     Cisco
  


           Cisco,         ,  , ,  STP, EIGRP, OSPF, BGP, MPLS.












  


       ,      show  debug            ,   .                  Cisco.    ,       show  debug,      ,              ,          .   ,          .

 ,   ,       ,   10.0.21.1   r1,          r2,    10.0.214.1    r1, r2, r4.  10.0.12.0       r1   10.0.12.1,  r2 10.0.12.2.      Frame-relay   ,         ,        .




    


 Cisco     :  (user mode)   (privileged mode).    

Router>

     , ,          ?,    .           ,     enable

Router>enable

    :

Router#

      ,       configure terminal

Router#configure terminal

    :

Router(config)#

        exit, end  Ctrl+Z,  exit    ,       

          

Router#copy running-config startup-config



Router#write

       ,   do:

Router(config)#do copy running-config startup-config

    ,    show.  ,     

Router#show running-config

    

Router(config)#do show running-config

      ,   sh run,       ,        (^).

   ,          ,  :

Router#erase startup-config

    :

Router#reload

      ,      20:00 :

Switch# reload at 20:00

   :

Switch# reload at 20:00 jun 10

  ,        (vlan)                  .

    :

sw2#delete flash:vlan.dat

    (vlan)   234:

sw2(config)#no vlan 234

          ,   :

ࠠ

Ctrl+A     

Ctrl+B     

Ctrl+D    

Ctrl+E    

Ctrl+F     

Ctrl+K         

Ctrl+N      

Ctrl+P      

Ctrl+T        

Ctrl+R     

Ctrl+U 

Ctrl+W    

Ctrl+X          

Ctrl+Y ,  ,      

Ctrl+Z         

   

?    

?    

?  

?  

Ctrl+^,  X   

   .

    , :

Switch#show running-config

      ,     ,   begin, include, exclude       section.     :

Switch#show running-config | begin interface

              interface,     include,     ,     :

Switch# show interface | include protocol

Vlan 1 is up, line protocol is up

FastEthernet0/0 is up, line protocol is up

  ,  ,   ,   :

Router(config)#hostname r1

       :

r1(config)#

   ,         ,    .

    :

r1(config)#no ip domain-lookup

r1(config)#line console 0

   -,    :

r1(config-line)#exec-timeout 0 0

     :

r1(config-line)#logging synchronous

r1(config-line)#exit

        :

           :

r1(config)#username admin privilege 15 password cisco

     :

  password  secret,     .

r1(config)#username admin privilege 15 secret cisco

   SSH,     :

   ,     :

r1(config)#ip domain-name cisco.net

r1(config)#crypto key generate rsa

     ,  2048,      ,         .

  :

r1(config)#ip ssh version 2

 ,   ,      ,  0  4,     :

r1(config)#line vty 0 4

     :

r1(config-line)#login local

   :

r1(config-line)#transport input telnet ssh

  :

r1(config-line)#end

r1#write

    show running-config,   show ip ssh.

       show sessions,   show users    .

     :

r1# copy running-config startup-config

     ,   :

r1(config)#interface f0/0

r1(config-if)#description *** Connects to router r2 ***

    :

r1(config-if)#ip address 10.1.1.1 255.255.255.0

         :

sw1#configure terminal

sw1(config)#interface f0/0

sw1(config-if)#speed ?

10 Force 10 Mbps operation

100 Force 100 Mbps operation

auto Enable AUTO speed configuration

sw1(config-if)#duplex ?

auto Enable AUTO duplex configuration

full Force full duplex operation

half Force half-duplex operation

  show,  ,           :

sw1(config-if)#do sh int f0/0 | inc Auto

Auto-duplex, Auto-speed

      ,    :

sw1(config-if)#ip address 10.1.1.1 255.255.255.0

% IP addresses may not be configured on L2 links.

        IP         ,    :

sw1(config-if)#no switchport

       :

sw1(config-if)#ip address 10.1.1.1 255.255.255.0

sw1(config-if)#do show run interface f0/0

Building configuration

Current configuration : 83 bytes

!

interface FastEthernet0/0

no switchport

ip address 10.1.1.1 255.255.255.0

end

   .

            , :

sw1(config-if)#switchport

 shutdown  ,  no shutdown  ,      .

     MTU   :

   1500,    10  100 Mb/s   1500  1998 byte.

sw1(config)#system mtu < >

   1500,  1000 Mb/s   1500  9000 byte.

sw1(config)#system mtu jumbo < >

   1500    ,   ,   .

r1(config)#system mtu routing < >

    MTU         .

      ,     :

sw1(config)#default interface f0/0

Building configuration

Interface FastEthernet0/0 set to default configuration

sw1(config)#

        ,   :

r1(config)#interface s0/0/0

   :

r1(config-if)#no ip address

 ,    ,    :

r1(config-if)#no shutdown

   :

r1(config-if)#interface s0/0/0.1 point-to-point

r1(config-if)#ip address 10.1.1.1 255.255.255.0

r1(config-if)#interface s0/0/0.2 point-to-point

r1(config-if)#ip address 10.1.2.1 255.255.255.0

      :

r1(config)#interface s0/0/0

r1(config-if)#ip address 10.1.1.1 255.255.255.0

     secondary:

r1(config-if)#ip address 10.1.2.1 255.255.255.0 secondary

     ,      ,   :

r1(config)# interface loopback 0

r1(config-if)# ip address 1.1.1.1 255.255.255.255

     ,        .

 range   :

sw1(config)#interface range f0/1  24

   ,   Cisco    CDP  Cisco Discovery Protocol,        ,      :

 , :

r1(config)#(no) cdp run

r1(config)#interface s0/0/0

 ,   :

r1(config-if)#(no) cdp enable

  ,    detail        :

r1#show cdp neighbors (detail)

      LLDP  Link Layer Discovery Protocol       ,          cdp :

r1(config)#run lldp

r1# show lldp ?

       ,      :

r1#show version

Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.1(4)M1, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2011 by Cisco Systems, Inc.

Compiled Tue 14-Jun-11 19:25 by prod_rel_team



ROM: System Bootstrap, Version 15.0(1r)M12, RELEASE SOFTWARE (fc1)



r1 uptime is 13 hours, 43 minutes

System returned to ROM by reload at 18:25:57 MSK Tue May 28 2013

System restarted at 18:27:34 MSK Tue May 28 2013

System image file is "flash0:c2900-universalk9-mz.SPA.151-4.M1.bin"

Last reload type: Normal Reload

Last reload reason: Reload Command

    

Cisco CISCO2901/K9 (revision 1.0) with 487424K/36864K bytes of memory.

Processor board ID FCZ1540C5LU

2 Gigabit Ethernet interfaces

1 terminal line

DRAM configuration is 64 bits wide with parity enabled.

255K bytes of non-volatile configuration memory.

255744K bytes of ATA System CompactFlash 0 (Read/Write)

License Info:

License UDI:



Device# PID SN



*0 CISCO2901/K9 FCZ



Technology Package License Information for Module:'c2900'



Technology Technology-package Technology-package

Current Type Next reboot



ipbase ipbasek9 Permanent ipbasek9

security None None None

uc None None None

data None None None

Configuration register is 0x2102

     :

 :

r1#clock set 08:00:00 Jan 2011

 :

r1(config)#clock timezone MSK+4

    :

r1(config)#ntp server 10.1.1.2

     :

r2(config)#ntp master

      :

r1#show clock

      NTP-:

r1(config)#clock update-calendar

        :

r1(config)#clock calendar-valid

 :

                    :

Router>enable

Router#conf t

Router(config)#hostname r1

r1(config)#interface F0/0

r1(config-if)#no shutdown

r1(config-if)#ip add 10.0.12.1 255.255.255.0

r1(config)#ip route 0.0.0.0 0.0.0.0 10.0.12.2

r1(config)#no ip domain-lookup

r1(config)#line console 0

r1(config-line)#exec-timeout 0 0

r1(config-line)#logging synchronous

r1(config-line)#exit

r1(config)#username admin privilege 15 secret cisco

r1(config)#ip domain-name cisco.net

r1(config)#crypto key generate rsa 2048

r1(config)#ip ssh version 2

r1(config)#line vty 0 4

r1(config-line)#login local

r1(config-line)#transport input telnet ssh

r1(config-line)#exit

r1(config)#exit

r1#clock set 08:00:00 Jan 2020

r1#write

         telnet  ssh   ,         .










  


Virtual

Local

Area

Network

(

Vlan

)

    (vlan)      1  1005,    (transparent)  1  4094.  Vlan    ,       ,  , admin ,       :

    (vlan):

sw1(config)#vlan 234

        :

sw1(config-vlan)#name VLAN234

sw1(config-vlan)#end

sw1#wr

    (vlan)    no,   :

sw1(config)#no vlan 234

,      ,     (access port).    :

sw1(config)#interface f0/2

   :

sw1(config-if)# switchport mode access

     (vlan):

sw1(config-if)# switchport access vlan 234

   ,  :

sw1#show interface f0/2 switchport

Name: Fa0/2

Switchport: Enabled

Administrative Mode: static access

Operational Mode: static access

Administrative Trunking Encapsulation: negotiate

Operational Trunking Encapsulation: native

Negotiation of Trunking: Off

Access Mode VLAN: 234 (Support)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk associations: none

Administrative private-vlan trunk mappings: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Unknown unicast blocked: disabled

Unknown multicast blocked: disabled

Appliance trust: none

      (vlan)    :

sw1(config)#vlan 5

sw1(config-vlan)#name vlan5

sw1(config-vlan)#vlan 43

sw1(config-vlan )#name vlan43

sw1(config-vlan)#exit

sw1(config)#interface FastEthernet0/5

sw1(config-if)#switchport access vlan 5

sw1(config-if)#interface FastEthernet0/24

sw1(config-if)#switchport access vlan 43

sw1(config-if)#end

sw1#wr

  , :

sw1#show interface status

Port Name Status Vlan Duplex Speed Type

Fa0/1 notconnect 1 auto auto 10/100BaseTX

Fa0/2 notconnect 1 auto auto 10/100BaseTX

Fa0/3 connected 1 a-half a-10 10/100BaseTX

Fa0/4 notconnect 1 auto auto 10/100BaseTX

Fa0/5 vlan5 connected 5 a-half a-10 10/100BaseTX

Fa0/24 vlan43 connected 43 a-half a-10 10/100BaseTX

    

        (vlan)  ,   :

      (vlan)    .       show vlan brief.

   :

sw1#show vlan brief

VLAN Name Status Ports

   

1 default active Fa0/6,Fa0/7,Fa0/8, Fa0/9

Fa0/11,Fa0/12,Fa0/13,Fa0/14

Fa0/15,Fa0/16,Fa0/17,Fa0/18

Gi0/1, Gi0/2

30 VLAN30 active

33 VLAN33 active

42 VLAN42 active

51 VLAN51 active Fa0/5

54 VALN54 active Fa0/4

234 VLAN234 active Fa0/2

243 VLAN243 active

300 VALN300 active Fa0/3

1002 fddi-default act/unsup

1003 trcrf-default act/unsup

,   ,   Fa0/3 vlan 30     

sw1(config)#interface f0/3

sw1(config)#switchport access vlan 30

sw1(config)#exit

sw1#show vlan brief | i 30

30 VLAN30 active Fa0/3

   ,      300  30    (vlan),          wr.




     (VTP) Vlan Trunking Protocol


 VTP        .   VTP       vtp

   ,  ,    

sw1(config)#vtp ?

domain Set the name of the VTP administrative domain.

file Configure IFS file system file where VTP configuration is stored.

interface Configure interface as the preferred source for the VTP IP updater address.

mode Configure VTP device mode

password Set the password for the VTP administrative domain

pruning Set the administrative domain to permit pruning

version Set the administrative domain to VTP version

   (mode)  ,      VTP:

sw2(config)#vtp mode ?

client Set the device to client mode.

server Set the device to server mode.

transparent Set the device to transparent mode

  (transparent)      (vlans)  1  4094.     ,                .

  (client)       .

  (server)         ,      .

   ,     (server)     .       , ,  :

sw1(config)#vtp pruning

    :

sw1(config)#vtp domain CISCO

sw1(config)#vtp mode transparent

sw1(config)#vtp password cisco

   VTP    ,       ,        (server).

   ,  ,  :

sw1#show vtp status

VTP Version : running VTP2

Configuration Revision : 0

Maximum VLANs supported locally : 1005

Number of existing VLANs : 16

VTP Operating Mode : Transparent

VTP Domain Name : CISCO

VTP Pruning Mode : Disabled

VTP V2 Mode : Enabled

VTP Traps Generation : Disabled

MD5 digest : 0x07 0x4A 0x67 0xF3 0xA0 0x0E 0x9B 0xAD

Configuration last modified by 150.2.20.1 at 3-1-93 01:18:04

      :

sw1#show vtp password

,  VTP    :

sw1(config)#vtp domain CISCO

sw1(config)#vtp mode server

sw1(config)#vtp password cisco

      :

sw2(config)#vtp domain CISCO

sw2(config)#vtp mode client

sw2(config)#vtp password cisco

  ,   ,        ,        .       ,    ,       Configuration Revision ,   .       .

 VTP  ,      ,   ,   :

sw1#vlan database

sw1(vlan)#vtp transparent

sw1(vlan)#vtp domain cisco.com

sw1(vlan)#vtp password cisco

       pruning  ..

sw1(vlan)#exit

sw1#wr

 :

sw1#conf t

sw1(config)#vtp mode transparent

sw1(config)#exit

sw1#wr

       ,    vlan       .




   Switched Virtual Interface (SVI)


   .

sw1(config)#interface vlan 234

sw1(config-if)#ip address 10.10.234.1 255.255.255.0

sw1(config-if)#exit




   (Vlan)  


        ,   :

sw1#vlan database

sw1(vlan)#vlan 234 name ADMIN

sw1(vlan)#exit

 :

sw1#conf t

sw1(config)#vlan 10

sw1(config-vlan)#name user_vlan

sw1(config)#vlan 11

sw1(config-vlan)#name management_vlan

sw1(config-vlan)#exit

sw1(config)#interface range f0/1  24

sw1(config-if)# description *** Access Interface ***

sw1(config-if)#switchport mode access

sw1(config-if)#switchport access vlan 10

sw1(config-if)#exit

sw1(config)#interface vlan 11

sw1(config-if)# description *** Management Interface ***

sw1(config-if)#ip address 10.0.11.2 255.255.255.0

sw1(config-if)#exit

sw1(config)#exit

sw1#wr

      (vlans)     10    1  24  11    ,    10.0.11.2.    .




  (Trunk port)


,    VLAN,   Trunk port,  .    ISL, 802.1q.    DTP (Dynamic Trunking Protocol),          .

ISL (Inter-Switch Link)    Cisco,      Cisco.   ,         .

      ,      range,         .

sw1(config)# interface range GigabitEthernet0/1  2

sw1(config-if)#switchport trunk encapsulation isl

sw1(config-if)#switchport mode trunk

  :

sw1#show interface trunk

802.1q     ,     , :

sw1(config)# interface range GigabitEthernet0/1  2

sw1(config-if)#switchport trunk encapsulation dot1q

sw1(config-if)#switchport mode trunk

   ,   :

sw1(config)# interface range GigabitEthernet0/1  2

sw1(config-if)#switchport mode trunk

   802.1q   .

  :

sw1#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Gi0/1 on 802.1q trunking 1

Gi0/2 on 802.1q trunking 1

Port Vlans allowed on trunk

Gi0/1 1-1005

Gi0/2 1-1005

Port Vlans allowed and active in management domain

Gi0/1 1,30,33,42,51,54,234,243,300

GI0/2 1,30,33,42,51,54,234,243,300

Port Vlans in spanning tree forwarding state and not pruned

Gi0/1 1,30,33,42,51,54,234,243,300

Gi0/2 none

    native VLAN,       ,    1,        ,  ,  11:

sw1(config)# interface range GigabitEthernet0/1  2

sw1(config-if)#switchport trunk native vlan 11

    ,  :

sw1#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Gi0/1 on 802.1q trunking 11

Gi0/2 on 802.1q trunking 11

    DTP (Dynamic Trunking Protocol)   ,     ,   :

sw1(config)# interface range GigabitEthernet0/1  2

sw1(config-if)#switchport trunk encapsulation dot1q

sw1(config-if)#switchport mode trunk

sw1(config-if)#switchport nonegotiate

   DTP.

  ,         (vlans),     :

sw1(config)# interface range GigabitEthernet0/1  2

sw1(config-if)#switchport trunk allowed vlan 1-10

,   ,       (vlan)     :

sw1(config)# interface range GigabitEthernet0/1  2

 vlan 2:

sw1(config-if)#switchport trunk allowed vlan remove 2

 vlan 2:

sw1(config-if)#switchport trunk allowed vlan add 2

 10   :

sw1(config-if)#switchport trunk allowed vlan except 10

 :

  3560,        ,   :

sw1#conf t

sw1(config)# interface range GigabitEthernet0/1

sw1(config-if)#switchport trunk encapsulation dot1q

sw1(config-if)#switchport mode trunk

sw1(config-if)#switchport trunk allowed vlan 1-10

sw1(config-if)#exit

sw1(config)#exit

sw1#wr

  2960,       :

sw2#conf t

sw2(config)# interface range GigabitEthernet0/1

sw2(config-if)#switchport mode trunk

sw2(config-if)#exit

sw2(config)#exit

sw2#wr

  ,       ,  ,     .        (vlans)        sw2    vlans  1  10.           .

  :

sw1#show interface trunk

Port Mode Encapsulation Status Native vlan

Gi0/1 on 802.1q trunking 1

Port Vlans allowed on trunk

Gi0/1 1-4094

Port Vlans allowed and active in management domain

Gi0/1 1-10

Port Vlans in spanning tree forwarding state and not pruned

Gi0/1 1-10




  EtherCannel 2 


   8     ,    .    ,  ,         Cisco    LACP.    :

sw1(config)# interface range fa0/19  20

sw1(config-if)# channel-group 12 mode on

sw2(config)# interface range fa0/19  20

sw2(config-if)# channel-group 12 mode on

EtherCannel 2  Port Aggregation Protocol (PAgP)   Cisco,   Auto/Desirable-Desirable,  :

sw1(config)# interface range fa0/19  20

sw1(config-if)# channel-group 12 mode desirable

sw2(config)# interface range fa0/19  20

sw2(config-if)# channel-group 21 mode auto

EtherCannel 2  Link Aggregation Control Protocol (LACP)     IEEE 802.3ad,   Active/Passive-Active,  :

sw1(config)# interface range fa0/19  20

sw1(config-if)# channel-group 12 mode active

sw2(config)# interface range fa0/19  20

sw2(config-if)# channel-group 21 mode passive

 :

sw1#conf t

sw1(config)# interface range fa0/19  20

sw1(config-if)#shutdown

sw1(config-if)#switchport trunk encapsulation dot1q

sw1(config-if)#switchport mode trunk

sw1(config-if)#channel-group 12 mode active

sw1(config-if)#no shutdown

sw1(config-if)#exit

sw1(config)#exit

sw1#wr

sw2#conf t

sw2(config)# interface range fa0/19  20

sw2(config-if)#shutdown

sw2(config-if)#switchport trunk encapsulation dot1q

sw2(config-if)#switchport mode trunk

sw2(config-if)#channel-group 21 mode active

sw2(config-if)#no shutdown

sw2(config-if)#exit

sw2(config)#exit

sw2#wr

  EtherCannel      19  20.    shutdown  no shutdown   EtherCannel,    ,    .

  ,       Port-channel  ,    vlan,     Port-channel:

sw1#show run interface po12

Building configuration

Current configuration : 127 bytes

!

interface Port-channel12

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1-10

switchport mode trunk

end

  :

sw1# show etherchannel summary

Flags: D  down P  in port-channel

I  stand-alone s  suspended

H  Hot-standby (LACP only)

R  Layer3 S  Layer2

U  in use f  failed to allocate aggregator

u  unsuitable for bundling

w  waiting to be aggregated

d  default port



Number of channel-groups in use: 3

Number of aggregators: 3



Group Port-channel Protocol Ports

+++

1 Po12(SU) LACP Gi0/19(P) Gi0/20(P)




  EtherCannel 3 


        :

sw1#conf t

sw1(config)# ip routing

sw1(config)# interface port-channel 12

sw1(config-if)# no switchport

sw1(config-if)# ip address 10.1.1.1 255.255.255.0

sw1(config)# interface range fa0/19  20

sw1(config-if)# shutdown

sw1(config-if)# no switchport

sw1(config-if)# channel-group 12 mode on

sw1(config-if)# interface range fa0/19  20

sw1(config-if)#no shutdown

sw1(config-if)# end

sw1#wr

sw2#conf t

sw2(config)# ip routing

sw2(config)# interface port-channel 21

sw2(config-if)# no switchport

sw2(config-if)# ip address 10.1.1.2 255.255.255.0

sw2(config)# interface range fa0/19  20

sw2(config-if)# shutdown

sw2(config-if)# no switchport

sw2(config-if)# channel-group 21 mode on

sw2(config-if)#no shutdown

sw2(config-if)# interface range fa0/19  20

sw2(config-if)#no shutdown

sw2(config-if)# end

sw2#wr

  ,       3 ,      ,      ,  ,  3     3500   .

sw1(config)#ip routing

  :

sw1# show etherchannel summary













(EtherChannel Load Balancing)

      .

sw1#conf t

sw1(config)#port-channel load-balance dst-ip

sw1(config)#end

sw1#wr

    ,    :

dst-ip Dst IP Addr

dst-mac Dst Mac Addr

src-dst-ip Src XOR Dst IP Addr

src-dst-mac Src XOR Dst Mac Addr

src-ip Src IP Addr

src-mac Src Mac Addr

  :

sw1# show etherchannel load-balance

EtherChannel Load-Balancing Configuration:

dst-ip

EtherChannel Load-Balancing Addresses Used Per-Protocol:

Non-IP: Destination MAC address

IPv4: Destination IP address

IPv6: Destination IP address











Spanning-Tree Protocol (STP)

  ,    .   BPDU (Bridge Protocol Data Unit)         ,          .      (bridge root),   (root port)    (designated port). ,      Cisco   PVST+ (802.1d).  STP      :

 (Disabled)

 (Listening)

 (Learning)

 (Forwarding)

 (Blocking)

 STP      :

sw1(config)#spanning-tree mode ?

mst Multiple spanning tree mode

pvst Per-Vlan spanning tree mode

rapid-pvst Per-Vlan rapid spanning tree mode




PVST+ (802.1d)


  ,   ,      ,        ,  50 .      .

   PVST+    , :

sw1(config)# spanning-tree vlan 1-4094 hello-time <1-10>

Hello timer 2   .

sw1(config)# spanning-tree vlan 1-4094 forward-time <4-30>

Forward Delay 15   .

sw1(config)# spanning-tree vlan 1-4094 max-age <6-40>

Max Age 20   .

    ,   PVST+, ,     ,3-5 ,     .    max-age ,    .

sw1(config)#spanning-tree uplinkfast

sw1(config)#spanning-tree backbonefast

  :

sw1#show spanning-tree summary

Switch is in pvst mode

    




Rapid-PVST (802.1w)


    ,       portfast    ,      switchport mode access       portfast           STP.    .

       :

sw1(config)#spanning-tree mode rapid-pvst

  :

sw1#show spanning-tree summary

Switch is in rapid-pvst mode

    




   (STP)   


   802.1d  802.1w,     ,                 ,    ,      .     :

sw1(config)# spanning-tree vlan 1-4094 priority 0

sw2(config)# spanning-tree vlan 1-4094 priority 4096

sw1(config)# spanning-tree vlan 1-4094 root primary

sw2(config)# spanning-tree vlan 1-4094 root secondary

   sw1         (vlans),  sw2         .

  ,       vlan 9

sw1#show spanning-tree vlan 9

VLAN0009

Spanning tree enabled protocol rstp

Root ID Priority 9

Address 001b.544e.3280

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 9 (priority 0 sys-id-ext 9)

Address 001b.544e.3280

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

     

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 4 128.9 P2p

Gi1/0/10 Desg FWD 4 128.10 P2p





















(STP Load balancing with Port Cost)

         ,      4,           ,     :

sw1(config)#interface Gi0/1

sw1(config-if)#spanning-tree cost <1-65535>

    1       :

  :

Show spanning-tree vlan <vlan number>




     


  (STP Load balancing with Port Priority)

        :

sw1(config)#interface Gi0/1

sw1(config-if)#spanning-tree port-priority <0-255>

  :

sw1#Show spanning-tree vlan <vlan number>




    MST (802.1s)


     802.1w         vlan. :

sw1(config)#spanning-tree mode mst

sw1(config)#spanning-tree mst configuration

sw1(config-mst)#name MYVLAN

sw1(config-mst)# revision 1

sw1(config-mst)#instance 1 vlan 10, 11, 12, 13, 14, 15

sw1(config-mst)#instance 2 vlan 16, 17, 18, 19, 20, 21

sw2(config)#spanning-tree mode mst

sw2(config)# spanning-tree mst configuration

sw2(config-mst)#name MYVLAN

sw2(config-mst)#revision 1

sw2(config-mst)#instance 1 vlan 10, 11, 12, 13, 14, 15

sw2(config-mst)#instance 2 vlan 16, 17, 18, 19, 20, 21

sw2(config)#spanning-tree mst 2 root primary

  ,       2 :

sw3(config)#spanning-tree mode mst

sw3(config)#spanning-tree mst configuration

sw3(config-mst)#name MYVLAN

sw3(config-mst)#revision 1

sw3(config-mst)#instance 1 vlan 10, 11, 12, 13, 14, 15

sw3(config-mst)#instance 2 vlan 16, 17, 18, 19, 20, 21

sw3(config)#spanning-tree mst 1 root primary

  ,       :

sw4(config)#spanning-tree mode mst

sw4(config)#spanning-tree mst configuration

sw4(config-mst)#name MYVLAN

sw4(config-mst)#revision 1

sw4(config-mst)#instance 1 vlan 10, 11, 12, 13, 14, 15

sw4(config-mst)#instance 2 vlan 16, 17, 18, 19, 20, 21

  :

show spanning-tree mst configuration

show spanning-tree mst 1




         (MST Load balancing with Port Cost)


sw1(config)#interface Gi0/1

sw1(config-if)#spanning-tree mst 1 cost <1-65535>

  :

sw1#show spanning-tree mst 1




         (MST Load balancing with Port Priority)


sw1(config)#interface Gi0/1

sw1(config-if)#spanning-tree mst 1 port-priority <0-255>

  :

sw1#show spanning-tree mst 1

 :

sw1#conf t

sw1(config)#spanning-tree mode rapid-pvst

sw1(config)# spanning-tree vlan 1-4094 root primary

sw1(config)#end

sw1#wr

sw2#conf t

sw2(config)# spanning-tree mode rapid-pvst

sw2(config)# spanning-tree vlan 1-4094 root secondary

sw2(config)#end

sw2#wr

        ,   ,  .

  :

sw1#show spanning-tree vlan  vlan




    STP

  (Portfast)


  STP     listening  learning      forwarding.      .     ,       ,   .

  :

           ,  :

sw1(config)#spanning-tree portfast default

  :

sw1#show spanning-tree summary

Switch is in rapid-pvst mode

Root bridge for: none

Extended system ID is enabled

Portfast Default is enabled

PortFast BPDU Guard Default is enabled

Portfast BPDU Filter Default is disabled

Loopguard Default is disabled

EtherChannel misconfig guard is enabled

UplinkFast is disabled

BackboneFast is disabled

Configured Pathcost method used is short

       ,    ,  :

sw1(config)#interface FastEthernet0/1

sw1(config-if)#switchport access vlan 9

sw1(config-if)#switchport mode access

sw1(config-if)#spanning-tree portfast

   :

sw1(config-if)#spanning-tree portfast disable

  :

sw1#show spanning-tree interface FastEthernet 0/1 portfast

VLAN0009 enabled

   :

sw1#show spanning-tree interface FastEthernet 0/1 detail

Port 3 (FastEthernet0/1) of VLAN0016 is designated forwarding

Port path cost 19, Port priority 128, Port Identifier 128.3.

Designated root has priority 16, address 001b.544e.3280

Designated bridge has priority 32784, address 001b.2b24.2f00

Designated port id is 128.3, designated path cost 4

Timers: message age 0, forward delay 0, hold 0

Number of transitions to forwarding state: 1

The port is in the portfast mode

Link type is point-to-point by default

Bpdu guard is enabled

Loop guard is enabled by default on the port

BPDU: sent 33130, received 0









BPDU



(Bpduguard)

     ,   ,    err-disable,     BPDU ,    portfast,      ,       shutdown    no shutdown.

           ,  :

sw1(config)#spanning-tree portfast default

sw1(config)#spanning-tree portfast bpduguard default

  :

sw1#show spanning-tree summary

Switch is in rapid-pvst mode

Root bridge for: VLAN0001, VLAN0116, VLAN0120

Extended system ID is enabled

Portfast Default is enabled

PortFast BPDU Guard Default is enabled

Portfast BPDU Filter Default is disabled

Loopguard Default is enabled

EtherChannel misconfig guard is enabled

UplinkFast is disabled

BackboneFast is disabled

Configured Pathcost method used is short

    

  ,    ,     ,   :

sw1(config)#interface FastEthernet0/1

sw1(config-if)#spanning-tree bpduguard enable

   .

sw1(config-if)#spanning-tree bpduguard disable

  :

sw1#show spanning-tree interface FastEthernet 0/1 detail

Port 1 (FastEthernet0/1) of VLAN0009 is designated forwarding

Port path cost 19, Port priority 128, Port Identifier 128.1.

Designated root has priority 9, address 001b.544e.3280

Designated bridge has priority 32777, address 001b.54cb.e580

Designated port id is 128.1, designated path cost 4

Timers: message age 0, forward delay 0, hold 0

Number of transitions to forwarding state: 1

The port is in the portfast mode

Link type is point-to-point by default

Bpdu guard is enabled

Loop guard is enabled by default on the port

BPDU: sent 167665, received 0







BPDU



(Bpdufilter)

  ,   BPDU ,         BPDU       ,  ,       ,     BPDU        ,   .

          portfast:

sw1(config)#spanning-tree portfast default

sw1(config)#spanning-tree portfast bpdufilter default

  :

sw1#show spanning-tree summary

Switch is in rapid-pvst mode

Root bridge for: VLAN0001, VLAN0116, VLAN0120

Extended system ID is enabled

Portfast Default is enabled

PortFast BPDU Guard Default is disabled

Portfast BPDU Filter Default is enabled

Loopguard Default is enabled

EtherChannel misconfig guard is enabled

UplinkFast is disabled

BackboneFast is disabled

Configured Pathcost method used is short

    

   ,   :

sw1(config)#interface FastEthernet0/1

sw1(config-if)#spanning-tree bpdufilter enable

 ,          bpduguard.




   (Guard root)


        ,      ,       ,                    :

sw1(config)#interface FastEthernet0/24

sw1(config-if)#spanning-tree guard root

  :

sw1#show spanning-tree inconsistentports











(Guard loop)

       ,   STP     .

  UDLD,     BDPU keepalive    .       LOOP_INCONSISTANT_STATE,   .

    :

sw1(config)#spanning-tree loopguard default

  :

sw1#show spanning-tree summary

Switch is in pvst mode

Root bridge for: none

EtherChannel misconfig guard is enabled

Extended system ID is disabled

Portfast Default is disabled

PortFast BPDU Guard Default is disabled

Portfast BPDU Filter Default is disabled

Loopguard Default is enabled

UplinkFast is disabled

BackboneFast is disabled

Pathcost method used is short

    

    ,  :

sw1(config)#interface FastEthernet0/24

sw1(config-if)#spanning-tree guard loop




    UniDirectional Link Detection (UDLD)


    (UDLD),   2 ,           .        ,      .   ,   ,      shutdown,   no shutdown.

  :

sw1#conf t

sw1(config)# interface range fa0/19  20

  :

sw1(config-if)#udld aggressive

  :

sw1(config-if)#udld

sw1(config-if)#end

sw1#wr

  :

sw1# show udld




   (802.1q Tunneling)


   802.1q Tunneling,  2       ,  ,           vlan,   :

r1(config)#interface f0/0

r1(config-if)#no shutdown

r1(config-if)#interface f0/0.10

r1(config-if)#encapsulation dot1Q 10

r1(config-if)#ip address 10.0.0.1 255.255.255.0

r1(config-if)#interface f0/0.20

r1(config-if)#encapsulation dot1Q 20

r1(config-if)#ip address 20.0.0.1 255.255.255.0

r2(config)#interface f0/0

r2(config-if)#no shutdown

r2(config-if)#interface f0/0.10

r2(config-if)#encapsulation dot1Q 10

r2(config-if)#ip address 10.0.0.2 255.255.255.0

r2(config-if)#interface f0/0.20

r2(config-if)#encapsulation dot1Q 20

r2(config-if)#ip address 20.0.0.2 255.255.255.0

sw1(config)#system mtu 1504

     r1

sw1(config)#interface f0/1

sw1(config-if)#switchport access vlan 200

sw1(config-if)#switchport mode dot1q-tunnel

sw1(config-if)#l2protocol-tunnel cdp

sw1(config-if)#no cdp enable

sw1(config-if)#interface f0/19

sw1(config-if)#switchport trunk encapsulation dot1q

sw1(config-if)#switchport mode trunk

sw2(config)#system mtu 1504

     r2

sw2(config)#interface f0/2

sw2(config-if)#switchport access vlan 200

sw2(config-if)#switchport mode dot1q-tunnel

sw2(config-if)#l2protocol-tunnel cdp

sw2(config-if)#no cdp enable

sw2(config-if)#interface f0/19

sw2(config-if)#switchport trunk encapsulation dot1q

sw2(config-if)#switchport mode trunk

  show cdp neighbor  ping     .




    (Private VLANs)


    ,  ,            .        (isolated), (community)   (promiscuous),  (promiscuous)             .          .    :




     (isolated vlan)


      (transparent)             ,          ,     :

sw2(config)#vtp transparent

sw2(config-vlan)#vlan 201

sw2(config-vlan)#private-vlan isolated

sw2(config-vlan)#vlan 100

sw2(config-vlan)#private-vlan primary

sw2(config-vlan)#private-vlan association 201

sw2(config-vlan)#end

sw2#wr

 ,      :

sw2(config)#interface f0/1

sw2(config-if)#switchport mode private-vlan host

sw2(config-if)#switchport private-vlan host-association 100201

  :

sw2#show vlan private-vlan

Primary Secondary Type Ports

   

100 201 isolated Fa0/1

      

sw2#show interface f0/1 switchport

Name: Fa0/1

Switchport: Enabled

Administrative Mode: private-vlan host

Operational Mode: private-vlan host

Administrative Trunking Encapsulation: negotiate

Operational Trunking Encapsulation: native

Negotiation of Trunking: Off

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: 100 (VLAN00100) 201 (VLAN00201)




  .


   .

   ,     (https://www.litres.ru/aleksandr-vladimirov/spravochnik-po-nastroyke-setevogo-oborudovaniya-cisco/)  .

      Visa, MasterCard, Maestro,    ,   ,     ,  PayPal, WebMoney, ., QIWI ,       .


