Acme is a small export company that has an existing enterprise network comprised of 5 switches; CORE,DSW1,DSW2,ASW1 and ASW2. The topology diagram indicates their desired per-VLAN spanning tree mapping.
Previous configuration atempts have resulted in the following issues:
1.-CORE should be the route bridge for VLAN20; however, DSW1 is currentely the root bridge for VLAN20.
2.-Traffic for VLAN 30 should be forwarding over the gig 1/0/6 trunk port between DSW1 and DSW2. However VLAN 30 is currentely using gig 1/0/5.
3.-Traffic for VLAN 40 should be forwarding over the gig 1/0/5 trunk port between DSW1 and DSW2. However VLAN 40 is currentely using gig 1/0/6.
You have been tasked with isolating the cause of these issues and implementing the appropriate solutions. Your task is complicated by the fact that you only have full access to DSW1, with the enable secret password cisco. Only limited show command access is provided on CORE, and DSW2 using the enable 2 level with a password of acme. No configuration changes will be possible on these routers. No access is provided to ASW1 or ASW2.
-----------
Solution:
-----------
1. You can see that currently the DSW1 is Root bridge for VLAN20. To make CORE the route bridge for VLAN20, increase the priority on DSW1 from 28692 to highest possible i.e 61440 -
(because the lower priority bridge become root)
DSW1#sh spanning-tree vlan 20
DSW1#conf t
DSW1(conflg)#spanning-tree vlan 20 priority 61440
2. "When a switch experiences a tie in regard to the cost to reach the root, the switch first uses the interfaces' port priority values as a tiebreaker. If the port priority values tie, the switch uses the lowest internal interface number."
In this configuration all Gig interfaces has same cost and priority. So switch DSW1 will compare interface number of Gig1/0/5 ( .5) and Gig1/0/6 (.6) for Vlan 30 traffic and send traffic on lower i.e. gig 1/0/5.
DSW1#sh spanning-tree vlan 30
You can see that currently the Gig 1/0/5 interface has lower priority(128.5 «128.6), thats why the traffic is going through it.
To make the traffic for VLAN 30 forward over the gig 1/0/6 trunk port from DSW1 to DSW2, you should change the port priority of Gig 1/0/6 from 128 to 64.
DSW1(config)#int g1/0/6
DSW1(config-if)#spannlng-tree vlan 30 port-priority 64
DSW1(config-if)#no shut
DSW1(config-if)#end
3. To make the traffic for VLAN 40 forward over the gig 1/0/5 trunk port from DSW2 to DSW1, we should change the cost of Gig 1/0/5 from 19 to 1.
You can see that currently the G1/0/6 is Root port for Vlan 40 and G1/0/5 port is in blocked(BLK) state. We must change its state to forward(FWD) by lowering the port cost.
DSW1#sh spanning-tree vlan 40
DSW1(config)#int g1/0/5
DSW1(config-if)#spanning-tree vlan 40 cost 1
DSW1(config-if)#no shut
DSW1(config-if)#exit
Finally don't forget to save your configuration-
DSW1#wr
You can issue sh spanning-tree commands to verify the configuration-
DSW1# show spanning-tree vlan 20
DSW1# show spanning-tree vlan 30
DSW2# show spanning-tree vlan 40
FAQ.-Why can't we configure port-priority or cost for both vlan 30 and vlan 40 ?
Ans.- This is very huge topic to explain. I'll try to summarize it here without complicating it. For this we need to understand the concept of Upstream and Downstream switches.
Switch DSW1 is root bridge (Upstream) for Vlan30 and Downstream for vlan 40.
Switch DSW2 is root bridge (Upstream) for Vlan40 and Downstream for vlan 30.
To influence which port is elected the root port, the two user configurable values to change are port cost and port priority. Port-priority is set on an upstream switch to influence a downstream switch and Cost is set on downstream switch to influence a upstream switch.
Moreover, Changing port cost will effect both the local bridge and all downstream bridges. Changing the port priority will only affect the directly connected downstream bridge.
So we'll configure port-priority on DSW1 for vlan 30, as it is a upstream switch for that vlan.
For task 3, if we want port Gi1/0/5 to forward vlan 40 BPDUs, we can force this to happen by either manipulating cost on the downstream switch(DSW1) or increasing the port priority on the upstream switch(DSW2). We could not set the port priority on DSW1 for vlan40, as it would not make any difference.
Moreover you can see that the priority of Gi1/0/5 is already lower than 1/0/6, so we must decrease the cost. Also note that we only have limited show command level access to DSW2 switch, so we can't configure the DSW2 using port-priority command.
==============================================================
Posts
Hello
ReplyDeleteThanks for the solution
Why can't you use port priority on both interfaces or use Cost on both interfaces.
Thank you
@ bliamf
ReplyDeleteI have reconfigured the post with explanations. I hope it is understandable now.
In Q2, we can lower cost to 1 or 2 by giving
ReplyDeleteDSW1(config-if)#spannlng-tree vlan 30 cost 2, so it wil perfer, int g1/0/6 ??? FRM diwakar
@ diwakar
ReplyDeleteWe should configure vlan port-priority on upstream switches. See above faq for explanation.
thanks alot for the explanation....
ReplyDeleteone question...
what if we had access to DSW2 switch and we could have lowered the port-priority for Gi 1/0/5 to 64 for vlan 40...wud that have solved Question 3??
thanks.
@ AVI
ReplyDeleteThats right! You got it.
@cisco sim
ReplyDeletethat s the great explanation AVI , Thank u alot
FROM diwakar
Gr8 explanation man. Thanks for d UPStream and Downstream explanation
ReplyDeleteHi there,
ReplyDeleteBefore anything, let me say thank you for creating this site, it is one of the best site to prepare for cisco exams.
I used your site when I did my BSCI exam a month back, and I passed comfortably, I went for BCMSN exam last Saturday, and failed with 20 marks, my problem was I couldn’t get copy running-config startup-config working in Spanning Tree lab, and interface range does not work in Port Fast lab I ended up configuring each interface separately.
I search on the internet this morning to see if there was a previous issue, and I came across this forum
https://learningnetwork.cisco.com/message/25592
Just wandering, do you think there is something I need to do to get all this command working, because I will like to go for the exam again on Saturday.
Thanks for your help.
I forgot to mention that wr, and copy run start does not work as well.
ReplyDeleteThanks
That's true !
ReplyDeleteLots of test takers often report this problem.
But they also mention that it doesn't negatively affect there score. Just do your configuration in correct way and forget the save command.
I am sure that you failed because of some other mistakes.
For other commands, you can try to exit from config mode and enter again.
Thanks CiscoSims, i did the exam again this morning, and passed with 931.
ReplyDeleteI guess cisco makes people sweat nowadays to pass the exam, the copy run start or wr does not work again, this time around instead of trying all saving command 20 times, I just tried it twice and continue with other questions, but I let the test centre representative know about the problem.
Thanks again for your advice.
Next one now is ISCW.
Glad to know. Congrats mate !
ReplyDeleteIs there any testlets for 642-845 (ONT)EXAMS.
ReplyDeleteProvide help please
Fawzi
yesterday i passed my bcmsn exam with 956..lot of question were out off dums it's around 10 to 12 question theses are in testinside&pass4sure both..
ReplyDeletesome question were about 65000 switch.
in this above lab..copy run start is not working...now i am going toward ISCW..
awais_afridi102@yahoo.com
@ above,
ReplyDeleteCongrats mate!!
@ to all,
Don't care about saving the configuration. It doesn't affect the score. Just try one time and then move on to next question. Save your time.
Hello all.
ReplyDeleteI did the exam yesterday and i fail with 30 marks, my problem was that I lost a lot of time in this lab because of the same problem that you said, the copy run start and wr did not work, and i did not know about it and I tried many times , so I would like to do the exam next monday, but do you know if this problem could happen again in others exams or is only in this lab?
@ above,
ReplyDeletesorry to hear that.
Yes this problem arise in many labs and exams.
Just don't bother about it. Try once and move on.
..
Hi gentlemen I passed,with 948,the copy running-config startup-config,did not work in this lab even when you put copy ? it show unrecognized command
ReplyDeleteIn the spanning tree when you use it you get a response that this command is not important for this simulator,Its also took me some time
Otherwise thaks alot for your efforts
@ citgek,
ReplyDeleteCongrats dear !!
..
hai , thanks for ur kind explanation, and for rootbridge selection, if we spanning tree vlan vlanid root primary. does it make difference wth proirity?
ReplyDeleteAdvance thanks for ur replies
Nice explanation of port-priority and cost commands ... !! Thankx !!!!
ReplyDeletegood job you rock cisco sim
ReplyDeletehelpful
ReplyDeleteFor VLAN40, can someone tell me why DSW1 port G1/0/5 is blocking (neither root nor designated port) while G1/0/6 (root port) is in forwarding state? Considering that Bridge ID and Root Path Cost are tie, I'm expecting that the next tie-breaker is the Port ID in which in this case port G1/0/5 has lower Port ID than G1/0/6 so it should be selected as the root port and thus should be in forwarding state. Am I missing something?
ReplyDeleteciscocim u are a genius man.I wish my teacher would have explained that way. lol,luve the upstream/downstream part.
ReplyDeletecool stuff
Kaafi CCNP wanna be
thanks again
wait a minute
ReplyDeleteciscocims said
'Switch DSW1 is root bridge (Upstream) for Vlan30 and Downstre for vlan 40.
Switch DSW2 is root bridge (Upstream) for Vlan40 and Downstream for vlan 30.Switch DSW1 is root bridge (Upstream) for Vlan30 and Downstream for vlan 40.
Switch DSW2 is root bridge (Upstream) for Vlan40 and Downstream for vlan 30.
the diagrame shows something else
DSW1 is the root for VLAN30 and DSW2 root for Vlan 40, whatis going on,
PAssed exam yday...i got this same q..without any change
ReplyDelete