Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
76 Cards in this Set
- Front
- Back
|
To enable or disable an entire instance of STP (by default enabled) globally or on a particular port.
|
switch(config)# [no] spanning-tree vlan [vlan-id]
|
|
|
To enable or disable extended system ID (disabled by default). If enabled the root bridge priority becomes a multiple of 4096 plus the VLAN ID.
|
switch(config)# [no] spanning-tree extended system-id
|
|
|
To configure the Bridge Priority, default 32,768). Lowest priority is RB, if same is lowest MAC.
|
switch(config)# spanning-tree vlan [vlan-id] priority [90 - 65,535]
|
|
|
To auto set the RB and secondary RB (macro). If current RB is greater than 24,576 set to 24,576, if lower set 4096 less than current. Secondary RB set to 28,672
|
switch(config)# spanning-tree vlan root [primary | secondary] [diameter [1 - 7]]
|
|
|
To set a switch ports cost. If VLAN given changed for VLAN, if not is changed for port as a whole (all active VLANS)
|
switch(config)# spanning-tree [vlan [vlan-id]] cost [cost]
|
|
|
To set a switch ports priority. Is 16bit quantity, 8bit port priority, 8bit port number (ports physical mapping). Lower port priority, preferred path to the RB.
|
switch(config)# spanning-tree [vlan [vlan-id]] port-priority [0 - 255]
|
|
|
To set hello timer, default 2 seconds.
|
switch(config)# spanning-tree [vlan [vlan-id]] hello-time [1 - 10 sec]
|
|
|
To set Forward delay timer, default 15 seconds. The amount of time a port stays in listening and learning states before moving into forwarding state.
|
switch(config)# spanning-tree [vlan [vlan-id]] forward-time [4 - 30 sec]
|
|
|
To set the max age timer, default 20 seconds. Specifies a stored BPDUs lifeline .
|
switch(config)# spanning-tree [vlan [vlan-id]] max-age [6 - 40 sec]
|
|
|
To change network Diameter, default 3. Timer values are dependant on hello time and network diameter, change network diameter and it changes all the timer values in a controlled fashion. This cmd can only be used on a per-VLAN basis.
|
switch(config)# spanning-tree vlan root [primary | secondary] [diameter [1 - 7]] hello-time [1 - 10 sec]
|
|
|
To enable portfast globally, disabled by default. It will enable it on all access mode ports.
|
switch(config)# spanning-tree portfast default
|
|
|
To enable or disable portfast on a port by port basis.
|
switch(config-if)# [no] spanning-tree portfast
|
|
|
What is the macro configuration command to force a switchport to support a single host. It enables portfast, sets access mode and disables PAgP (prevents port from participating in an Etherchannel)
|
switch(config-if)# switchport host
|
|
|
To enable Uplinkfast, can only be done globally. Default max update value is 150 packets-per-second, and is how quick sends multicasts to other switches so they can learn new path.
|
switch(config)# spanning-tree uplinkfast [max-update-rate [0 - 65,535 pps]]
|
|
|
To enable Backbonefast, disabled by default. When used should enable on all switches since they all require RLQ protocol and its only active when backbonefast is enabled.
|
switch(config-if)# spanning-tree backbonefast
|
|
|
To view all possible STP parameters for all VLANS. Port information is summarized.
|
switch# show spanning-tree
|
|
|
To view all possible STP parameters for all VLANS. Port information is very detailed.
|
switch# show spanning-tree detail
|
|
|
To view the total number of switch ports currently in each of the STP states. A quick summary of total number of ports participating in each active VLAN.
|
switch# show spanning-tree vlan [vlan-id] summary
|
|
|
To display a listing of every port on the VLAN, with its path cost and STP state. The Designated Bridge ID is also shown on every port segment.
|
switch# show spanning-tree vlan [vlan-id] brief
|
|
|
To show the SPT info for that VLAN, including priority, Mac, cost and timer values for this switch and the RB. So can see who is the RB
|
switch# show spanning-tree vlan [vlan-id]
|
|
|
Displays the VLAN, port priority & ID number, cost and what state the port is in. Also shows designated bridge ID.
|
switch# show spanning-tree interface [type] [mod/num]
|
|
|
To find the Root Bridge ID, the Root Port and the Root Path Cost
|
switch# show spanning-tree vlan [vlan-id] root
|
|
|
To show the Bridge ID and STP timers for the local switch.
|
switch# show spanning-tree vlan [vlan-id] bridge
|
|
|
To see the cost of an interface
|
switch# show spanning-tree interface [type] [mod/num] cost
|
|
|
To display the current portfast status.
|
switch# show spanning-tree interface [type] [mod/num] portfast
|
|
|
To display the current status of Uplinkfast
|
switch# show spanning-tree uplinkfast
|
|
|
To verify the current backbonefast state.
|
switch# show spanning-tree backbonefast
|
|
|
To list the ports that have been labeled in an inconsistent state.
|
switch# show spanning-tree inconsistent ports
|
|
|
To look for detailed reasons for inconsistencies
|
switch# show spanning-tree interface [type] [mod/num] detail
|
|
|
To display the global BPDU guard, BPDU filter and loop guard states.
|
switch# show spanning-tree vlan summary
|
|
|
To display the status of 1 or all ports
|
switch# show udld [type] [mod/num]
|
|
|
To enable Root Guard. It effects entire port so that a RB never can be allowed on any VLAN on that port. Use on ports where you never expect to find the RB for a VLAN.
|
switch(config-if)# spanning-tree guard root
|
|
|
To enable BPDU guard globally. By default disabled, all ports with PortFast enabled also have this enabled.
|
switch(config)# spanning-tree portfast bpduguard default
|
|
|
To enable BPDU guard on a port-by-port basis. If any BPDU is received on a port where PortFast is enabled, that port is immediately put in the errdisable state.
|
switch(config-if)# [no] spanning-tree bpduguard enable
|
|
|
To enable loop guard globally, disabled by default. Keeps track of BPDU activity on non-DPs, and when BPDUs go missing puts port into loop-inconsistent state.
|
switch(config)# spanning-tree loopguard default
|
|
|
To enable loop guard on a port-by-port basis. Its corrective blocking action is taken on a per-VLAN basis. So doesn’t block entire port, only the offending VLANs are blocked.
|
switch(config-if)# [no] spanning-tree guard loop
|
|
|
To enable UDLD globally for all fiber ports. Detects If 1 side of link (receive or transmit) fails by sending regular messages (default 15secs) and expecting an echo back.
|
switch(config)# udld [enable | aggressive | message time [7 - 90 secs]]
|
|
|
To enable UDLD on a port-by-port basis. Normal-detects and reports, Aggressive-placed in errdisable
|
switch(config-if)# udld [enable | aggressive | disable]
|
|
|
To re-enable ports that UDLD aggressive mode has errdisabled.
|
switch(config)#UDLD reset
|
|
|
To enable BPDU filtering globally. Use to effectively disable STP and BPDU messages
|
switch(config)# spanning-tree portfast bpdufilter default
|
|
|
To enable BPDU filtering on a port-by-port basis. Disabled by default except on PortFast ports where its enabled.
|
switch(config-if)# spanning-tree bpdufilter [enable | disable]
|
|
|
To change the STP mode to RPVST+. When enabled, the switch must support both RSTP and 802.1 STP neighbours.
|
switch(config)# spanning-tree mode rapid-pvst
|
|
|
To change the STP mode to PVST+ (default). When you enable PVST+ or RPVST+, any STP process that's currently running must be restarted.
|
switch(config)# spanning-tree mode pvst
|
|
|
To configure a port as an edge port in RSTP. Ports considered to have only 1 host and be positioned at the edge of the network.
|
switch(config-if)# [no] spanning-tree portfast
|
|
|
To force a port to act as a point-to-point link. By default, ports operating in full-duplex mode are automatically in this mode. Is a port that connects to another switch and becomes a DP.
|
switch(config-if)# spanning-tree link-type point-to-point
|
|
|
To enable MST on the switch. The whole idea behind MST is the capability to map multiple VLANs to a smaller number of instances. Max of 16 in each region, but the IST always exists as number 0.
|
switch(config)# spanning-tree mode mst
|
|
|
To enter MST configuration mode.
|
switch(config)# spanning-tree mst configuration
|
|
|
To assign the MST region name, up to 32 characters long.
|
switch(config-mst)# name [name]
|
|
|
To assign a region configuration number. Gives you a means of tracking MST config changes. Each time you make a change, increment it by one.
|
switch(config-mst)# revision [0 - 65,535]
|
|
|
To map VLANs to an MST instance. By default all vlans mapped to instance 0 ( IST). You should select the number of instances needed and map all active VLANs to them.
|
switch(config-mst)# instance [0 - 15] vlan [vlan-list]
|
|
|
To show the pending changes you have made to the MST configuration
|
switch(config-mst)# show pending
|
|
|
To exit MST config mode and commit the changes to the active MST region configuration.
|
switch(config-mst)# exit
|
|
|
To see which STP type neighbours are running. P2p = p-t-p RSTP port, P2p Peer (STP) = traditional 802.1D STP
|
switch(config)#show spanning-tree vlan [vlan-id]
|
|
|
To set the MST Root Bridge
|
switch(config)# spanning-tree mst [instance-id] root [primary | secondary] [diameter [1 - 7]]
|
|
|
To set the MST Bridge Priority
|
switch(config)# spanning-tree mst [instance-id] priority [90 - 65,535]
|
|
|
To set the MST port cost
|
switch(config)# spanning-tree mst [instance-id] cost [cost]
|
|
|
To set the MST port priority cost
|
switch(config)# spanning-tree mst [instance-id] port-priority [0 - 255]
|
|
|
To set the STP hello timer
|
switch(config)# spanning-tree mst [instance-id] hello-time [1 - 10 sec]
|
|
|
To set the STP forward time timer
|
switch(config)# spanning-tree mst [instance-id] forward-time [4 - 30 sec]
|
|
|
To set the MST max age timer.
|
switch(config)# spanning-tree mst [instance-id] max-age [6 - 40 sec]
|
|
|
Do you need to set hello, forward delay and max time timers on each switch.
|
No, all 3 timers need only be set on RB since configuration BPDUs propagate them throughout the network. Timers can be changed for a single instance (VLAN) of STP on the switch or for all instances (all VLANs) of the STP on the switch if you omit the "VLAN" keyword.
|
|
|
What does portfast do?
|
It enables fast connectivity to be established on access-layer switch ports to workstations that are booting. Its done by reducing the listening and learning states considerably, and when a link comes up it immediately moves the port into the forwarding state.
|
|
|
What does Uplinkfast do?
|
It enables fast-uplink failover on an access-layer switch when dual links are connected into the dist switch. Is the link with next lowest Root Path cost, and is kept in blocking state until Root Port fails. Needs to be leaf mode switch so raises bridge ID to 49,152 and path cost to all local ports by 3000. This makes it undesirable as a RB and ports undesirable as paths to the root.
|
|
|
What does Backbonefast do?
|
It enables fast convergence in the network backbone (core) after a spanning tree topology change occurs. It works by actively determining whether alternative paths exist to RB in case the switch detects a indirect link failure. Uses Root Link Query (RLQ) protocol to see if upstream switches have stable connections to the RB. It short circuits the max-age timer when needed, but unlike portfast and uplink cant enable immediate transitions since still has to go through listening and learning state timers.
|
|
|
What 2 STP features protect against unexpected BPDUs
|
Root Guard (root inconsistent state) and BPDU guard (errdisable state)
|
|
|
What 2 STP features help detect or prevent against sudden loss of BPDUs
|
Loop Guard (loop inconsistent state) and Unidirectional Link Detection (UDLD) (errdisable)
|
|
|
Where do you apply Root Guard?
|
Apply to ports where the Root is never expected.
|
|
|
Where do you apply BPDU Guard?
|
Apply to all user ports where PortFast is enabled.
|
|
|
Where do you apply Loop Guard?
|
Apply to nondesignated ports, but is ok to apply to all ports.
|
|
|
Where do you apply UDLD?
|
Apply to all fiber-optic links between switches (must be enabled on both ends).
|
|
|
What are permissible security combinations on a switch port.
|
Loop Guard and UDLD or Root Guard and UDLD
|
|
|
What are not permissible security combinations on a switch port.
|
Root Guard and Loop Guard or Root Guard and BPDU Guard
|
|
|
What version number of BSDU does RSTP use.
|
RSTP uses version 2, 802.1D uses version 0. Each port attempts to operate according to the version of STP BPDU that’s received.
|
|
|
What must you define exactly the same on all switches for them to belong to the same region.
|
MST configuration name, Revision number and instance-to-vlan mapping table.
|
|
|
What happens after a switch receives news of a topology change?
|
It flushes entries from its CAM table immediately, instead of employing the timer reduction that 802.1D uses.
|
|
|
Can a switch run PVST+ and MST at the same time?
|
No, if MST is enabled PVST+ operation stops and the switch changes to RSTP operation. It can interact and interoperate with PVST+, 802.1D and RSTP
|
