In this scenario, I have 4 switches connected in a loop with two links per switch for peering. I want to configure MSTP in such a way that half of the VLANs use SW1 as the root bridge, and the other half of the VLANs use SW2 as the root bridge. If either SW1 or SW2 were to fail, I want the remaining switch of the two to take over as the root bridge for the failed device. Additionally, I want to ensure that SW3 reaches the root for Instance 1 through SW4 by adjusting port cost, and SW4 to use Fa0/17 to reach the root of Instance 2 adjusting port priority.
To set a baseline; VLANs 10, 20, 30, and 40 are configured for the switching domain, and cabling has been done per the diagram.
I'l start with configuring MST instances 1 and 2 on all 4 Switches (SW1 is shown).
SW1(config)#spanning-tree mode mst
SW1(config)#
SW1(config)#spanning-tree mst configuration
SW1(config-mst)#name MST
SW1(config-mst)#revision 1
SW1(config-mst)#instance 1 vlan 10,30
SW1(config-mst)#instance 2 vlan 20,40
SW1(config-mst)#
SW1(config-mst)#do show spanning-tree mst configuration
Name [MST]
Revision 1 Instances configured 3
Instance Vlans mapped
-------- ---------------------------------------------------------------------
0 1-9,11-19,21-29,31-39,41-4094
1 10,30
2 20,40
-------------------------------------------------------------------------------
SW1(config-mst)#exit
SW1(config)#
Note that with MST, any VLAN that I have not specifically configured for an instance will be found in MST instance 0.
To configure priority for an instance, I can either use the spanning-tree mst 'x' priority command, or the spanning-tree mst 'x' root command. Using the priority command, I can manually set the value, but using the root command, I allow the switch to calculate the value. Depending on the environment, it may be beneficial to set the priority manually. For MST 1, I'll use the priority command, and for MST 2, I'll use the root command.
SW1(config)#spanning-tree mst 1 priority 0
SW1(config)#spanning-tree mst 2 root secondary
SW1(config)#
SW2(config)#spanning-tree mst 1 priority 4096
SW2(config)#spanning-tree mst 2 root primary
SW2(config)#
Here are the MST 1 and 2 resulting outputs for Switch 1 and 2.
SW1(config)#do show spanning-tree mst 1
##### MST1 vlans mapped: 10,30
Bridge address 0023.ab6f.b980 priority 1 (0 sysid 1)
Root this switch for MST1
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Desg FWD 200000 128.15 P2p
Fa0/14 Desg FWD 200000 128.16 P2p
Fa0/16 Desg FWD 200000 128.18 P2p
Fa0/17 Desg FWD 200000 128.19 P2p
SW1(config)#do show spanning-tree mst 2
##### MST2 vlans mapped: 20,40
Bridge address 0023.ab6f.b980 priority 28674 (28672 sysid 2)
Root address 0014.a8e1.fa80 priority 24578 (24576 sysid 2)
port Fa0/13 cost 200000 rem hops 19
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Root FWD 200000 128.15 P2p
Fa0/14 Altn BLK 200000 128.16 P2p
Fa0/16 Desg FWD 200000 128.18 P2p
Fa0/17 Desg FWD 200000 128.19 P2p
SW1(config)#
SW2(config)#do show spanning-tree mst 1
##### MST1 vlans mapped: 10,30
Bridge address 0014.a8e1.fa80 priority 4097 (4096 sysid 1)
Root address 0023.ab6f.b980 priority 1 (0 sysid 1)
port Fa0/13 cost 200000 rem hops 19
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Root FWD 200000 128.15 P2p
Fa0/14 Altn BLK 200000 128.16 P2p
Fa0/19 Desg FWD 200000 128.21 P2p
Fa0/20 Desg FWD 200000 128.22 P2p
SW2(config)#do show spanning-tree mst 2
##### MST2 vlans mapped: 20,40
Bridge address 0014.a8e1.fa80 priority 24578 (24576 sysid 2)
Root this switch for MST2
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Desg FWD 200000 128.15 P2p
Fa0/14 Desg FWD 200000 128.16 P2p
Fa0/19 Desg FWD 200000 128.21 P2p
Fa0/20 Desg FWD 200000 128.22 P2p
SW2(config)#
Note that the output shows SW1 as the root for MST 1, and SW2 as the root for MST 2; with SW1's priority for MST 2 putting it as the successor if there were a root bridge election, and SW2's priority for MST 1 putting it as the successor if there were a root bridge election. I can look at the inferior bridge priorities for SW3 and SW4 to verify that would indeed be the case.
SW3#show spanning-tree mst 1
##### MST1 vlans mapped: 10,30
Bridge address 000c.30fd.2e80 priority 32769 (32768 sysid 1)
Root address 0023.ab6f.b980 priority 1 (0 sysid 1)
port Fa0/13 cost 200000 rem hops 19
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Root FWD 200000 128.13 P2p
Fa0/14 Altn BLK 200000 128.14 P2p
Fa0/19 Desg FWD 200000 128.19 P2p
Fa0/20 Desg FWD 200000 128.20 P2p
SW3#show spanning-tree mst 2
##### MST2 vlans mapped: 20,40
Bridge address 000c.30fd.2e80 priority 32770 (32768 sysid 2)
Root address 0014.a8e1.fa80 priority 24578 (24576 sysid 2)
port Fa0/13 cost 400000 rem hops 18
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Root FWD 200000 128.13 P2p
Fa0/14 Altn BLK 200000 128.14 P2p
Fa0/19 Altn BLK 200000 128.19 P2p
Fa0/20 Altn BLK 200000 128.20 P2p
SW3#
SW4#show spanning-tree mst 1
##### MST1 vlans mapped: 10,30
Bridge address 000b.be51.a680 priority 32769 (32768 sysid 1)
Root address 0023.ab6f.b980 priority 1 (0 sysid 1)
port Fa0/16 cost 400000 rem hops 18
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/16 Root FWD 200000 128.16 P2p
Fa0/17 Altn BLK 200000 128.17 P2p
Fa0/19 Altn BLK 200000 128.19 P2p
Fa0/20 Altn BLK 200000 128.20 P2p
SW4#show spanning-tree mst 2
##### MST2 vlans mapped: 20,40
Bridge address 000b.be51.a680 priority 32770 (32768 sysid 2)
Root address 0014.a8e1.fa80 priority 24578 (24576 sysid 2)
port Fa0/16 cost 200000 rem hops 19
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/16 Root FWD 200000 128.16 P2p
Fa0/17 Altn BLK 200000 128.17 P2p
Fa0/19 Desg FWD 200000 128.19 P2p
Fa0/20 Desg FWD 200000 128.20 P2p
SW4#
Looking above, I can see that SW3's root port for MST 1 is currently Fa0/13 which is directly connected to SW1. In order for SW3 to use SW4 for its path to the root using port cost, I'll use 'show spanning-tree mst 1 detail' to learn how much I'll need to adjust the cost.
SW3#show spanning-tree mst 1 detail
##### MST1 vlans mapped: 10,30
Bridge address 000c.30fd.2e80 priority 32769 (32768 sysid 1)
Root address 0023.ab6f.b980 priority 1 (0 sysid 1)
port Fa0/13 cost 200000 rem hops 19
FastEthernet0/13 of MST1 is root forwarding
Port info port id 128.13 priority 128 cost 200000
Designated root address 0023.ab6f.b980 priority 1 cost 0
Designated bridge address 0023.ab6f.b980 priority 1 port id 128.18
Timers: message expires in 5 sec, forward delay 0, forward transitions 2
Bpdus (MRecords) sent 6072, received 4544
FastEthernet0/14 of MST1 is alternate blocking
Port info port id 128.14 priority 128 cost 200000
Designated root address 0023.ab6f.b980 priority 1 cost 0
Designated bridge address 0023.ab6f.b980 priority 1 port id 128.19
Timers: message expires in 4 sec, forward delay 0, forward transitions 1
Bpdus (MRecords) sent 15955, received 15033
FastEthernet0/19 of MST1 is designated forwarding
Port info port id 128.19 priority 128 cost 200000
Designated root address 0023.ab6f.b980 priority 1 cost 200000
Designated bridge address 000c.30fd.2e80 priority 32769 port id 128.19
Timers: message expires in 0 sec, forward delay 0, forward transitions 1
Bpdus (MRecords) sent 5677, received 7710
FastEthernet0/20 of MST1 is designated forwarding
Port info port id 128.20 priority 128 cost 200000
Designated root address 0023.ab6f.b980 priority 1 cost 200000
Designated bridge address 000c.30fd.2e80 priority 32769 port id 128.20
Timers: message expires in 0 sec, forward delay 0, forward transitions 2
Bpdus (MRecords) sent 13667, received 19642
SW3#
Since I have a total cost of 200000 to reach the root through Fa0/13 and Fa0/14, and a total cost of 400000 for ports Fa0/19 and Fa0/20. I'll increase Fa0/13 and Fa0/14's cost to something higher.
SW3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#interface range fa0/13 - 14
SW3(config-if-range)#spanning-tree mst 1 cost 20000000
SW3(config-if-range)#exit
SW3(config)#
SW3(config)#do show spanning-tree mst 1
##### MST1 vlans mapped: 10,30
Bridge address 000c.30fd.2e80 priority 32769 (32768 sysid 1)
Root address 0023.ab6f.b980 priority 1 (0 sysid 1)
port Fa0/19 cost 600000 rem hops 17
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Altn BLK 20000000 128.13 P2p
Fa0/14 Altn BLK 20000000 128.14 P2p
Fa0/19 Root FWD 200000 128.19 P2p
Fa0/20 Altn BLK 200000 128.20 P2p
SW3(config)#
Looking above, I can see that SW4 is currently using Fa0/16 to reach the root bridge for MST 2. I'll adjust where SW4 will use Fa0/17 as the root port to reach MST 2 by changing the port priority on SW2. Note that this adjustment must be done on SW2 and NOT on SW4 to be effective.
SW2(config)#interface fa0/20
SW2(config-if)#spanning-tree mst 2 port-priority 0
SW2(config-if)#
SW2(config-if)#do show spanning-tree mst 2
##### MST2 vlans mapped: 20,40
Bridge address 0014.a8e1.fa80 priority 24578 (24576 sysid 2)
Root this switch for MST2
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Desg FWD 200000 128.15 P2p
Fa0/14 Desg FWD 200000 128.16 P2p
Fa0/19 Desg FWD 200000 128.21 P2p
Fa0/20 Desg FWD 200000 0.22 P2p
SW2(config-if)#
With the port priority adjusted on SW2, I should now see on SW4 that Fa0/17 is the root port for MST 2.
SW4#show spanning-tree mst 2
##### MST2 vlans mapped: 20,40
Bridge address 000b.be51.a680 priority 32770 (32768 sysid 2)
Root address 0014.a8e1.fa80 priority 24578 (24576 sysid 2)
port Fa0/17 cost 200000 rem hops 19
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/16 Altn BLK 200000 128.16 P2p
Fa0/17 Root FWD 200000 128.17 P2p
Fa0/19 Desg FWD 200000 128.19 P2p
Fa0/20 Desg FWD 200000 128.20 P2p
SW4#
thanks. Nice and simple.
ReplyDeleteGreat Article
ReplyDeleteNetwork Security Final Year Project Ideas
Project Centers in Chennai
JavaScript Training in Chennai
JavaScript Training in Chennai
keep it up, it has really .very simple and very informative.thanks for sharing these information with all of us. Kinemaster Gold
ReplyDelete