一、生成树
1、背景
2、生成树——冗余链路带来的问题
3、生成树原理
4、STP算法
5、STP端口状态
二、以太通道
1、LACP协议
2、PAGP协议
3、配置注意点
三、生成树的配置
1、任务
两台交换机分别通过Fa0/1和Fa0/2端口连接起来作为冗余链路,账务部和销售部分别属于VLAN10和VLAN20,在三层交换机上VLAN10的地址为192.168.10.1,VLAN20的地址为192.168.20.1,配置三层交换机SWA为VLAN10,VLAN20的根网桥,SWB为VLAN10,VLAN20的备份根网桥。
2、拓扑图
3、代码
(1)SWA配置
Switch>en
Switch#vlanda
Switch#vlan da
Switch#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
Switch(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
Switch(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname SWA
SWA(config)#int range f0/1-2
SWA(config-if-range)#switchport trunk encapsulation dot1q
SWA(config-if-range)#switchport mode trunk
SWA(config-if-range)#switchport trunk all vlan all
SWA(config-if-range)#exit
SWA(config)#int f0/3
SWA(config-if)#switchport mode access
SWA(config-if)#switchport access vlan 20
SWA(config-if)#no shut
SWA(config-if)#exit
SWA(config)#int vlan 10
SWA(config-if)#
%LINK-5-CHANGED: Interface Vlan10, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up
SWA(config-if)#ip add 192.168.10.1 255.255.255.0
SWA(config-if)#exit
SWA(config)#int vlan 20
SWA(config-if)#
%LINK-5-CHANGED: Interface Vlan20, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up
SWA(config-if)#ip add 192.168.20.1 255.255.255.0
SWA(config-if)#exit
SWA(config)#ip routing //开启路由转发功能
SWA(config)#spanning-tree vlan 10 root primary //SWA配置为跟交换机
SWA(config)#spanning-tree vlan 20 root primary
SWA(config)#(2)SWB配置
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname SWB
SWB(config)#vlan 10
SWB(config-vlan)#exit
SWB(config)#vlan 20
SWB(config-vlan)#exit
SWB(config)#int range f0/1-2
SWB(config-if-range)#switchport mode trunk
SWB(config-if-range)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
SWB(config-if-range)#switchport trunk all vlan all
SWB(config-if-range)#no shut
SWB(config-if-range)#exit
SWB(config)#int f0/3
SWB(config-if)#switchport mode access
SWB(config-if)#switchport access vlan 10
SWB(config-if)#no shut
SWB(config-if)#exit
SWB(config)#spanning-tree vlan 10 root secondary //SWB上配置为备份根交换机
SWB(config)#spanning-tree vlan 20 root secondary (3)测试
SWA
SWA#show spanning-tree //查看生成树信息
VLAN0001 //VLAN1的生成树信息,每个VLAN都有一棵生成树
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0090.0C34.7E78
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0090.0C34.7E78
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/1 Desg FWD 19 128.1 P2p
VLAN0010 //VLAN10生成树信息
Spanning tree enabled protocol ieee
Root ID Priority 24586 //根交换机的优先级值
Address 0090.0C34.7E78
This bridge is the root //这是根交换机
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24586 (priority 24576 sys-id-ext 10) //配置root primary生成的优先级值
Address 0090.0C34.7E78
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Desg FWD 19 128.2 P2p //转发状态
Fa0/1 Desg FWD 19 128.1 P2p //转发状态
VLAN0020 //VLAN20生成树信息
Spanning tree enabled protocol ieee
Root ID Priority 24596 //根交换机的优先级值
Address 0090.0C34.7E78
This bridge is the root //这是根交换机
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24596 (priority 24576 sys-id-ext 20) //配置root primary生成的
Address 0090.0C34.7E78
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Desg FWD 19 128.2 P2p //连接PC的端口转发状态
Fa0/1 Desg FWD 19 128.1 P2p //连接PC的端口转发状态
Fa0/3 Desg FWD 19 128.3 P2p //连接PC的端口转发状态SWA#show spanning-tree summary //查看生成树摘要信息
Switch is in pvst mode //生成树模式为pvst
Root bridge for: default VLAN0010 VLAN0020 //vlan10和vlan20的根网桥
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is disabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
EtherChannel misconfig guard is disabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 0 0 0 2 2
VLAN0010 0 0 0 2 2
VLAN0020 0 0 0 3 3
---------------------- -------- --------- -------- ---------- ----------
3 vlans 0 0 0 7 7
SWB
SWB#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0090.0C34.7E78
Cost 19
Port 1(FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 00D0.9785.722E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Altn BLK 19 128.2 P2p
Fa0/1 Root FWD 19 128.1 P2p
VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 24586
Address 0090.0C34.7E78
Cost 19
Port 1(FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28682 (priority 28672 sys-id-ext 10)
Address 00D0.9785.722E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Altn BLK 19 128.2 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/1 Root FWD 19 128.1 P2p
VLAN0020
Spanning tree enabled protocol ieee
Root ID Priority 24596
Address 0090.0C34.7E78
Cost 19
Port 1(FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 28692 (priority 28672 sys-id-ext 20)
Address 00D0.9785.722E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/2 Altn BLK 19 128.2 P2p //阻塞状态
Fa0/1 Root FWD 19 128.1 P2p //转发状态SWB#show spanning-tree summary
Switch is in pvst mode //生成树模式为pvst
Root bridge for:
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is disabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
EtherChannel misconfig guard is disabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 1 0 0 1 2
VLAN0010 1 0 0 2 3
VLAN0020 1 0 0 1 2
---------------------- -------- --------- -------- ---------- ----------
3 vlans 3 0 0 4 7从以上信息可以看出,SWA为根交换机,SWB为备份交换机,虽然有两条链路,但是实际生效的只有交换机SWA端口f0/1与SWB端口F0/2之间的链路。
大家在配置完之后,可以将主链路F0/1关掉,然后等待几分钟,看两台pc之间是否能进行通信
(4)快速生成树
SWA
SWA(config)#spanning-tree mode rapid-pvst SWB
SWB(config)#spanning-tree mode rapid-pvst 查看SWA生成树摘要信息有什么变化
SWA#show spanning-tree summary
Switch is in rapid-pvst mode //生成模式为RSTP
Root bridge for: default VLAN0010 VLAN0020 //vlan10和vlan20的根网桥
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is disabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
EtherChannel misconfig guard is disabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ----------
VLAN0001 1 0 0 2 3
VLAN0010 1 0 0 2 3
VLAN0020 0 0 0 3 3
---------------------- -------- --------- -------- ---------- ----------
3 vlans 2 0 0 7 9这里就不查看SWB的摘要信息了,大家可以去看看变化。
快速生成树协议RSTP在生成树协议的基础上增加了两种角色,替换端口和备份端口,冗余端口不需要等待50秒的收敛时间,可以直接切换到备份端口或替换端口,实现快速收敛。
四、二层以太通道配置
1、任务
某公司建立了一个小型局域网,使用两台三层核心交换机部署以太通道,提高链路带宽和可靠性,增大转发速率。物理链路间采用基于目的IP地址的负载均衡。
两台交换机通过两个GE端口连接起来,聚合成一条逻辑链路。
2、拓扑图
3、代码
(1)SWA以太通道配置
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname SWA
SWA(config)#int range g0/1-2
SWA(config-if-range)#switchport trunk encapsulation dot1q
SWA(config-if-range)#switchport mode trunk
SWA(config-if-range)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to up
SWA(config-if-range)#switchport trunk all vlan all
SWA(config-if-range)#no shut
SWA(config-if-range)#channel-group 1 mode on //端口绑定在通道组1
SWA(config-if-range)#
Creating a port-channel interface Port-channel 1
%LINK-5-CHANGED: Interface Port-channel1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up
SWA(config-if-range)#exit
SWA(config)#port-channel load-balance dst-ip //端口通道的负载均衡方式(2)SWB以太通道配置
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int range f0/1-2
Switch(config-if-range)#switchport trunk encapsulation dot1q
Switch(config-if-range)#switchport mode trunk
Switch(config-if-range)#switchport trunk all vlan all
Switch(config-if-range)#channel-group 1 mode on
Switch(config-if-range)#
Creating a port-channel interface Port-channel 1
Switch(config-if-range)#exit
Switch(config)#port-channel load-balance dst-ip 4、测试
SWA
SWA#show etherchannel summary //查看交换机上的通道汇总信息
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+----------------------------------------------
1 Po1(SU) - Gig0/1(P) Gig0/2(P) //SU代表以太通道在二层SWA#show etherchannel port-channel //查看交换机上的通道包含的端口
Channel-group listing:
----------------------
Group: 1
----------
Port-channels in the group:
---------------------------
Port-channel: Po1
------------
Age of the Port-channel = 00d:00h:15m:18s
Logical slot/port = 2/1 Number of ports = 2
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel //端口的状态
Protocol = PAGP //使用的协议
Port Security = Disabled
Ports in the Port-channel: //通道包含的端口
Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Gig0/1 On 0
0 00 Gig0/2 On 0
Time since last port bundled: 00d:00h:15m:18s Gig0/2SWB
Switch#show etherchannel load-balance //查看交换机上的通道负载均衡
EtherChannel Load-Balancing Configuration:
dst-ip
EtherChannel Load-Balancing Addresses Used Per-Protocol:
Non-IP: Destination MAC address
IPv4: Destination IP address
IPv6: Destination IP address
有想法的可以连接两台PC试试通信情况,进入以太通道的其中一个端口,然后关闭这个端口,看看会不会影响PC之间的通信
五、三层以太通道配置
1、任务
某公司建立了一个小型局域网,分为人事部和行政部两个部门,使用两台三层核心交换机部署以太通道,提高链路带宽和可靠性,增大转发速率。
两台交换机通过两个GE端口连接起来,聚合成一条逻辑链路,配置为三层以太通道,通道两端的地址如图所示。人事部和行政部分别属于VLAN10和VLAN20。
2、拓扑图
3、代码
(1)SWA
Switch>en
Switch#vlan database //配置vlan
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
Switch(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname SWA
以太通道配置
SWA(config)#int range g0/1-2
SWA(config-if-range)#no switchport //关闭二层功能
SWA(config-if-range)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to up
SWA(config-if-range)#channel-group 1 mode on
SWA(config-if-range)#
Creating a port-channel interface Port-channel 1
%LINK-5-CHANGED: Interface Port-channel1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up
SWA(config-if-range)#exit
SWA(config)#int port-channel 1
SWA(config-if)#ip add 10.1.1.1 255.255.255.0
SWA(config-if)#no shut
SWA(config-if)#exit
vlan地址配置
SWA(config)#int vlan 10
SWA(config-if)#
%LINK-5-CHANGED: Interface Vlan10, changed state to up
SWA(config-if)#ip add 192.168.10.1 255.255.255.0
SWA(config-if)#exit
SWA(config)#ip routing //开启路由功能
ACCESS端口配置
SWA(config)#int f0/1
SWA(config-if)#switchport mode access
SWA(config-if)#switchport access vlan 10
SWA(config-if)#no shut
SWA(config-if)#exit
配置路由使全网互通
SWA(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.2(2)SWB
Switch>en
Switch#vlan database //创建vlan
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
Switch(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
Switch(vlan)#exit
APPLY completed.
Exiting....
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname SWB
以太通道配置
SWB(config)#int range g0/1-2
SWB(config-if-range)#no switchport //关闭二层功能
SWB(config-if-range)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to up
SWB(config-if-range)#channel-group 1 mode on
SWB(config-if-range)#
Creating a port-channel interface Port-channel 1
%LINK-5-CHANGED: Interface Port-channel1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up
SWB(config-if-range)#exit
SWB(config)#int port-channel 1
SWB(config-if)#ip add 10.1.1.2 255.255.255.0
SWB(config-if)#no shut
SWB(config-if)#exit
vlan地址配置
SWB(config)#int vlan 20
SWB(config-if)#
%LINK-5-CHANGED: Interface Vlan20, changed state to up
SWB(config-if)#ip add 192.168.20.1 255.255.255.0
SWB(config-if)#exit
SWB(config)#ip routing //开启路由功能
ACCESS端口配置
SWB(config)#int f0/1
SWB(config-if)#switchport mode access
SWB(config-if)#switchport access vlan 20
SWB(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up
SWB(config-if)#no shut
SWB(config-if)#exit
配置路由协议使全网互通
SWB(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.14、测试
SWA#show etherchannel summary //查看以太通道汇总信息
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+----------------------------------------------
1 Po1(RU) - Gig0/1(P) Gig0/2(P) //RU代表以太通道在三层测试两台PC之间可以进行通信,如果将一个以太端口关闭(模拟物理链路故障),并不影响通信,更不会影响整个三层的路由转发
六、综合测试
1、目标
-
为了提高网络可靠性,使用两台核心交换机组网,同时为了避免二层环路,运行STP,设置SWA为VLAN10的根交换机、VLAN20的备份根交换机,SWB为VLAN10备份根交换机、VLAN20的根交换机。
-
SWA和SWB之间实施链路捆绑及网关冗余提高网络可靠性。
-
测试STP、网关冗余是否生效,观察STP端口的状态切换。
-
掌握STP的选举过程,包括根网桥、根端口、阻塞端口、指定端口。
2、拓扑图
大家可以自行尝试,有问题的同学可以在评论区评论出来,我会一一解答,需要代码的同学可以在评论区扣1
欢迎大家积极提问噢!
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
