Cincinnerdi Tech Stuff

A mind-numbing read if ever there was one

Add VTP and a 1760 router

leave a comment »

Net layout 032407

Maintaining a VLAN database is much easier using VTP, but requires some care about adding a new switch, else it might wipe out your carefully configured VLANS.

I presumed the best way was to setup ONE switch, zap the other switches revision numbers to zero, and then hook them up. But I could have hooked them all up first and then configured. Switches after THAT would have needed to have their revision # set back.

I planned to incorporate the router right into the load balanced, fault tolerant MST (Multiple Spanning Tree) switch network, but ran into a glitch when it came to the router switch ports. The switch banks added into a 1760 router are NOT full function switches, lacking any but VTP transparent mode and NO facility for any STP other than standard. Odd since the IEEE has deprecated STP in lieu of Rapid STP.

I was able to configure the router switch port, a vlan (10) to serve as an IP addressable gateway, a finally ping out to another network (4.4.4.0/24). No small feat since this required the config of the PIX 501 firewall appliances with a static route back to my net. I did get into the config of the PIX enough to see that OSPF routing protocol could be configured to make this simpler and more flexible.

Questions I still have:

An IP is listed for “who” updates VTP on the switch (see note marked ** below). Since the switches update themselves (presumably with layer 2 multicasts) I’m not sure why a layer 3 IP would be important.

VTP Setup.

Let’s take a look at the initial state of VPT on the 3550 switch that I chose to be the “leader”

3550sw3#sho vtp ?
counters VTP statistics
password VTP password
status VTP domain status

3550sw3#sho vtp status
VTP Version : 2
Configuration Revision : 58
Maximum VLANs supported locally : 1005
Number of existing VLANs : 13
VTP Operating Mode : Server
VTP Domain Name : team
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xE1 0x60 0xDE 0xC4 0x99 0xC8 0xC2 0x0F
Configuration last modified by 0.0.0.0 at 3-1-93 00:14:59
Local updater ID is 0.0.0.0 (no valid interface found)

3550sw3#sho vtp password
The VTP password is not configured.
Now here’s a second switch, unconfigured, and how its revision was reset:

Switch#sho vtp stat
VTP Version : 2
Configuration Revision : 26
Maximum VLANs supported locally : 250
Number of existing VLANs : 23
VTP Operating Mode : Server
VTP Domain Name : team
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x99 0x1E 0x42 0x41 0xB7 0xDF 0x4D 0x74
Configuration last modified by 0.0.0.0 at 3-1-93 01:20:49
Local updater ID is 0.0.0.0 (no valid interface found)

Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vtp domain bogus
Changing VTP domain name from team to bogus
Switch(config)#end
Switch#sh
00:28:48: %SYS-5-CONFIG_I: Configured from console by consoleo vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 250
Number of existing VLANs : 23
VTP Operating Mode : Server
VTP Domain Name : bogus
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x92 0x5C 0x9C 0xA6 0xD1 0x68 0x1E 0xD9
Configuration last modified by 0.0.0.0 at 3-1-93 01:20:49
Local updater ID is 0.0.0.0 (no valid interface found)

This switch had various VLANS already setup in its database. I zapped these and added a VLAN named bogus just so I could see if VTP was able to ditch it later.

Switch#sho vlans
^
% Invalid input detected at ‘^’ marker.

Switch#sho vlan
An aside: I show the above mistake only to point out that on the 1760 router IOS, the “S” at the end is required; but here not allowed!

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
2 VLAN0002 active
3 VLAN0003 active
4 VLAN0004 active
5 VLAN0005 active
6 VLAN0006 active
7 VLAN0007 active
8 VLAN0008 active
10 VLAN0010 active
…snip…
Switch#conf t

Switch(config)#no vlan 2
Switch(config)#no vlan 3
Switch(config)#no vlan 4
Switch(config)#no vlan 5
Switch(config)#no vlan 6
Switch(config)#no vlan 7
Switch(config)#no vlan 8
Switch(config)#no vlan 9
Switch(config)#no vlan 10
…snip…
Switch(config)#vlan 666
Switch(config-vlan)#name Bogus
Switch(config-vlan)#end
Switch#sho vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
666 Bogus active
1002 fddi-default act/unsup
…snip…
Now, to futz with the 1760 router. When I hooked up the console, I saw that it was in ROMMON mode. I ran CONFREG and change the boot characteristics. After a reset I began:

1760rtr1(config)#int range fa 1/1 – 4
1760rtr1(config-if-range)# no sh
1760rtr1(config-if-range)#
*Mar 2 02:45:45.209: %LINK-3-UPDOWN: Interface FastEthernet1/1, changed state to up
*Mar 2 02:45:45.217: %LINK-3-UPDOWN: Interface FastEthernet1/2, changed state to up
*Mar 2 02:45:45.221: %LINK-3-UPDOWN: Interface FastEthernet1/3, changed state to up
*Mar 2 02:45:45.225: %LINK-3-UPDOWN: Interface FastEthernet1/4, changed state to up

1760rtr1(config)#spanning-tree mode ?
% Unrecognized command
1760rtr1(config)#spanning-tree ?
backbonefast Enable BackboneFast Feature
portfast Spanning tree portfast options
uplinkfast Enable UplinkFast Feature
vlan VLAN Switch Spanning Tree

You can see above that you cannot set the MODE of Spanning Tree, so CSTP (Common Spanning Tree Protocol) is only choice.
Note option below of portfast, which I will activate on the 4th switch port that I have a PC hooked up to. Note standard warning.

1760rtr1(config)#int fa1/4

1760rtr1(config-if)#spanning-tree ?
cost Change an interface’s spanning tree path cost
port-priority Change an interface’s spanning tree priority
portfast Enable an interface to move directly to forwarding on link up
vlan VLAN Switch Spanning Tree

1760rtr1(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single host.
Connecting hubs, concentrators, switches, bridges, etc.to this interface
when portfast is enabled, can cause temporary spanning tree loops.
Use with CAUTION

%Portfast has been configured on FastEthernet1/4 but will only
have effect when the interface is in a non-trunking mode.
I’m jumping ahead, but I later configured two other ports on the router to be 802.1Q trunks:

1760rtr1(config)#int fa 1/2
1760rtr1(config-if)#switchport trunk encapsulation dot1q
1760rtr1(config-if)#switchport mode trunk
1760rtr1(config-if)#no ip address
1760rtr1(config-if)#exit
1760rtr1(config)# int fa 1/3
1760rtr1(config-if)#switchport trunk encapsulation dot1q
1760rtr1(config-if)# switchport mode trunk
1760rtr1(config-if)# no ip address
1760rtr1(config-if)#end
1760rtr1#

Not sure where to note this, but I received this message for quite some time. Eventually stopped.

*Mar 2 02:50:02.924: %PQUICC_ETHER-1-LOSTCARR: Unit 0, lost carrier. Transceiver problem?

Looking thru the Show Run, noticed that there were some old sub-interfaces:

…snip…
interface FastEthernet0/0.10
encapsulation dot1Q 1 native
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0.20
encapsulation dot1Q 2
ip address 2.2.2.1 255.255.255.0
!
…snip…

Eliminated them with a “no” and thought I’d include an interesting message the router gives:

1760rtr1(config)#no int fa 0/0.10
Not all config may be removed and may reappear after reactivating the sub-interface
1760rtr1(config)#no int fa 0/0.20
Not all config may be removed and may reappear after reactivating the sub-interface
1760rtr1(config)#

Now to setup IP on routers outside port:

1760rtr1(config)#int fa 0/0
1760rtr1(config-if)#ip addresss 1.1.1.1 255.255.255.0

Pinging didn’t work with this and much later, it occurred to me that this should be the inside IP.

1760rtr1#`Try setting up better description

1760rtr1(config)#int fa 0/0
1760rtr1(config-if)#dea scription Outside rtr port

After I connect 1760rtr1 fa0/0 into a neighbors switch, another message comes up about duplex mismatch:

1760rtr1#
*Mar 2 03:08:33.913: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/0 (not full duplex), with Switch FastEthernet0/24 (full duplex).
*Mar 2 03:08:33.917: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/0 (not full duplex), with Switch FastEthernet0/24 (full duplex).
*Mar 2 03:08:33.917: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/0 (not full duplex), with Switch FastEthernet0/24 (full duplex).

Let’s try to track that down. Turns out here’s another inconsistency on Cisco’s part between IOS for switches and routers. On a switch, you can set a port to be duplex full, duplex half or duplex auto. On this router port, there was only full-duplex or half-duplex. Also note that the syntax is reversed. A brief show run indicates nothing about the duplex status (though the unused e0/0 does!):

!
interface Ethernet0/0
ip address 10.10.10.2 255.255.255.0
half-duplex
!
interface FastEthernet0/0
description Outside rtr port
ip address 1.1.1.1 255.255.255.0
speed auto
!

1760rtr1(config-if)# ?
Interface configuration commands:
…snip…
full-duplex Configure full-duplex operational mode
glbp Gateway Load Balancing Protocol interface commands
half-duplex Configure half-duplex and related commands
…snip…
!
Also listed was an auto command, but this had to do with speed, not duplexing. Let’s set it up:


1760rtr1(config-if)#full-duplex

1760rtr1#sho int fa 0/0
FastEthernet0/0 is up, line protocol is up
Hardware is PQUICC_FEC, address is 0011.216c.a82a (bia 0011.216c.a82a)
Description: Outside rtr port
Internet address is 1.1.1.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 196/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:05, output 00:00:07, output hang never
Last clearing of “show interface” counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 1000 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
29 packets input, 5648 bytes
Received 28 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
233 packets output, 19880 bytes, 0 underruns

Let’s address VTP on the router’s switch ports. Note the status is before it was connected to another switch where it might get it’s config. I needn’t have worried about plugging this one in as Cisco’s online manual for the 1760 shows that it can only operate in transparent mode and therefore not update another switches parameters.:

1760rtr1#sho vtp stat
VTP Version : 2
Configuration Revision : 1
Maximum VLANs supported locally : 256
Number of existing VLANs : 9
VTP Operating Mode : Server
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xE9 0xB4 0x50 0xD5 0xF5 0x1E 0x72 0x60
Configuration last modified by 172.16.0.1 at 3-1-02 02:05:40
Local updater ID is 10.10.10.2 on interface Et0/0 (first interface found)

Try to reset rev number fails since you can’t change any VTP setting directly (they are only changed by advertisements)

1760rtr1(config)#vtp domain team
^
% Invalid input detected at ‘^’ marker.

Now let’s return to the switches and establish our vlan database on the 3550.

3550sw2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
3550sw2(config)#no vlan 2
3550sw2(config)#no vlan 3
3550sw2(config)#no vlan 4
3550sw2(config)#no vlan 5
3550sw2(config)#no vlan 6
3550sw2(config)#no vlan 7
3550sw2(config)#no vlan 8
3550sw2(config)#no vlan 9
3550sw2(config)#no vlan 10
3550sw2(config)#no vlan 11
3550sw2(config)#no vlan 12
3550sw2(config)#no vlan 13
3550sw2(config)#no vlan 14
3550sw2(config)#no vlan 15
3550sw2(config)#no vlan 16
3550sw2(config)#no vlan 17
3550sw2(config)#no vlan 18
3550sw2(config)#no vlan 19
3550sw2(config)#no vlan 20
3550sw2(config)#no vlan 21
3550sw2(config)#no vlan 22
3550sw2(config)#no vlan 23
3550sw2(config)#no vlan 24
3550sw2(config)#no vlan 60
3550sw2(config)#no vlan 70
3550sw2(config)#no vlan 95
3550sw2(config)#no vlan 96
3550sw2(config)#vlan 10
3550sw2(config-vlan)#name AAA
3550sw2(config-vlan)#exit
3550sw2(config)#vlan 20
3550sw2(config-vlan)#name BBB
3550sw2(config-vlan)#exit
3550sw2(config)#vlan 30
3550sw2(config-vlan)#name CCC
3550sw2(config-vlan)#exit
3550sw2(config)#vlan 40
3550sw2(config-vlan)#name DDD
3550sw2(config-vlan)#exit
3550sw2(config)#vlan 50
3550sw2(config-vlan)#name EEE
3550sw2(config-vlan)#end
3550sw2#sho vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Gi0/1, Gi0/2
10 AAA active Fa0/1
20 BBB active
30 CCC active
40 DDD active
50 EEE active Fa0/2
1002 fddi-default …snip…
3550sw2#sho vtp stat
VTP Version : 2
Configuration Revision : 72
Maximum VLANs supported locally : 1005
Number of existing VLANs : 10
VTP Operating Mode : Server
VTP Domain Name : team
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x85 0xEC 0xEF 0x73 0xAE 0x18 0x4C 0x9B
Configuration last modified by 1.1.1.2 at 3-1-93 02:04:00
Local updater ID is 1.1.1.2 on interface Vl1 (first interface found)

Not sure what those IPs refer to…

Now to activate VTP pruning

3550sw2(config)#vtp pruning
Pruning switched on

That was tough.
Now I’ll plug in the other switches.

1760rtr1#ping 1.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
1760rtr1#sho vtp stat
VTP Version : 2
Configuration Revision : 73
Maximum VLANs supported locally : 256
Number of existing VLANs : 10
VTP Operating Mode : Server
VTP Domain Name : team
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x72 0x5D 0x37 0x83 0x48 0x65 0xA1 0x28
Configuration last modified by 1.1.1.2 at 3-1-93 02:07:01
Local updater ID is 1.1.1.1 on interface Fa0/0 (first interface found)

1760rtr1#sho vlans

No Virtual LANs configured.
So the router switches were updated by VTP (not sure why Rev # is 1 higher, but when I looked back at 3550sw2, it was on that rev, too), but show vlans (yes, it ends with an “s”) doesn’t give us much on a router.
Also, why is it getting info from 1.1.1.1 since at this time, that’s the outside IP and it NOT a switchport.

Here now is switch #3:

2950sw3>en
2950sw3#sho vtp stat
VTP Version : 2
Configuration Revision : 73
Maximum VLANs supported locally : 250
Number of existing VLANs : 10
VTP Operating Mode : Server
VTP Domain Name : team
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x72 0x5D 0x37 0x83 0x48 0x65 0xA1 0x28
Configuration last modified by 1.1.1.2 at 3-1-93 02:07:01
Local updater ID is 0.0.0.0 (no valid interface found)
2950sw3# sho vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
10 AAA active Fa0/1
20 BBB active
30 CCC active
40 DDD active
50 EEE active Fa0/2
1002 fddi-default act/unsup
1003 token-ring-default …snip…
Cool. It worked! I got the same feedback from switch #4. I also tried to ping that 1.1.1.2 from it and got:

2950sw4#ping 1.1.1.2
% Unrecognized host or address, or protocol not running.

Oh, yeah. You can’t ping from a switch unless you’ve setup some layer stuff.

Back to the router. Let’s straighten out the IPs.

1760rtr1(config)#int fa1/2
1760rtr1(config-if)#switchport access vlan 10
1760rtr1(config-if)#exit
1760rtr1(config)#int vlan 10
1760rtr1(config-if)#ip address 1.1.1.1 255.255.255.0
1760rtr1(config-if)#no sh
1760rtr1(config-if)#end

1760rtr1#sho int fa 0/0
FastEthernet0/0 is up, line protocol is up
Hardware is PQUICC_FEC, address is 0011.216c.a82a (bia 0011.216c.a82a)
Description: Outside rtr port
Internet address is 4.4.4.11/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
…snip…

Let’s look at routing since we can’t ping everything. Then add a default route.

1760rtr1#sho ip ro
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Vlan10
4.0.0.0/24 is subnetted, 1 subnets
C 4.4.4.0 is directly connected, FastEthernet0/0

1760rtr1(config)#ip route 0.0.0.0 0.0.0.0 4.4.4.1

1760rtr1#ping 4.4.4.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
That showed that I could ping the PIX 5201 firewall on the outside network.


1760rtr1#ping 1.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
1760rtr1#ping 1.1.1.9

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
1760rtr1#ping 1.1.1.10

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.10, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms

===== The rest of this document is the various SHOWS for the devices at the end of the project

1760rtr1#sho vtp stat
VTP Version : 2
Configuration Revision : 73
Maximum VLANs supported locally : 256
Number of existing VLANs : 10
VTP Operating Mode : Server
VTP Domain Name : team
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x72 0x5D 0x37 0x83 0x48 0x65 0xA1 0x28
Configuration last modified by 1.1.1.2 at 3-1-93 02:07:01
Local updater ID is 1.1.1.1 on interface Vl10 (lowest numbered VLAN interface found)

1760rtr1#sho int trunk

Port Mode Encapsulation Status Native vlan
Fa1/2 on 802.1q trunking 1
Fa1/3 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa1/2 1-1005
Fa1/3 1-1005

Port Vlans allowed and active in management domain
Fa1/2 1,10,20,30,40,50
Fa1/3 1,10,20,30,40,50

Port Vlans in spanning tree forwarding state and not pruned
Fa1/2 1,10
Fa1/3 none
1760rtr1#sho span

VLAN1 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address 0011.92f3.1904
Configured hello time 2, max age 20, forward delay 15
Current root has priority 32768, address 0011.5c4b.4b00
Root port is 9 (FastEthernet1/2), cost of root path is 19
Topology change flag not set, detected flag not set
Number of topology changes 1 last change occurred 01:26:02 ago
from FastEthernet1/3
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 0, topology change 0, notification 0, aging 0

Port 9 (FastEthernet1/2) of VLAN1 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.9.
Designated root has priority 32768, address 0011.5c4b.4b00
Designated bridge has priority 32768, address 0011.bbb9.5900
Designated port id is 128.13, designated path cost 0
Timers: message age 2, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 11, received 2572

Port 10 (FastEthernet1/3) of VLAN1 is blocking
Port path cost 19, Port priority 128, Port Identifier 128.10.
Designated root has priority 32768, address 0011.5c4b.4b00
Designated bridge has priority 32768, address 0011.bbd0.3280
Designated port id is 128.12, designated path cost 0
Timers: message age 2, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 6, received 2588

1760rtr1#sho ip rou
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route

Gateway of last resort is 4.4.4.1 to network 0.0.0.0

1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Vlan10
4.0.0.0/24 is subnetted, 1 subnets
C 4.4.4.0 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 [1/0] via 4.4.4.1

1760rtr1#sho ver
Cisco IOS Software, C1700 Software (C1700-K9O3SY7-M), Version 12.3(8)T3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2004 by Cisco Systems, Inc.
Compiled Tue 20-Jul-04 16:08 by eaarmas

ROM: System Bootstrap, Version 12.2(7r)XM2, RELEASE SOFTWARE (fc1)

1760rtr1 uptime is 2 hours, 21 minutes
System returned to ROM by power-on
System image file is “flash:c1700-k9o3sy7-mz.123-8.T3.bin”

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 1760 (MPC860P) processor (revision 0x500) with 86135K/12169K bytes of memory.
Processor board ID FOC08300VYP (2976517702), with hardware revision 0000
MPC860P processor: part number 5, mask 2
2 Ethernet interfaces
5 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
32K bytes of NVRAM.
32768K bytes of processor board System flash (Read/Write)

Configuration register is 0x2

1760rtr1#sho cdp nei
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch Fas 0/0 147 S I WS-C2950G-Fas 0/24
2950sw3 Fas 1/2 170 S I WS-C2950G-Fas 0/13
2950sw4 Fas 1/3 178 S I WS-C2950G-Fas 0/12

===== 3550sw

3550sw2>en
3550sw2#sho vtp stat
VTP Version : 2
Configuration Revision : 73
Maximum VLANs supported locally : 1005
Number of existing VLANs : 10
VTP Operating Mode : Server
VTP Domain Name : team
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x72 0x5D 0x37 0x83 0x48 0x65 0xA1 0x28
Configuration last modified by 1.1.1.2 at 3-1-93 02:07:01
Local updater ID is 1.1.1.2 on interface Vl1 (first interface found)

==========
3550sw2#sho vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
10 AAA active Fa0/1
20 BBB active
30 CCC active
40 DDD active
50 EEE active Fa0/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
—- —– ———- —– —— —— ——– —- ——– —— ——
1 enet 100001 1500 – – – – – 0 0
10 enet 100010 1500 – – – – – 0 0
–More–

3550sw2#sho int trunk

Port Mode Encapsulation Status Native vlan
Fa0/12 on 802.1q trunking 1
Fa0/13 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/12 1-4094
Fa0/13 1-4094

Port Vlans allowed and active in management domain
Fa0/12 1,10,20,30,40,50
Fa0/13 1,10,20,30,40,50

Port Vlans in spanning tree forwarding state and not pruned
Fa0/12 1,10
Fa0/13 1,10

3550sw2#sho span

MST00
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 0011.5c4b.4b00
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 0011.5c4b.4b00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Desg FWD 200000 128.13 P2p

MST01
Spanning tree enabled protocol mstp
Root ID Priority 24577
Address 0011.bbb9.5900
Cost 200000
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.5c4b.4b00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Root FWD 200000 128.13 P2p

MST02
Spanning tree enabled protocol mstp
Root ID Priority 28674
Address 0011.bbb9.5900
Cost 200000
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 0011.5c4b.4b00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Root FWD 200000 128.13 P2p

3550sw2#sho cdp ne
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone

Device ID Local Intrfce Holdtme Capability Platform Port ID
2950sw3 Fas 0/13 126 S I WS-C2950G-Fas 0/12
2950sw4 Fas 0/12 133 S I WS-C2950G-Fas 0/13

3550sw2#sho ver
Cisco Internetwork Operating System Software
IOS ™ C3550 Software (C3550-I5Q3L2-M), Version 12.1(19)EA1c, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Tue 03-Feb-04 05:31 by yenanh
Image text-base: 0x00003000, data-base: 0x0080DFF0

ROM: Bootstrap program is C3550 boot loader

3550sw2 uptime is 3 hours, 38 minutes
System returned to ROM by power-on
System image file is “flash:c3550-i5q3l2-mz.121-19.EA1c/c3550-i5q3l2-mz.121-19.EA1c.bin”

cisco WS-C3550-24 (PowerPC) processor (revision M0) with 65526K/8192K bytes of memory.
Processor board ID CAT0823N2MK
Last reset from warm-reset
Bridging software.
Running Layer2/3 Switching Image

Ethernet-controller 1 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 2 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 3 has 1 Gigabit Ethernet/IEEE 802.3 interface

Ethernet-controller 4 has 1 Gigabit Ethernet/IEEE 802.3 interface

24 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

The password-recovery mechanism is enabled.
384K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:11:5C:4B:4B:00
Motherboard assembly number: 73-5700-11
Power supply part number: 34-0966-04
Motherboard serial number: CAT082302F1
Power supply serial number: DTH08213U2D
Model revision number: M0
Motherboard revision number: A0
Model number: WS-C3550-24-EMI
System serial number: CAT0823N2MK
Configuration register is 0x10F

===== 2950sw3

2950sw3#sho vtp stat
VTP Version : 2
Configuration Revision : 73
Maximum VLANs supported locally : 250
Number of existing VLANs : 10
VTP Operating Mode : Server
VTP Domain Name : team
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x72 0x5D 0x37 0x83 0x48 0x65 0xA1 0x28
Configuration last modified by 1.1.1.2 at 3-1-93 02:07:01 **
Local updater ID is 0.0.0.0 (no valid interface found)
2950sw3#sho vtp stat ?
counters VTP statistics
password VTP password
status VTP domain status

2950sw3#sho vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
10 AAA active Fa0/1
20 BBB active
30 CCC active
40 DDD active
50 EEE active Fa0/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
—- —– ———- —– —— —— ——– —- ——– —— ——
1 enet 100001 1500 – – – – – 0 0
10 enet 100010 1500 – – – – – 0 0

2950sw3#sho int tr

Port Mode Encapsulation Status Native vlan
Fa0/12 on 802.1q trunking 1
Fa0/13 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/12 1-50
Fa0/13 1-50

Port Vlans allowed and active in management domain
Fa0/12 1,10,20,30,40,50
Fa0/13 1,10,20,30,40,50

Port Vlans in spanning tree forwarding state and not pruned
Fa0/12 1,10
Fa0/13 1,10

2950sw3#sho span

MST00
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 0011.5c4b.4b00
Cost 0
Port 12 (FastEthernet0/12)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 0011.bbb9.5900
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/1 Desg FWD 200000 128.1 Edge P2p
Fa0/12 Root FWD 200000 128.12 P2p
Fa0/13 Desg FWD 200000 128.13 P2p Bound(PVST)

MST01
Spanning tree enabled protocol mstp
Root ID Priority 24577
Address 0011.bbb9.5900
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24577 (priority 24576 sys-id-ext 1)
Address 0011.bbb9.5900
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/1 Desg FWD 200000 128.1 Edge P2p
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Boun FWD 200000 128.13 P2p Bound(PVST)

MST02
Spanning tree enabled protocol mstp
Root ID Priority 28674
Address 0011.bbb9.5900
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 28674 (priority 28672 sys-id-ext 2)
Address 0011.bbb9.5900
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Desg FWD 200000 128.12 P2p
Fa0/13 Boun FWD 200000 128.13 P2p Bound(PVST)

2950sw3#sho cdp ne
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone

Device ID Local Intrfce Holdtme Capability Platform Port ID
1760rtr1.yourdomain.com
Fas 0/13 134 R S Cisco 1760Fas 1/2
3550sw2 Fas 0/12 172 S I WS-C3550-2Fas 0/13

===== 2950sw4

>en
2950sw4#sho vtp stat
VTP Version : 2
Configuration Revision : 73
Maximum VLANs supported locally : 250
Number of existing VLANs : 10
VTP Operating Mode : Server
VTP Domain Name : team
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x72 0x5D 0x37 0x83 0x48 0x65 0xA1 0x28
Configuration last modified by 1.1.1.2 at 3-1-93 02:07:01
Local updater ID is 0.0.0.0 (no valid interface found)

2950sw4#sho vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
10 AAA active Fa0/1
20 BBB active
30 CCC active
40 DDD active
50 EEE active Fa0/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
—- —– ———- —– —— —— ——– —- ——– —— ——
1 enet 100001 1500 – – – – – 0 0
10 enet 100010 1500 – – – – – 0 0

2950sw4#sho int tru

Port Mode Encapsulation Status Native vlan
Fa0/12 on 802.1q trunking 1
Fa0/13 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/12 1-50
Fa0/13 1-50

Port Vlans allowed and active in management domain
Fa0/12 1,10,20,30,40,50
Fa0/13 1,10,20,30,40,50

Port Vlans in spanning tree forwarding state and not pruned
Fa0/12 1
Fa0/13 1,10

2950sw4#sho span

MST00
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 0011.5c4b.4b00
Cost 0
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 0011.bbd0.3280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/1 Desg FWD 200000 128.1 Edge P2p
Fa0/12 Desg FWD 200000 128.12 P2p Bound(PVST)
Fa0/13 Root FWD 200000 128.13 P2p

MST01
Spanning tree enabled protocol mstp
Root ID Priority 24577
Address 0011.bbb9.5900
Cost 400000
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0011.bbd0.3280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/1 Desg FWD 200000 128.1 Edge P2p
Fa0/12 Boun FWD 200000 128.12 P2p Bound(PVST)
Fa0/13 Root FWD 200000 128.13 P2p

MST02
Spanning tree enabled protocol mstp
Root ID Priority 28674
Address 0011.bbb9.5900
Cost 400000
Port 13 (FastEthernet0/13)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 0011.bbd0.3280
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/12 Boun FWD 200000 128.12 P2p Bound(PVST)
Fa0/13 Root FWD 200000 128.13 P2p

Advertisements

Written by scottledyard

2007, March 25th at 10:00 am

Posted in CCNP, Cisco, Cisco Switches, MST, RSTP, STP

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: