CCIE Pursuit Blog

January 26, 2008

Internetwork Expert Volume III: Lab 4 – Section 2

Bridging and Switching – 9 Points

2.1 Trunking

Speed tip -Use ‘interface range’ to configure multiple, non-contiguous interfaces at one time:

sw3(config)#int range fa0/13, fa0/16, fa0/17, fa0/19, fa0/21

sw4(config-if-range)#do sh int trunk

Port        Mode         Encapsulation  Status        Native vlan
Fa0/13      desirable    n-isl          trunking      1
Fa0/14      desirable    n-isl          trunking      1
Fa0/15      desirable    n-isl          trunking      1
Fa0/16      desirable    n-isl          trunking      1
Fa0/17      desirable    n-isl          trunking      1
Fa0/18      desirable    n-isl          trunking      1
Fa0/19      on           802.1q         trunking       1
Fa0/20      desirable    n-isl          trunking      1
Fa0/21      on           802.1q         trunking       1 

The eternal question: to shut or not to shut the dynamically negotiated trunks?  Since the  IE solution does not show these trunks in the “show int trunk” output I went ahead and shut them down (on one side at least).

2.2 Etherchannel

WTF?

sw3(config-if-range)#channel-group 23 mode active
% Interface range command failed for FastEthernet0/17

00:55:00: %EC-5-ERRPROT: Channel protocol mismatch for interface Fa0/17 in group 23: the interface can not be added to the channel group

sw3(config-if-range)#do sh run int fa0/17
interface FastEthernet0/17
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 125
 switchport mode trunk
 switchport nonegotiate
 channel-protocol pagp  <-where did that come from?

sw3(config-if-range)#do sh start | b 0/17
interface FastEthernet0/17
 switchport mode dynamic desirable
 channel-protocol pagp

Yet another initial config error.

task 2.2 : command is missing in SG

Fix:

sw3(config-if-range)#int fa0/17
sw3(config-if)#no channel-protocol pagp
sw3(config-if)#channel-g 23 mode active

sw3(config-if)#do sh eth sum | b Group
Group  Port-channel  Protocol    Ports
——+————-+———–+———————————————–
23     Po23(SU)        LACP      Fa0/16(P)   Fa0/17(P)

2.3 VTP

“Configure the VTP domain CCIE on all four switches.”

Should I put only one of the switches in VTP Server mode?  sw3 would be the obvious candidate to be the VTP server.  I did that.  IE did not.  They left all switches as VTP servers.

“Configure VLAN assignments per the diagram”

Crap! I usually miss some VLANs when I do this.  This time was no exception.

“Filter traffic on the 802.1q trunk links so that only necessary VLAN traffic is sent over them.”

Easy enough…vtp pruning.  BUT if you are told not to shut down the dynamically negotiated trunks then those trunks will negotiate to ISL by default.  This would make this task a lot more difficult and time-consuming because VTP pruning cannot be enabled for dot1q encapsulation and not ISL or vice versa.

IE solution did not use VTP pruning.  They explicitly configured that allowed VLANs on each trunk. This might be a result of the the “802.1q trunk links” verbiage – VTP pruning would work – but on all trunks regardless of the encapsulation type used.  Pretty tricky putting this task under the VTP section.  🙂

Task 2.3, VTP

vtp (global configuration)

Follow these guidelines when setting VTP pruning:

•VTP pruning removes information about each pruning-eligible VLAN from VTP updates if there are no stations belonging to that VLAN.

If you enable pruning on the VTP server, it is enabled for the entire management domain for VLAN IDs 1 to 1005.

•Only VLANs in the pruning-eligible list can be pruned.

•Pruning is supported with VTP Version 1 and Version 2.

VTP Pruning with ISL trunk:

sw1(config-if)#do sh vtp status | i run
VTP Pruning Mode                : Enabled
sw1(config-if)#do sh int trunk

Port        Mode         Encapsulation  Status        Native vlan
Fa0/16      on           isl            trunking      1

Port        Vlans allowed on trunk
Fa0/16      1-4094

Port        Vlans allowed and active in management domain
Fa0/16      1,3-5,37,46,72-73,125

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/16      1,3-5,46,72-73,125

VTP Pruning with dot1 q trunk: 

sw1(config-if)#do sh vtp stat | i run
VTP Pruning Mode                : Enabled
sw1(config-if)#do sh int trunk

Port        Mode         Encapsulation  Status        Native vlan
Fa0/16      on           802.1q         trunking      125

Port        Vlans allowed on trunk
Fa0/16      1-4094

Port        Vlans allowed and active in management domain
Fa0/16      1,3-5,37,46,72-73,125

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/16      1,3-5,46,72-73,125
sw1, 2, 4

Hmmmm…..can’t ping bb2 from sw1 (VLAN 72):

sw1(config-if)#do p 192.10.1.254

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.10.1.254, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)

Route: sw1 fa0/16 (trunk) -> (trunk) fa0/13 sw3 po23 (trunk) -> (trunk) po23 sw2 int fa0/24 (vlan 72) -> (vlan 72) gi1/0/1 bb2

Start at last hop before bb2:

sw2#sh int fa0/24 status

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/24                       notconnect   72           auto   auto 10/100BaseTX 

Problem = dead port on my bb2 router (actually 3750 switch.  ARGGH!!!!

Shut/no shut fixed it…..weird!!!

sw1#ping 192.10.1.254

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.10.1.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5),
round-trip min/avg/max = 1/202/1006 ms

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: