CCIE Pursuit Blog

April 9, 2008

Internetwork Expert Volume III: Lab 5 – Section 2

Bridging and Switching – 9 Points

2.1 Trunking

Very easy trunking task.  You just need to make sure at least one side of each trunk link is in dynamic desirable mode.

The eternal question: What to do about all of the other dynamically created trunks?

In the solution guide the other trunks (negotiated via DTP on the connections between the 3560s and the 3550s) do not appear in the verification commands.  For this lab, I went ahead and shut them all down.

2.2 VLAN Assignment

VTP is already configured (all switches are in VTP server mode in the vtp domain ‘CCIE’).  You are tasked to build all of the VLANs from the diagram.

Weird:

sw1(config-if)#do sh cdp nei f0/3
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
                  S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone

Device ID            Local Intrfce         Holdtme   Capability    Platform   Port ID
r3                  Fas 0/3               120           R S I     2651XM    Fas0/0
r3                  Fas 0/3               10            R S I     2651XM    Fas0/0.1

This occured soon after I configured router-on-a-stick on r3.  I’ve never seen CDP use a subinterface as a neighbor interface.  Time to clear the cdp table:

clear cdp table

sw1(config-if)#do sh cdp nei f0/3
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
                  S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone

Device ID            Local Intrfce         Holdtme   Capability    Platform   Port ID
r3                  Fas 0/3               178           R S I     2651XM    Fas0/0

Ah.  Much better.

The lab diagram does not show which ethernet port on r2 is connected to VLAN 72.  It must be 0/0 as that interface is already configured with an IP address in VLAN 72.

Weird.  All of the switches are int vtp domain CCIE and all are VTP servers.  Trunking is established between all of the switches.  Yet I am not seeing VLANs propagating via VTP:

sw1:
sw1(config-if)#do sh vtp status
VTP Version                     : 2
Configuration Revision          : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 11
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE

VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x4E 0xE7 0xBF 0xB8 0x71 0x10 0xF6 0xB4
Configuration last modified by 128.1.27.7 at 3-1-93 15:57:04
Local updater ID is 128.1.27.7 on interface Vl27 (lowest numbered VLAN interface found)

sw2:
sw2(config-if)#do sh vtp status
VTP Version                     : 2
Configuration Revision          : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 8
VTP Operating Mode              : Server
VTP Domain Name                 : CCIE

VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x9C 0x35 0x84 0x20 0x54 0x5D 0x0C 0xEB
Configuration last modified by 128.1.48.8 at 3-1-93 16:03:37 <-Interface on sw2
Local updater ID is 128.1.48.8 on interface Vl48 (lowest numbered VLAN interface found) 

sw1(config-if)#do sh vtp pass
VTP Password: CISCO

sw2(config-if)#do sh vtp pass
VTP Password: CISC0

Sneaky IE bastards.  I looks like sw2’s password ends with a zero.  I went to each switch and set the vtp password to ‘CISCO’ and vlans started flowing again.

This lab has three “router-on-a-stick” setups to configure.

The IE solution guide shows VLAN 10 configured for some reason.  It’s not in this network though.

I later found vlan 10.  It’s on sw4.  It was not included in my initial config for sw4.  I should have caught this during my intial troubleshooting.

I am also not sure that we need to create VLAN 109 and apply it to the L2 ends of the routed links because in the next task we are using L2 tunneling to make those links think that they are directly connected.  I have full connectivity without VLAN 109, but we’ll see if that gives me issues later.

If this were the real lab, I’d just go ahead and configure VLAN 109 as there is no “minimum number of VLANs” requirement for this task.

2.3 Layer 2 Tunneling

“Configure sw2 so that sw3 and sw4 see each other as CDP neighbors across the routed link that connects them.”

I need to tunnel interfaces fa0/16 and fa0/19

Before:
sw3#sh cdp nei fa0/16
| b Dev
Device ID            Local Intrfce         Holdtme   Capability    Platform   Port ID
sw2                 Fas 0/16              178            S I      WS-C3560-4 Fas0/16

sw4#sh cdp neigh fa0/16 | b De
Device ID            Local Intrfce         Holdtme   Capability    Platform   Port ID
sw2                 Fas 0/16              151            S I      WS-C3560-4 Fas0/19

After:
sw3#sh cdp neigh fa0/16
| b De
Device ID            Local Intrfce         Holdtme   Capability    Platform   Port ID
sw4                 Fas 0/16              151            S I      WS-C3550-2 Fas0/16

sw4#sh cdp nei fa0/16 | b De
Device ID            Local Intrfce         Holdtme   Capability    Platform   Port ID
sw3                 Fas 0/16              170            S I      WS-C3550-2 Fas0/16

sw4#p 128.1.109.9

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 128.1.109.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

 

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: