I was troubleshooting a Cisco 3650 Catalyst switch, which is their "new" line of stackable access switch, and I can't seem to get Private VLAN (PVLAN) to work. Cisco's data sheets were contradicting as to whether PVLAN is supported or not on this switch platform. I just couldn't believe this switch won't support this feature since its cousin switch like the 3750 and 3650 were using it. As I searched further, I found out that PVLAN is supported on IOS XE 3.7E but the IOS file was a bit large (around 300 MB).
It took me roughtly 40 minutes to TFTP the said IOS file on one switch. So I decided to try to configure the switch to use FTP instead. It took me around 3 mintues to upgrade the image.
Create the same username and password on the FTP client that is configured on the switch and point the folder directory where the IOS image was saved. I've used a free FTP client, which is 3CDaemon.
This was my first SWITCH lab that I did during my CCDP studies. The topology is a square looped design, which is very similar to the triangle loop design but there's a difference where STP blocking occurs.
DLS1(config)#interface vlan1
DLS1(config-if)#ip address 10.1.1.101 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#
*Mar 1 00:17:25.530: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
*Mar 1 00:17:26.537: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
DLS1(config-if)#exit
DLS1(config)#enable secret cisco
DLS1(config)#line vty 0 15
DLS1(config-line)#password cisco
DLS1(config-line)#login
ALS1(config)#interface vlan 1
ALS1(config-if)#ip address 10.1.1.103 255.255.255.0
ALS1(config-if)#exit
ALS1(config)#enable secret cisco
ALS1(config)#line vty 0 15
ALS1(config-line)#password cisco
ALS1(config-line)#login
ALS2(config)#interface vlan 1
ALS2(config-if)#ip address 10.1.1.104 255.255.255.0
ALS2(config-if)#no shutdown
ALS2(config-if)#enable secret cisco
ALS2(config)#line vty 0 15
ALS2(config-line)#password cisco
ALS2(config-line)#login
DLS2(config)#interface vlan 1
DLS2(config-if)#ip address 10.1.1.102 255.255.255.0
DLS2(config-if)#no shutdown
DLS2(config-if)#exit
DLS2(config)#enable secret cisco
DLS2(config)#line vty 0 4
DLS2(config-line)#password cisco
DLS2(config-line)#login
DLS1#show vlan // ALL PORTS ON VLAN 1 BY DEFAULT; TRUNK PORT NOT DISPLAYED
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ALS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Gi0/1
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
DLS1#show vtp status
VTP Version : running VTP1 (VTP2 capable) // DEFAULT VTP VERSION 1; ALL SWITCHES IN THE VTP DOMAIN MUST USE SAME VERSION
Configuration Revision : 0 // NO CONFIGURED VLANs YET
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5 // DEFAULT OR BUILT IN VLANS; 3560 SUPPORTS UP TO 1005 MAX VLANs; 2960 SUPPORTS 255 MAX VLANs
VTP Operating Mode : Server // DEFAULT VTP MODE
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.1.1.101 on interface Vl1 (lowest numbered VLAN interface found)
DLS1(config)#vtp domain SWLAB
Changing VTP domain name from NULL to SWLAB
*Mar 1 00:30:49.209: %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to SWLAB.
DLS1(config)#vtp version ?
<1-2> Set the adminstrative domain VTP version number
DLS1(config)#vtp version 2
DLS1(config)#vtp mode ?
client Set the device to client mode.
server Set the device to server mode.
transparent Set the device to transparent mode.
DLS1(config)#vtp mode server
Device mode already VTP SERVER. // DEFAULT VTP MODE
ALS1(config)#vtp mode client
Setting device to VTP CLIENT mode.
ALS1#show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : // NULL; NO TRUNKS CONFIGURED YET
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found) // NO IP ADDRESS LISTED FOR LAST CONFIG MODIFICATION
ALS1#show interface fastethernet0/7 ?
accounting Show interface accounting
capabilities Show interface capabilities information
controller Show interface status, configuration and controller status
counters Show interface counters
crb Show interface routing/bridging info
dampening Show interface dampening info
debounce Show interface debounce time info
description Show interface description
etherchannel Show interface etherchannel information
fair-queue Show interface Weighted Fair Queueing (WFQ) info
flowcontrol Show interface flowcontrol information
irb Show interface routing/bridging info
mac-accounting Show interface MAC accounting info
mpls-exp Show interface MPLS experimental accounting info
mtu Show interface mtu
precedence Show interface precedence accounting info
private-vlan Show interface private vlan information
pruning Show interface trunk VTP pruning information
random-detect Show interface Weighted Random Early Detection (WRED) info
rate-limit Show interface rate-limit info
stats Show interface packets & octets, in & out, by switching path
status Show interface line status
summary Show interface summary
switchport Show interface switchport information
transceiver Show interface transceiver
trunk Show interface trunk information
vlan Show interface vlan information
| Output modifiers
<cr>
ALS1#show interface fastethernet0/7 switchport
Name: Fa0/7
Switchport: Enabled
Administrative Mode: dynamic auto // DEFAULT; AUTO-AUTO NEGOTIATES TO ACCESS MODE
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
DLS1(config)#interface range fastethernet0/7-10
DLS1(config-if-range)#switchport trunk encapsulation ?
dot1q Interface uses only 802.1q trunking encapsulation when trunking
isl Interface uses only ISL trunking encapsulation when trunking
negotiate Device will negotiate trunking encapsulation with peer on
interface
DLS1(config-if-range)#switchport trunk encapsulation dot1q // 3560 SUPPORTS ISL AND 802.1Q; 2960
SUPPORTS 802.1Q ONLY
DLS1(config-if-range)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dot1q-tunnel set trunking mode to TUNNEL unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
private-vlan Set private-vlan mode
trunk Set trunking mode to TRUNK unconditionally
DLS1(config-if-range)#switchport mode trunk // BEST TO DISABLE DTP USING switchport nonegotiate
DLS1(config-if-range)#
*Mar 1 00:39:21.795: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
*Mar 1 00:39:21.804: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
*Mar 1 00:39:21.804: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to down
*Mar 1 00:39:21.812: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state
to down
DLS1(config-if-range)#
*Mar 1 00:39:24.807: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
*Mar 1 00:39:24.824: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
*Mar 1 00:39:24.840: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to up
*Mar 1 00:39:24.857: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to up
DLS1(config)#interface range fastethernet0/11-12
DLS1(config-if-range)#switchport trunk encapsulation isl
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#
*Mar 1 00:41:07.928: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down
*Mar 1 00:41:07.936: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down
DLS1(config-if-range)#
*Mar 1 00:41:10.939: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up
*Mar 1 00:41:10.956: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up
ALS1(config)#interface range fastethernet0/1-2
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#
00:45:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
00:45:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
ALS1(config-if-range)#
00:45:57: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
00:45:57: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
ALS1(config-if-range)#interface range fastethernet0/4-5
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#
00:46:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down
00:46:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down
ALS1(config-if-range)#
00:46:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up
00:46:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up
ALS1(config-if-range)#interface range fastethernet0/7-8
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
DLS2(config)#interface range fastethernet0/7-8
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk
DLS2(config-if-range)#
*Mar 1 00:47:24.098: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
*Mar 1 00:47:24.107: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
DLS2(config-if-range)#
*Mar 1 00:47:27.110: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
*Mar 1 00:47:27.127: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
ALS2#show interface fastethernet0/7 switchport
Name: Fa0/7
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: trunk // NEGOTIATED WITH DLS2 MODE TRUNK
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
DLS1#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/7 on 802.1q trunking 1
Fa0/8 on 802.1q trunking 1
Fa0/9 on 802.1q trunking 1
Fa0/10 on 802.1q trunking 1
Fa0/11 on isl trunking 1
Fa0/12 on isl trunking 1
Port Vlans allowed on trunk
Fa0/7 1-4094 // ALLOW ALL VLANs BY DEFAULT; RESTRICT VLANs USING switchport trunk allowed vlan <VLAN-ID> COMMAND AT EACH END OF THE TRUNK
Fa0/8 1-4094
Fa0/9 1-4094
Fa0/10 1-4094
Fa0/11 1-4094
Fa0/12 1-4094
Port Vlans allowed and active in management domain
Fa0/7 1
Fa0/8 1
Fa0/9 1
Fa0/10 1
Fa0/11 1
Port Vlans allowed and active in management domain
Fa0/12 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/7 1
Fa0/8 1
Fa0/9 1
Fa0/10 1
Fa0/11 1
Fa0/12 1
DLS2#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/7 on 802.1q trunking 1
Fa0/8 on 802.1q trunking 1
Fa0/9 auto n-802.1q trunking 1 // n MEANS NEGOTIATED
Fa0/10 auto n-802.1q trunking 1
Fa0/11 auto n-isl trunking 1
Fa0/12 auto n-isl trunking 1
Port Vlans allowed on trunk
Fa0/7 1-4094
Fa0/8 1-4094
Fa0/9 1-4094
Fa0/10 1-4094
Fa0/11 1-4094
Fa0/12 1-4094
Port Vlans allowed and active in management domain
Fa0/7 1
Fa0/8 1
Fa0/9 1
Fa0/10 1
Fa0/11 1
Port Vlans allowed and active in management domain
Fa0/12 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/7 1
Fa0/8 1
Fa0/9 1
Fa0/10 1
Fa0/11 1
Fa0/12 none
DLS1(config)#interface fastethernet0/6
DLS1(config-if)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dot1q-tunnel set trunking mode to TUNNEL unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
private-vlan Set private-vlan mode
trunk Set trunking mode to TRUNK unconditionally
DLS1(config-if)#switchport mode access // USED FOR STATIC ACCESS FOR HOST OR PC
DLS1#show interfaces fastethernet0/6 switchport
Name: Fa0/6
Switchport: Enabled
Administrative Mode: static access
Operational Mode: down
Administrative Trunking Encapsulation: negotiate
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
ALS1#show vtp status
VTP Version : 2
Configuration Revision : 1
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : SWLAB // PROPAGATED DUE TO TRUNKS CONFIGURED
VTP Pruning Mode : Disabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0xD1 0xC0 0x36 0xF9 0xC4 0x3E 0x73 0xA0
Configuration last modified by 10.1.1.101 at 3-1-93 00:30:59
ALS2(config)#vtp mode client
Setting device to VTP CLIENT mode.
ALS2#show vtp status
VTP Version : 2
Configuration Revision : 1
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : SWLAB
VTP Pruning Mode : Disabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0xD1 0xC0 0x36 0xF9 0xC4 0x3E 0x73 0xA0
Configuration last modified by 10.1.1.101 at 3-1-93 00:30:59
DLS1#vlan database ?
% Unrecognized command // SYNTAX HELP UNAVAILABLE
DLS1#vlan database // vlan database COMMAND IS BEING DEPRACATED BUT STILL AVAILABLE
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
DLS1(vlan)#exit
APPLY completed.
Exiting....
DLS1(config)#interface fastethernet0/6
DLS1(config-if)#switchport mode access
DLS1(config-if)#switchport access vlan ?
<1-4094> VLAN ID of the VLAN when this port is in access mode
dynamic When in access mode, this interfaces VLAN is controlled by VMPS
DLS1(config-if)#switchport access vlan 100
% Access VLAN does not exist. Creating vlan 100
DLS2(config)#interface fastethernet0/6
DLS2(config-if)#switchport mode access
DLS2(config-if)#switchport access vlan 110
% Access VLAN does not exist. Creating vlan 110
DLS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
100 VLAN0100 active Fa0/6
110 VLAN0110 active // VLANs 100 AND 110 WERE CREATED; SWITCH AUTO ASSIGN
VLAN NAME WITH VLAN NUMBER
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
DLS1(config)#vlan 120 // ANOTHER WAY TO CREATE A VLAN
DLS1(config-vlan)#end
DLS1#
*Mar 1 01:38:24.120: %SYS-5-CONFIG_I: Configured from console by console
DLS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
100 VLAN0100 active Fa0/6
110 VLAN0110 active
120 VLAN0120 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ALS1(config)#interface fastethernet0/6
ALS1(config-if)#switchport mode access
ALS1(config-if)#switchport access vlan 120 // SWITCH IN VTP CLIENT CAN'T CREATE VLANs
ALS1(config-if)#end
ALS1#
01:40:50: %SYS-5-CONFIG_I: Configured from console by console
ALS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Gi0/1
100 VLAN0100 active
110 VLAN0110 active
120 VLAN0120 active Fa0/6
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
DLS1(config)#vlan 100
DLS1(config-vlan)#name SERVER-FARM-1 // HELPS THE ADMIN TO IDENTIFY VLAN FUNCTIONALITY
DLS1(config-vlan)#vlan 110
DLS1(config-vlan)#name SERVER-FARM-2
DLS1(config-vlan)#vlan 120
DLS1(config-vlan)#name NET-ENG
DLS1(config-vlan)#end
DLS1#
*Mar 1 01:41:34.264: %SYS-5-CONFIG_I: Configured from console by console
DLS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
100 SERVER-FARM-1 active Fa0/6
110 SERVER-FARM-2 active
120 NET-ENG active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ALS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Gi0/1
100 SERVER-FARM-1 active
110 SERVER-FARM-2 active
120 NET-ENG active Fa0/6
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ALS1(config)#vlan 120
%VTP VLAN configuration not allowed when device is in CLIENT mode.
ALS1(config)#vtp mode server
Setting device to VTP SERVER mode
ALS1(config)#vlan 120
ALS1(config-vlan)#?
VLAN configuration commands:
are Maximum number of All Route Explorer hops for this VLAN (or
zero if none specified)
backupcrf Backup CRF mode of the VLAN
bridge Bridging characteristics of the VLAN
exit Apply changes, bump revision number, and exit mode
media Media type of the VLAN
mtu VLAN Maximum Transmission Unit
name Ascii name of the VLAN
no Negate a command or set its defaults
parent ID number of the Parent VLAN of FDDI or Token Ring type VLANs
private-vlan Configure a private VLAN
remote-span Configure as Remote SPAN VLAN
ring Ring number of FDDI or Token Ring type VLANs
said IEEE 802.10 SAID
shutdown Shutdown VLAN switching
state Operational state of the VLAN
ste Maximum number of Spanning Tree Explorer hops for this VLAN (or
zero if none specified)
stp Spanning tree characteristics of the VLAN
tb-vlan1 ID number of the first translational VLAN for this VLAN (or
zero if none)
tb-vlan2 ID number of the second translational VLAN for this VLAN (or
zero if none)
ALS1(config-vlan)#shutdown // CAUSE ALL LOCAL PORTS ON A SWITCH IN A PARTICULAR VLAN TO STOP SENDING DATA; DOESN'T INFLUENCE THE STATE OF OTHER SWITCHES IN THE VTP DOMAIN
ALS1(config-vlan)#end
ALS1#
01:45:54: %SYS-5-CONFIG_I: Configured from console by console
ALS1#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Gi0/1
100 SERVER-FARM-1 active
110 SERVER-FARM-2 active
120 NET-ENG act/lshut Fa0/6
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
ALS1(config)#vlan 120
ALS1(config-vlan)#state ?
active VLAN Active State
suspend VLAN Suspended State
ALS1(config-vlan)#no shutdown
ALS1(config-vlan)#state suspend // CAUSES ALL PORTS IN SPECIFIC VLAN IN THE VTP DOMAIN TO STOP SENDING DATA
ALS1#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Gi0/1
100 SERVER-FARM-1 active
110 SERVER-FARM-2 active
120 NET-ENG suspended Fa0/6
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
It took me roughtly 40 minutes to TFTP the said IOS file on one switch. So I decided to try to configure the switch to use FTP instead. It took me around 3 mintues to upgrade the image.
3650(config)#ip ftp ?
passive Connect using passive mode
password Specify password for FTP connections
source-interface Specify
interface for source address in FTP connections
username Specify username for FTP connections
3650(config)#ip ftp username ftp // USE SAME USER/PASSWORD IN FTP CLIENT
3650(config)#ip ftp password cisco123
3650(config)#end
3650#copy
/erase Erase destination file system.
/error Allow to copy error file.
/noverify Don't verify image signature before reload.
/verify Verify image signature before reload.
cns: Copy from cns: file system
crashinfo: Copy from crashinfo: file system
flash: Copy from flash: file system
ftp: Copy from ftp: file system
http: Copy from http: file system
https: Copy from https: file system
logging Copy logging messages
memory Memory debug information
null: Copy from null: file system
nvram: Copy from nvram: file system
onboard no description
processes Active process statistics
rcp: Copy from rcp: file system
running-config Copy from current system configuration
scp: Copy from scp: file system
startup-config Copy from startup configuration
stby-nvram: Copy from stby-nvram: file system
stby-rcsf: Copy from stby-rcsf: file system
3650#copy ftp://172.27.197.1/cat3k_caa-universalk9.
SPA.03.07.00.E.152-3.E.bin flash
Destination filename
[cat3k_caa-universalk9.SPA.03.07.00.E.152-3.E.bin]?
Accessing
ftp://172.27.197.1/cat3k_caa-universalk9.SPA.03.07.00.E.152-3.E.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
<OUTPUT TRUNCATED>
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
<OUTPUT TRUNCATED>
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 310347344/4096 bytes]
310347344 bytes copied in 276.400 secs (1122820 bytes/sec)
Create the same username and password on the FTP client that is configured on the switch and point the folder directory where the IOS image was saved. I've used a free FTP client, which is 3CDaemon.
This was my first SWITCH lab that I did during my CCDP studies. The topology is a square looped design, which is very similar to the triangle loop design but there's a difference where STP blocking occurs.
DLS1(config)#interface vlan1
DLS1(config-if)#ip address 10.1.1.101 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#
*Mar 1 00:17:25.530: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
*Mar 1 00:17:26.537: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
DLS1(config-if)#exit
DLS1(config)#enable secret cisco
DLS1(config)#line vty 0 15
DLS1(config-line)#password cisco
DLS1(config-line)#login
ALS1(config)#interface vlan 1
ALS1(config-if)#ip address 10.1.1.103 255.255.255.0
ALS1(config-if)#exit
ALS1(config)#enable secret cisco
ALS1(config)#line vty 0 15
ALS1(config-line)#password cisco
ALS1(config-line)#login
ALS2(config)#interface vlan 1
ALS2(config-if)#ip address 10.1.1.104 255.255.255.0
ALS2(config-if)#no shutdown
ALS2(config-if)#enable secret cisco
ALS2(config)#line vty 0 15
ALS2(config-line)#password cisco
ALS2(config-line)#login
DLS2(config)#interface vlan 1
DLS2(config-if)#ip address 10.1.1.102 255.255.255.0
DLS2(config-if)#no shutdown
DLS2(config-if)#exit
DLS2(config)#enable secret cisco
DLS2(config)#line vty 0 4
DLS2(config-line)#password cisco
DLS2(config-line)#login
DLS1#show vlan // ALL PORTS ON VLAN 1 BY DEFAULT; TRUNK PORT NOT DISPLAYED
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ALS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Gi0/1
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
DLS1#show vtp status
VTP Version : running VTP1 (VTP2 capable) // DEFAULT VTP VERSION 1; ALL SWITCHES IN THE VTP DOMAIN MUST USE SAME VERSION
Configuration Revision : 0 // NO CONFIGURED VLANs YET
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5 // DEFAULT OR BUILT IN VLANS; 3560 SUPPORTS UP TO 1005 MAX VLANs; 2960 SUPPORTS 255 MAX VLANs
VTP Operating Mode : Server // DEFAULT VTP MODE
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.1.1.101 on interface Vl1 (lowest numbered VLAN interface found)
DLS1(config)#vtp domain SWLAB
Changing VTP domain name from NULL to SWLAB
*Mar 1 00:30:49.209: %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to SWLAB.
DLS1(config)#vtp version ?
<1-2> Set the adminstrative domain VTP version number
DLS1(config)#vtp version 2
DLS1(config)#vtp mode ?
client Set the device to client mode.
server Set the device to server mode.
transparent Set the device to transparent mode.
DLS1(config)#vtp mode server
Device mode already VTP SERVER. // DEFAULT VTP MODE
ALS1(config)#vtp mode client
Setting device to VTP CLIENT mode.
ALS1#show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : // NULL; NO TRUNKS CONFIGURED YET
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found) // NO IP ADDRESS LISTED FOR LAST CONFIG MODIFICATION
ALS1#show interface fastethernet0/7 ?
accounting Show interface accounting
capabilities Show interface capabilities information
controller Show interface status, configuration and controller status
counters Show interface counters
crb Show interface routing/bridging info
dampening Show interface dampening info
debounce Show interface debounce time info
description Show interface description
etherchannel Show interface etherchannel information
fair-queue Show interface Weighted Fair Queueing (WFQ) info
flowcontrol Show interface flowcontrol information
irb Show interface routing/bridging info
mac-accounting Show interface MAC accounting info
mpls-exp Show interface MPLS experimental accounting info
mtu Show interface mtu
precedence Show interface precedence accounting info
private-vlan Show interface private vlan information
pruning Show interface trunk VTP pruning information
random-detect Show interface Weighted Random Early Detection (WRED) info
rate-limit Show interface rate-limit info
stats Show interface packets & octets, in & out, by switching path
status Show interface line status
summary Show interface summary
switchport Show interface switchport information
transceiver Show interface transceiver
trunk Show interface trunk information
vlan Show interface vlan information
| Output modifiers
<cr>
ALS1#show interface fastethernet0/7 switchport
Name: Fa0/7
Switchport: Enabled
Administrative Mode: dynamic auto // DEFAULT; AUTO-AUTO NEGOTIATES TO ACCESS MODE
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
DLS1(config)#interface range fastethernet0/7-10
DLS1(config-if-range)#switchport trunk encapsulation ?
dot1q Interface uses only 802.1q trunking encapsulation when trunking
isl Interface uses only ISL trunking encapsulation when trunking
negotiate Device will negotiate trunking encapsulation with peer on
interface
DLS1(config-if-range)#switchport trunk encapsulation dot1q // 3560 SUPPORTS ISL AND 802.1Q; 2960
SUPPORTS 802.1Q ONLY
DLS1(config-if-range)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dot1q-tunnel set trunking mode to TUNNEL unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
private-vlan Set private-vlan mode
trunk Set trunking mode to TRUNK unconditionally
DLS1(config-if-range)#switchport mode trunk // BEST TO DISABLE DTP USING switchport nonegotiate
DLS1(config-if-range)#
*Mar 1 00:39:21.795: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
*Mar 1 00:39:21.804: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
*Mar 1 00:39:21.804: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to down
*Mar 1 00:39:21.812: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state
to down
DLS1(config-if-range)#
*Mar 1 00:39:24.807: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
*Mar 1 00:39:24.824: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
*Mar 1 00:39:24.840: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to up
*Mar 1 00:39:24.857: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to up
DLS1(config)#interface range fastethernet0/11-12
DLS1(config-if-range)#switchport trunk encapsulation isl
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#
*Mar 1 00:41:07.928: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down
*Mar 1 00:41:07.936: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down
DLS1(config-if-range)#
*Mar 1 00:41:10.939: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up
*Mar 1 00:41:10.956: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up
ALS1(config)#interface range fastethernet0/1-2
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#
00:45:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
00:45:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
ALS1(config-if-range)#
00:45:57: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
00:45:57: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
ALS1(config-if-range)#interface range fastethernet0/4-5
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#
00:46:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down
00:46:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down
ALS1(config-if-range)#
00:46:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up
00:46:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up
ALS1(config-if-range)#interface range fastethernet0/7-8
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
DLS2(config)#interface range fastethernet0/7-8
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk
DLS2(config-if-range)#
*Mar 1 00:47:24.098: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
*Mar 1 00:47:24.107: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
DLS2(config-if-range)#
*Mar 1 00:47:27.110: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
*Mar 1 00:47:27.127: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
ALS2#show interface fastethernet0/7 switchport
Name: Fa0/7
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: trunk // NEGOTIATED WITH DLS2 MODE TRUNK
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
DLS1#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/7 on 802.1q trunking 1
Fa0/8 on 802.1q trunking 1
Fa0/9 on 802.1q trunking 1
Fa0/10 on 802.1q trunking 1
Fa0/11 on isl trunking 1
Fa0/12 on isl trunking 1
Port Vlans allowed on trunk
Fa0/7 1-4094 // ALLOW ALL VLANs BY DEFAULT; RESTRICT VLANs USING switchport trunk allowed vlan <VLAN-ID> COMMAND AT EACH END OF THE TRUNK
Fa0/8 1-4094
Fa0/9 1-4094
Fa0/10 1-4094
Fa0/11 1-4094
Fa0/12 1-4094
Port Vlans allowed and active in management domain
Fa0/7 1
Fa0/8 1
Fa0/9 1
Fa0/10 1
Fa0/11 1
Port Vlans allowed and active in management domain
Fa0/12 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/7 1
Fa0/8 1
Fa0/9 1
Fa0/10 1
Fa0/11 1
Fa0/12 1
DLS2#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/7 on 802.1q trunking 1
Fa0/8 on 802.1q trunking 1
Fa0/9 auto n-802.1q trunking 1 // n MEANS NEGOTIATED
Fa0/10 auto n-802.1q trunking 1
Fa0/11 auto n-isl trunking 1
Fa0/12 auto n-isl trunking 1
Port Vlans allowed on trunk
Fa0/7 1-4094
Fa0/8 1-4094
Fa0/9 1-4094
Fa0/10 1-4094
Fa0/11 1-4094
Fa0/12 1-4094
Port Vlans allowed and active in management domain
Fa0/7 1
Fa0/8 1
Fa0/9 1
Fa0/10 1
Fa0/11 1
Port Vlans allowed and active in management domain
Fa0/12 1
Port Vlans in spanning tree forwarding state and not pruned
Fa0/7 1
Fa0/8 1
Fa0/9 1
Fa0/10 1
Fa0/11 1
Fa0/12 none
DLS1(config)#interface fastethernet0/6
DLS1(config-if)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dot1q-tunnel set trunking mode to TUNNEL unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
private-vlan Set private-vlan mode
trunk Set trunking mode to TRUNK unconditionally
DLS1(config-if)#switchport mode access // USED FOR STATIC ACCESS FOR HOST OR PC
DLS1#show interfaces fastethernet0/6 switchport
Name: Fa0/6
Switchport: Enabled
Administrative Mode: static access
Operational Mode: down
Administrative Trunking Encapsulation: negotiate
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
ALS1#show vtp status
VTP Version : 2
Configuration Revision : 1
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : SWLAB // PROPAGATED DUE TO TRUNKS CONFIGURED
VTP Pruning Mode : Disabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0xD1 0xC0 0x36 0xF9 0xC4 0x3E 0x73 0xA0
Configuration last modified by 10.1.1.101 at 3-1-93 00:30:59
ALS2(config)#vtp mode client
Setting device to VTP CLIENT mode.
ALS2#show vtp status
VTP Version : 2
Configuration Revision : 1
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : SWLAB
VTP Pruning Mode : Disabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0xD1 0xC0 0x36 0xF9 0xC4 0x3E 0x73 0xA0
Configuration last modified by 10.1.1.101 at 3-1-93 00:30:59
DLS1#vlan database ?
% Unrecognized command // SYNTAX HELP UNAVAILABLE
DLS1#vlan database // vlan database COMMAND IS BEING DEPRACATED BUT STILL AVAILABLE
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
DLS1(vlan)#exit
APPLY completed.
Exiting....
DLS1(config)#interface fastethernet0/6
DLS1(config-if)#switchport mode access
DLS1(config-if)#switchport access vlan ?
<1-4094> VLAN ID of the VLAN when this port is in access mode
dynamic When in access mode, this interfaces VLAN is controlled by VMPS
DLS1(config-if)#switchport access vlan 100
% Access VLAN does not exist. Creating vlan 100
DLS2(config)#interface fastethernet0/6
DLS2(config-if)#switchport mode access
DLS2(config-if)#switchport access vlan 110
% Access VLAN does not exist. Creating vlan 110
DLS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
100 VLAN0100 active Fa0/6
110 VLAN0110 active // VLANs 100 AND 110 WERE CREATED; SWITCH AUTO ASSIGN
VLAN NAME WITH VLAN NUMBER
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
DLS1(config)#vlan 120 // ANOTHER WAY TO CREATE A VLAN
DLS1(config-vlan)#end
DLS1#
*Mar 1 01:38:24.120: %SYS-5-CONFIG_I: Configured from console by console
DLS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
100 VLAN0100 active Fa0/6
110 VLAN0110 active
120 VLAN0120 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ALS1(config)#interface fastethernet0/6
ALS1(config-if)#switchport mode access
ALS1(config-if)#switchport access vlan 120 // SWITCH IN VTP CLIENT CAN'T CREATE VLANs
ALS1(config-if)#end
ALS1#
01:40:50: %SYS-5-CONFIG_I: Configured from console by console
ALS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Gi0/1
100 VLAN0100 active
110 VLAN0110 active
120 VLAN0120 active Fa0/6
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
DLS1(config)#vlan 100
DLS1(config-vlan)#name SERVER-FARM-1 // HELPS THE ADMIN TO IDENTIFY VLAN FUNCTIONALITY
DLS1(config-vlan)#vlan 110
DLS1(config-vlan)#name SERVER-FARM-2
DLS1(config-vlan)#vlan 120
DLS1(config-vlan)#name NET-ENG
DLS1(config-vlan)#end
DLS1#
*Mar 1 01:41:34.264: %SYS-5-CONFIG_I: Configured from console by console
DLS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
100 SERVER-FARM-1 active Fa0/6
110 SERVER-FARM-2 active
120 NET-ENG active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ALS1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Gi0/1
100 SERVER-FARM-1 active
110 SERVER-FARM-2 active
120 NET-ENG active Fa0/6
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
100 enet 100100 1500 - - - - - 0 0
110 enet 100110 1500 - - - - - 0 0
120 enet 100120 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 trcrf 101003 4472 1005 3276 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trbrf 101005 4472 - - 15 ibm - 0 0
VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7 7 off
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ALS1(config)#vlan 120
%VTP VLAN configuration not allowed when device is in CLIENT mode.
ALS1(config)#vtp mode server
Setting device to VTP SERVER mode
ALS1(config)#vlan 120
ALS1(config-vlan)#?
VLAN configuration commands:
are Maximum number of All Route Explorer hops for this VLAN (or
zero if none specified)
backupcrf Backup CRF mode of the VLAN
bridge Bridging characteristics of the VLAN
exit Apply changes, bump revision number, and exit mode
media Media type of the VLAN
mtu VLAN Maximum Transmission Unit
name Ascii name of the VLAN
no Negate a command or set its defaults
parent ID number of the Parent VLAN of FDDI or Token Ring type VLANs
private-vlan Configure a private VLAN
remote-span Configure as Remote SPAN VLAN
ring Ring number of FDDI or Token Ring type VLANs
said IEEE 802.10 SAID
shutdown Shutdown VLAN switching
state Operational state of the VLAN
ste Maximum number of Spanning Tree Explorer hops for this VLAN (or
zero if none specified)
stp Spanning tree characteristics of the VLAN
tb-vlan1 ID number of the first translational VLAN for this VLAN (or
zero if none)
tb-vlan2 ID number of the second translational VLAN for this VLAN (or
zero if none)
ALS1(config-vlan)#shutdown // CAUSE ALL LOCAL PORTS ON A SWITCH IN A PARTICULAR VLAN TO STOP SENDING DATA; DOESN'T INFLUENCE THE STATE OF OTHER SWITCHES IN THE VTP DOMAIN
ALS1(config-vlan)#end
ALS1#
01:45:54: %SYS-5-CONFIG_I: Configured from console by console
ALS1#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Gi0/1
100 SERVER-FARM-1 active
110 SERVER-FARM-2 active
120 NET-ENG act/lshut Fa0/6
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
ALS1(config)#vlan 120
ALS1(config-vlan)#state ?
active VLAN Active State
suspend VLAN Suspended State
ALS1(config-vlan)#no shutdown
ALS1(config-vlan)#state suspend // CAUSES ALL PORTS IN SPECIFIC VLAN IN THE VTP DOMAIN TO STOP SENDING DATA
ALS1#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Gi0/1
100 SERVER-FARM-1 active
110 SERVER-FARM-2 active
120 NET-ENG suspended Fa0/6
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
Hi, John, could you please explain to me why under "ALS1#show vlan" shows VLAN 1003 and 1005 values (Parent, RingNo,etc)? I thought these are token ring. Thank you, have a great evening.
ReplyDeleteHi,
ReplyDeleteI didn't notice it not until you've mentioned it. Yes, these are reserved VLAN IDs for legacy FDDI and Token Ring. I'm not sure why their values changes but my guess it's because of VTP. See helpful link for a 4500. Although it's for a Cat 4500, it would still be applicable for any Cat switch exchanging VTP updates.
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/20ew/configuration/guide/config/vlans.html#wp1026273
I would still just ignore those values since those legacy VLANs are there just to say the Cat switch is backward compatible FDDI and Token Ring.