Friday, December 13, 2013

Cisco 1841 router IOS Update

I've purchased a couple of Cisco 64 MB Compact Flash (CF) cards for my 1841 routers in order to run the
c1841-adventerprisek9-mz.124-24.T2.bin code. This IOS is feature packed compared to the default IP BASE IOS according Cisco's Feature Navigator Tool. 

It is also able to run MP-BGP/MPLS VPN, which is essential in doing labs for the CCIE R/S blueprint. So I went ahead and downloaded the IOS.
 

I found an easy and quick way to perform the IOS update. I first let the router bootup and run the default IOS, which in this case is the IP BASE.

Router>show version
Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.4(12a), RELEASE SOFTWARE (fc3)
Technical Support: http://splashurl.com/m6n5s3d
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Thu 22-Feb-07 15:10 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

Router uptime is 1 minute
System returned to ROM by reload at 15:03:47 SGT Tue Aug 20 2013
System image file is "flash:c1841-ipbase-mz.124-12a.bin"

Cisco 1841 (revision 7.0) with 114688K/16384K bytes of memory.
Processor board ID FHK111819JT
2 FastEthernet interfaces
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
31360K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102


I ejected the 32 MB CF card and swapped with a 64 MB card, connected an RJ45 patch cable to the FE0/0 port (using FE0/1 doesn't work), which is connected to a TFTP server (my PC) on the other end. We also check if the new CF card is formatted (FAT16) and doesn't contain any irrelevant files.

After that we can transfer the new IOS via TFTP to the CF and check its integrity afterwards. We do a reboot for the new IOS to take effect.


Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#interface fastethernet0/0
Router(config-if)#ip address 192.168.1.1 255.255.255.0    
Router(config-if)#no shutdown
*Nov 16 15:10:28.423: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Nov 16 15:10:29.423: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config-if)#end
*Nov 16 15:10:45.719: %SYS-5-CONFIG_I: Configured from console by console
*Nov 16 15:10:52.735: %FILESYS-5-CF: External CompactFlash removed       // EJECTED 32 MB CF
Router#
Flash card inserted in flash. Reading filesystem on the device...   
Wait for the completion message before accessing device
Filesystem read completed in flash.
Device in flash available for use


*Nov 16 15:11:06.111: %FILESYS-5-CF: External CompactFlash inserted      // INSERTED 64 MB CF
Router#dir

Directory of flash:/

    1  -rw-         720   May 2 2007 21:56:14 +00:00  vlan.dat
    2  -rw-        1821   Aug 1 2006 19:08:30 +00:00  sdmconfig-2801.cfg
    3  -rw-     4734464   Aug 1 2006 19:09:04 +00:00  sdm.tar
    4  -rw-      833024   Aug 1 2006 19:09:28 +00:00  es.tar
    5  -rw-     1052160   Aug 1 2006 19:09:50 +00:00  common.tar
    6  -rw-        1038   Aug 1 2006 19:10:10 +00:00  home.shtml
    7  -rw-      102400   Aug 1 2006 19:10:30 +00:00  home.tar
    8  -rw-      491213   Aug 1 2006 19:10:50 +00:00  128MB.sdf
    9  -rw-     1684577   Aug 1 2006 19:11:22 +00:00  securedesktop-ios-3.1.1.27-k9.pkg
   10  -rw-      398305   Aug 1 2006 19:11:54 +00:00  sslclient-win-1.1.0.154.pkg
   11  -rw-    32999900  Mar 12 2008 19:46:56 +00:00  c2801-adventerprisek9-mz.124-19.bin
   12  -rw-        2362  Nov 23 2009 17:25:20 +00:00  pre_autosec.cfg
   13  -rw-      386294  Nov 23 2009 19:03:44 +00:00  crashinfo_20091123-190339
   14  -rw-      214858  Nov 23 2009 19:18:42 +00:00  crashinfo_20091123-191843
   15  -rw-         839  Mar 24 2010 23:48:34 +00:00  n
   16  -rw-         981  Apr 20 2011 20:00:54 +00:00  config
   17  -rw-        1091  Jan 31 2011 22:01:30 +00:00  startup-config
   18  -rw-        1105  Oct 18 2012 21:17:50 +00:00  exit
   19  -rw-        1407  Oct 23 2012 21:52:36 +00:00  o

Router#delete ?
  /force      Force delete
  /recursive  Recursive delete
  flash:      File to be deleted
  nvram:      File to be deleted

Router#delete /force ?
  /recursive  Recursive delete
  flash:      File to be deleted
  nvram:      File to be deleted

Router#delete /force /recursive ?
  flash:  File to be deleted
  nvram:  File to be deleted

Router#delete /force /recursive flash:?
flash:128MB.sdf                    flash:c2801-adventerprisek9-mz.124-19.bin
flash:common.tar                   flash:config
flash:crashinfo_20091123-190339    flash:crashinfo_20091123-191843
flash:es.tar                       flash:exit
flash:home.shtml                   flash:home.tar
flash:n                            flash:o
flash:pre_autosec.cfg              flash:sdm.tar
flash:sdmconfig-2801.cfg           flash:securedesktop-ios-3.1.1.27-k9.pkg
flash:sslclient-win-1.1.0.154.pkg  flash:startup-config
flash:vlan.dat

Router#delete /force /recursive flash:      // erase /all nvram: DOESN'T SEEM TO WORK
Router#dir
Directory of flash:/

No files in directory

64012288 bytes total (64012288 bytes free)
Router#copy tftp://192.168.1.2/c1841-adventerprisek9-mz.124-24.T2.bin flash
Destination filename [c1841-adventerprisek9-mz.124-24.T2.bin]?
Accessing tftp://192.168.1.2/c1841-adventerprisek9-mz.124-24.T2.bin...
Loading c1841-adventerprisek9-mz.124-24.T2.bin from 192.168.1.2 (via FastEthernet0/0):

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 40529832 bytes]

40529832 bytes copied in 212.124 secs (191067 bytes/sec)
Router#verify flash:c1841-adventerprisek9-mz.124-24.T2.bin
%Filesystem does not support verify operations
Verifying file integrity of flash:c1841-adventerprisek9-mz.124-24.T2.bin.........................................................................................................

<OUTPUT TRUNCATED>

....................................................................................................Done!
Embedded Hash   MD5 : D4265070CE2266CB3C7F459A49C1EFAA
Computed Hash   MD5 : D4265070CE2266CB3C7F459A49C1EFAA
CCO Hash        MD5 : B7C09EB264EA1D50E0E8254DB8DFF429

Signature Verified
Router#reload

System configuration has been modified. Save? [yes/no]: no
Proceed with reload? [confirm]

*Nov 16 15:17:17.563: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
Technical Support: http://splashurl.com/m6n5s3d
Copyright (c) 2006 by cisco Systems, Inc.
PLD version 0x10
GIO ASIC version 0x127
c1841 platform with 131072 Kbytes of main memory
Main memory is configured to 64 bit mode with parity disabled


Readonly ROMMON initialized
program load complete, entry point: 0x8000f000, size: 0xcb80
program load complete, entry point: 0x8000f000, size: 0xcb80

program load complete, entry point: 0x8000f000, size: 0x26a6e08
Self decompressing the image :

##################################################################################################################

############################################################################################## [OK]

Smart Init is enabled
smart init is sizing iomem
  ID            MEMORY_REQ         TYPE
                0X003AA110 public buffer pools
                0X00211000 public particle pools
                0X00020000 Crypto module pools
                0X000021B8 Onboard USB

If any of the above Memory Requirements are
"UNKNOWN", you may be using an unsupported
configuration or there is a software problem and
system operation may be compromised.

Allocating additional 1701480 bytes to IO Memory.
PMem allocated: 123731968 bytes; IOMem allocated: 10485760 bytes

              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706



Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(24)T2, RELEASE SOFTWARE (fc2)
Technical Support: http://splashurl.com/m6n5s3d
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Mon 19-Oct-09 16:11 by prod_rel_team

licensing flash block 0 needs to be initialized
licensing flash block 1 needs to be initialized
licensing flash block 0 needs to be initialized
licensing flash block 1 needs to be initialized

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://splashurl.com/lc8pd9c

If you require further assistance please contact us by sending email to
export@cisco.com.

Installed image archive
Cisco 1841 (revision 7.0) with 120832K/10240K bytes of memory.
Processor board ID FHK111915FK
2 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62720K bytes of ATA CompactFlash (Read/Write)


         --- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: no


Press RETURN to get started!


*Nov 16 15:19:29.343: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0  State changed to: Initialized
*Nov 16 15:19:29.347: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0  State changed to: Enabled
*Nov 16 15:19:31.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
*Nov 16 15:19:32.571: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
*Nov 16 15:19:35.711: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
*Nov 16 15:20:22.075: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
*Nov 16 15:20:22.079: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
*Nov 16 15:20:22.587: %IP-5-WEBINST_KILL: Terminating DNS process
*Nov 16 15:20:23.075: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
*Nov 16 15:20:33.611: %SYS-5-RESTART: System restarted --
Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(24)T2, RELEASE SOFTWARE (fc2)
Technical Support: http://splashurl.com/m6n5s3d
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Mon 19-Oct-09 16:11 by prod_rel_team
*Nov 16 15:20:33.615: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold start
*Nov 16 15:20:33.819: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF
*Nov 16 15:20:33.819: %CRYPTO-6-GDOI_ON_OFF: GDOI is OFF
*Nov 16 15:20:33.819: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF
*Nov 16 15:20:33.819: %CRYPTO-6-GDOI_ON_OFF: GDOI is OFF
*Nov 16 15:20:35.051: %SYS-6-BOOTTIME: Time taken to reboot after reload =  197 seconds
Router>show version | include IOS
Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(24)T2, RELEASE SOFTWARE (fc2)


I ran into a problem with one of the routers. It displayed a traceback error and the loading of the IOS kept on looping. I initially though it was a DRAM issue but I noticed the device created an IOMEM (Input/Output Memory) of 25% and it complains not having enough memory to run the IOS code.

Readonly ROMMON initialized
program load complete, entry point: 0x8000f000, size: 0xcb80
program load complete, entry point: 0x8000f000, size: 0xcb80

program load complete, entry point: 0x8000f000, size: 0x26a6e08
Self decompressing the image :

##################################################################################################################

############################################################################################## [OK]

IOMEM set to: 25
25 percent IO memory configuration is too large. Decreasing to 24117248 bytes.
PMem allocated: 110100480 bytes


              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706



Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(24)T2, RELEASE SOFTWARE (fc2)
Technical Support: http://splashurl.com/m6n5s3d
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Mon 19-Oct-09 16:11 by prod_rel_team


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://splashurl.com/lc8pd9c

If you require further assistance please contact us by sending email to
export@cisco.com.

Installed image archive
Cisco 1841 (revision 7.0) with 107520K/23552K bytes of memory.
Processor board ID FHK112717FB
2 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62720K bytes of ATA CompactFlash (Read/Write)

SYSTEM INIT: INSUFFICIENT MEMORY TO BOOT THE IMAGE!



%Software-forced reload


 15:27:29 UTC Sat Nov 16 2013: Breakpoint exception, CPU signal 23, PC = 0x60673B88



--------------------------------------------------------------------
   Possible software fault. Upon reccurence,  please collect
   crashinfo, "show tech" and contact Cisco Technical Support.
--------------------------------------------------------------------


-Traceback= 0x6066C2C8z 0x6066A794z 0x602B310Cz 0x602D21A8z 0x60F88B94z 0x60FAF288z 0x60FAF7C4z 0x60FAF8D0z

0x60FAF97Cz 0x614C1C98z 0x614BBD8Cz 0x614B3D44z 0x614BEF40z 0x614BF0D0z 0x614BF158z 0x60F4AE78z
$0 : 00000000, AT : 64B50000, v0 : 00000000, v1 : 00000000
a0 : 00000000, a1 : 635C860C, a2 : 00000000, a3 : 635D0000
t0 : 64C83DE0, t1 : 64E60000, t2 : 60679488, t3 : 64B49184
t4 : 60679488, t5 : 6545CD48, t6 : 3401FF01, t7 : 3401FF00
s0 : 00000000, s1 : 00000000, s2 : 646D0000, s3 : 64790000
s4 : 00000000, s5 : 00000000, s6 : 00000000, s7 : 6346E6DC
t8 : 00000000, t9 : 64E60000, k0 : 3041E801, k1 : 00100000
gp : 64B50F20, sp : 6545C788, s8 : 654971E4, ra : 60672054
EPC  : 60673B88, ErrorEPC : BFC05FDC, SREG     : 3401FF03
MDLO : 0000002E, MDHI     : 00000000, BadVaddr : FE804254
TEXT_START : 0x600171C0
DATA_START : 0x632078C0
Cause 00000024 (Code 0x9): Breakpoint exception

Writing crashinfo to flash:crashinfo_20131116-152729

 15:27:29 UTC Sat Nov 16 2013: Breakpoint exception, CPU signal 23, PC = 0x60673B88



--------------------------------------------------------------------
   Possible software fault. Upon reccurence,  please collect
   crashinfo, "show tech" and contact Cisco Technical Support.
--------------------------------------------------------------------


-Traceback= 0x6066C2C8z 0x6066A794z 0x602B310Cz 0x602D21A8z 0x60F88B94z 0x60FAF288z 0x60FAF7C4z 0x60FAF8D0z

0x60FAF97Cz 0x614C1C98z 0x614BBD8Cz 0x614B3D44z 0x614BEF40z 0x614BF0D0z 0x614BF158z 0x60F4AE78z
$0 : 00000000, AT : 64B50000, v0 : 00000000, v1 : 00000000
a0 : 00000000, a1 : 635C860C, a2 : 00000000, a3 : 635D0000
t0 : 64C83DE0, t1 : 64E60000, t2 : 60679488, t3 : 64B49184
t4 : 60679488, t5 : 6545CD48, t6 : 3401FF01, t7 : 3401FF00
s0 : 00000000, s1 : 00000000, s2 : 646D0000, s3 : 64790000
s4 : 00000000, s5 : 00000000, s6 : 00000000, s7 : 6346E6DC
t8 : 00000000, t9 : 64E60000, k0 : 3041E801, k1 : 00100000
gp : 64B50F20, sp : 6545C788, s8 : 654971E4, ra : 60672054
EPC  : 60673B88, ErrorEPC : BFC05FDC, SREG     : 3401FF03
MDLO : 0000002E, MDHI     : 00000000, BadVaddr : FE804254
TEXT_START : 0x600171C0
DATA_START : 0x632078C0
Cause 00000024 (Code 0x9): Breakpoint exception

-Traceback= 0x6066C2C8z 0x6066A794z 0x602B310Cz 0x602D21A8z 0x60F88B94z 0x60FAF288z 0x60FAF7C4z 0x60FAF8D0z

0x60FAF97Cz 0x614C1C98z 0x614BBD8Cz 0x614B3D44z 0x614BEF40z 0x614BF0D0z 0x614BF158z 0x60F4AE78z


=== Flushing messages (15:27:30 UTC Sat Nov 16 2013) ===

Queued messages:
*Nov 16 15:27:30.699: %SYS-3-LOGGER_FLUSHING: System pausing to ensure console debugging output.

*Nov 16 15:27:25.591: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0  State changed to: Initialized
*Nov 16 15:27:25.595: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0  State changed to: Enabled
*Nov 16 15:27:28.223: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
*Nov 16 15:27:28.823: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
*Nov 16 15:27:28.875: %SYS-2-MALLOCFAIL: Memory allocation of 32768 bytes failed from 0x602D9A60, alignment 0
Pool: Processor  Free: 34708  Cause: Memory fragmentation
Alternate Pool: None  Free: 0  Cause: No Alternate pool
 -Process= "Init", ipl= 0, pid= 3,  -Traceback= 0x6029C4C8z 0x602B310Cz 0x602D21A8z 0x60F88B94z 0x60FAF288z

0x60FAF7C4z 0x60FAF8D0z 0x60FAF97Cz 0x614C1C98z 0x614BBD8Cz 0x614B3D44z 0x614BEF40z 0x614BF0D0z 0x614BF158z

0x60F4AE78z 0x60F4AEC4z
*Nov 16 15:27:30.059: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
No warm reboot Storage
*** System received a Software forced crash ***
signal= 0x17, code= 0x24, context= 0x64e60db0
PC = 0x606882ec, Cause = 0x20, Status Reg = 0x3401c102


The router is unable to run normally even with a simple configuration of a hostname and failed to allocate a memory. I tried swapping with another 64 MB CF card and also tried to reformat but the global config command default memory-size iomem resolved this issue.

Router(config)#hostname ROUTER
ROUTER(config)#end
ROUTER#write memory
Building configuration...

*Nov 16 15:43:14.887: %SYS-5-CONFIG_I: Configured from console by console[OK]
ROUTER#
*Nov 16 15:43:15.783: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x602DE440, alignment 0
Pool: Processor  Free: 147748  Cause: Memory fragmentation
Alternate Pool: None  Free: 0  Cause: No Alternate pool
 -Process= "Exec", ipl= 0, pid= 3,  -Traceback= 0x6029C4C8z 0x602B310Cz 0x602D21A8z 0x61B53664z 0x61B56F1Cz 0x61B875D8z 0x6041EF08z 0x60F86868z 0x60F4B878z 0x60F4C188z 0x60FAD35Cz 0x60F8B194z 0x60FB1214z 0x625BB1BCz 0x625BB1A0z
ROUTER#show run | include host
hostname ROUTER
ROUTER#
*Nov 16 15:43:49.655: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x602DE440, alignment 0
Pool: Processor  Free: 153604  Cause: Memory fragmentation
Alternate Pool: None  Free: 0  Cause: No Alternate pool
 -Process= "Exec", ipl= 0, pid= 3,  -Traceback= 0x6029C4C8z 0x602B310Cz 0x602D21A8z 0x61B56948z 0x61B875C0z

0x6041EF08z 0x60F86868z 0x60F4B878z 0x60F4BD14z 0x60FACC94z 0x60F8B194z 0x60FB1214z 0x625BB1BCz 0x625BB1A0z
64012288 bytes total (64012288 bytes free)

Router#format flash:
Format operation may take a while. Continue? [confirm]
Format operation will destroy all data in "flash:".  Continue? [confirm]
Writing Monlib sectors....
Monlib write complete

Format: All system sectors written. OK...

Format: Total sectors in formatted partition: 125408
Format: Total bytes in formatted partition: 64208896
Format: Operation completed successfully.

Format of flash: complete

Router(config)#default memory-size iomem    // THE COMMAND WORKS LIKE A CHARM
Smart-init will be enabled upon reload.
Router(config)#do reload

System configuration has been modified. Save? [yes/no]: yes
Building configuration...

*Nov 17 14:49:23.743: %SYS-2-MALLOCFAIL: Memory allocation of 32768 bytes failed from 0x602DA974, alignment 0
Pool: Processor  Free: 160464  Cause: Memory fragmentation
Alternate Pool: None  Free: 0  Cause: No Alternate pool
 -Process= "Exec", ipl= 0, pid= 3,  -Traceback= 0x6029C4C8z 0x602B9CF8z 0x602D217Cz 0x60F86AFCz 0x60F86B74z 0x60F86C0Cz 0x60416178z 0x60F8EBA0z 0x60420CE8z 0x60F86868z 0x60F4B878z 0x60F4C188z 0x60FAD35Cz 0x60FB2D5Cz 0x60F8B194z 0x60F8BDD0z[OK]
Proceed with reload? [confirm]

*Nov 17 14:49:29.827: %SYS-5-RELOAD: Reload requested  by console. Reload Reason: Reload Command.

<OUTPUT TRUNCATED>

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#hostname ROUTER
ROUTER(config)#^Z
*Nov 17 14:58:17.211: %SYS-5-CONFIG_I: Configured from console by console
ROUTER#show run | include host
hostname ROUTER

Saturday, December 7, 2013

Building My Layer 2 Network Lab

I've started building the Layer 2 network foundation for my lab by applying a base configuration and creating EtherChannel links between switches.


First, I've erased the startup-config and VLAN database to make sure I've got a clean switch. Then, I configured the hostname, passwords and then created the EtherChannel using Link Aggregation Control Protocol (LACP).

Switch#show flash

Directory of flash:/

    2  -rwx         736   Mar 1 1993 00:00:33 +00:00  vlan.dat
    3  -rwx        1119   Mar 1 1993 00:33:41 +00:00  config.text
    4  -rwx       16258  Feb 23 2010 00:09:55 +00:00  config.old
    5  -rwx         968   Mar 1 1993 01:27:04 +00:00  startup-config
    6  drwx         512   Mar 1 1993 00:07:54 +00:00  c3560-ipbase-mz.122-35.SE5
  464  -rwx           5   Mar 1 1993 00:33:41 +00:00  private-config.text

27998208 bytes total (18626560 bytes free)
Switch#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
Switch#write erase
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
00:03:06: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Switch#reload
Proceed with reload? [confirm]

00:03:09: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.

<OUTPUT TRUNCATED>

Would you like to enter the initial configuration dialog? [yes/no]: no
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#hostname SW1
SW1(config)#do show interface status

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/1                        notconnect   1            auto   auto 10/100BaseTX
Fa0/2                        notconnect   1            auto   auto 10/100BaseTX
Fa0/3                        notconnect   1            auto   auto 10/100BaseTX
Fa0/4                        notconnect   1            auto   auto 10/100BaseTX
Fa0/5                        notconnect   1            auto   auto 10/100BaseTX
Fa0/6                        notconnect   1            auto   auto 10/100BaseTX
Fa0/7                        notconnect   1            auto   auto 10/100BaseTX
Fa0/8                        notconnect   1            auto   auto 10/100BaseTX
Gi0/1                        notconnect   1            auto   auto Not Present
SW1(config)#interface range fastethernet0/1 - 2
SW1(config-if-range)#description ETHERCHANNEL TO SW2
SW1(config-if-range)#channel-protocol ?
  lacp  Prepare interface for LACP protocol
  pagp  Prepare interface for PAgP protocol

SW1(config-if-range)#channel-protocol lacp

SW1(config-if-range)#channel-group ?
  <1-48>  Channel group number

SW1(config-if-range)#channel-group 1 ?
  mode  Etherchannel Mode of the interface

SW1(config-if-range)#channel-group 1 mode ?
  active     Enable LACP unconditionally
  auto       Enable PAgP only if a PAgP device is detected
  desirable  Enable PAgP unconditionally
  on         Enable Etherchannel only
  passive    Enable LACP only if a LACP device is detected

SW1(config-if-range)#channel-group 1 mode active
Creating a port-channel interface Port-channel 1

SW1(config-if-range)#switchport mode ?
  access        Set trunking mode to ACCESS unconditionally
  dot1q-tunnel  set trunking mode to TUNNEL unconditionally
  dynamic       Set trunking mode to dynamically negotiate access or trunk mode
  private-vlan  Set private-vlan mode
  trunk         Set trunking mode to TRUNK unconditionally

SW1(config-if-range)#switchport mode trunk
Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to "trunk" mode.    // THIS ERROR SHOWS UP IN A CATALYST 3560 SWITCH
SW1(config-if-range)#switchport ?
  access         Set access mode characteristics of the interface
  backup         Set backup for the interface
  block          Disable forwarding of unknown uni/multi cast addresses
  host           Set port host
  mode           Set trunking mode of the interface
  nonegotiate    Device will not engage in negotiation protocol on this
                 interface
  port-security  Security related command
  priority       Set appliance 802.1p priority
  private-vlan   Set the private VLAN configuration
  protected      Configure an interface to be a protected port
  trunk          Set trunking characteristics of the interface
  voice          Voice appliance attributes
  <cr>

SW1(config-if-range)#switchport trunk ?
  allowed        Set allowed VLAN characteristics when interface is in trunking
                 mode
  encapsulation  Set trunking encapsulation when interface is in trunking mode
  native         Set trunking native characteristics when interface is in
                 trunking mode
  pruning        Set pruning VLAN characteristics when interface is in trunking
                 mode

SW1(config-if-range)#switchport trunk encapsulation ?
  dot1q      Interface uses only 802.1q trunking encapsulation when trunking
  isl        Interface uses only ISL trunking encapsulation when trunking
  negotiate  Device will negotiate trunking encapsulation with peer on
             interface

SW1(config-if-range)#switchport trunk encapsulation dot1q   // NEED TO SET ENCAPSULATION
SW1(config-if-range)#switchport mode trunk
SW1(config-if-range)#interface range fastethernet 0/3 - 4
SW1(config-if-range)#description ETHECHANNEL TO SW3
SW1(config-if-range)#switchport trunk encapsulation dot1q
SW1(config-if-range)#switchport mode trunk
SW1(config-if-range)#channel-protocol lacp
SW1(config-if-range)#channel-group 2 mode active
Creating a port-channel interface Port-channel 2
SW1(config-if-range)#end

SW1#show etherchannel summary
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SD)         LACP      Fa0/1(D)    Fa0/2(D)   // "D" FOR DOWN SINCE THERE ARE NO CABLES YET
2      Po2(SD)         LACP      Fa0/3(D)    Fa0/4(D)

SW1#show interface port-channel 1
Port-channel1 is down, line protocol is down (notconnect)
  Hardware is EtherChannel, address is 0000.0000.0000 (bia 0000.0000.0000)
  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Auto-duplex, Auto-speed, link type is auto, media type is unknown
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out

SW1#show interface port-channel 2
Port-channel2 is down, line protocol is down (notconnect)
  Hardware is EtherChannel, address is 0000.0000.0000 (bia 0000.0000.0000)
  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Auto-duplex, Auto-speed, link type is auto, media type is unknown
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out
SW1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#ip default-gateway 192.168.1.1    // SEND TRAFFIC TO 871W
SW1(config)#interface fastethernet0/8   // TRUNK TO 871W
SW1(config-if)#switchport trunk encapsulation dot1q
SW1(config-if)#switchport mode trunk
SW1(config)#interface vlan 1
SW1(config-if)#ip address 192.168.1.2 255.255.255.0   // FOR REMOTE MANAGEMENT
SW1(config-if)#do show ip interface brief
Interface                   IP-Address     OK? Method Status             Protocol
Vlan1                       192.168.1.2     YES manual up                    down
FastEthernet0/1        unassigned      YES unset  down                  down
FastEthernet0/2        unassigned      YES unset  down                  down
FastEthernet0/3        unassigned      YES unset  down                  down
FastEthernet0/4        unassigned      YES unset  down                  down
FastEthernet0/5        unassigned      YES unset  down                  down
FastEthernet0/6        unassigned      YES unset  down                  down
FastEthernet0/7        unassigned      YES unset  down                  down
FastEthernet0/8        unassigned      YES unset  down                  down
GigabitEthernet0/1     unassigned      YES unset  down                  down
Port-channel1          unassigned      YES unset  down                  down
Port-channel2          unassigned      YES unset  down                  down
SW1(config-if)#exit
SW1(config)#enable password cisco     // NICE PASSWORD FOR LAB ENVIRONMENT ONLY
SW1(config)#line vty 0 4
SW1(config-line)#password cisco
SW1(config-line)#login
SW1(config-line)#end
SW1#
00:18:22: %SYS-5-CONFIG_I: Configured from console by console
SW1#write memory
Building configuration...
[OK]
SW1#
00:07:02: %SYS-5-CONFIG_I: Configured from console by console
SW1#show running-config
Building configuration...

Current configuration : 2299 bytes
!
! Last configuration change at 01:36:49 SGT Sat Sep 14 2013 by cisco
! NVRAM config last updated at 01:31:43 SGT Sat Sep 14 2013 by cisco
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW1
!
enable password cisco
!
username cisco privilege 15 password 0 cisco
no aaa new-model
clock timezone SGT 8
system mtu routing 1500
ip subnet-zero
ip name-server 8.8.8.8
ip name-server 4.2.2.2
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface Port-channel1
 description L2 ETHERCHANNEL TO SW2
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface Port-channel2
 description L2 ETHECHANNEL TO SW3
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/1
 description L2 ETHERCHANNEL TO SW2 (LINK#1)
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode active
!
interface FastEthernet0/2
 description L2 ETHERCHANNEL TO SW2 (LINK#2)
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode active
!
interface FastEthernet0/3
 description L2 ETHECHANNEL TO SW3 (LINK#1)
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 2 mode active
!
interface FastEthernet0/4
 description L2 ETHECHANNEL TO SW3 (LINK#2)
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 2 mode active
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/1
!
interface Vlan1
 description L3 MANAGEMENT VLAN
 ip address 192.168.1.2 255.255.255.0
!
ip default-gateway 192.168.1.1
ip classless
ip http server
!
!
control-plane
!
banner motd ^C
+--------------------------------------------------------------+
| This equipment is privately owned and monitored.             |
| Disconnect immediately if you are not an authorized user.    |
+--------------------------------------------------------------+
^C
!
line con 0
line vty 0 4
 exec-timeout 0 0
 logging synchronous
 login local
line vty 5 15
 login
!
ntp clock-period 36028859
ntp server 203.123.48.6



The same base configuration were applied for SW2 and SW3. After EtherChannel was configured and cabled, it started to negotiate and form with the help of LACP.

SW1#show etherchannel summary
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator

        M - not in use, minimum links not met
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SD)         LACP      Fa0/1(w)    Fa0/2(w)
2      Po2(SD)         LACP      Fa0/3(w)    Fa0/4(w)


SW1#
00:21:00: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
00:21:06: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
00:21:07: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up
00:21:08: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up
00:21:15: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up
00:21:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
00:22:28: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to up
00:22:34: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up
00:22:35: %LINK-3-UPDOWN: Interface FastEthernet0/4, changed state to up
00:22:35: %LINK-3-UPDOWN: Interface Port-channel2, changed state to up
00:22:36: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel2, changed state to up
00:22:40: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up
SW1#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  192.168.1.2     YES NVRAM  up                    up
FastEthernet0/1        unassigned      YES unset  up                    up
FastEthernet0/2        unassigned      YES unset  up                    up
FastEthernet0/3        unassigned      YES unset  up                    up
FastEthernet0/4        unassigned      YES unset  up                    up
FastEthernet0/5        unassigned      YES unset  down                  down
FastEthernet0/6        unassigned      YES unset  down                  down
FastEthernet0/7        unassigned      YES unset  down                  down
FastEthernet0/8        unassigned      YES unset  up                    up
GigabitEthernet0/1     unassigned      YES unset  down                  down
Port-channel1          unassigned      YES unset  up                    up
Port-channel2          unassigned      YES unset  up                    up
SW1#show interface description
Interface                      Status         Protocol Description
Vl1                            up             up       L3 MANAGEMENT VLAN
Fa0/1                          up             up       L2 ETHERCHANNEL TO SW2 (LINK#1)
Fa0/2                          up             up       L2 ETHERCHANNEL TO SW2 (LINK#2)
Fa0/3                          up             up       L2 ETHECHANNEL TO SW3 (LINK#1)
Fa0/4                          up             up       L2 ETHECHANNEL TO SW3 (LINK#2)
Fa0/5                          down           down
Fa0/6                          down           down
Fa0/7                          down           down
Fa0/8                          up             up
Gi0/1                          down           down
Po1                            up             up       L2 ETHERCHANNEL TO SW2
Po2                            up             up       L2 ETHECHANNEL TO SW3
SW1#show interface status

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/1     L2 ETHERCHANNEL TO connected    trunk      a-full  a-100 10/100BaseTX
Fa0/2     L2 ETHERCHANNEL TO connected    trunk      a-full  a-100 10/100BaseTX
Fa0/3     L2 ETHECHANNEL TO  connected    trunk      a-full  a-100 10/100BaseTX
Fa0/4     L2 ETHECHANNEL TO  connected    trunk      a-full  a-100 10/100BaseTX
Fa0/5                        notconnect   1            auto   auto 10/100BaseTX
Fa0/6                        notconnect   1            auto   auto 10/100BaseTX
Fa0/7                        notconnect   1            auto   auto 10/100BaseTX
Fa0/8                        connected    trunk      a-full  a-100 10/100BaseTX
Gi0/1                        notconnect   1            auto   auto Not Present
Po1       L2 ETHERCHANNEL TO connected    trunk      a-full  a-100
Po2       L2 ETHECHANNEL TO  connected    trunk      a-full  a-100


After the EtherChannel is formed, we verify by issuing the show etherchannel summary command.

SW1#show etherchannel summary
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         LACP      Fa0/1(P)    Fa0/2(P)
2      Po2(SU)         LACP      Fa0/3(P)    Fa0/4(P)


SW1#show etherchannel port-channel
                Channel-group listing:
                ----------------------

Group: 1
----------
                Port-channels in the group:
                ---------------------------

Port-channel: Po1    (Primary Aggregator)

------------

Age of the Port-channel   = 0d:00h:35m:27s
Logical slot/port   = 2/1          Number of ports = 2
HotStandBy port = null
Port state          = Port-channel Ag-Inuse
Protocol            =   LACP

Ports in the Port-channel:

Index   Load   Port     EC state        No of bits
------+------+------+------------------+-----------
  0     00     Fa0/1    Active             0
  0     00     Fa0/2    Active             0

Time since last port bundled:    0d:00h:14m:39s    Fa0/2

Group: 2
----------
                Port-channels in the group:
                ---------------------------

Port-channel: Po2    (Primary Aggregator)

------------

Age of the Port-channel   = 0d:00h:35m:28s
Logical slot/port   = 2/2          Number of ports = 2
HotStandBy port = null
Port state          = Port-channel Ag-Inuse
Protocol            =   LACP

Ports in the Port-channel:

Index   Load   Port     EC state        No of bits
------+------+------+------------------+-----------
  0     00     Fa0/3    Active             0
  0     00     Fa0/4    Active             0

Time since last port bundled:    0d:00h:13m:21s    Fa0/4


The Spanning Tree Protocol (STP) is enabled by default, so we can go ahead and verify using the show spanning-tree command on each switch. Notice that all switches have a default priority of 32768. My network chose the 871W router as the root bridge by default. The best way to optimize the Layer 2 network is to manually assign the core switch as the root bridge, which is SW1 for this case.

SW1#show spanning-tree

VLAN0001
  Spanning tree enabled protocol ieee   // THE ORIGINAL STP (802.1D)
  Root ID    Priority    32768
             Address     0026.99c6.db24    // 871 BID
             Cost        19
             Port        9 (FastEthernet0/8)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     6416.8dec.a700    // SW1 BID (C3560)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/8            Root FWD 19        128.9    P2p     // TRUNK PORT TO 871
Po1              Desg FWD 12        128.56   P2p
Po2              Desg FWD 12        128.64   P2p


SW2#show spanning-tree

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32768
             Address     0026.99c6.db24    // 871 BID
             Cost        31
             Port        65 (Port-channel1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     001b.0db0.8f00    // SW2 BID (C2940)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1              Root FWD 12        128.65   P2p
Po2              Desg FWD 12        128.66   P2p

SW2#show etherchannel summary
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        u - unsuitable for bundling
        U - in use      f - failed to allocate aggregator
        d - default port

Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         LACP      Fa0/1(Pd)   Fa0/2(P)
2      Po2(SU)         LACP      Fa0/3(Pd)   Fa0/4(P)


SW3#show spanning-tree

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32768
             Address     0026.99c6.db24    // 871 BID
             Cost        31
             Port        56 (Port-channel1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     001f.9d88.b980    // SW3 BID (C2960)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Po1                 Root FWD 12        128.56   P2p
Po2                 Altn BLK 12        128.64   P2p     // REDUNDANT PATH BLOCKED BY STP


SW3#show etherchannel summary
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator

        M - not in use, minimum links not met
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         LACP      Fa0/1(P)    Fa0/2(P)
2      Po2(SU)         LACP      Fa0/3(P)    Fa0/4(P)


Routers with built-in switchports (like the Cisco 800 series ISRs) or Ethernet Switch (ESW) module will participate in a STP root bridge election. 

871W#show spanning-tree brief

Bridge group 1
  Spanning tree enabled protocol ieee
  Root ID    Priority    32768
             Address     0026.9947.91a0
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     0026.9947.91a0
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
Dot11Radio0          128.9    128    33 DIS     0 32768 0026.9947.91a0 128.9
Vlan1                128.13   128    19 FWD     0 32768 0026.9947.91a0 128.13


VLAN1
  Spanning tree enabled protocol ieee
  Root ID    Priority    32768
             Address     0026.99c6.db24
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     0026.99c6.db24
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet0        128.1    128    19 FWD     0 32768 0026.99c6.db24 128.1



Let's try out if the switch can reach the Internet and if the router can Telnet to the switches.

SW1#ping www.google.com

Translating "www.google.com"...domain server (255.255.255.255) % Name lookup aborted
% Unrecognized host or address, or protocol not running.

SW1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#ip name-server 8.8.8.8 4.2.2.2
SW1(config)#end
00:37:06: %SYS-5-CONFIG_I: Configured from console by consolew.
SW1#ping www.google.com

Translating "www.google.com"...domain server (8.8.8.8) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 173.194.38.147, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 9/13/17 ms

871W#ping 192.168.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!

871W#telnet 192.168.1.2
Trying 192.168.1.2 ... Open

User Access Verification

Password:
SW1>