CCIE Pursuit Blog

September 15, 2007

3560 to 3560 Orange Lights

Filed under: Cisco,Cisco Certification,Home Lab,IOS,Switching — cciepursuit @ 3:57 pm

CCIE Journey encountered some interesting lights on his 3560s while setting up his lab:

My four switches are connected as per IE’s layer 1 configuration. Now the three links that connect SW1 and SW2 on the two 3560’s were coming up weird on SW1. Interface fa 0/13 was showing green on both switches, but fa0/14-15 was showing orange on SW1.Once Trunking come up in the COD tonight it reminded me that 3560’s run Dynamic Auto by default. So I set Dynamic Desirable on links Fa 0/13-15 on SW2 and both orange led’s on SW1 went green again. Ok I thought that makes sense, but what doesn’t make sense is why was fa 0/13 green on SW1 if both sides were set to auto as well ? It is the little things that drive me…

I had an idea that this was due to STP blocking on the two non-root ports of sw1.  I wish that I could say that I thought of this not because I am a networking guru (not even close!), but the reason that this jumped into my skull is because of an annoying customer that I once had. 

The customer was at a location that were going to to upgrade to our standard 3750 switch stacks, but in the mean time were using 3560s “stacked” with crossover cables on redundant links between the switches in the “stack”.  Almost immediately he started paging out the network team because of “bad ports”.  It seemed that there were a couple of orange lights on the switchports.  I looked into the issue and told him that those ports were in spanning-tree blocking state and that was why the port lights were orange.  I told him that this was normal and would not affect the switches.  Of course the orange lights became legendary “bad ports” and every network blip at that site was immediately blamed on these ports.  Eventually, I “fixed” the problem by having the customer push the “Mode” button on the front of the switch.  This set the Mode to “DUPLX” and all of the port lights went green because all of the ports were running at full duplex.  Unfortunately, this only “worked” for a brief period of time because the Mode would eventually switch back to “STAT” and the blocking ports would become orange again.  😦

Anyhoo….I labbed up CCIE Journey’s scenario by defaulting ports fa0/13 – 15 on sw1 and sw2, then:

sw1#sh ver | i IOS
Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(25)SEE2, RELEASE SOFTWARE (fc1)
sw1#sh run | b 0/13
interface FastEthernet0/13 <-ports have been defaulted
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
sw1#sh int status | b 0/13
Fa0/13                       connected    1          a-full  a-100 10/100BaseTX
Fa0/14                       connected    1          a-full  a-100 10/100BaseTX
Fa0/15                       connected    1          a-full  a-100 10/100BaseTX

sw1#sh sp v 1

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     0012.009c.ca00
             Cost        19
             Port        15 (FastEthernet0/13)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0012.018f.d580
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/13          Root FWD 19      128.15   P2p
Fa0/14           Altn BLK 19        128.16   P2p
Fa0/15           Altn BLK 19        128.17   P2p
************************

sw2 is the root switch: 
sw2#sh ver | i IOS
Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(25)SEE2, RELEASE SOFTWARE (fc1)
sw2#sh run | b 0/13
interface FastEthernet0/13 <-ports have been defaulted
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!

sw2#sh int status | b 0/13
Fa0/13                       connected    1          a-full  a-100 10/100BaseTX
Fa0/14                       connected    1          a-full  a-100 10/100BaseTX
Fa0/15                       connected    1          a-full  a-100 10/100BaseTX

sw2#sh sp v 1

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     0012.009c.ca00
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0012.009c.ca00
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 15

Interface        Role Sts Cost      Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/13           Desg FWD 19        128.15   P2p
Fa0/14           Desg FWD 19        128.16   P2p
Fa0/15           Desg FWD 19        128.17   P2p
**************

sw2 is the root.  The ports are all FWD (therefore all green).  sw1 is non-root, fa1/13 is the root port and therefore forwarding (green), the other two are blocking(orange).

We can test whether the lights are orange due to STP blocking two ways:

1) Make sw1 the root and see if its lights all go green, while sw2’s fa0/14 and fa0/15 go orange.
2) Change the root port on sw1 to fa0/14 and see if it goes green while fa0/13 goes orange.

Method 1:

sw1(config)#spanning-tree vlan 1 root primary
sw1(config)#^Z

sw1#sh sp v 1

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    24577
             Address     0012.018f.d580
             This bridge is the root <-sw1 is now the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24577  (priority 24576 sys-id-ext 1)
             Address     0012.018f.d580
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 15

Interface        Role Sts Cost      Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/13           Desg FWD 19        128.15   P2p
Fa0/14           Desg FWD 19        128.16   P2p
Fa0/15           Desg FWD 19        128.17   P2p

sw2#sh sp v 1

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    24577
             Address     0012.018f.d580
             Cost        19
             Port        15 (FastEthernet0/13)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0012.009c.ca00
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/13           Root FWD 19        128.15   P2p <-note
Fa0/14           Altn BLK 19        128.16   P2p
Fa0/15           Altn BLK 19        128.17   P2p

Now all three of sw1’s port are green, while fa0/13 on sw2 is green and fa0/14 – 15 are orange.  I don’t have photos, so you’ll have to trust me on this  🙂 

Method 2 (after making sw2 the root again):

sw1#sh sp v 1

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     0012.009c.ca00
             Cost        19
             Port        15 (FastEthernet0/13)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0012.018f.d580
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 15

Interface        Role Sts Cost      Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/13           Root FWD 19        128.15   P2p
Fa0/14           Altn BLK 19        128.16   P2p
Fa0/15           Altn BLK 19        128.17   P2p

sw1(config-if)#int fa0/14
sw1(config-if)#spanning-tree vlan 1 cost 1
sw1(config-if)#do sh sp v 1

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     0012.009c.ca00
             Cost        1
             Port        16 (FastEthernet0/14)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     0012.018f.d580
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/13           Altn BLK 19        128.15   P2p
Fa0/14           Root FWD 1         128.16   P2p <-this is now green
Fa0/15           Altn BLK 19        128.17   P2p

Now fa0/13 and fa0/15 on sw1 are orange and fa0/14 is green.  All three ports on sw2 are still green.

Dotted Decimal OSPF Areas

Filed under: Cisco,Cisco Certification,IOS,OSPF — cciepursuit @ 2:30 pm

File under “interesting stuff that I didn’t know” – I came across this while reading the OSPFv2 chapter in Doyle’s Routing TCP/IP (Volume 1):

Areas are identified by a 32-bit Area ID. The Area ID may be expressed either as a decimal number or in dotted decimal, and the two formats may be used together on Cisco routers. The choice usually depends on which format is more convenient for identifying the particular Area ID. For example, area 0 and area 0.0.0.0 are equivalent, as are area 16 and area 0.0.0.16, and area 271 and area 0.0.1.15. In each of these cases, the decimal format would probably be preferred. However, given the choice of area 3232243229 and area 192.168.30.29, the latter would probably be chosen.

This might prompt “ummm…yeah…and the sky is blue” from some of you, but I’ve somehow come this far without ever tripping over this feature of OSPF before.

r1(config)#router ospf 100
r1(config-router)#net 155.1.146.1 0.0.0.0 area ?
  <0-4294967295>  OSPF area ID as a decimal value
  A.B.C.D         OSPF area ID in IP address format

r1(config-router)#net 155.1.146.1 0.0.0.0 area 0.0.0.0

r1#sh ip os int fa0/0
FastEthernet0/0 is up, line protocol is up
  Internet Address 155.1.146.1/24, Area 0.0.0.0
  Process ID 100, Router ID 155.1.146.1, Network Type BROADCAST, Cost: 1
  —–output truncated—–

r1(config-router)#net 155.1.146.1 0.0.0.0 area 0.0.1.16
r1(config-router)#^Z
r1#
*Mar  1 00:34:36: %OSPF-6-AREACHG: 155.1.146.1/32 changed from area 0.0.0.0 to area 0.0.1.16

r1#sh ip ospf int fa0/0
FastEthernet0/0 is up, line protocol is up
  Internet Address 155.1.146.1/24, Area 0.0.1.16
  Process ID 100, Router ID 155.1.146.1, Network Type BROADCAST, Cost: 1
   —–output truncated—–

r1#sh ip os data

            OSPF Router with ID (155.1.146.1) (Process ID 100)

                Router Link States (Area 0.0.1.16)

Link ID         ADV Router      Age         Seq#       Checksum Link count
155.1.146.1     155.1.146.1     92          0x80000001 0x009909 1

The range of OSPF areas is 0 to 4294967295.  4294967295 expressed in dotted decimal is 255.255.255.255.

Let’s see if we can create an OSPF adjacency between r1 in area 271 and r4 in area 0.0.1.15:

r1(config)#router ospf 100
r1(config-router)#net 155.1.146.1 0.0.0.0 area 271

r4(config-router)#router os 100
r4(config-router)#net 155.1.146.4 0.0.0.0 area 0.0.1.15
r1#sh ip os nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
155.1.146.4       1   FULL/BDR    00:00:32    155.1.146.4  FastEthernet0/0

r1#sh ip os int fa0/0
FastEthernet0/0 is up, line protocol is up
  Internet Address 155.1.146.1/24, Area 271
  Process ID 100, Router ID 155.1.146.1, Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State DR, Priority 1
  Designated Router (ID) 155.1.146.1, Interface address 155.1.146.1
  Backup Designated router (ID) 155.1.146.4, Interface address 155.1.146.4
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    Hello due in 00:00:07
  Supports Link-local Signaling (LLS)
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 0, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 155.1.146.4  (Backup Designated Router)
  Suppress hello for 0 neighbor(s)

r1#sh ip os data

            OSPF Router with ID (155.1.146.1) (Process ID 100)

                Router Link States (Area 271)

Link ID         ADV Router      Age         Seq#       Checksum Link count
155.1.146.1     155.1.146.1     118         0x80000002 0x00CDA3 1
155.1.146.4     155.1.146.4     114         0x80000002 0x00C7A0 1

                Net Link States (Area 271)

Link ID         ADV Router      Age         Seq#       Checksum
155.1.146.1     155.1.146.1     118         0x80000001 0x00ADC8
r1#
r4#sh ip os nei

Neighbor ID     Pri   State           Dead Time   Address         Interface
155.1.146.1       1   FULL/DR   00:00:32    155.1.146.1     FastEthernet0/0

r4#sh ip os int fa0/0
FastEthernet0/0 is up, line protocol is up
  Internet Address 155.1.146.4/24, Area 0.0.1.15
  Process ID 100, Router ID 155.1.146.4, Network Type BROADCAST, Cost: 1
  Transmit Delay is 1 sec, State BDR, Priority 1
  Designated Router (ID) 155.1.146.1, Interface address 155.1.146.1
  Backup Designated router (ID) 155.1.146.4, Interface address 155.1.146.4
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    Hello due in 00:00:05
  Supports Link-local Signaling (LLS)
  Index 1/1, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1
    Adjacent with neighbor 155.1.146.1  (Designated Router)
  Suppress hello for 0 neighbor(s)

r4#sh ip os data

            OSPF Router with ID (155.1.146.4) (Process ID 100)

                Router Link States (Area 0.0.1.15)

Link ID         ADV Router      Age         Seq#       Checksum Link count
155.1.146.1     155.1.146.1     81          0x80000002 0x00CDA3 1
155.1.146.4     155.1.146.4     75          0x80000002 0x00C7A0 1

                Net Link States (Area 0.0.1.15)

Link ID         ADV Router      Age         Seq#       Checksum
155.1.146.1     155.1.146.1     81          0x80000001 0x00ADC8

Sweet.  Because 0.0.1.15 is equal to 271 in decimal, the OSPF adjacency is formed.


Cisco Documentation

network area

Create a free website or blog at WordPress.com.