STP FEATURES : ROOT GUARD - SWITCHING TECHNOLOGIES #9 ( CCNP )

 SWITCHING TECHNOLOGIES #7 :

STP FEATURES : ROOT GUARD
 


▪ Konfigurasikan SW1 sebagai root bridge
▪ Konfigurasikan pada SW1 agar SW2 tidak akan pernah menjadi root
apapun kondisinya. Konfigurasi pada SW-1 dan SW-2

SW-1 dan SW-2
SW1(config)#interface range e0/0-1
SW1(config-if-range)#Switchport trunk encap dot1q
SW1(config-if-range)#Switchport mode trunk
!
SW2(config)#interface range e0/0-1
SW2(config-if-range)#Switchport trunk encap dot1q
SW2(config-if-range)#Switchport mode trunk
Jadikan SW-1 sebagai root-bridge
SW-2
SW2(config)#spanning-tree vlan 1 root primary
SW2(config)#interface e0/0
SW2(config-if)#spanning-tree guard root
!
SW2(config-if)#interface e0/0
SW2(config-if)#spanning-tree guard root
*Feb 1 16:13:18.229: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root
guard enabled on port Ethernet0/0.

SW-2
SW2#show spanning-tree interface e0/0 detail
Port 1 (Ethernet0/0) of VLAN0001 is designated forwarding
Port path cost 100, Port priority 128, Port Identifier 128.1.
Designated root has priority 24577, address aabb.cc00.0200
Designated bridge has priority 24577, address aabb.cc00.0200
Designated port id is 128.1, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
Link type is point-to-point by default
Root guard is enabled on the port
BPDU: sent 94, received 46

Pastikan SW1 yang menjadi root bridge, gunakan show spanning tree dan
pastikan muncul this bridge is the root. Lakukan debugging pada SW-2
 
SW-1
SW2#debug spanning-tree
events Spanning Tree event debugging is on

Selanjutnya konfigurasikan agar SW1 menjadi root dengan menset nilai
prioritynya lebih rendah dari SW2.

SW-1
SW1(config)#spanning-tree vlan 1 priority 4096
SW-2
SW2#
*Feb 1 16:18:47.287: STP: VLAN0001 heard root 4097-aabb.cc00.0100 on
Et0/1
*Feb 1 16:18:47.287: supersedes 24577-aabb.cc00.0200
*Feb 1 16:18:47.287: STP: VLAN0001 new root is 4097, aabb.cc00.0100 on
port Et0/1, cost 100
*Feb 1 16:18:47.287: %SPANTREE-2-ROOTGUARD_BLOCK: Root guard
blocking port Ethernet0/0 on VLAN0001.
SW2#
*Feb 1 16:18:47.289: STP: VLAN0001 sent Topology Change Notice on
Et0/1
*Feb 1 16:18:47.289: STP: VLAN0001 Et0/0 -> blocking

Terlihat SW-1 tidak akan menjadi root bridge meskipun kita sudah mensetting
prioritynya lebih rendah dari SW-2, cek verifikasi lagi

SW-2
SW2#show spanning-tree inconsistentports
Name Interface Inconsistency
-------------------- ------------------------ ------------------
VLAN0001 Ethernet0/0 Root Inconsistent
Number of inconsistent ports (segments) in the system : 1
 
 
 
 
 
 
 
 

 

Komentar

Postingan populer dari blog ini

PORT SECURITY ( DEFAULT VIOLATION ) - SWITCHING TECHNOLOGIES #16 ( CCNP )

BGP BASIC CONFIGURATION - BGP #2 ( CCNP )

BGP ATTRIBUTE ( COMMUNITY-LIST ) - BGP #9 ( CCNP )