AOS-CX Simulator - MSTP Lab Guide

Download as pdf or txt
Download as pdf or txt
You are on page 1of 14

LAB GUIDE

MSTP Fundamentals
IMPORTANT! THIS GUIDE ASSUMES THAT THE AOS-CX OVA HAS BEEN INSTALLED AND WORKS IN GNS3 OR EVE-NG.
PLEASE REFER TO GNS3/EVE-NG INITIAL SETUP LABS IF REQUIRED.
https://www.eve-ng.net/index.php/documentation/howtos/howto-add-aruba-cx-switch/

TABLE OF CONTENTS
Lab Objective ......................................................................................................................................... 1
Lab Overview ......................................................................................................................................... 1
Lab Network Layout ............................................................................................................................... 2
Lab Tasks .............................................................................................................................................. 2
Task 1 - Lab setup ................................................................................................................................. 2
Task 2 - Configure MSTP and VLAN mappings ..................................................................................... 3
Task 3 - Check configurations and output .............................................................................................. 4
Task 4 - Path Cost ................................................................................................................................. 6
Task 5 - MST timers and tuning ............................................................................................................. 7
Task 5 - Spanning tree protection .......................................................................................................... 8
Appendix – Complete Configurations ................................................................................................... 11

Lab Objective
At the end of this lab you will be able to implement the basic configuration of Multiple Spanning Tree Protocol (MSTP) and
show how MSTP creates a loop free VLAN topology with other Aruba CX switches.

The use case for MSTP is to provide a loop free redundant multipath Layer 2 network. MSTP is the default Spanning Tree
Protocol for Aruba CX switches

For further details on MSTP please refer to the latest Aruba documentation located on https://asp.arubanetworks.com/

Lab Overview
This lab set up is as shown in Figure 1 and Figure 2.This will allow the reader to observe the behavior of MSTP

This lab covers configuration of the following:

• MSTP and VLAN mappings. (MSTP is the default STP for Aruba CX switches.)

• Root bridge placement and Identification

• STP timers and edge ports

• STP protection mechanisms

1
Lab Guide
MSTP

Lab Network Layout

Figure 1. MSTP Lab topology

Lab Tasks
Task 1 - Lab setup
For this lab refer to Figure 1 for topology setup .Open each switch console and log in with user “admin” and no password.

Note: Switch X will be configured later in the lab. The Virtual PC (VPC-C) is not required to be configured and just shown to
represent an access port.

• Change all hostnames as shown in the topology:

configure
hostname <device host name>

• On Switch A and B bring up required ports:

int 1/1/1-1/1/3
no routing
no shutdown

use “exit” to go back a level

• On Switch C and D bring up required ports:

int 1/1/2-1/1/3
no routing
no shutdown

use “exit” to go back a level

• Validate LLDP neighbors appear as expected on each switch. Here we show Switch A output only.

2
Lab Guide
MSTP

If all switches have been configured as shown in Figure 1 you should see Switch B, C and D via Switch A as shown
below using LLDP. It is left to the reader to check other switches respectively.

SwitchA#show lldp neighbor-info

LLDP Neighbor Information


=========================

Total Neighbor Entries : 3


Total Neighbor Entries Deleted : 0
Total Neighbor Entries Dropped : 0
Total Neighbor Entries Aged-Out : 0

LOCAL-PORT CHASSIS-ID PORT-ID PORT-DESC TTL SYS-NAME


------------------------------------------------------------------------------------------
1/1/1 08:00:09:12:8e:9e 1/1/1 1/1/1 120 SwithcB

1/1/2 08:00:09:16:7b:7e 1/1/2 1/1/2 120 SwitchC

1/1/3 08:00:09:ee:11:82 1/1/3 1/1/3 120 SwitchD

Task 2 - Configure MSTP and VLAN mappings

Now set up MSTP, Root bridges and map VLANs as per Figure 2

• VLAN 10-11 assigned to MSTP instance 1, Root bridge Switch A, Secondary Root bridge Switch B

• VLAN 20-21 assigned to MSTP instance 2 Root bridge Switch B, Secondary Root bridge Switch A

• All other VLANs assigned to the default MSTP 0 as shown below Switch A

Note: Having deterministic Root and Secondary Root bridges is a typically accepted design, these are placed at the Core of
the Layer 2 domain, as shown in Figure 2, where Switch A and Switch B are the core/center of the Layer 2 domain as well as
providing Root redundancy for one another.

Figure 2 MSTP Topology

• On Switch A add VLAN 10-11 and 20-21. Configure STP making Switch A Root for VLAN 10-11 instance 1 and
Secondary Root for 20-21 instance 2, then trunk all VLANs for interface 1/1/1 to 1/1/3. Here also make Switch A the
Root for the CIST

SwitchA#
configure
vlan 10-11,20-21
exit
spanning-tree
spanning-tree config-name sp1
spanning-tree config-revision 1

3
Lab Guide
MSTP

spanning-tree instance 1 vlan 10-11 < ----- Map vlans to instance


spanning-tree instance 2 vlan 20-21
spanning-tree priority 0 < ----- MST 0 Root
spanning-tree instance 1 priority 0 < ------MST 1 Root
spanning-tree instance 2 priority 1 < ------MST 2 Secondary Root
int 1/1/1-1/1/3
vlan trunk allowed all
vlan trunk native 1
exit

• On Switch B add VLAN 10-11 and 20-21. Configure STP making Switch B Root for VLAN 20-11 instance 2 and
Secondary Root for 10-11 instance 1,then trunk all VLANs for interface 1/1/1 to 1/1/3.
SwitchB#
configure
vlan 10-11,20-21
exit
spanning-tree
spanning-tree config-name sp1
spanning-tree config-revision 1
spanning-tree instance 1 vlan 10-11
spanning-tree instance 2 vlan 20-21
spanning-tree instance 1 priority 1 < ----- MST 1 Secondary Root
spanning-tree instance 2 priority 0 < ----- MST 2 Root
int 1/1/1-1/1/3
vlan trunk allowed all
vlan trunk native 1
exit

• On Switch C and D define the VLANs and add MSTP mapping to VLANs

configure
vlan 10-11,20-21
exit
spanning-tree
spanning-tree config-name sp1
spanning-tree config-revision 1
spanning-tree instance 1 vlan 10-11
spanning-tree instance 2 vlan 20-21
int 1/1/2-1/1/3
vlan trunk allowed all
vlan trunk native 1
exit

Task 3 - Check configurations and output


• Examine and check configuration and mappings from Switch A

SwitchA#show spanning-tree mst-config


MST configuration information
MST config ID : sp1
MST config revision : 1
MST config digest : 098798F08296B22CADC0650E39604C10
Number of instances : 2

Instance ID Member VLANs


--------------- ----------------------------------
0 1-9,12-19,22-4094
1 10,11
2 20,21

Above we see the general MSTP configuration, check other switches in the domain, they should all be similar.

• Check configuration and mappings from Switch A. Check System ID matches Root for the MSTP Instance

SwitchA#show spanning-tree summary root


STP status : Enabled
Protocol : MSTP
System ID : 08:00:09:8a:14:fa

Root bridge for STP Instance : 0,1

Root Hello Max Fwd


Instance ID Priority Root ID cost Time Age Dly Root Port
--------------- -------- ----------------- --------- ----- --- --- ------------
0 0 08:00:09:8a:14:fa 0 2 20 15 0
1 0 08:00:09:8a:14:fa 0 2 20 15 0
2 0 08:00:09:12:8e:9e 20000 2 20 15 1/1/1

4
Lab Guide
MSTP

As shown above Switch A is Root for Instance 0 and 1 identified by the System ID, and Instance 2 Root is another device
which is expected to be Switch B based on previous configurations.

• Examine switch B and check Root switches are as expected

SwithcB# show spanning-tree summary root


STP status : Enabled
Protocol : MSTP
System ID : 08:00:09:12:8e:9e

Root bridge for STP Instance : 2

Root Hello Max Fwd


Instance ID Priority Root ID cost Time Age Dly Root Port
--------------- -------- ----------------- --------- ----- --- --- ------------
0 0 08:00:09:8a:14:fa 20000 2 20 15 1/1/1
1 0 08:00:09:8a:14:fa 20000 2 20 15 1/1/1
2 0 08:00:09:12:8e:9e 0 2 20 15 0

As shown above Switch B is Root for Instance 2 based on the identified System ID, and Instance 0 and 1 Root is SwitchA
System ID

Continue to check switch C and D in a similar fashion (not shown in this lab guide)

• Now examine the behavior of ports and their state, by examining spanning tree state. The logical topology in Figure
2 for each switch can be observed showing a loop free Layer 2 topology.

SwitchA# show spanning-tree mst


#### MST0
Vlans mapped: 1-9,12-19,22-4094
Bridge Address:08:00:09:8a:14:fa priority:0
Root
Regional Root
Operational Hello time(in seconds): 2 Forward delay(in seconds):15 Max-age(in seconds):20 txHoldCount(in pps): 6
Configured Hello time(in seconds): 2 Forward delay(in seconds):15 Max-age(in seconds):20 Max-Hops:20
Root Address:08:00:09:8a:14:fa Priority:0
Port:0 Path cost:0
Regional Root Address:08:00:09:8a:14:fa Priority:0
Internal cost:0 Rem Hops:20

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-
Rx
-------------- -------------- ---------- ---------- ---------- ---------------- ---------- ---------- ---------- -----
1/1/1 Designated Forwarding 20000 128 P2P 32900 28093 10 6
1/1/2 Designated Forwarding 20000 128 P2P 32902 8 8 4
1/1/3 Designated Forwarding 20000 128 P2P 32898 5 2 3

Topology change flag : True


Number of topology changes : 9
Last topology change occurred : 55669 seconds ago

#### MST1
Vlans mapped: 10,11
Bridge Address:08:00:09:8a:14:fa Priority:0
Root Address:08:00:09:8a:14:fa Priority:0
Port:0, Cost:0, Rem Hops:20

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/1 Designated Forwarding 20000 128 P2P 32900 28093 10 6
1/1/2 Designated Forwarding 20000 128 P2P 32902 8 8 4
1/1/3 Designated Forwarding 20000 128 P2P 32898 5 2 3

Topology change flag : True


Number of topology changes : 9
Last topology change occurred : 55669 seconds ago

#### MST2
Vlans mapped: 20,21
Bridge Address:08:00:09:8a:14:fa Priority:4096
Root Address:08:00:09:12:8e:9e Priority:0
Port:1/1/1, Cost:20000, Rem Hops:19

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/1 Root Forwarding 20000 128 P2P 32900 28093 10 6
1/1/2 Designated Forwarding 20000 128 P2P 32902 8 8 4
1/1/3 Designated Forwarding 20000 128 P2P 32898 5 2 3

Topology change flag : True

5
Lab Guide
MSTP

Number of topology changes : 7


Last topology change occurred : 55673 seconds ago

As shown above Switch A for instance 0 and 1 all ports are Designated and Forwarding, instance 2 has a Root port 1/1/1
towards Switch B the Root switch for VLANs 20-21, and other ports are Designated Forwarding leading to Switch C and D
respectively.

The reader can continue to check switch B, C and D in a similar fashion (not shown in this lab guide) and build a logical
picture of the MSTP instances as shown in Figure 2

Task 4 - Path Cost


Now examine path cost and the MSTP port state from Switch D perspective in MSTP instance 1.

• In Figure 3 below the Root port path cost to the Root Switch A from Switch D perspective is 20,000 via port 1/1/3
• The next alternate path is via 1/1/2 with the next lowest path being through Switch B port 1/1/1 . This next alternate
best path cost is 40,000 (20,000 (Switch D interface 1/1/2) + 20,000 (Switch B interface 1/1/1)) and is the
summation of associated link cost.

Figure 3 MSTP 1 path cost from Switch D

• Check the port roles and cost from Switch D perspective

SwitchD#show spanning-tree mst 1

#### MST1
Vlans mapped: 10,11
Bridge Address:08:00:09:ee:11:82 Priority:32768
Root Address:08:00:09:8a:14:fa Priority:0
Port:1/1/3, Cost:20000, Rem Hops:19

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/2 Alternate Blocking 20000 128 P2P 25 41592 1 4
1/1/3 Root Forwarding 20000 128 P2P 31 41590 3 2

Above we see the local path costs on Switch D, port 1/1/3 being the Forwarding Root port and 1/1/2 being the Blocked
Alternate port

• Now manipulate the cost to change the MSTP instance 1 topology from Switch D perspective, by changing the cost
on Root port. To influence a change in this topology we need to increase cost to greater than 40,000, based on our
earlier calculation.

SwitchD#

configure
int 1/1/3
spanning-tree instance 1 cost 40001 < ----- change the path cost on the interface to 40001 or more
exit

SwitchD#show spanning-tree mst 1 < ----- check port roles

#### MST1
Vlans mapped: 10,11

6
Lab Guide
MSTP

Bridge Address:08:00:09:ee:11:82 Priority:32768


Root Address:08:00:09:8a:14:fa Priority:0
Port:1/1/2, Cost:40000, Rem Hops:18

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/2 Root Forwarding 20000 128 P2P 28 79916 1 4
1/1/3 Alternate Blocking 40001 128 P2P 34 79914 3 2

As shown above by manipulating the path cost the behavior of the ports roles were changed.

Note Default cost is calculated based on port link speed for the Aruba CX OVA the ports simulate 1GbEs and are set to
20,000. Please refer to Layer 2 birding guide to get the path cost for various speed ports.

Task 5 - MSTP timers and tuning

Detailed information around STP timers is beyond the scope of this lab guide. However, it is possible to change some MSTP
timers to tune and improve convergence time. However, use of such parameters depends on design and architecture of a
network as it can impact switch resources under certain conditions.

• spanning-tree forward-delay is the time spent in the listening and learning state. This time is equal to 15
seconds by default, and can be tuned between 4 and 30 seconds

• spanning-tree hello-time is the time between each Bridge Protocol Data Unit (BPDU) that are sent on a port.
The default is 2 seconds and can be tuned between 2 and 10 sec.

• spanning-tree max-age is the interval, specified in the BPDU, that BPDU data remains valid after its reception.
The bridge re-computes the spanning tree topology if it does not receive a new BPDU before max-age expiry.
Default is 20 Seconds and can be changed between 6 and 20 Seconds.

The above three parameters are mentioned for completeness. For this lab guide we will explore :

• spanning-tree port-type admin-edge which is primarily designed to optimize ports that are connected to end
points to allow the ports to transition directly to forwarding, circumventing the learning and listening phase.

On Switch C configure the following


SwitchC#
configure
int 1/1/9
no shut
no routing
vlan access 10

Now examine the ports on Switch C


show spanning-tree mst 1

#### MST1
Vlans mapped: 10,11
Bridge Address:08:00:09:16:7b:7e Priority:32768
Root Address:08:00:09:8a:14:fa Priority:0
Port:1/1/2, Cost:20000, Rem Hops:19

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/2 Root Forwarding 20000 128 P2P 0 2 0 0
1/1/3 Alternate Blocking 20000 128 P2P 0 2 0 0
1/1/9 Designated Forwarding 20000 128 P2P 2 0 0 0

Topology change flag : True


Number of topology changes : 3
Last topology change occurred : 476 seconds ago

In the above we can see the newly configured switch port act like a regular P2P port and we know that it will go into a
learning and listening phase which is undesirable for ports connected to endpoints.

• On Switch C configure the following


SwitchC#
configure
int 1/1/9
spanning-tree port-type admin-edge

7
Lab Guide
MSTP

Now examine the ports on Switch C


show spanning-tree mst 1

#### MST1
Vlans mapped: 10,11
Bridge Address:08:00:09:16:7b:7e Priority:32768
Root Address:08:00:09:8a:14:fa Priority:0
Port:1/1/2, Cost:20000, Rem Hops:19

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/2 Root Forwarding 20000 128 P2P 0 2195 0 0
1/1/3 Alternate Blocking 20000 128 P2P 0 2195 0 0
1/1/9 Designated Forwarding 20000 128 P2P Edge 1028 0 0 0

In the above we can now see the newly configured switch port is in a different mode “P2P Edge”. This port will now go into
forwarding mode when an endpoint is connected.

Task 5 - Spanning tree protection


Various security mechanisms are in place to protect spanning true configurations from interference and protect from rouge
devices. We will explore both BPDU guard and Root guard.

BPDU protection secures the active MSTP topology by preventing spoofed BPDU packets from entering the MSTP
domain. Typically BPDU protection would be applied to edge ports connected to end user devices that do not run MSTP. If
MSTP BPDU packets are received on a protected port, this feature disables the port and an alerts can be sent out
accordingly.

• On Switch D configure BPDU guard


SwitchD#
configure
interface 1/1/8
no shutdown
no routing
vlan access 10
spanning-tree bpdu-guard

• On Switch X configure the following


SwitchX#
configure
spanning-tree
interface 1/1/8
no shutdown
no routing
vlan access 1
exit

Observe the output on Switch D. It can be observed that the port 1/1/8 is disabled as we received a BPDU on port 1/1/8
from Switch X. Timeouts can be configured to re-enable the port, not covered in this guide.

Below port 1/1/8 is disabled due to “Bpdu-Error”

SwitchD#show spanning-tree mst 1

#### MST1
Vlans mapped: 10,11
Bridge Address:08:00:09:ee:11:82 Priority:32768
Root Address:08:00:09:8a:14:fa Priority:0
Port:1/1/2, Cost:40000, Rem Hops:18

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/2 Root Forwarding 20000 128 P2P 9 210294 0 8
1/1/3 Alternate Blocking 40001 128 P2P 11 210295 4 4
1/1/8 Disabled Bpdu-Error 20000 128 P2P 31 0 0 0

Topology change flag : True


Number of topology changes : 7
Last topology change occurred : 350406 seconds ago

Below observe the state of the interface 1/1/8 is down as expected, due to Bpdu-Error.
SwitchD#show int 1/1/8

Interface 1/1/8 is down


Admin state is up
State information:
Link transitions: 0

8
Lab Guide
MSTP

Description:
Hardware: Ethernet, MAC Address: 08:00:09:ee:11:82
MTU 1500
Type --
Full-duplex
qos trust none
Speed 1000 Mb/s
Auto-negotiation is on
Flow-control: off

Note: On Switch X OVA Simulator toggle the port “shut” to “no shut” may be required to enable BPDU initially.
Root Protection. Secures the active MSTP topology by preventing other switches declaring their ability to propagate
superior BPDU, containing both better information on the root bridge and path cost to the root bridge,
which would normally replace the current root bridge selection.

In this lab setup enable Root guard on Switch A 1/1/2 and Switch B 1/1/3 respectively and then try and make Switch C the
Root for Instance 1 and observe the behavior.
SwitchA#
configure
interface 1/1/2
spanning-tree root-guard
exit

SwithB#
configure
interface 1/1/3
spanning-tree root-guard
exit

SwitchC#
configure
spanning-tree instance 1 priority 0 < ----- Make Switch C Root for instance 1
exit

Below observe that or instance 1 both Switch A and B ports go into Root Inconsistent Alternate for instance 1. Thus
protecting the rest of the network from the information that Switch C is sending “better” BPDUs, and maintaining Layer 2
stability.

SwithcA#show spanning-tree mst


#### MST0
Vlans mapped: 1-9,12-19,22-4094
Bridge Address:08:00:09:8a:14:fa priority:0
Root
Regional Root
Operational Hello time(in seconds): 2 Forward delay(in seconds):15 Max-age(in seconds):20 txHoldCount(in pps): 6
Configured Hello time(in seconds): 2 Forward delay(in seconds):15 Max-age(in seconds):20 Max-Hops:20
Root Address:08:00:09:8a:14:fa Priority:0
Port:0 Path cost:0
Regional Root Address:08:00:09:8a:14:fa Priority:0
Internal cost:0 Rem Hops:20

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-
Rx
-------------- -------------- ---------- ---------- ---------- ---------------- ---------- ---------- ---------- -----
1/1/1 Designated Forwarding 20000 128 P2P 217571 217573 11 14
1/1/2 Designated Forwarding 20000 128 P2P 217566 565 15 8
1/1/3 Designated Forwarding 20000 128 P2P 217573 27 13 7

Topology change flag : True


Number of topology changes : 15
Last topology change occurred : 908 seconds ago

#### MST1
Vlans mapped: 10,11
Bridge Address:08:00:09:8a:14:fa Priority:0
Root Address:08:00:09:8a:14:fa Priority:0
Port:0, Cost:0, Rem Hops:20

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/1 Designated Forwarding 20000 128 P2P 217571 217573 11 14
1/1/2 Alternate Root-Inc 20000 128 P2P 217566 565 15 8
1/1/3 Designated Forwarding 20000 128 P2P 217573 27 13 7

Topology change flag : True


Number of topology changes : 18
Last topology change occurred : 908 seconds ago

#### MST2
Vlans mapped: 20,21
Bridge Address:08:00:09:8a:14:fa Priority:4096

9
Lab Guide
MSTP

Root Address:08:00:09:12:8e:9e Priority:0


Port:1/1/1, Cost:20000, Rem Hops:19

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/1 Root Forwarding 20000 128 P2P 217571 217573 11 14
1/1/2 Designated Forwarding 20000 128 P2P 217566 565 15 8
1/1/3 Designated Forwarding 20000 128 P2P 217573 27 13 7

Topology change flag : True


Number of topology changes : 13
Last topology change occurred : 911 seconds ago

SwithcB#show spanning-tree mst


#### MST0
Vlans mapped: 1-9,12-19,22-4094
Bridge Address:08:00:09:12:8e:9e priority:32768
Operational Hello time(in seconds): 2 Forward delay(in seconds):15 Max-age(in seconds):20 txHoldCount(in pps): 6
Configured Hello time(in seconds): 2 Forward delay(in seconds):15 Max-age(in seconds):20 Max-Hops:20
Root Address:08:00:09:8a:14:fa Priority:0
Port:1/1/1 Path cost:0
Regional Root Address:08:00:09:8a:14:fa Priority:0
Internal cost:20000 Rem Hops:19

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-
Rx
-------------- -------------- ---------- ---------- ---------- ---------------- ---------- ---------- ---------- -----
1/1/1 Root Forwarding 20000 128 P2P 217900 217897 14 11
1/1/2 Designated Forwarding 20000 128 P2P 217902 25 13 1
1/1/3 Designated Forwarding 20000 128 P2P 217900 895 12 2

Topology change flag : True


Number of topology changes : 16
Last topology change occurred : 1560 seconds ago

#### MST1
Vlans mapped: 10,11
Bridge Address:08:00:09:12:8e:9e Priority:4096
Root Address:08:00:09:8a:14:fa Priority:0
Port:1/1/1, Cost:20000, Rem Hops:19

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/1 Root Forwarding 20000 128 P2P 217900 217897 14 11
1/1/2 Designated Forwarding 20000 128 P2P 217902 25 13 1
1/1/3 Alternate Root-Inc 20000 128 P2P 217900 895 12 2

Topology change flag : True


Number of topology changes : 19
Last topology change occurred : 1560 seconds ago

#### MST2
Vlans mapped: 20,21
Bridge Address:08:00:09:12:8e:9e Priority:0
Root Address:08:00:09:12:8e:9e Priority:0
Port:0, Cost:0, Rem Hops:20

Port Role State Cost Priority Type BPDU-Tx BPDU-Rx TCN-Tx TCN-Rx
-------------- -------------- ---------- ------- ---------- ---------------- ---------- ---------- ---------- --------
1/1/1 Designated Forwarding 20000 128 P2P 217900 217897 14 11
1/1/2 Designated Forwarding 20000 128 P2P 217902 25 13 1
1/1/3 Designated Forwarding 20000 128 P2P 217900 895 12 2

Topology change flag : True


Number of topology changes : 13
Last topology change occurred : 1561 seconds ago
End of lab

10
Lab Guide
MSTP

Appendix – Complete Configurations


• If you face issues during your lab, you can verify your configs with the configs listed in this section

• If configs are the same, try powering off/powering on the switches to reboot them

Switch A

hostname SwitchA
!
!
ssh server vrf mgmt
vlan 1,10-11,20-21
spanning-tree
spanning-tree priority 0
spanning-tree config-name sp1
spanning-tree config-revision 1
spanning-tree instance 1 vlan 10,11
spanning-tree instance 1 priority 0
spanning-tree instance 2 vlan 20,21
spanning-tree instance 2 priority 1
interface mgmt
no shutdown
ip dhcp
interface 1/1/1
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
interface 1/1/2
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
spanning-tree root-guard
interface 1/1/3
no shutdown
no routing
vlan trunk native 1

vlan trunk allowed all


!
!
https-server vrf mgmt

Switch B

hostname SwithcB
!
!
ssh server vrf mgmt
vlan 1,10-11,20-21
spanning-tree
spanning-tree config-name sp1
spanning-tree config-revision 1
spanning-tree instance 1 vlan 10,11
spanning-tree instance 1 priority 1
spanning-tree instance 2 vlan 20,21
spanning-tree instance 2 priority 0
interface mgmt
no shutdown
ip dhcp
interface 1/1/1
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
interface 1/1/2
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
interface 1/1/3
no shutdown

11
Lab Guide
MSTP

no routing
vlan trunk native 1
vlan trunk allowed all
spanning-tree root-guard
!
!
https-server vrf mgmt

Switch C

hostname SwitchC
!
!
ssh server vrf mgmt
vlan 1,10-11,20-21
spanning-tree
spanning-tree config-name sp1
spanning-tree config-revision 1
spanning-tree instance 1 vlan 10,11
spanning-tree instance 1 priority 0
spanning-tree instance 2 vlan 20,21
interface mgmt
no shutdown
ip dhcp
interface 1/1/2
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
interface 1/1/3
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
interface 1/1/9
no shutdown
no routing
vlan access 10
spanning-tree port-type admin-edge
!
!
https-server vrf mgmt

Switch D

hostname SwitchD
!
!
ssh server vrf mgmt
vlan 1,10-11,20-21
spanning-tree
spanning-tree config-name sp1
spanning-tree config-revision 1
spanning-tree instance 1 vlan 10,11
spanning-tree instance 2 vlan 20,21
interface mgmt
no shutdown
ip dhcp
interface 1/1/2
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
spanning-tree instance 2 cost 40001
interface 1/1/3
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
spanning-tree instance 1 cost 40001
interface 1/1/8
no shutdown
no routing
vlan access 10
spanning-tree bpdu-guard
!

12
Lab Guide
MSTP

!
https-server vrf mgmt

Switch X

hostname SwitchX
!
ssh server vrf mgmt
vlan 1
spanning-tree
interface mgmt
no shutdown
ip dhcp
interface 1/1/8
no shutdown
no routing
vlan access 1
!
!
!
!
!
https-server vrf mgmt

13
www.arubanetworks.com
3333 Scott Blvd. Santa Clara, CA 95054
1.844.472.2782 | T: 1.408.227.4500 | FAX: 1.408.227.4550 | [email protected]
14

You might also like