We normally use Rapid PVST+ (RPVST+) on a client site and MST for our data center core. It's important to secure STP/Layer 2 since this is where LAN users connects to the network. It's also wise to manually configure the primary and secondary root switch in STP to make troubleshooting easier.
DLS1#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0016.c756.6180
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0016.c756.6180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Desg FWD 19 128.13 P2p
Fa0/12 Desg FWD 19 128.14 P2p
DLS1(config)#spanning-tree vlan 1,100 root primary // FOR ROOT BRIDGE TO BE PREDICTABLE AND OPTIMIZED PATHS FOR LAYER 2
DLS1(config)#spanning-tree vlan 200 root secondary
DLS2(config)#spanning-tree vlan 1,100 root secondary
DLS2(config)#spanning-tree vlan 200 root primary
DLS1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0016.c756.6180
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24577 (priority 24576 sys-id-ext 1)
Address 0016.c756.6180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Desg FWD 19 128.13 P2p
Fa0/12 Desg FWD 19 128.14 P2p
VLAN0100
Spanning tree enabled protocol ieee
Root ID Priority 24676
Address 0016.c756.6180
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24676 (priority 24576 sys-id-ext 100)
Address 0016.c756.6180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Desg FWD 19 128.13 P2p
Fa0/12 Desg FWD 19 128.14 P2p
VLAN0200
Spanning tree enabled protocol ieee
Root ID Priority 24776
Address 0016.c840.3580 // DLS2 MAC ADDRESS
Cost 19
Port 13 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28872 (priority 28672 sys-id-ext 200)
Address 0016.c756.6180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Root FWD 19 128.13 P2p
Fa0/12 Altn BLK 19 128.14 P2p
DLS2#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0016.c756.6180 // DLS1 MAC ADDRESS
Cost 19
Port 13 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28673 (priority 28672 sys-id-ext 1)
Address 0016.c840.3580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Root FWD 19 128.13 P2p
Fa0/12 Altn BLK 19 128.14 P2p
VLAN0100
Spanning tree enabled protocol ieee
Root ID Priority 24676
Address 0016.c756.6180
Cost 19
Port 13 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28772 (priority 28672 sys-id-ext 100)
Address 0016.c840.3580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Root FWD 19 128.13 P2p
Fa0/12 Altn BLK 19 128.14 P2p
VLAN0200
Spanning tree enabled protocol ieee
Root ID Priority 24776
Address 0016.c840.3580
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24776 (priority 24576 sys-id-ext 200)
Address 0016.c840.3580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Desg FWD 19 128.13 P2p
Fa0/12 Desg FWD 19 128.14 P2p
DLS2#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0016.c756.6180
Cost 19
Port 13 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28673 (priority 28672 sys-id-ext 1)
Address 0016.c840.3580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Root FWD 19 128.13 P2p
Fa0/12 Altn BLK 19 128.14 P2p
DLS2(config)#interface fastethernet0/11
DLS2(config-if)#spanning-tree ?
bpdufilter Don't send or receive BPDUs on this interface
bpduguard Don't accept BPDUs on this interface
cost Change an interface's spanning tree port path cost
guard Change an interface's spanning tree guard mode
link-type Specify a link type for spanning tree protocol use
mst Multiple spanning tree
port-priority Change an interface's spanning tree port priority
portfast Enable an interface to move directly to forwarding on link up
stack-port Enable stack port
vlan VLAN Switch Spanning Tree
DLS2(config-if)#spanning-tree guard ?
loop Set guard mode to loop guard on interface
none Set guard mode to none
root Set guard mode to root guard on interface
DLS2(config-if)#spanning-tree guard root // MAKES A PORT root-inconsistent IF A SWITCH IS CONNECTED WITH LOWER BID THAN ROOT BRIDGE
DLS2(config-if)#
*Mar 1 01:52:33.223: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port
FastEthernet0/11.
*Mar 1 01:52:34.230: %SPANTREE-2-ROOTGUARD_BLOCK: Root guard blocking port FastEthernet0/11 on
VLAN0100.
DLS2#show spanning-tree ?
WORD bridge group list, example 1,3-5,7,9
active Report on active interfaces only
backbonefast Show spanning tree backbonefast status
blockedports Show blocked ports
bridge Status and configuration of this bridge
detail Detailed information
inconsistentports Show inconsistent ports
interface Spanning Tree interface status and configuration
mst Multiple spanning trees
pathcost Show Spanning pathcost options
root Status and configuration of the root bridge
summary Summary of port states
uplinkfast Show spanning tree uplinkfast status
vlan VLAN Switch Spanning Trees
| Output modifiers
<cr>
DLS2#show spanning-tree inconsistentports
Name Interface Inconsistency
-------------------- ------------------------ ------------------
VLAN0001 FastEthernet0/11 Root Inconsistent
VLAN0100 FastEthernet0/11 Root Inconsistent
Number of inconsistent ports (segments) in the system : 2
ALS1(config)#spanning-tree ?
backbonefast Enable BackboneFast Feature
etherchannel Spanning tree etherchannel specific configuration
extend Spanning Tree 802.1t extensions
logging Enable Spanning tree logging
loopguard Spanning tree loopguard options
mode Spanning tree operating mode
mst Multiple spanning tree configuration
pathcost Spanning tree pathcost options
portfast Spanning tree portfast options
transmit STP transmit parameters
uplinkfast Enable UplinkFast Feature
vlan VLAN Switch Spanning Tree
ALS1(config)#spanning-tree portfast ?
bpdufilter Enable portfast bdpu filter on this switch
bpduguard Enable portfast bpdu guard on this switch
default Enable portfast by default on all access ports
ALS1(config)#spanning-tree portfast bpduguard ?
default Enable bdpu guard by default on all portfast ports
ALS1(config)#spanning-tree portfast bpduguard default // MAKES AN ACCESS PORT error-disable IF IT
RECEIVES BPDUs
ALS1(config)#do show spanning-tree summary
Switch is in pvst mode
Root bridge for: none
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is enabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
EtherChannel misconfig guard is enabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 5 0 0 1 6
VLAN0100 5 0 0 1 6
VLAN0200 5 0 0 1 6
---------------------- -------- --------- -------- ---------- ----------
3 vlans 15 0 0 3 18
ALS1#show run interface fastethernet0/6
Building configuration...
Current configuration : 109 bytes
!
interface FastEthernet0/6
switchport access vlan 100
switchport mode access
spanning-tree portfast
end
02:04:17: %LINK-3-UPDOWN: Interface FastEthernet0/6, changed state to up
02:04:18: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to up
02:04:18: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port FastEthernet0/6 with BPDU Guard enabled. Disabling port.
02:04:18: %PM-4-ERR_DISABLE: bpduguard error detected on Fa0/6, putting Fa0/6 in err-disable state
02:04:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to down
02:04:20: %LINK-3-UPDOWN: Interface FastEthernet0/6, changed state to down
ALS1#show interface fastethernet0/6
FastEthernet0/6 is down, line protocol is down (err-disabled)
Hardware is Fast Ethernet, address is 6416.8dec.a707 (bia 6416.8dec.a707)
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed, media type is 10/100BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:16, output 00:00:16, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
6125 packets input, 1320320 bytes, 0 no buffer
Received 6040 broadcasts (0 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 4134 multicast, 0 pause input
0 input packets with dribble condition detected
3788 packets output, 269527 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
ALS1(config)#interface fastethernet0/6
ALS1(config-if)#storm-control ?
action Action to take for storm-control
broadcast Broadcast address storm control
multicast Multicast address storm control
unicast Unicast address storm control
ALS1(config-if)#storm-control broadcast ?
level Set storm suppression level on this interface
ALS1(config-if)#storm-control broadcast level ?
<0.00 - 100.00> Enter rising threshold
bps Enter suppression level in bits per second
pps Enter suppression level in packets per second
ALS1(config-if)#storm-control broadcast level 50 // TO CONTROL BROADCAST STORM ON AN UNMANAGED SWITCH
ALS1#sh run interface fastethernet0/6
Building configuration...
Current configuration : 131 bytes
!
interface FastEthernet0/6
switchport trunk encapsulation dot1q
switchport mode trunk
storm-control broadcast level 50.00
end
DLS1(config)#udld ?
aggressive Enable UDLD protocol in aggressive mode on fiber ports except
where locally configured
enable Enable UDLD protocol on fiber ports except where locally
configured
message Set UDLD message parameters
DLS1(config)#udld aggressive // AGGRESSIVE KEYWORD PUTS A FIBER INTERFACE TO error-disable WHEN A UNIDIRECTIONAL LINK IS DETECTED; LOOP GUARD CAN BE CONFIGURED AS AN ALTERNATIVE; CAN ALSO CONFIGURE BOTH OR ON AN ETHERCHANNEL LINK
DLS1#show udld gigabitethernet0/1
Interface Gi0/1
---
Port enable administrative configuration setting: Follows device default
Port enable operational state: Enabled / in aggressive mode
Current bidirectional state: Unknown
Current operational state: Link down
Message interval: 7
Time out interval: 5
No neighbor cache information stored
DLS1#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0016.c756.6180
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0016.c756.6180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Desg FWD 19 128.13 P2p
Fa0/12 Desg FWD 19 128.14 P2p
DLS1(config)#spanning-tree vlan 1,100 root primary // FOR ROOT BRIDGE TO BE PREDICTABLE AND OPTIMIZED PATHS FOR LAYER 2
DLS1(config)#spanning-tree vlan 200 root secondary
DLS2(config)#spanning-tree vlan 1,100 root secondary
DLS2(config)#spanning-tree vlan 200 root primary
DLS1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0016.c756.6180
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24577 (priority 24576 sys-id-ext 1)
Address 0016.c756.6180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Desg FWD 19 128.13 P2p
Fa0/12 Desg FWD 19 128.14 P2p
VLAN0100
Spanning tree enabled protocol ieee
Root ID Priority 24676
Address 0016.c756.6180
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24676 (priority 24576 sys-id-ext 100)
Address 0016.c756.6180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Desg FWD 19 128.13 P2p
Fa0/12 Desg FWD 19 128.14 P2p
VLAN0200
Spanning tree enabled protocol ieee
Root ID Priority 24776
Address 0016.c840.3580 // DLS2 MAC ADDRESS
Cost 19
Port 13 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28872 (priority 28672 sys-id-ext 200)
Address 0016.c756.6180
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Root FWD 19 128.13 P2p
Fa0/12 Altn BLK 19 128.14 P2p
DLS2#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0016.c756.6180 // DLS1 MAC ADDRESS
Cost 19
Port 13 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28673 (priority 28672 sys-id-ext 1)
Address 0016.c840.3580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Root FWD 19 128.13 P2p
Fa0/12 Altn BLK 19 128.14 P2p
VLAN0100
Spanning tree enabled protocol ieee
Root ID Priority 24676
Address 0016.c756.6180
Cost 19
Port 13 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28772 (priority 28672 sys-id-ext 100)
Address 0016.c840.3580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Root FWD 19 128.13 P2p
Fa0/12 Altn BLK 19 128.14 P2p
VLAN0200
Spanning tree enabled protocol ieee
Root ID Priority 24776
Address 0016.c840.3580
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24776 (priority 24576 sys-id-ext 200)
Address 0016.c840.3580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Desg FWD 19 128.13 P2p
Fa0/12 Desg FWD 19 128.14 P2p
DLS2#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0016.c756.6180
Cost 19
Port 13 (FastEthernet0/11)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28673 (priority 28672 sys-id-ext 1)
Address 0016.c840.3580
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/7 Desg FWD 19 128.9 P2p
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/9 Desg FWD 19 128.11 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/11 Root FWD 19 128.13 P2p
Fa0/12 Altn BLK 19 128.14 P2p
DLS2(config)#interface fastethernet0/11
DLS2(config-if)#spanning-tree ?
bpdufilter Don't send or receive BPDUs on this interface
bpduguard Don't accept BPDUs on this interface
cost Change an interface's spanning tree port path cost
guard Change an interface's spanning tree guard mode
link-type Specify a link type for spanning tree protocol use
mst Multiple spanning tree
port-priority Change an interface's spanning tree port priority
portfast Enable an interface to move directly to forwarding on link up
stack-port Enable stack port
vlan VLAN Switch Spanning Tree
DLS2(config-if)#spanning-tree guard ?
loop Set guard mode to loop guard on interface
none Set guard mode to none
root Set guard mode to root guard on interface
DLS2(config-if)#spanning-tree guard root // MAKES A PORT root-inconsistent IF A SWITCH IS CONNECTED WITH LOWER BID THAN ROOT BRIDGE
DLS2(config-if)#
*Mar 1 01:52:33.223: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port
FastEthernet0/11.
*Mar 1 01:52:34.230: %SPANTREE-2-ROOTGUARD_BLOCK: Root guard blocking port FastEthernet0/11 on
VLAN0100.
DLS2#show spanning-tree ?
WORD bridge group list, example 1,3-5,7,9
active Report on active interfaces only
backbonefast Show spanning tree backbonefast status
blockedports Show blocked ports
bridge Status and configuration of this bridge
detail Detailed information
inconsistentports Show inconsistent ports
interface Spanning Tree interface status and configuration
mst Multiple spanning trees
pathcost Show Spanning pathcost options
root Status and configuration of the root bridge
summary Summary of port states
uplinkfast Show spanning tree uplinkfast status
vlan VLAN Switch Spanning Trees
| Output modifiers
<cr>
DLS2#show spanning-tree inconsistentports
Name Interface Inconsistency
-------------------- ------------------------ ------------------
VLAN0001 FastEthernet0/11 Root Inconsistent
VLAN0100 FastEthernet0/11 Root Inconsistent
Number of inconsistent ports (segments) in the system : 2
ALS1(config)#spanning-tree ?
backbonefast Enable BackboneFast Feature
etherchannel Spanning tree etherchannel specific configuration
extend Spanning Tree 802.1t extensions
logging Enable Spanning tree logging
loopguard Spanning tree loopguard options
mode Spanning tree operating mode
mst Multiple spanning tree configuration
pathcost Spanning tree pathcost options
portfast Spanning tree portfast options
transmit STP transmit parameters
uplinkfast Enable UplinkFast Feature
vlan VLAN Switch Spanning Tree
ALS1(config)#spanning-tree portfast ?
bpdufilter Enable portfast bdpu filter on this switch
bpduguard Enable portfast bpdu guard on this switch
default Enable portfast by default on all access ports
ALS1(config)#spanning-tree portfast bpduguard ?
default Enable bdpu guard by default on all portfast ports
ALS1(config)#spanning-tree portfast bpduguard default // MAKES AN ACCESS PORT error-disable IF IT
RECEIVES BPDUs
ALS1(config)#do show spanning-tree summary
Switch is in pvst mode
Root bridge for: none
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is enabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
EtherChannel misconfig guard is enabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 5 0 0 1 6
VLAN0100 5 0 0 1 6
VLAN0200 5 0 0 1 6
---------------------- -------- --------- -------- ---------- ----------
3 vlans 15 0 0 3 18
ALS1#show run interface fastethernet0/6
Building configuration...
Current configuration : 109 bytes
!
interface FastEthernet0/6
switchport access vlan 100
switchport mode access
spanning-tree portfast
end
02:04:17: %LINK-3-UPDOWN: Interface FastEthernet0/6, changed state to up
02:04:18: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to up
02:04:18: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port FastEthernet0/6 with BPDU Guard enabled. Disabling port.
02:04:18: %PM-4-ERR_DISABLE: bpduguard error detected on Fa0/6, putting Fa0/6 in err-disable state
02:04:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to down
02:04:20: %LINK-3-UPDOWN: Interface FastEthernet0/6, changed state to down
ALS1#show interface fastethernet0/6
FastEthernet0/6 is down, line protocol is down (err-disabled)
Hardware is Fast Ethernet, address is 6416.8dec.a707 (bia 6416.8dec.a707)
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed, media type is 10/100BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:16, output 00:00:16, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
6125 packets input, 1320320 bytes, 0 no buffer
Received 6040 broadcasts (0 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 4134 multicast, 0 pause input
0 input packets with dribble condition detected
3788 packets output, 269527 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
ALS1(config)#interface fastethernet0/6
ALS1(config-if)#storm-control ?
action Action to take for storm-control
broadcast Broadcast address storm control
multicast Multicast address storm control
unicast Unicast address storm control
ALS1(config-if)#storm-control broadcast ?
level Set storm suppression level on this interface
ALS1(config-if)#storm-control broadcast level ?
<0.00 - 100.00> Enter rising threshold
bps Enter suppression level in bits per second
pps Enter suppression level in packets per second
ALS1(config-if)#storm-control broadcast level 50 // TO CONTROL BROADCAST STORM ON AN UNMANAGED SWITCH
ALS1#sh run interface fastethernet0/6
Building configuration...
Current configuration : 131 bytes
!
interface FastEthernet0/6
switchport trunk encapsulation dot1q
switchport mode trunk
storm-control broadcast level 50.00
end
DLS1(config)#udld ?
aggressive Enable UDLD protocol in aggressive mode on fiber ports except
where locally configured
enable Enable UDLD protocol on fiber ports except where locally
configured
message Set UDLD message parameters
DLS1(config)#udld aggressive // AGGRESSIVE KEYWORD PUTS A FIBER INTERFACE TO error-disable WHEN A UNIDIRECTIONAL LINK IS DETECTED; LOOP GUARD CAN BE CONFIGURED AS AN ALTERNATIVE; CAN ALSO CONFIGURE BOTH OR ON AN ETHERCHANNEL LINK
DLS1#show udld gigabitethernet0/1
Interface Gi0/1
---
Port enable administrative configuration setting: Follows device default
Port enable operational state: Enabled / in aggressive mode
Current bidirectional state: Unknown
Current operational state: Link down
Message interval: 7
Time out interval: 5
No neighbor cache information stored