]
SCOTSW02#show spanning-tree mst 0
##### MST0 vlans mapped: 1-98,101-109,111-119,121-4094
Bridge address 0c67.9159.b100 priority 32768 (32768 sysid 0)
Root this switch for the CIST
Operational hello time 2 , forward delay 15, max age 20, txholdcount 6
Configured hello time 2 , forward delay 15, max age 20, max hops 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 20000 128.1 P2p
Gi0/1 Desg FWD 20000 128.2 P2p
Gi0/2 Desg FWD 20000 128.3 P2p
Gi0/3 Desg FWD 20000 128.4 P2p
April 24, 2020 45
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
SCOTSW02#show spanning-tree mst 1
##### MST1 vlans mapped: 99-100
Bridge address 0c67.9159.b100 priority 4097 (4096 sysid 1)
Root address 0c67.916e.7e00 priority 1 (0 sysid 1)
port Gi0/0 cost 20000 rem hops 19
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Root FWD 20000 128.1 P2p
Gi0/1 Altn BLK 20000 128.2 P2p
Gi0/2 Desg FWD 20000 128.3 P2p
Gi0/3 Desg FWD 20000 128.4 P2p
SCOTSW02#show spanning-tree mst 2
##### MST2 vlans mapped: 110,120
Bridge address 0c67.9159.b100 priority 2 (0 sysid 2)
Root this switch for MST2
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 20000 128.1 P2p
Gi0/1 Desg FWD 20000 128.2 P2p
Gi0/2 Desg FWD 20000 128.3 P2p
Gi0/3 Desg FWD 20000 128.4 P2p
SCOTSW03 running on RSTP (non-mst switch)
We can see RSTP running per VLAN basis (multiple instance of RSTP running)
VLAN0099
Spanning tree enabled protocol rstp
Root ID Priority 32768
Address 0c67.9159.b100
Cost 4
Port 3 (GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32867 (priority 32768 sys-id-ext 99)
Address 0c67.912e.9400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 4 128.1 P2p Peer(STP)
Gi0/1 Desg FWD 4 128.2 P2p Peer(STP)
Gi0/2 Root FWD 4 128.3 P2p Peer(STP)
Gi0/3 Altn BLK 4 128.4 P2p Peer(STP)
VLAN0100
Spanning tree enabled protocol rstp
April 24, 2020 46
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Root ID Priority 32768
Address 0c67.9159.b100
Cost 4
Port 3 (GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32868 (priority 32768 sys-id-ext 100)
Address 0c67.912e.9400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 4 128.1 P2p Peer(STP)
Gi0/1 Desg FWD 4 128.2 P2p Peer(STP)
Gi0/2 Root FWD 4 128.3 P2p Peer(STP)
Gi0/3 Altn BLK 4 128.4 P2p Peer(STP)
VLAN0110
Spanning tree enabled protocol rstp
Root ID Priority 32768
Address 0c67.9159.b100
Cost 4
Port 3 (GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32878 (priority 32768 sys-id-ext 110)
Address 0c67.912e.9400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 4 128.1 P2p Peer(STP)
Gi0/1 Desg FWD 4 128.2 P2p Peer(STP)
Gi0/2 Root FWD 4 128.3 P2p Peer(STP)
Gi0/3 Altn BLK 4 128.4 P2p Peer(STP)
VLAN0120
Spanning tree enabled protocol rstp
Root ID Priority 32768
Address 0c67.9159.b100
Cost 4
Port 3 (GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32888 (priority 32768 sys-id-ext 120)
Address 0c67.912e.9400
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
April 24, 2020 47
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 4 128.1 P2p Peer(STP)
Gi0/1 Desg FWD 4 128.2 P2p Peer(STP)
Gi0/2 Root FWD 4 128.3 P2p Peer(STP)
Gi0/3 Altn BLK 4 128.4 P2p Peer(STP)
SCOTSW04 running MST on REGION2
Since there are no other Switch in MST Region 2, SCOTSW04 will declare itself as Root bridge for
both Instance 1 and 2
SCOTSW04#sh spanning-tree mst 0
##### MST0 vlans mapped: 1-98,101-109,111-119,121-4094
Bridge address 0c67.91d3.c500 priority 32768 (32768 sysid 0)
Root address 0c67.9159.b100 priority 32768 (32768 sysid 0)
port Gi0/2 path cost 20000
Regional Root this switch
Operational hello time 2 , forward delay 15, max age 20, txholdcount 6
Configured hello time 2 , forward delay 15, max age 20, max hops 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg BKN*20000 128.1 P2p Bound(PVST) *PVST_Inc
Gi0/1 Desg BKN*20000 128.2 P2p Bound(PVST) *PVST_Inc
Gi0/2 Root FWD 20000 128.3 P2p Bound(RSTP)
Gi0/3 Altn BLK 20000 128.4 P2p Bound(RSTP)
Gi1/0 Desg FWD 20000 128.5 P2p
SCOTSW04#sh spanning-tree mst 1
##### MST1 vlans mapped: 99-100
Bridge address 0c67.91d3.c500 priority 8193 (8192 sysid 1)
Root this switch for MST1
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg BKN*20000 128.1 P2p Bound(PVST) *PVST_Inc
Gi0/1 Desg BKN*20000 128.2 P2p Bound(PVST) *PVST_Inc
Gi0/2 Mstr FWD 20000 128.3 P2p Bound(RSTP)
Gi0/3 Altn BLK 20000 128.4 P2p Bound(RSTP)
SCOTSW04#sh spanning-tree mst 2
##### MST2 vlans mapped: 110,120
Bridge address 0c67.91d3.c500 priority 8194 (8192 sysid 2)
Root this switch for MST2
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg BKN*20000 128.1 P2p Bound(PVST) *PVST_Inc
Gi0/1 Desg BKN*20000 128.2 P2p Bound(PVST) *PVST_Inc
April 24, 2020 48
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Gi0/2 Mstr FWD 20000 128.3 P2p Bound(RSTP)
Gi0/3 Altn BLK 20000 128.4 P2p Bound(RSTP)
CONFIGURATION TASK#4: To manipulate “instance priority” in SCOTSW01, SCOTSW02
Configuring the MST1 as Root in SCOTSW01 and MST2 as Root in SCOTSW02:
SCOTSW01(config)#
spanning-tree mst 1 priority 0
spanning-tree mst 2 priority 4096
**********or***************
SCOTSW01(config)#
spanning-tree mst 1 root primary
spanning-tree mst 2 root secondary
SCOTSW02(config)
spanning-tree mst 1 priority 4096
spanning-tree mst 2 priority 0
**********or***************
SCOTSW02(config)
spanning-tree mst 1 root secondary
spanning-tree mst 2 root primary
VERIFICATION TASK#4: To manipulate “instance priority” in SCOTSW01, SCOTSW02
SCOTSW01#sh spanning-tree mst 1
##### MST1 vlans mapped: 99-100
Bridge address 0c67.916e.7e00 priority 1 (0 sysid 1)
Root this switch for MST1
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 20000 128.1 P2p
Gi0/1 Desg FWD 20000 128.2 P2p
Gi0/2 Desg FWD 20000 128.3 P2p Bound(PVST)
Gi0/3 Desg FWD 20000 128.4 P2p Bound(PVST)
SCOTSW02#sh spanning-tree mst 2
##### MST2 vlans mapped: 110,120
Bridge address 0c67.9159.b100 priority 2 (0 sysid 2)
Root this switch for MST2
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi0/0 Desg FWD 20000 128.1 P2p
Gi0/1 Desg FWD 20000 128.2 P2p
Gi0/2 Desg FWD 20000 128.3 P2p
Gi0/3 Desg FWD 20000 128.4 P2p
April 24, 2020 49
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#5: To manipulate “port cost” between SCOTSW02_Gi0/2-3 <->
SCOTSW04_Gi0/2-3
Before Change:
SCOTSW02#show spanning-tree mst interface gi0/2
<!output omitted>
1 Desg FWD 20000 128.3 99-100
2 Desg FWD 20000 128.3 110,120
SCOTSW02#show spanning-tree mst interface gi0/3
<!output omitted>
1 Desg FWD 20000 128.4 99-100
2 Desg FWD 20000 128.4 110,120
SCOTSW04#show spanning mst interface gi0/2
<!output omitted>
1 Mstr FWD 20000 128.3 99-100
2 Mstr FWD 20000 128.3 110,120
SCOTSW04#show spanning mst interface gi0/3
<!output omitted>
1 Altn BLK 20000 128.4 99-100
2 Altn BLK 20000 128.4 110,120
Now change this behaviour by manipulating Port-cost of SCOTSW04_Gi0/3
CONFIGURATIONS:
SCOTSW04(config)# interface gi0/3
SCOTSW04(config-if)#spanning-tree mst 0 cost 2000
SCOTSW04(config-if)#shutdown
SCOTSW04(config-if)#no shutdown
VERIFICATION TASK#5
SCOTSW04#show spanning int gi0/3
Mst Instance Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
MST0 Root FWD 2000 128.4 P2p Bound(RSTP)
MST1 Mstr FWD 20000 128.4 P2p Bound(RSTP)
MST2 Mstr FWD 20000 128.4 P2p Bound(RSTP)
SCOTSW04#show spanning int gi0/2
Mst Instance Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
MST0 Altn BLK 20000 128.3 P2p Bound(RSTP)
MST1 Altn BLK 20000 128.3 P2p Bound(RSTP)
MST2 Altn BLK 20000 128.3 P2p Bound(RSTP)
April 24, 2020 50
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#6: To manipulate “port priority” between SCOTSW02_Gi0/2-3 <->
SCOTSW04_Gi0/2-3
Configuring Port Priority:
SCOTSW04(config)# interface gi0/3
SCOTSW04(config-if)# spanning-tree mst 1 port-priority 32
SCOTSW04(config-if)#shutdown
SCOTSW04(config-if)#no shutdown
VERIFICATION TASK#6
SCOTSW04#show spanning int gi0/3
Mst Instance Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
MST0 Root FWD 20000 64.4 P2p Bound(RSTP)
MST1 Mstr FWD 20000 64.4 P2p Bound(RSTP)
MST2 Mstr FWD 20000 64.4 P2p Bound(RSTP)
SCOTSW04#show spanning int gi0/2
Mst Instance Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
MST0 Altn BLK 20000 128.3 P2p Bound(RSTP)
MST1 Altn BLK 20000 128.3 P2p Bound(RSTP)
MST2 Altn BLK 20000 128.3 P2p Bound(RSTP)
CONFIGURATION TASK#7: To manipulate “hello timer” in MST switch SCOTSW02
Manipulate the Hello Time
SCOTSW02(config)#spanning-tree mst hello-time 5 ###default = 2 seconds
VERIFICATION TASK#7:
SCOTSW02# show spanning-tree mst
##### MST0 vlans mapped: 1-98,101-109,111-119,121-4094
Bridge address 0c67.9159.b100 priority 32768 (32768 sysid 0)
Root this switch for the CIST
Operational hello time 5 , forward delay 15, max age 20, txholdcount 6
Configured hello time 5 , forward delay 15, max age 20, max hops 20
CONFIGURATION TASK#8: To manipulate “forward timer” in MST switch SCOTSW02
Manipulate the Forwarding-Delay Time
SCOTSW02(config)# spanning-tree mst forward-time 10 ###default = 15 seconds
April 24, 2020 51
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
The forward delay is the number of seconds a port waits before changing from its spanning-tree
learning and listening states to the forwarding state.
VERIFICATION TASK#8:
SCOTSW02# show spanning-tree mst
##### MST0 vlans mapped: 1-98,101-109,111-119,121-4094
Bridge address 0c67.9159.b100 priority 32768 (32768 sysid 0)
Root this switch for the CIST
Operational hello time 5 , forward delay 10, max age 20, txholdcount 6
Configured hello time 5 , forward delay 10, max age 20, max hops 20
CONFIGURATION TASK#9: To manipulate “max age timer” in MST switch SCOTSW02
Manipulating the Maximum-Aging Time
SCOTSW02(config)#spanning-tree mst max-age 30 ###default = 20 seconds
The maximum-aging time is the number of seconds a switch waits without receiving spanning-tree
configuration messages before attempting a reconfiguration.
VERIFICATION TASK#9:
SCOTSW02#show spanning-tree mst
##### MST0 vlans mapped: 1-98,101-109,111-119,121-4094
Bridge address 0c67.9159.b100 priority 32768 (32768 sysid 0)
Root this switch for the CIST
Operational hello time 2 , forward delay 10, max age 30, txholdcount 6
Configured hello time 2 , forward delay 10, max age 30, max hops 20
IMPORTANT FACT!!!
To restart the protocol migration process (force the renegotiation with neighboring switches) on
the switch, use the below command under privileged EXEC command.:
clear spanning-tree detected-protocols
April 24, 2020 52
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #7 CONFIGURE – DTP (DYNAMIC TRUNKING PROTOCOL)
Objectives: Observe on SCOTSW01, SCOTSW02, SCOTSW03, SCOTSW04 as
following:
1. Configure “DTP desirable-desirable” between SCOTSW01 <-> SCOTSW02
2. Configure “DTP auto-desriable” between SCOTSW01 <-> SCOTSW03
3. Configure “DTP auto-auto” between SCOTSW03 <-> SCOTSW04
4. Configure “DTP” between SCOTSW02_Trunk_Dot1Q <-> SCOTSW04_Auto
5. Configure DTP between SCOTSW02_Trunk Dot1Q <-> SCOTSW04_desirable
April 24, 2020 53
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#1: Configure “DTP desirable-desirable” between SCOTSW01 <-> SCOTSW02
SCOTSW01(config)#default interface range gi0/0-1
SCOTSW01(config)#interface range gigabitEthernet 0/0-1
SCOTSW01(config-if-range)#switchport mode dynamic desirable
SCOTSW02(config)#default interface range gi0/0-1
SCOTSW02(config)#interface range gigabitEthernet 0/0-1
SCOTSW02(config-if-range)#switchport mode dynamic desirable
VERIFICATION TASK#1:
SCOTSW01#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Gi0/0 desirable n-isl trunking 1
Gi0/1 desirable n-isl trunking 1
<!—output omitted>
SCOTSW01#sh interfaces gi0/0 swi
Name: Gi0/0
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: isl
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
<!output omitted>
SCOTSW02#show interface trunk
Port Mode Encapsulation Status Native vlan
Gi0/0 desirable n-isl trunking 1
Gi0/1 desirable n-isl trunking 1
<!—output omitted>
SCOTSW02#show interfaces gi0/0 switchport
Name: Gi0/0
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: isl
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
<!output omitted>
April 24, 2020 54
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
DTP is cisco proprietary
DTP negotiation by default negotiate over “n-isl”
As we know ISL header carries “26 bytes” which is a drawback of DTP negotiations. The payload
(data) gets shrinked (or reduced) to accumulate extra ISL header size.
CONFIGURATION TASK#2: Configure “DTP auto-desirable” between SCOTSW01 <-> SCOTSW03
SCOTSW01(config)#default interface range gi0/2-3
SCOTSW01(config)#interface range gi0/2-3
SCOTSW01(config-if-range)#switchport mode dynamic auto
SCOTSW03(config)#default interface range gi0/2-3
SCOTSW03(config)#interface range gi0/2-3
SCOTSW03(config-if-range)#switchport mode dynamic desirable
VERIFICATION TASK#2:
SCOTSW01#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Gi0/2 auto n-isl trunking 1
Gi0/3 auto n-isl trunking 1
<!—output omitted>
SCOTSW03#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Gi0/2 desirable n-isl trunking 1
Gi0/3 desirable n-isl trunking 1
<!—output omitted>
CONFIGURATION TASK#3: Configure “DTP auto-auto” between SCOTSW03 <-> SCOTSW04
SCOTSW03(config)#default interface range gi0/0-1
SCOTSW03(config)#interface range gi0/0-1
SCOTSW03(config-if-range)#sw mo dynamic auto
SCOTSW04(config)#default interface range gi0/0-1
SCOTSW04(config)#interface range gi0/0-1
SCOTSW04(config-if-range)#sw mo dynamic auto
SCOTSW03#show inter gi0/1 trunk
Port Mode Encapsulation Status Native vlan
Gi0/1 auto negotiate not-trunking 1
April 24, 2020 55
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Port Vlans allowed on trunk
Gi0/1 1
Port Vlans allowed and active in management domain
Gi0/1 1
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 1
SCOTSW03#show inter gi0/1 sw
SCOTSW03#show inter gi0/1 switchport
Name: Gi0/1
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
<!output omitted>
Dynamic AUTO on both sides will not bring up “n-Trunking”as shown here SCOTSW03_gi0/0-1 <->
SCOTSW04_gi0/0-1.
It is recommended statically make it “Trunking” and do not keep DTP auto negotiations.
Some IOS software comes by default with “Auto” enabled on switchports.
CONFIGURATION TASK#4: Configure DTP between SCOTSW02_Trunk Dot1Q <-> SCOTSW04_auto
SCOTSW02(config)#default interface range gi0/2-3
SCOTSW02(config)#interface range gi0/2-3
SCOTSW02(config-if-range)#sw trunk encapsulation dot1q
SCOTSW02(config-if-range)#sw mode trunk
SCOTSW04(config)#default inter range gi0/2-3
SCOTSW04(config)#interface range gi0/2-3
SCOTSW04(config-if-range)#sw mode dynamic auto
SCOTSW02#sh inter trunk
Port Mode Encapsulation Status Native vlan
Gi0/2 on 802.1q trunking 1
Gi0/3 on 802.1q trunking 1
April 24, 2020 56
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
SCOTSW04#sh inter trunk
Port Mode Encapsulation Status Native vlan
Gi0/2 desirable n-isl trunking 1
Gi0/3 desirable n-isl trunking 1
CONFIGURATION TASK#5: Configure DTP between SCOTSW02_Trunk Dot1Q <->
SCOTSW04_desirable
SCOTSW02(config)#default interface range gi0/2-3
SCOTSW02(config)#interface range gi0/2-3
SCOTSW02(config-if-range)#sw trunk encapsulation dot1q
SCOTSW02(config-if-range)#sw mo trunk
SCOTSW04(config)#default inter range gi0/2-3
SCOTSW04(config)#interface range gi0/2-3
SCOTSW04(config-if-range)#sw mode dynamic desirable
SCOTSW02#sh inter trunk
Port Mode Encapsulation Status Native vlan
Gi0/2 on 802.1q trunking 1
Gi0/3 on 802.1q trunking 1
SCOTSW04#sh inter trunk
Port Mode Encapsulation Status Native vlan
Gi0/2 auto n-isl trunking 1
Gi0/3 auto n-isl trunking 1
April 24, 2020 57
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #8 CONFIGURE – ETHERCHANNEL
Objectives: Observe on SCOTSW01, SCOTSW02, SCOTSW03, SCOTSW04 as
following:
1. Configure “PAgP” between SCOTSW01_gi0/2-3 <-> SCOTSW03_gi0/2-3
2. Configure “LACP” between SCOTSW01_gi0/0-1 <-> SCOTSW02_gi0/0-1
3. Configure “ON” between SCOTSW02 <-> SCOTSW04
4. Configure “LACP Fast”
5. Configure Minimum Number of Port-Channel Member Interfaces
6. Configure Maximum Number of Port-Channel Member Interfaces
7. Configure LACP System Priority
8. Configure LACP Interface Priority
9. Configure EtherChannel Misconfiguration Guard
April 24, 2020 58
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#1: Configure “PAgP” between SCOTSW01 <-> SCOTSW03
SCOTSW01 PAgP Configuration
SCOTSW01(config)#default interface range gi0/2-3
SCOTSW01 (config)#no interface port-channel 12
SCOTSW01 (config)#interface range gi0/2-3
SCOTSW01 (config-if-range)#switchport trunk encapsulation dot1q
SCOTSW01 (config-if-range)#switchport mode trunk
SCOTSW01 (config-if-range)#switchport trunk allowed vlan 99,100,110,120,666,999
SCOTSW01 (config-if-range)#channel-protocol pagp (optional)
SCOTSW01 (config-if-range)#channel-group 12 mode auto
SCOTSW03 PAgP Configuration
SCOTSW03(config)#default interface range gi0/2-3
SCOTSW03(config)#no interface port-channel 12
SCOTSW03(config)#interface range gi0/2-3
SCOTSW03(config-if-range)#switchport trunk encapsulation dot1q
SCOTSW03(config-if-range)#switchport mode trunk
SCOTSW03(config-if-range)#switchport trunk allowed vlan 99,100,110,120,666,999
SCOTSW03(config-if-range)#channel-protocol pagp (optional)
SCOTSW03(config-if-range)#channel-group 12 mode desirable
VERIFICATION TASK#1
• show etherchannel summary
• show etherchannel detail
• show etherchannel port-channel
• show pagp counter
• show pagp neighbor
SCOTSW03# show etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use N - not in use, no aggregation
f - failed to allocate aggregator
M - not in use, minimum links not met
m - not in use, port not aggregated due to minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
A - formed by Auto LAG
April 24, 2020 59
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
12 Po12(SU) PAgP Gi0/2(P) Gi0/3(P)
SCOTSW03#show etherchannel detail
Channel-group listing:
----------------------
! This is the header that indicates all the ports that are for the first
! EtherChannel interface. Every member link interface will be listed
Group: 12
----------
Group state = L2
Ports: 2 Maxports = 4
Port-channels: 1 Max Port-channels = 1
Protocol: PAgP
Minimum Links: 0
! This is the first member interface for interface Po12. This interface
! is configured for PAgP active
Ports in the group:
-------------------
Port: Gi0/2
------------
Port state = Up Mstr In-Bndl
Channel group = 12 Mode = Automatic-Sl Gcchange = 0
Port-channel = Po12 GC = 0x000C0001 Pseudo port-channel = Po12
Port index = 0 Load = 0x00 Protocol = PAgP
Flags: S - Device is sending Slow hello. C - Device is in Consistent state.
A - Device is in Auto mode. P - Device learns on physical port.
d - PAgP is down.
Timers: H - Hello timer is running. Q - Quit timer is running.
S - Switching timer is running. I - Interface timer is running.
Local information:
Hello Partner PAgP Learning Group
Port Flags State Timers Interval Count Priority Method Ifindex
Gi0/2 SAC U6/S7 HQ 30s 1 128 Any 19
! This interface's partner is configured with PAgP Slow packets, has a system-id
! of 0c67.916e.8000 , a port priority of 128 , and is desirable in the bundle
! for 0d:01h:27m:31s.
Partner's information:
Partner Partner Partner Partner Group
Port Name Device ID Port Age Flags Cap.
Gi0/2 SCOTSW01.networkjour 0c67.916e.8000 Gi0/2 26s SC C0001
April 24, 2020 60
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Age of the port in the current state: 0d:01h:27m:31s
Port: Gi0/3
------------
Port state = Up Mstr In-Bndl
Channel group = 12 Mode = Automatic-Sl Gcchange = 0
Port-channel = Po12 GC = 0x000C0001 Pseudo port-channel = Po12
Port index = 0 Load = 0x00 Protocol = PAgP
Flags: S - Device is sending Slow hello. C - Device is in Consistent state.
A - Device is in Auto mode. P - Device learns on physical port.
d - PAgP is down.
Timers: H - Hello timer is running. Q - Quit timer is running.
S - Switching timer is running. I - Interface timer is running.
Local information:
Hello Partner PAgP Learning Group
Port Flags State Timers Interval Count Priority Method Ifindex
Gi0/3 SAC U6/S7 HQ 30s 1 128 Any 19
Partner's information:
Partner Partner Partner Partner Group
Port Name Device ID Port Age Flags Cap.
Gi0/3 SCOTSW01.networkjour 0c67.916e.8000 Gi0/3 22s SC C0001
Age of the port in the current state: 0d:01h:27m:31s
Port-channels in the group:
---------------------------
Port-channel: Po12
------------
Age of the Port-channel = 0d:01h:27m:43s
Logical slot/port = 16/0 Number of ports = 2
GC = 0x000C0001 HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = PAgP
Port security = Disabled
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Gi0/2 Automatic-Sl 0
0 00 Gi0/3 Automatic-Sl 0
Time since last port bundled: 0d:01h:27m:31s Gi0/3
April 24, 2020 61
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
SCOTSW03#show etherchannel port-channel
Channel-group listing:
----------------------
Group: 12
----------
Port-channels in the group:
---------------------------
Port-channel: Po12
------------
Age of the Port-channel = 0d:01h:29m:57s
Logical slot/port = 16/0 Number of ports = 2
GC = 0x000C0001 HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = PAgP
Port security = Disabled
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Gi0/2 Automatic-Sl 0
0 00 Gi0/3 Automatic-Sl 0
Time since last port bundled: 0d:01h:29m:45s Gi0/3
SCOTSW03# show pagp counters
Information Flush PAgP
Port Sent Recv Sent Recv Err Pkts
---------------------------------------------------
Channel group: 12
Gi0/2 198 200 0 0 0
Gi0/3 198 201 0 0 0
SCOTSW03#show pagp neighbor
Flags: S - Device is sending Slow hello. C - Device is in Consistent state.
A - Device is in Auto mode. P - Device learns on physical port.
Channel group 12 neighbors
Partner Partner Partner Partner Group
Port Name Device ID Port Age Flags Cap.
Gi0/2 SCOTSW01.networkjour 0c67.916e.8000 Gi0/2 8s SC C0001
Gi0/3 SCOTSW01.networkjour 0c67.916e.8000 Gi0/3 29s SC C0001
SCOTSW03#
April 24, 2020 62
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
When viewing the output of the show etherchannel summary command, the first thing that
should be checked is the EtherChannel status, which is listed in the Port-channel column. The
status should be SU
CONFIGURATION TASK#2: “LACP” between SCOTSW01 <-> SCOTSW02
SCOTSW01 LACP Configuration
SCOTSW01(config)#interface range gi0/0-1
SCOTSW01(config-if-range)#switchport trunk encapsulation dot1q
SCOTSW01(config-if-range)#switchport mode trunk
SCOTSW01(config-if-range)#switchport trunk allowed vlan 99,100,110,120,666,999
SCOTSW01(config-if-range)#channel-protocol lacp (optional)
SCOTSW01(config-if-range)#channel-group 11 mode active
SCOTSW02 LACP Configuration
SCOTSW02(config)#interface range gi0/0-1
SCOTSW02(config-if-range)#switchport trunk encapsulation dot1q
SCOTSW02(config-if-range)#switchport mode trunk
SCOTSW02(config-if-range)#channel-protocol lacp (optional)
SCOTSW02(config-if-range)#channel-group 11 mode passive
VERIFICATION TASK#2
• show etherchannel summary
• show etherchannel detail
• show etherchannel port-channel
• show spanning-tree vlan 1
• show lacp counters
• show lacp neighbor
SCOTSW02#show etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use N - not in use, no aggregation
f - failed to allocate aggregator
M - not in use, minimum links not met
m - not in use, port not aggregated due to minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
April 24, 2020 63
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
A - formed by Auto LAG
Number of channel-groups in use: 2
Number of aggregators: 2
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
11 Po11(SU) LACP Gi0/0(P) Gi0/1(P)
SCOTSW02#show etherchannel detail
Channel-group listing:
----------------------
Group: 11
----------
Group state = L2
Ports: 2 Maxports = 4
Port-channels: 1 Max Port-channels = 4
Protocol: LACP
Minimum Links: 0
Ports in the group:
-------------------
Port: Gi0/0
------------
Port state = Up Mstr Assoc In-Bndl
Channel group = 11 Mode = Passive Gcchange = -
Port-channel = Po11 GC = - Pseudo port-channel = Po11
Port index = 0 Load = 0x00 Protocol = LACP
Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.
Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi0/0 SP bndl 32768 0xB 0xB 0x1 0x3C
Partner's information:
LACP port Admin Oper Port Port
Port Flags Priority Dev ID Age key Key Number State
Gi0/0 SA 32768 0c67.916e.8000 13s 0x0 0xB 0x1 0x3D
Age of the port in the current state: 0d:01h:21m:31s
Port: Gi0/1
------------
April 24, 2020 64
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Port state = Up Mstr Assoc In-Bndl
Channel group = 11 Mode = Passive Gcchange = -
Port-channel = Po11 GC = - Pseudo port-channel = Po11
Port index = 0 Load = 0x00 Protocol = LACP
Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.
Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi0/1 SP bndl 32768 0xB 0xB 0x2 0x3C
Partner's information:
LACP port Admin Oper Port Port
Port Flags Priority Dev ID Age key Key Number State
Gi0/1 SA 32768 0c67.916e.8000 5s 0x0 0xB 0x2 0x3D
Age of the port in the current state: 0d:01h:15m:31s
Port-channels in the group:
---------------------------
Port-channel: Po11 (Primary Aggregator)
------------
Age of the Port-channel = 0d:01h:43m:38s
Logical slot/port = 16/0 Number of ports = 2
HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = LACP
Port security = Disabled
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Gi0/0 Passive 0
0 00 Gi0/1 Passive 0
Time since last port bundled: 0d:01h:15m:31s Gi0/1
Time since last port Un-bundled: 0d:01h:15m:35s Gi0/1
SCOTSW02#sh spanning-tree vlan 99
VLAN0099
Spanning tree enabled protocol ieee
April 24, 2020 65
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Root ID Priority 32867
Address 0c67.912e.9400
Cost 6
Port 65 (Port-channel11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32867 (priority 32768 sys-id-ext 99)
Address 0c67.9159.b100
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Po11 Root FWD 3 128.65 P2p
SCOTSW02#show lacp counters
LACPDUs Marker Marker Response LACPDUs
Port Sent Recv Sent Recv Sent Recv Pkts Err
---------------------------------------------------------------------
Channel group: 11
Gi0/0 246 245 0 0 0 0 0
Gi0/1 256 256 0 0 0 0 0
SCOTSW02#show lacp neighbor
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
Channel group 11 neighbors
Partner's information:
LACP port Admin Oper Port Port
Port Flags Priority Dev ID Age key Key Number State
Gi0/0 SA 32768 0c67.916e.8000 25s 0x0 0xB 0x1 0x3D
Gi0/1 SA 32768 0c67.916e.8000 13s 0x0 0xB 0x2 0x3D
SCOTSW02#
The LACP counters can be cleared with the command clear lacp counters.
April 24, 2020 66
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#3: “ON” between SCOTSW02 <-> SCOTSW04
SCOTSW02 Etherchannel “On” Configuration
SCOTSW02(config)#default interface range gi0/2-3
SCOTSW02(config)#no interface port-channel 1
SCOTSW02(config)#interface range gi 0/2-3
SCOTSW02(config-if-range)#switchport trunk encapsulation dot1q
SCOTSW02(config-if-range)#switchport trunk allowed vlan 99,100,110,120,666,999
SCOTSW02(config-if-range)#switchport mode trunk
SCOTSW02(config-if-range)#channel-group 22 mode on
SCOTSW04 Etherchannel “On” Configuration
SCOTSW04(config)#default interface range gi0/2-3
SCOTSW04(config)#no interface port-channel 1
SCOTSW04(config)#interface range gi0/2-3
SCOTSW04(config-if-range)#switchport trunk encapsulation dot1q
SCOTSW04(config-if-range)#switchport trunk allowed vlan 99,100,110,120,666,999
SCOTSW04(config-if-range)#switchport mode trunk
SCOTSW04(config-if-range)#channel-group 22 mode on
VERIFICATION TASK#3
show etherchannel summary
show etherchannel detail
show etherchannel port-channel
show spanning-tree vlan 99
SCOTSW04#show etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
April 24, 2020 67
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
R - Layer3 S - Layer2
U - in use N - not in use, no aggregation
f - failed to allocate aggregator
M - not in use, minimum links not met
m - not in use, port not aggregated due to minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
A - formed by Auto LAG
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
22 Po22(SU) - Gi0/2(P) Gi0/3(P)
SCOTSW04#show etherchannel detail
Channel-group listing:
----------------------
Group: 22
----------
Group state = L2
Ports: 2 Maxports = 4
Port-channels: 1 Max Port-channels = 1
Protocol: -
Minimum Links: 0
Ports in the group:
-------------------
Port: Gi0/2
------------
Port state = Up Mstr In-Bndl
Channel group = 22 Mode = On Gcchange = -
Port-channel = Po22 GC = - Pseudo port-channel = Po22
Port index = 0 Load = 0x00 Protocol = -
Age of the port in the current state: 0d:01h:49m:48s
Port: Gi0/3
------------
Port state = Up Mstr In-Bndl
Channel group = 22 Mode = On Gcchange = -
April 24, 2020 68
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Port-channel = Po22 GC = - Pseudo port-channel = Po22
Port index = 0 Load = 0x00 Protocol = -
Age of the port in the current state: 0d:01h:49m:48s
Port-channels in the group:
---------------------------
Port-channel: Po22
------------
Age of the Port-channel = 0d:01h:50m:28s
Logical slot/port = 16/0 Number of ports = 2
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel Ag-Inuse
Protocol = -
Port security = Disabled
Ports in the Port-channel:
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Gi0/2 On 0
0 00 Gi0/3 On 0
Time since last port bundled: 0d:01h:49m:48s Gi0/3
Time since last port Un-bundled: 0d:01h:50m:25s Gi0/3
SCOTSW04#show spanning-tree vlan 99
VLAN0099
Spanning tree enabled protocol ieee
Root ID Priority 32867
Address 0c67.912e.9400
Cost 4
Port 1 (GigabitEthernet0/0)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32867 (priority 32768 sys-id-ext 99)
Address 0c67.91d3.c500
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Po22 Desg FWD 3 128.65 P2p
April 24, 2020 69
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Advanced LACP Configuration Options
CONFIGURATION TASK#4: Configure “LACP Fast”
LACP provides some additional tuning that is not available with PAgP.
LACP Fast:
The original LACP standards sent out LACP packets every 30 seconds. A link is deemed unusable if an
LACP packet is not received after three intervals, which results in a potential 90 seconds of packet
loss for a link before that member interface is removed from a port channel.
An amendment to the standards was made so that LACP packets are advertised every 1 second.
This is known as LACP fast because a link can be identified and removed in 3 seconds compared to
the 90 seconds specified in the initial LACP standard.
LACP fast is enabled on the member interfaces with the interface configuration command lacp rate
fast.
All the interfaces on both switches need to be configured the same—either using LACP fast or
LACP slow—for the EtherChannel to successfully come up.
SCOTSW01(config)# interface range gi0/1-2
SCOTSW01(config-if-range)# lacp rate fast
Remember: Best practice is to configure “lacp fast” on every Switch interface.
SCOTSW01# show lacp internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
Channel group 1
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi1/0/1 FA bndl 32768 0x1 0x1 0x102 0x3F
Gi1/0/2 FA bndl 32768 0x1 0x1 0x103 0xF
April 24, 2020 70
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#5: Minimum Number of Port-Channel Member Interfaces
An EtherChannel interface becomes active and up when only one member interface successfully
forms an adjacency with a remote device.
In some design scenarios using LACP, a minimum number of adjacencies is required before a port-
channel interface becomes active. This option can be configured with the port-channel interface
command port-channel min-links min-links.
SCOTSW01(config)# interface port-channel 1
SCOTSW01(config-if)# port-channel min-links 2
Test the behaviour by shutting one of the physical member manually “shutdown”
SCOTSW01(config-if)# interface gi1/0/1
SCOTSW01(config-if)# shutdown
10:44:46.516: %ETC-5-MINLINKS_NOTMET: Port-channel Po1 is down bundled ports (1)
doesn't meet min-links
10:44:47.506: %LINEPROTO-5-UPDOWN: Line protocol on Interface Gigabit
Ethernet1/0/2, changed state to down
10:44:47.508: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1,
changed state to down
10:44:48.499: %LINK-5-CHANGED: Interface GigabitEthernet1/0/1, changed state to
administratively down
10:44:48.515: %LINK-3-UPDOWN: Interface Port-channel1, changed state to down
SCOTSW01# show etherchannel summary
! Output Ommitted for Brevity
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
M - not in use, minimum links not met
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SM) LACP Gi1/0/1(D) Gi1/0/2(P)
By default having only 1 active member interface will bring up “Etherchannel”.
Best practice is enable “min-links” and set to 2 so that unless we have 2 active physical member
the “Etherchannel” wouldn’t come up.
April 24, 2020 71
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#6: Maximum Number of Port-Channel Member Interfaces
An EtherChannel can be configured to have a specific maximum number of member interfaces in a
port channel.
This may be done to ensure that the active member interface count proceeds with powers of two
(for example, 2, 4, 8) to accommodate load-balancing hashes.
The maximum number of member interfaces in a port channel can be configured with the port-
channel interface command lacp max-bundle max-links.
SCOTSW01(config)# interface port-channel1
SCOTSW01(config-if)# lacp max-bundle 1
11:01:11.972: %LINEPROTO-5-UPDOWN: Line protocol on Interface Gigabit
Ethernet1/0/1, changed state to down
11:01:11.979: %LINEPROTO-5-UPDOWN: Line protocol on Interface Gigabit
Ethernet1/0/2, changed state to down
11:01:11.982: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1,
changed state to down
11:01:13.850: %LINEPROTO-5-UPDOWN: Line protocol on Interface Gigabit
Ethernet1/0/1, changed state to up
11:01:13.989: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1,
changed state to up
SCOTSW01# show etherchannel summary
! Output omitted for brevity
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
A - formed by Auto LAG
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Gi1/0/1(P) Gi1/0/2(H)
The maximum number of port-channel member interfaces needs to be configured only on the
master switch for that port channel; however, configuring it on both switches is recommended to
accelerate troubleshooting and assist operational staff.
April 24, 2020 72
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
The port-channel master switch controls which member interfaces (and associated links) are active
by examining the LACP port priority. A lower port priority is preferred. If the port priority is the
same, then the lower interface number is preferred.
CONFIGURATION TASK#7: LACP System Priority
This identifies which switch is the master switch for a port channel.
The master switch on a port channel is responsible for choosing which member interfaces are
active in a port channel when there are more member interfaces than the maximum number of
member interfaces associated with a port-channel interface.
The switch with the lower system priority is preferred.
The LACP system priority can be changed with the command lacp system-priority priority.
PRE_CHECKS:
SCOTSW01# show lacp sys-id
32768, 0062.ec9d.c500
CONFIG:
SCOTSW01# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)# lacp system-priority 1
POST_CHECKS:
SCOTSW01# show lacp sys-id
1, 0062.ec9d.c50
CONFIGURATION TASK#8: LACP Interface Priority
LACP interface priority enables the master switch to choose which member interfaces are active in
a port channel when there are more member interfaces than the maximum number of member
interfaces for a port channel.
A port with a lower port priority is preferred.
The interface configuration command lacp port-priority priority sets the interface priority.
SCOTSW01 is the master switch for port channel 11, the Gi0/1 interface becomes active, and port
Gi0/1 becomes Hot-standby.
PRE_CHECKS:
SCOTSW01# show etherchannel summary | b Group
Group Port-channel Protocol Ports
April 24, 2020 73
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
------+-------------+-----------+-----------------------------------------------
11 Po1(SU) LACP Gi0/0(P) Gi0/1(H)
CONFIGS:
SCOTSW01(config)# interface gi0/1
SCOTSW01(config-if)# lacp port-priority 1
POST_CHECKS:
SCOTSW01# show etherchannel summary | b Group
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
11 Po1(SU) LACP Gi0/0(H) Gi0/1(P)
CONFIGURATION TASK#9: EtherChannel Misconfiguration Guard
• EtherChannel Guard is a way of finding out error in the etherchannel port channel.
• Etherchannel guard finding if one end of the EtherChannel is not configured properly.
• This could be that there are some parameters not matching up such as duplex a speed.
SCOTSW01(config)#spanning-tree etherchannel guard misconfig
SCOTSW02(config)#spanning-tree etherchannel guard misconfig
SCOTSW01#show spanning-tree summary
SCOTSW02#show spanning-tree summary
SCOTSW01# show interfaces status err-disabled
SCOTSW01=2# show interfaces status err-disabled
April 24, 2020 74
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #9 CONFIGURE – HSRPv1
Objectives: Consider MOSCOWR19, MOSCOWR20, MOSCOWSW01, MOSCOWSW02, PC10, PC19,
PC11, PC12 as following:
1. Configure “Initial config” on MOSCOWR19, MOSCOWR20, MOSCOWSW01, MOSCOWSW02,
PC10, PC19, PC11, PC12
2. Configure “HSRPv1”, Preempt for “Vlan 1 and Vlan 40”, observe the behaviour (do not
configure the priority as of now)
3. From step#2, configure Priority110 on MOSCOWR20 and observe the behaviour
4. Try loadsharing, by making Vlan 1 “ACTIVE” on MOSCOWR19 and Vlan 40 “ACTIVE” on
MOSCOWR20, verify the patch adopted by ping/traceroute from PC10 (vlan1) and
PC9(vlan40) towards 8.8.8.8
5. Configure Tracking Object and verify the WAN link switchport failures.
April 24, 2020 75
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK#1: Configure “Initial config” on MOSCOWR19, MOSCOWR20,
MOSCOWSW01, MOSCOWSW02, PC10, PC19, PC11, PC12
MOSCOWR19
interface e0/1
no shutdown
interface e0/1.1
encap dot 1
ip address 172.16.10.1 255.255.255.0
interface e0/1.40
encap dot 40
ip address 172.16.40.1 255.255.255.0
interface Ethernet0/2
ip address dhcp
end
MOSCOWR20
interface e0/1
no shut
interface e0/1.1
encap dot 1
ip address 172.16.10.2 255.255.255.0
interface e0/1.40
encap dot 40
ip address 172.16.40.2 255.255.255.0
interface Ethernet0/2
ip address dhcp
end
MOSCOWSW01
interface gi0/3
no shutdown
interface gi0/2
no shutdown
switchport mode access
switchport access vlan 40
interface range gi0/0-1
switchport tr enc dot1
switchport mode trunk
switchport trunk allowed vlan 1,40
MOSCOWSW02
interface gi0/3
no shutdown
interface gi0/2
no shutdown
switchport mode access
switchport access vlan 40
interface range gi0/0-1
switchport tr enc dot1
April 24, 2020 76
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
switchport mode trunk
switchport trunk allowed vlan 1,40
PC10
PC9
April 24, 2020 77
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
PC11
PC12
By default, all PC’s are pointing to their respective Gateway Ips
Once we have HSRP (standby) successfully configured, we shall change the gateway to HSRP
Virtual IP (VIP) for redundancy purpose.
VERIFICATIONS TASK#1: Configure “Initial config” on MOSCOWR19, MOSCOWR20,
MOSCOWSW01, MOSCOWSW02
MOSCOWR19#show ip int br | exclude unass
April 24, 2020 78
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Interface IP-Address OK? Method Status Protocol
Ethernet0/1.1 172.16.10.1 YES NVRAM up up
Ethernet0/1.40 172.16.40.1 YES NVRAM up up
Ethernet0/2 192.168.32.228 YES DHCP up up
MOSCOWR19#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 47/72/91 ms
MOSCOWR19#
MOSCOWR20#show ip int brief | ex unass
Interface IP-Address OK? Method Status Protocol
Ethernet0/1.1 172.16.10.2 YES NVRAM up up
Ethernet0/1.40 172.16.40.2 YES NVRAM up up
Ethernet0/2 192.168.32.229 YES DHCP up up
MOSCOWR20#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/61/85 ms
MOSCOWR20#
MOSCOWSW01#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Gi0/0 on 802.1q trunking 1
Gi0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/0 1,40
Gi0/1 1,40
Port Vlans allowed and active in management domain
Gi0/0 1,40
Gi0/1 1,40
Port Vlans in spanning tree forwarding state and not pruned
Gi0/0 1,40
Gi0/1 1,40
MOSCOWSW01#show run int gi0/2
interface GigabitEthernet0/2
switchport access vlan 40
switchport mode access
media-type rj45
negotiation auto
end
MOSCOWSW01#show run int gi0/3
interface GigabitEthernet0/3
media-type rj45
negotiation auto
April 24, 2020 79
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
end
MOSCOWSW02#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Gi0/0 on 802.1q trunking 1
Gi0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/0 1,40
Gi0/1 1,40
Port Vlans allowed and active in management domain
Gi0/0 1,40
Gi0/1 1,40
Port Vlans in spanning tree forwarding state and not pruned
Gi0/0 1,40
Gi0/1 1,40
Ping initiated to internet from PC10
PC10 console is now available... Press RETURN to get started.
/ # ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=127 time=150.310 ms
64 bytes from 8.8.8.8: seq=1 ttl=127 time=170.947 ms
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 150.310/160.628/170.947 ms
/ # traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets
1 172.16.10.1 (172.16.10.1) 4.968 ms 3.694 ms 4.079 ms →packet going via MOSCOWR19
2 192.168.32.2 (192.168.32.2) 5.946 ms 5.493 ms 6.467 ms
April 24, 2020 80
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK #2: Configure “HSRPv1” for “Vlan 1”, observe the behaviour.
Configure HSRPv1
MOSCOWR19(router)
interface e0/1.1
standby 1 ip 172.16.10.254
standby 1 preempt
interface e0/1.40
standby 40 ip 172.16.40.254
MOSCOWR20(router)
interface e0/1.1
standby 1 ip 172.16.10.254
interface e0/1.40
standby 40 ip 172.16.40.254
standby 40 preempt
VERIFICATION TASK #2:
MOSCOWR19#sh stand br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Et0/1.1 1 100 P Active local 172.16.10.2 172.16.10.254
Et0/1.40 40 100 Active local 172.16.40.2 172.16.40.254
MOSCOWR20#sh standby br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Et0/1.1 1 100 Standby 172.16.10.1 local 172.16.10.254
Et0/1.40 40 100 P Standby 172.16.40.1 local 172.16.40.254
Observation:
1. By default, whenever there is no priority set on HSRP, the highest IP address wins the
election and takes up “ACTIVE” role so that way MOSCOWR20 should have been the
“ACTIVE” as it has highest IP on its interface.
2. However, here in our scenario, MOSCOWR19 is elected as “ACTIVE” because
“MOSCOWR19” was configured first and it declared itself as “ACTIVE” and when you
configure “MOSCOWR20” is it going to take “Standby” role.
3. Though we have “Preempt” configured under MOSCOWR20, it is not going to become
“ACTIVE” until “Priority” is set greater than 100 (default)
4. Please note, if you configure on both router at same time the HSRP election would pick
MOSCOWR20 to be “ACTIVE” being having highest interface IP address
MOSCOWR20# show stand brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Et0/1.1 1 100 Active local unknown 172.16.10.254
Et0/1.40 40 100 P Active local unknown 172.16.40.254
April 24, 2020 81
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
MOSCOWR19#show standby
Ethernet0/1.1 - Group 1
State is Standby
6 state changes, last state change 00:03:08
Virtual IP address is 172.16.10.254
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.296 secs
Preemption enabled
Active router is 172.16.10.2, priority 110 (expires in 9.456 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Et0/1.1-1" (default)
Ethernet0/1.40 - Group 40
State is Standby
6 state changes, last state change 00:18:41
Virtual IP address is 172.16.40.254
Active virtual MAC address is 0000.0c07.ac28
Local virtual MAC address is 0000.0c07.ac28 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.904 secs
Preemption disabled
Active router is 172.16.40.2, priority 110 (expires in 10.800 sec)
Standby router is local
Priority 100 (default 100)
Group name is "hsrp-Et0/1.40-40" (default)
MOSCOWR19#
MOSCOWR20#show standby
Ethernet0/1.1 - Group 1
State is Active
2 state changes, last state change 00:04:14
Virtual IP address is 172.16.10.254
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.704 secs
Preemption disabled
Active router is local
Standby router is 172.16.10.1, priority 100 (expires in 11.008 sec)
Priority 110 (configured 110)
Group name is "hsrp-Et0/1.1-1" (default)
Ethernet0/1.40 - Group 40
State is Active
2 state changes, last state change 00:19:32
Virtual IP address is 172.16.40.254
Active virtual MAC address is 0000.0c07.ac28
Local virtual MAC address is 0000.0c07.ac28 (v1 default)
April 24, 2020 82
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.960 secs
Preemption enabled
Active router is local
Standby router is 172.16.40.1, priority 100 (expires in 10.032 sec)
Priority 110 (configured 110)
Group name is "hsrp-Et0/1.40-40" (default)
MOSCOWR20#
CONFIGURATION TASK #3: Configure ”Priority 110” on MOSCOWR20
MOSCOWR20(config)#interface e0/1.1
MOSCOWR20(config-subif)#standby 1 priority 110
MOSCOWR20(config)#interface e0/1.40
MOSCOWR20(config-subif)#standby 40 priority 110
MOSCOWR20#sh stand brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Et0/1.1 1 110 Active local unknown 172.16.10.254
Et0/1.40 40 110 P Active local 172.16.40.1 172.16.40.254
MOSCOWR19#sh stand br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Et0/1.1 1 100 P Standby 172.16.10.2 local 172.16.10.254
Et0/1.40 40 100 Standby 172.16.40.2 local 172.16.40.254
Observation:
1. As soon as you configured the “priority 110” on MOSCOWR20, the “preempt” triggered
up the re-election, MOSCOWR20 is “ACTIVE” for both Vlan 1 and 40
CONFIGURATION TASK #4: Configure “Load Sharing”.
Vlan1 Active on MOSCOWR19 and Vlan40 Active on MOSCOWR20
MOSCOWR19(config)#
interface e0/1.1
standby 1 priority 120
April 24, 2020 83
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
MOSCOWR19#sh stand br
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Et0/1.1 1 120 P Active local unknown 172.16.10.254
Et0/1.40 40 100 Standby 172.16.40.2 local 172.16.40.254
MOSCOWR20#sh stand brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Et0/1.1 1 110 Standby 172.16.10.1 local 172.16.10.254
Et0/1.40 40 110 P Active local 172.16.40.1 172.16.40.254
Observation:
Nothing to be changed for Vlan40 as Vlan40 is already “Active” on MOSCOWR20.
CONFIGURATION TASK #5: Object-tracking (WAN side facing)
1. Let us assume MOSCOWR19_e0/2 goes Down.
Configure “HSRP Object-Tracking” so that the re-election takes place the traffic switchovers to
MOSCOWR20 router
Pre-checks
From PC10:
PC10/ # traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets
1 172.16.10.1 (172.16.10.2) 7.521 ms 3.646 ms 7.701 ms →packet going via MOSCOWR19
2 192.168.32.2 (192.168.32.2) 5.977 ms 7.163 ms 6.677 ms
MOSCOWR19#show standby brief
Interface Grp Pri P State Active Standby Virtual IP
Et0/1.1 1 120 P Active local unknown 172.16.10.254
Et0/1.40 40 100 Standby 172.16.40.2 local 172.16.40.254
#configure prempt as this was not configured earlier
MOSCOWR20(router)
interface e0/1.1
standby 1 preempt
#configure object-tracking on WAN facing interface
MOSCOWR19(config)#
track 1 interface ethernet 0/2 line-protocol
exit
interface e0/1.1
standby 1 track 1 decrement 30
April 24, 2020 84
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
VERIFICATION TASK #5:
To verify the “object tracking” behaviour “shutdown” interface ethernet0/2 of MOSCOWR19
MOSCOWR19(config)#
interface e0/2
shut
*May 14 19:17:52.042: %TRACK-6-STATE: 1 interface Et0/2 line-protocol Up -> Down
*May 14 19:20:25.463: %HSRP-5-STATECHANGE: Ethernet0/1.1 Grp 1 state Active -> Speak
*May 14 19:20:36.203: %HSRP-5-STATECHANGE: Ethernet0/1.1 Grp 1 state Speak -> Standby
Post-checks:
MOSCOWR19#show standby brief
Interface Grp Pri P State Active Standby Virtual IP
Et0/1.1 1 90 P Standby 172.16.10.2 local 172.16.10.254
Et0/1.40 40 100 Standby 172.16.40.2 local 172.16.40.254
Observations:
Priority decreased by “30” as per the object-tracking command
We have set decrement of “30” incase of MOSCOWR19_Eth0/2 Line-protocol going “Down”
/ # traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets
1 172.16.10.2 (172.16.10.2) 7.146 ms 4.018 ms 3.937 ms →now traffic goes over MOSCOWR20
2 192.168.32.2 (192.168.32.2) 7.994 ms 7.780 ms 7.122 ms
Gratuitous ARP:
The Gratuitous ARP is sent as a broadcast, as a way for a node to announce or update its IP to MAC mapping to
the entire network.
April 24, 2020 85
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
HSRPv1 HSRP Packet {Default Config}
April 24, 2020 86
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #14 CONFIGURE – OSPFv2
Objectives: Configure on MUMBAIR1, MUMBAIR2, MUMBAIR3, MUMBAIR4,
MUMBAIR7 as following:
1. Prepare the Initial Configs interface IP address, Loopback IP address on MUMBAIR1,
MUMBAIR2, MUMBAIR3, MUMBAIR4 and MUMBAIR7
2. Configure OSPF (single-area)
3. MANIPULATE DR/BDR ELECTION
4. MANIPULATE ROUTER-ID ELECTION
5. MANIPULATE HELLO/HOLD TIMER
6. CHANGE AREA ID
7. OSPF AUTHENTICATIION
8. OSPF AREA TYPE
9. OSPF MTU MISMATCH
10. VERIFY OSPF MUTLICAST ADDRESS 224.0.0.6 and 224.0.0.5
April 24, 2020 87
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK #1: Initial Configs
MUMBAIR1(config)#
hostname MUMBAIR1
int loopback 1
ip address 1.1.1.1 255.255.255.0
no shut
int e0/0
ip add 192.168.23.11 255.255.255.0
no shut
MUMBAIR2(config)#
hostname MUMBAIR2
int loopback 1
ip address 2.2.2.2 255.255.255.0
no shut
int e0/0
ip add 192.168.23.13 255.255.255.0
no shut
MUMBAIR3(config)#
hostname MUMBAIR3
int loopback 1
ip address 3.3.3.3 255.255.255.0
no shut
int e0/0
ip add 192.168.23.12 255.255.255.0
no shut
MUMBAIR4
hostname MUMBAIR4
int loopback 1
ip address 4.4.4.4 255.255.255.0
no shut
int e0/0
ip add 192.168.23.14 255.255.255.0
no shut
MUMBAIR7
hostname MUMBAIR7
int loopback 1
ip address 7.7.7.7 255.255.255.0
no shut
int e0/0
ip add 192.168.23.15 255.255.255.0
no shut
April 24, 2020 88
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK #2: Configure OSPF (single-area)
MUMBAIR1(config)# #global way
router ospf 100
network 192.168.23.0 0.0.0.255 area 0
network 1.1.1.1 0.0.0.255 area 0
MUMBAIR2(config)# #global way
router ospf 100
network 192.168.23.0 0.0.0.255 area 0
network 2.2.2.2 0.0.0.255 area 0
MUMBAIR3(config)# #global way
router ospf 100
network 192.168.23.0 0.0.0.255 area 0
network 3.3.3.3 0.0.0.255 area 0
MUMBAIR4(config)# #interface way
Interface e0/0
Ip ospf 1 area 0
MUMBAIR7(config)# #interface way
Interface e0/0
Ip ospf 1 area 0
By default, any router can become DR, BDR, DROTHERS as per the configurations are done.
To make the rightful Router as DR and BDR based out of known formulae, DR = Priority+R-ID
Make use of CLI command “clear ip ospf process” → Reloads the ospf process so that re-election
happens.
MUMBAIR1#, MUMBAIR2#, MUMBAIR3#, MUMBAIR4#, MUMBAIR7#
clear ip ospf process
Reset ALL OSPF processes? [no]: yes
You can also enable the “debug” commands to see the packet captures:
----
DEBUG OSPF
----
MUMBAIR1#debug ip ospf packet
OSPF packet debugging is on
MUMBAIR1#debug ip ospf adj
OSPF adjacency debugging is on
April 24, 2020 89
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
VERIFICATION TASKS#2
MUMBAIR1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/DROTHER 00:00:30 192.168.23.13 Ethernet0/0
3.3.3.3 1 FULL/DR 00:00:32 192.168.23.12 Ethernet0/0
MUMBAIR1#
MUMBAIR1#show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 100)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 1474 0x80000005 0x0035BB 2
2.2.2.2 2.2.2.2 365 0x8000000B 0x0033A9 2
3.3.3.3 3.3.3.3 1475 0x80000006 0x00F8DD 2
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
192.168.23.12 3.3.3.3 365 0x80000007 0x003649
MUMBAIR1#
MUMBAIR1#show ip route
<!-output omitted-!>
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 1.1.1.0/24 is directly connected, Loopback1
L 1.1.1.1/32 is directly connected, Loopback1
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/11] via 192.168.23.13, 00:05:59, Ethernet0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/11] via 192.168.23.12, 00:24:39, Ethernet0/0
192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.23.0/24 is directly connected, Ethernet0/0
L 192.168.23.11/32 is directly connected, Ethernet0/0
MUMBAIR3#show ip ospf interface ethernet0/0
Ethernet0/0 is up, line protocol is up
Internet Address 192.168.23.12/24, Area 0, Attached via Network Statement
Process ID 100, Router ID 3.3.3.3, Network Type BROADCAST, Cost: 10
Topology-MTID Cost Disabled Shutdown Topology Name
0 10 no no Base
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 3.3.3.3, Interface address 192.168.23.12
Backup Designated router (ID) 2.2.2.2, Interface address 192.168.23.13
April 24, 2020 90
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:04
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 3
Last flood scan time is 0 msec, maximum is 1 msec
Neighbor Count is 2, Adjacent neighbor count is 1
Adjacent with neighbor 2.2.2.2 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
MUMBAIR3#
As we know:
DR/BDR = PRIORITY (DEFAULT=1) + ROUTER-ID (elected in 2-Way state)
MASTER/SLAVE = HIGHEST ROUTER-ID (elected in Extract state)
April 24, 2020 91
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
TROUBLESHOOTING OSPF:
CONFIGURATION TASK #3: MANIPULATE DR/BDR ELECTION
Make OSPF PRIORITY=0 for MUMBAIR3
Don't let MUMBAIR3 participate in DR/BDR election
MUMBAIR3(config)#
interface e0/0
ip ospf priority 0
VERIFICATION TASK #3:
MUMBAIR2#
3.3.3.3 0 FULL/DROTHER 00:00:36 192.168.23.12 Ethernet0/0
3.3.3.3 is now acting as DROTHER with OSPF Priority = 0
MUMBAIR3#show ip ospf interface e0/0
Ethernet0/0 is up, line protocol is up
Internet Address 192.168.23.12/24, Area 0, Attached via Network Statement
Process ID 100, Router ID 3.3.3.3, Network Type BROADCAST, Cost: 10
Topology-MTID Cost Disabled Shutdown Topology Name
0 10 no no Base
Transmit Delay is 1 sec, State DROTHER, Priority 0
Designated Router (ID) 2.2.2.2, Interface address 192.168.23.13
Backup Designated router (ID) 1.1.1.1, Interface address 192.168.23.11
Old designated Router (ID) 3.3.3.3, Interface address 192.168.23.12
CONFIGURATION TASK #4: MANIPULATE ROUTER-ID ELECTION
MUMBAIR1#(config)
router ospf 1
router-id 11.11.11.11
MUMBAIR2#(config)
router ospf 1
router-id 22.22.22.22
MUMBAIR3#(config)
router ospf 1
router-id 33.33.33.33
clear ip ospf process *
[yes]
This will re-elect the DR and BDR on updated Router-ID.
April 24, 2020 92
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK #5: MANIPULATE HELLO/HOLD TIMER
MUMBAIR1#(config)
interface e0/0
ip ospf hello-timer 5
CONFIGURATION TASK #6: CHANGE AREA ID
MUMBAIR1#(config)
router ospf 100
network 192.168.23.0 0.0.0.255 area 2 or network 192.168.23.0 0.0.0.255 area 0.0.0.2
Reference: https://www.browserling.com/tools/dec-to-ip
AREA MISMATCH OSPF MESSAGE:
*May 14 15:42:19.645: %OSPF-4-ERRRCV: Received invalid packet: mismatched area ID from
backbone area from 192.168.23.0, Ethernet0/0
CONFIGURATION TASK #7: OSPF AUTHENTICATIION
TWO WAYS TO CONFIGURE AUTHENTICATION - PLAIN & MD5
PLAIN TEXT METHOD:
2 Ways:
1. Global
2. Interface
1. Global way for PLAIN TEXT
MUMBAIR1(config)#
router ospf 100
area 0 authentication
int e0/0
ip ospf authentication-key 0 cisco
2. Interface way for PLAIN TEXT
MUMBAIR1(config)#
interface e0/0
ip ospf authentication
ip ospf authentication-key 0 cisco
Verification:
show ip ospf inter e0/0
----
MD5 METHOD
----
2 Ways:
1. Global
April 24, 2020 93
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
2. Interface
1.Global way for MD5
MUMBAIR1(config)#
router ospf 1
area 0.0.0.0 authentication message-digest
interface e0/0
ip ospf message-digest-key 1 md5 cisco
2. Interface way for MD5
MUMBAIR1(config)#
interface e0/0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 0 cisco
CONFIGURATION TASK #8: OSPF AREA TYPE
MUMBAIR1(config)#
area 40 stub
or
MUMBAIR1(config)#
area 40 nssa
CONFIGURATION TASK #9: OSPF MTU MISMATCH
MTU MISTMATCH (Stuck in Extract/Exchange State)
MUMBAIR2(config)#
int e0/0
ip mtu 1000
shutdown
no shutdown
VERIFICATION TASK #9: OSPF MTU MISMATCH
MUMBAIR2#
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 1 EXSTART/BDR 00:00:39 192.168.23.11 Ethernet0/0
3.3.3.3 1 EXSTART/DR 00:00:39 192.168.23.12 Ethernet0/0
MUMBAIR1#
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 EXCHANGE/DROTHER00:00:38 192.168.23.13 Ethernet0/0
3.3.3.3 1 FULL/DR 00:00:37 192.168.23.12 Ethernet0/0
There are two ways to fix MTU MISMATCH issue in OSPF
FIX1: (#temp fix)
MUMBAIR2(config)#
April 24, 2020 94
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
int e0/0
ip ospf mtu-ignore
FIX2: (#permanent fix)
MUMBAIR2(config)#
int e0/0
ip mtu 1500
shut
no shutdown
CONFIGURATION TASK #10: VERIFY OSPF MUTLICAST ADDRESS 224.0.0.6 and 224.0.0.5
MUMBAIR2(config)#
int loopback1
shutdown
>>Take Wireshark capture on MUMBAIR2 Router interface
Remember!!!
DROTHERS --> DR,BDR = 224.0.0.6 and
(only)DR -> BDR and DR -> DROTHER = 224.0.0.5
VERIFICATIONS TASK#10
MUMBAIR7# show ip interface ethernet0/0 DR
<!-output omitted-!>
Multicast reserved groups joined: 224.0.0.251 224.0.0.5 224.0.0.6
<!-output omitted-!>
MUMBAIR4# show ip interface ethernet0/0 BDR
<!-output omitted-!>
Multicast reserved groups joined: 224.0.0.251 224.0.0.5 224.0.0.6
<!-output omitted-!>
MUMBAIR3# show ip interface ethernet0/0 DROTHER
April 24, 2020 95
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
<!-output omitted-!>
Multicast reserved groups joined: 224.0.0.251 224.0.0.5
<!-output omitted-!>
April 24, 2020 96
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
LAB #15 CONFIGURE – OSPFv2 ADVANCE TOPICS
April 24, 2020 97
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK #1: INITIAL CONFIGS
INITIAL CONFIG
MUMBAIR4(config)
interface e0/1
ip address 10.100.100.1 255.255.255.0
no shutdown
MUMBAIR5(config)
hostname MUMBAIR5
interface e0/0
ip address 10.100.100.2 255.255.255.0
no shutdown
interface e0/1
ip address 172.16.23.1 255.255.255.252
no shutdown
interface loopback1
ip address 5.5.5.5 255.255.255.0
no shutdown
MUMBAIR6(config)
hostname MUMBAIR6
interface e0/0
ip address 10.100.100.3 255.255.255.0
no shutdown
interface e0/1
ip address 172.16.23.2 255.255.255.252
no shutdown
interface loopback1
ip add 6.6.6.6 255.255.255.0
no shut
interface e1/0
ip add 113.23.23.1 255.255.255.0
no shut
MUMBAIR2(config)
interface e0/1
ip address 33.33.33.1 255.255.255.0
no shutdown
TOKYOR7
interface e1/0
ip address 113.23.23.2 255.255.255.0
no shut
interface loopback 10
ip add 114.114.114.1 255.255.255.0
no shut
ROMER01
hostname ROMER01
interface e0/1
no shut
ip add 33.33.33.2 255.255.255.0
April 24, 2020 98
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
CCNP ENTERPRISE 2020 LAB WORKBOOK|| TRAINER: SAGAR || WWW.YOUTUBE.COM/C/NETWORKJOURNEY
CONFIGURATION TASK #2: CONFIGURE OSPF (Multi-area) VIA “INTERFACE” METHOD
MUMBAIR4(config)# #interface way
interface e0/1
ip ospf 1 area 40
MUMBAIR5(config)# #interface way
interface e0/0
ip ospf 1 area 40
interface e0/1
ip ospf 1 area 40
interface loopback 1
ip ospf 1 area 40
MUMBAIR6(config)# #interface way
interface e0/0
ip ospf 1 area 40
interface e0/1
ip ospf 1 area 40
interface loopback 1
ip ospf 1 area 40
VERIFICATION TASK #2:
TOKYOR7
router eigrp 100
network 113.0.0.0
network 114.0.0.0
April 24, 2020 99
TRAINER: SAGAR | www.NetworkJourney.com | www.youtube.com/c/NetworkJourney | CCNP Enterprise
You might also like
- CCIE Security v6.0 Real Labs Design Module Ver S1.1 Scenario 1 - Packetpiper SystemsNo ratings yetCCIE Security v6.0 Real Labs Design Module Ver S1.1 Scenario 1 - Packetpiper Systems18 pages
- Spoto Ccie Lab Rs v5.0 h3 Diag Version 1.1No ratings yetSpoto Ccie Lab Rs v5.0 h3 Diag Version 1.13 pages
- Implementing and Operating Cisco Enterprise Network Core Technologies EncorNo ratings yetImplementing and Operating Cisco Enterprise Network Core Technologies Encor5 pages
- DEVNET-2192-Automate Your Network With Nornir Python Automation Framework PDFNo ratings yetDEVNET-2192-Automate Your Network With Nornir Python Automation Framework PDF22 pages
- (Sep-2021-Updated) PassLeader 2020 CCIE-CCNP 350-401 ENCOR Exam DumpsNo ratings yet(Sep-2021-Updated) PassLeader 2020 CCIE-CCNP 350-401 ENCOR Exam Dumps8 pages
- Cisco Passguide 350-501 Dumps 2023-Jan-07 by Burgess 131q Vce100% (1)Cisco Passguide 350-501 Dumps 2023-Jan-07 by Burgess 131q Vce10 pages
- 23.1.4 Lab - Troubleshoot IP SLA and NetflowNo ratings yet23.1.4 Lab - Troubleshoot IP SLA and Netflow5 pages
- 300-420 ENSLD Designing Cisco EnterpriseNo ratings yet300-420 ENSLD Designing Cisco Enterprise3 pages
- CCNP Enterprise Workbook - Lab Topology Diagrams - Lab Startup BGP NeighborshipNo ratings yetCCNP Enterprise Workbook - Lab Topology Diagrams - Lab Startup BGP Neighborship2 pages
- DEC 2021 - Updated Cisco 350-501 SPCOR Dumps - Real 350-501 Dumps Questions & Answers - Valid IT Exam Dumps QuestionsNo ratings yetDEC 2021 - Updated Cisco 350-501 SPCOR Dumps - Real 350-501 Dumps Questions & Answers - Valid IT Exam Dumps Questions60 pages
- Junos Enterprise Switching: Chapter 7: High AvailabilityNo ratings yetJunos Enterprise Switching: Chapter 7: High Availability57 pages
- IPexpert Network Security Operation and Troubleshooting E1 V1.3 PDF100% (1)IPexpert Network Security Operation and Troubleshooting E1 V1.3 PDF80 pages
- Cisco IOS XR Routing Configuration Guide For The Cisco CRS Router0% (1)Cisco IOS XR Routing Configuration Guide For The Cisco CRS Router644 pages
- IPexpert RandS VoluIPExper Me 1 WorkBook v11.0No ratings yetIPexpert RandS VoluIPExper Me 1 WorkBook v11.0240 pages
- Cisco NX-OS IOS BGP (Advanced) ComparisonNo ratings yetCisco NX-OS IOS BGP (Advanced) Comparison6 pages
- Cisco Examcollection 350-401 Vce Dumps 2023-Apr-13 by Truman 445q Vce100% (1)Cisco Examcollection 350-401 Vce Dumps 2023-Apr-13 by Truman 445q Vce35 pages
- 000 Sikandar CCNP Route V20 Oct 2015 - Vol-2 - 2No ratings yet000 Sikandar CCNP Route V20 Oct 2015 - Vol-2 - 2343 pages
- 01 Cisco CCIE Routing - Switching V4 ExperienceNo ratings yet01 Cisco CCIE Routing - Switching V4 Experience16 pages
- Cisco - Himawan Nugroho CCIE 8171 - How To Pass CCIE Lab - Insider Tips100% (1)Cisco - Himawan Nugroho CCIE 8171 - How To Pass CCIE Lab - Insider Tips116 pages
- CCIE Security (v6.0) Equipment and Software List: Feb 13, 2020 - KnowledgeNo ratings yetCCIE Security (v6.0) Equipment and Software List: Feb 13, 2020 - Knowledge2 pages
- Next-Generation switching OS configuration and management: Troubleshooting NX-OS in Enterprise EnvironmentsFrom EverandNext-Generation switching OS configuration and management: Troubleshooting NX-OS in Enterprise EnvironmentsNo ratings yet
- Networkjourney CCNP Enterprise 2021 Lab Workbook 1631597584No ratings yetNetworkjourney CCNP Enterprise 2021 Lab Workbook 163159758477 pages