Scenario-2.3 Branch Office Network Setup – Configure Layer 2 VLANs and Spanning Tree

This is the 3rd configuration challenge in MyVirlLabs Scenario 2 labs based around setting up a medium sized branch office network.

In this the third lab we will be configuring a number of VLANs using one of the network’s VTP servers and then we will setup Spanning Tree and in a way that switches Core-1A will act as the Primary Root Bridge for all VLANs and Core-1B as the Secondary Root Bridge.

We will also optimize Spanning Tree timers by using the optional Diameter keyword.

The Goal

Scenario-2.3

Using a VTP Server Configure all of the necessary L2 VLANS.

Verify the new VLANs have propagated throughout the network topology.

Set Core-1A as the Primary Root Bridge.

Core-1B as Secondary Root Bridge.

Optimize STP using the optional Diameter keyword.

Verify that the Spanning Tree Protocol has converged as planned.

The Resources

The Enable Secret configured on all switches is levelup.

Download, import and run in Cisco VIRL the Scenario-2.3 Topology File.

Cisco’s Campus LAN Layer 2 Access with Simplified Distribution Deployment Guide.

The High Level Steps

First we will logon to switch Core-1A which was setup as a VTP Server in an earlier lab and configure the following VLANs:

vlan 10 Security Services

vlan 20 Telephony Services

vlan 30 Data Infrastructure Services

vlan 100 & 101 User Data

vlan 200 & 201 User Voice

Once configured we should logon to the other switches in the topology and verify that they have learnt of the new VLANs via VTP.

Next we will configure Spanning Tree in a deterministic way so that Core-1A is the Root Bridge for all VLANs and Core-1B the “secondary” Root Bridge should its neighboring Core switch ever fail, whilst optimizing Spanning Tree protocol’s timers by including the optional Diameter keyword to tune the timers based on the size of the network.

Lastly we will want to verify that the Spanning Tree Topology converged as planned by reviewing the Root Bridges for the networks VLANs.

The Solution

Unfortunately one limitation of Cisco’s VIRL when extracting node configurations is that it only pulls the running-config and as VTP configuration for VTP Clients and Servers are stored in the VLAN.dat file and not the running-configuration, these VTP changes are not saved.

So for the purposes of this lab we first need to recreate the VTP setup as per Scenario2.1 before we proceed with this particular lab’s configuration goals which.

First we will apply the following configuration across the two Core Switches:

vtp domain myvirl.lab
vtp version 2
vtp password myvirlvtpkey
vtp mode server
!

Then we will apply the following VTP config to all four User Access Switches

vtp domain myvirl.lab
vtp version 2
vtp password myvirlvtpkey
vtp mode server
!

Conversely upon completion of this lab we will change all of the switches VTP configuration to ensure the VLANs configured are saved to the running config so that they will be available for future labs by setting the VTP mode to Transparent.

However, moving back to the tasks associated with this lab we will first confirm VTP is operating as expected by checking VTP status by logging on to a number of switches in the topology and running the commands and verifying the switches have the correct vtp domains, versions, modes and vtp password:

vtp status
!
vtp password

Once we have confirmed that VTP is operating as expected, we will connect to Core-1A which was setup as a VTP server and apply the following VLAN configuration:

vlan 10
 name Securlty
!
vlan 20
 name Telephony
!
vlan 30
 name Data
!
vlan 100
 name User-Data-1
!
vlan 101
 name User-Data-2
!
vlan 200
 name User-Voice-1
!
vlan 201
 name User-Voice-2
!

Next we should confirm that the new VLANs have been propagated across the network by VTP by logging onto some of the other switches and issuing the command and checking that the newly setup VLANs on Core-1A available:

show vlan brief 
!

Now that the VLANs have been configured and propagated throughout the topology we will log back into the core switches and configure spanning tree whilst at the same time applying the diameter keyword to optimize the spanning tree timers for the networks given size by issuing on Core-1A:

spanning-tree vlan 1,10,20,30,100,101,200,,201 root primary diameter 3
!

and on Core 1B

spanning-tree vlan 1,10,20,30,100,101,200,,201 root primary diameter 3
!

Finally we should verify that the Spanning Tree topology is functioning as planned. Connect to Core-1A issue the following command and check that it is acting as the Root Bridge for all configured VLANs

show spanning-tree
!

Once completed we need to make a minor change to the VTP settings so that the newly configured VLAN will be saved for future use.  Connect to every switch and enter the command:

vtp mode transparent
!

Note: this final step is required due to a limitation using Cisco’s VIRL and isn’t necessarily something that would need doing in a live environment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s