=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2006.03.28 07:28:11 =~=~=~=~=~=~=~=~=~=~=~= 5 Trying 5...connections to 5 not permitted from this terminal% Unknown command or computer name, or unable to find computer address RACK15AS> RACK15AS>r1 Translating "r1" Trying R1 (1.1.1.1, 2001)... Open ! ************************************************************** Global Knowledge Hands-On Labs Access Server Access is restricted to Global Knowledge CCIE Students ************************************************************** Please re-enter your password. (This is the same password you used to log onto the Lab website.) If you see a username prompt, please wait 40 seconds and try again. If the username prompt persists, please reset equipment from your "Pod x" link. User Access Verification Password: Password OK R1>en R1# RACK15AS>r2 Translating "r2" Trying R2 (1.1.1.1, 2002)... Open ! ************************************************************** Global Knowledge Hands-On Labs Access Server Access is restricted to Global Knowledge CCIE Students ************************************************************** Please re-enter your password. (This is the same password you used to log onto the Lab website.) If you see a username prompt, please wait 40 seconds and try again. If the username prompt persists, please reset equipment from your "Pod x" link. User Access Verification Password: Password: Password OK R2>en R2# R2# RACK15AS>r3 Translating "r3" Trying R3 (1.1.1.1, 2003)... Open ! ************************************************************** Global Knowledge Hands-On Labs Access Server Access is restricted to Global Knowledge CCIE Students ************************************************************** Please re-enter your password. (This is the same password you used to log onto the Lab website.) If you see a username prompt, please wait 40 seconds and try again. If the username prompt persists, please reset equipment from your "Pod x" link. User Access Verification Password: Password: Password OK R3>en R3# R3# R3# RACK15AS>sh sess Conn Host Address Byte Idle Conn Name 1 r1 1.1.1.1 0 0 r1 2 r2 1.1.1.1 0 0 r2 * 3 r3 1.1.1.1 0 0 r3 RACK15AS>r4 Translating "r4" Trying R4 (1.1.1.1, 2004)... Open ! ************************************************************** Global Knowledge Hands-On Labs Access Server Access is restricted to Global Knowledge CCIE Students ************************************************************** Please re-enter your password. (This is the same password you used to log onto the Lab website.) If you see a username prompt, please wait 40 seconds and try again. If the username prompt persists, please reset equipment from your "Pod x" link. User Access Verification Password: Password: Password OK R4>en R4# R4# RACK15AS>r5 Translating "r5" Trying R5 (1.1.1.1, 2005)... Open ! ************************************************************** Global Knowledge Hands-On Labs Access Server Access is restricted to Global Knowledge CCIE Students ************************************************************** Please re-enter your password. (This is the same password you used to log onto the Lab website.) If you see a username prompt, please wait 40 seconds and try again. If the username prompt persists, please reset equipment from your "Pod x" link. User Access Verification Password: Password: Password OK S5>en S5# S5# RACK15AS>~r6 % Unknown command or computer name, or unable to find computer address RACK15AS>r6 Translating "r6" Trying R6 (1.1.1.1, 2006)... Open ! ************************************************************** Global Knowledge Hands-On Labs Access Server Access is restricted to Global Knowledge CCIE Students ************************************************************** Please re-enter your password. (This is the same password you used to log onto the Lab website.) If you see a username prompt, please wait 40 seconds and try again. If the username prompt persists, please reset equipment from your "Pod x" link. User Access Verification Password: Password: Password OK S6>en S6# S6# RACK15AS>c 5 [Resuming connection 5 to r5 ... ] S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int fa 0/21 S5(config-if)#st S5(config-if)#storm-control ? action Action to take for storm-control broadcast Broadcast address storm control multicast Multicast address storm control unicast Unicast address storm control S5(config-if)#storm-control ac S5(config-if)#storm-control action ? shutdown Shutdown this interface if a storm occurs trap Send SNMP trap if a storm occurs S5(config-if)#storm-control action          br S5(config-if)#storm-control broadcast ? level Set storm suppression level on this interface S5(config-if)#storm-control broadcast le S5(config-if)#storm-control broadcast level ? <0.00 - 100.00> Enter rising threshold pps Enter suppression level in packets per second S5(config-if)#storm-control broadcast level 50 S5(config-if)#sto S5(config-if)#storm-control mu S5(config-if)#storm-control multicast l S5(config-if)#storm-control multicast level 62 S5(config-if)#^Z S5# 23:31:33: %SYS-5-CONFIG_I: Configured from console by console S5#sh run int s   fa 0/21 Building configuration... Current configuration : 132 bytes ! interface FastEthernet0/21 switchport mode access storm-control broadcast level 50.00 storm-control multicast level 62.00 end S5# S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#access-list 100                 do sh access-list S5(config)#access-l; ist 100 deny tcp any any eq ? <0-65535> Port number bgp Border Gateway Protocol (179) chargen Character generator (19) cmd Remote commands (rcmd, 514) daytime Daytime (13) discard Discard (9) domain Domain Name Service (53) echo Echo (7) exec Exec (rsh, 512) finger Finger (79) ftp File Transfer Protocol (21) ftp-data FTP data connections (20) gopher Gopher (70) hostname NIC hostname server (101) ident Ident Protocol (113) irc Internet Relay Chat (194) klogin Kerberos login (543) kshell Kerberos shell (544) login Login (rlogin, 513) lpd Printer service (515) nntp Network News Transport Protocol (119) pim-auto-rp PIM Auto-RP (496) --More--   S5(config)#access-list 100 deny tcp any any eq ident S5(config)#access-list 100 deny tcp any any eq identnaccess-list 100 deny tcp any any eq identoaccess-list 100 deny tcp any any eq ident access-list 100 deny tcp any any eq ident~access-list 100 deny tcp any any eq identaccess-list 100 deny tcp any any eq ident  S5(config)#no access-list 100 deny tcp any any eq identaccess-list 100 deny tcp any any eq ident y tcp any any eq ident  tcp any any eq ident  tcp any any eq ident  tcp any any eq ident p tcp any any eq idente tcp any any eq identr tcp any any eq ident S5(config)#vla S5(config)#vlan acc S5(config)#vlan access-map ? WORD Vlan access map tag S5(config)#vlan access-map Prob12 ? <0-65535> Sequence to insert to/delete from existing vlan access-map entry S5(config)#vlan access-map Prob12 10 S5(config-access-map)#\ ma S5(config-access-map)#match ? ip IP based match mac MAC based match S5(config-access-map)#match ip ? address Match IP address to access control. S5(config-access-map)#match ip add ? <1-199> IP access list (standard or extended) <1300-2699> IP expanded access list (standard or extended) WORD Access-list name S5(config-access-map)#match ip add 100 S5(config-access-map)#a S5(config-access-map)#action ? drop Drop packets forward Forward packets S5(config-access-map)#action drop S5(config-access-map)#exit S5(config)#exitaction dropmatch ip add 100vlan access-map Prob12 10  20 S5(config-access-map)#do sh vlan access Vlan access-map "Prob12" 10 Match clauses: ip address: 100 Action: drop Vlan access-map "Prob12" 20 Match clauses: Action: forward S5(config-access-map)# S5(config-access-map)# S5(config-access-map)# S5(config-access-map)#ac S5(config-access-map)#action fo S5(config-access-map)#action forward S5(config-access-map)#do sh run | b acceess   ss-map vlan access-map Prob12 10 action drop match ip address 100 vlan access-map Prob12 20 action forward ! ! interface FastEthernet0/1 switchport access vlan 10 switchport mode access ! interface FastEthernet0/2 switchport mode access shutdown ! interface FastEthernet0/3 switchport access vlan 34 switchport mode access ! interface FastEthernet0/4 switchport mode access shutdown ! --More--   S5(config-access-map)#do sh run | b access-map action forward ? S5(config-access-map)#action forward                exity ^ % Invalid input detected at '^' marker. S5(config-access-map)#exiy ^ % Invalid input detected at '^' marker. S5(config-access-map)#exit S5(config)#va S5(config)#va la S5(config)#vlan fi S5(config)#vlan filter ? WORD VLAN map name S5(config)#vlan filter Prob12 ? vlan-list VLANs to apply filter to S5(config)#vlan filter Prob12 vl S5(config)#vlan filter Prob12 vlan-list ? <1-4094> VLAN id all Remove this filter from all VLANs S5(config)#vlan filter Prob12 vlan-list all S5(config)#^Z S5# RACK15AS>6 [Resuming connection 6 to r6 ... ] S6#config t Enter configuration commands, one per line. End with CNTL/Z. S6(config)#access-list 100 d per tcvp     cp any any eq ident S6(config)#val  lan acce S6(config)#vlan access-map Prov b12 S6(config-access-map)#match ip add 100 S6(config-access-map)#ac drop S6(config-access-map)#ac dropmatch ip add 100vlan access-map Prob12 20 S6(config-access-map)#act fo S6(config-access-map)#exi S6(config)#vlk an fil S6(config)#vlan filter Prob12 a vl all S6(config)#^Z S6# 23:41:19: %SYS-5-CONFIG_I: Configured from console by console S6#sh ru |   un | b vlan access vlan access-map Prob12 10 action drop match ip address 100 vlan access-map Prob12 20 action forward vlan filter Prob12 vlan-list 1-4094 ! ! interface FastEthernet0/1 no switchport ip address 17.57.100.2 255.255.255.0 ! interface FastEthernet0/2 switchport access vlan 20 switchport mode access ! interface FastEthernet0/3 switchport mode access shutdown ! interface FastEthernet0/4 switchport access vlan 34 switchport mode access --More--   S6#sh run | b access-list access-list 100 permit tcp any any eq ident ! control-plane ! ! line con 0 exec-timeout 0 0 logging synchronous line vty 0 4 no login line vty 5 15 no login ! ! end S6# S6# RACK15AS>5 [Resuming connection 5 to r5 ... ] 23:3 S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int s 0   fa 0/20 S5(config-if)#sw S5(config-if)#switchport ? access Set access mode characteristics of the interface block Disable forwarding of unknown uni/multi cast addresses host Set port host mode Set trunking mode of the interface nonegotiate Device will not engage in negotiation protocol on this interface port-security Security related command priority Set appliance 802.1p priority protected Configure an interface to be a protected port trunk Set trunking characteristics of the interface voice Voice appliance attributes S5(config-if)#switchport bl S5(config-if)#switchport block ? multicast Block unknown multicast addresses unicast Block unknown unicast addresses S5(config-if)#switchport block unicast ? S5(config-if)#switchport block unicast S5(config-if)#^Z S5# 23:45:17: %SYS-5-CONFIG_I: Configured from console by console S5#sh run int fa 0/2-0  0 Building configuration... Current configuration : 84 bytes ! interface FastEthernet0/20 switchport mode access switchport block unicast end S5# S5#confifg     t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int fa0/21 S5(config-if)#sw S5(config-if)#switchport p S5(config-if)#switchport po S5(config-if)#switchport port-security ? aging Port-security aging commands mac-address Secure mac address maximum Max secure addresses violation Security violation mode S5(config-if)#switchport port-security ma S5(config-if)#switchport port-security mac S5(config-if)#switchport port-security mac-address 0023.1123.443 ? vlan set VLAN ID of the VLAN on which this address can be learned S5(config-if)#switchport port-security mac-address 0023.1123.443 Port-security not enabled on interface FastEthernet0/21. S5(config-if)#sw S5(config-if)#switchport po S5(config-if)#switchport port-security S5(config-if)#do sh runb    fa 0/21 sh run fa 0/21 ^ % Invalid input detected at '^' marker. S5(config-if)#do sh run fa 0/21 run ifa 0/21nfa 0/21tfa 0/21 fa 0/21 Building configuration... Current configuration : 158 bytes ! interface FastEthernet0/21 switchport mode access switchport port-security storm-control broadcast level 50.00 storm-control multicast level 62.00 end S5(config-if)#do sh run int fa 0/21fa 0/21 switchport port-security mac-address 0023.1123.443 S5(config-if)#do sh port int fa 0/21 Port Security : Enabled Port Status : Secure-down Violation Mode : Shutdown Aging Time : 0 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 1 Configured MAC Addresses : 1 Sticky MAC Addresses : 0 Last Source Address:Vlan : 0000.0000.0000:0 Security Violation Count : 0 S5(config-if)#do sh port int fa 0/21 ma sh port int fa 0/21 ma ^ % Invalid input detected at '^' marker. S5(config-if)#^Z S5#sh 23:56:59: %SYS-5-CONFIG_I: Configured from console by console S5#sh por S5#sh port-security ? address Show secure address interface Show secure interface | Output modifiers S5#sh port-security int     add S5#sh port-security address ? vlan Vlan limits | Output modifiers S5#sh port-security address Secure Mac Address Table ------------------------------------------------------------------------ Vlan Mac Address Type Ports Remaining Age (mins) ---- ----------- ---- ----- ------------- 1 0023.1123.0443 SecureConfigured Fa0/21 - ------------------------------------------------------------------------ Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 5120 S5# S5# S5#sh port-security address           Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) --------------------------------------------------------------------------- Fa0/21 1 1 0 Shutdown --------------------------------------------------------------------------- Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 5120 S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int fa 0/21 S5(config-if)#sp S5(config-if)#sp  por   swq  S5(config-if)#switchport po S5(config-if)#switchport port-security ? aging Port-security aging commands mac-address Secure mac address maximum Max secure addresses violation Security violation mode S5(config-if)#switchport port-security ma S5(config-if)#switchport port-security ma? mac-address maximum S5(config-if)#switchport port-security ma  mac ? H.H.H 48 bit mac address sticky Configure dynamic secure addresses as sticky S5(config-if)#switchport port-security mac st S5(config-if)#switchport port-security mac sticky ? S5(config-if)#switchport port-security mac sticky                ? aging Port-security aging commands mac-address Secure mac address maximum Max secure addresses violation Security violation mode S5(config-if)#switchport port-securi vi S5(config-if)#switchport port-securi violation ? protect Security violation protect mode restrict Security violation restrict mode shutdown Security violation shutdown mode S5(config-if)#switchport port-securi violation                                  ^Z S5#sh run i 1d00h: %SYS-5-CONFIG_I: Configured from console by console S5#sh run int fa 0/21 Building configuration... Current configuration : 211 bytes ! interface FastEthernet0/21 switchport mode access switchport port-security switchport port-security mac-address 0023.1123.0443 storm-control broadcast level 50.00 storm-control multicast level 62.00 end S5# S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int fa 0/22 S5(config-if)#swi S5(config-if)#switchport dy S5(config-if)#switchport dy  mode dy S5(config-if)#switchport mode dynamic % Incomplete command. S5(config-if)#switchport mode dynamic  de S5(config-if)#switchport mode dynamic desirable S5(config-if)#sw S5(config-if)#switchport po S5(config-if)#switchport port-security Command rejected: FastEthernet0/22 is a dynamic port. S5(config-if)#sw S5(config-if)#switchport mode acc S5(config-if)#switchport mode acc   d S5(config-if)#switchport mode dy S5(config-if)#switchport mode dynamic ? auto Set trunking mode dynamic negotiation parameter to AUTO desirable Set trunking mode dynamic negotiation parameter to DESIRABLE S5(config-if)#switchport mode dynamic                         sp w S5(config-if)#switchport poo S5(config-if)#switchport poo  S5(config-if)#switchport port-security S5(config-if)#sw S5(config-if)#switchport po S5(config-if)#switchport port-security vl  S5(config-if)#switchport port-security violation re S5(config-if)#switchport port-security violation restrict ? S5(config-if)#switchport port-security violation restrict S5(config-if)#^Z S5#sh run 1d00h: %SYS-5-CONFIG_I: Configured from console by console S5#sh run int fa 0/22 Building configuration... Current configuration : 129 bytes ! interface FastEthernet0/22 switchport mode access switchport port-security switchport port-security violation restrict end S5# S5# S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#macr S5(config)#macro ? global Enter global macro apply name Name of the macro S5(config)#macro nam ? WORD Name of the macro to create S5(config)#macro nam     name ? WORD Name of the macro to create S5(config)#macro name PortSetup Enter macro commands one per line. End with the character '@'. ? @ S5(config)#do sh run | b macro macro name PortSetup ? @ ! no file verify auto spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! vlan access-map Prob12 10 action drop match ip address 100 vlan access-map Prob12 20 action forward vlan filter Prob12 vlan-list 1-4094 ! ! interface FastEthernet0/1 switchport access vlan 10 switchport mode access ! interface FastEthernet0/2 --More--   S5(config)#no macro do sh run | b macro@ ?macro name PortSetupnmacro name PortSetupomacro name PortSetup macro name PortSetup S5(config)#int fa 0/19 S5(config-if)#swq  S5(config-if)#switchport mod S5(config-if)#switchport mode ascc   ac S5(config-if)#switchport mode aac  c S5(config-if)#switchport mode access S5# 1d00h: %SYS-5-CONFIG_I: Configured from console by console S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int fa 0/19 S5(config-if)#sw S5(config-if)#switchport acc S5(config-if)#switchport access vlan 20 S5(config-if)# S5# 1d00h: %SYS-5-CONFIG_I: Configured from console by console S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int fa 0/19 S5(config-if)#sw S5(config-if)#switchport po S5(config-if)#switchport port-security S5# 1d00h: %SYS-5-CONFIG_I: Configured from console by console S5#configf    yt  t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int fa 0/19 S5(config-if)#int fa 0/19 switchport port-security ? aging Port-security aging commands mac-address Secure mac address maximum Max secure addresses violation Security violation mode S5(config-if)#switchport port-security ma S5(config-if)#switchport port-security max S5(config-if)#switchport port-security maximum ? <1-5120> Maximum addresses S5(config-if)#switchport port-security maximum S5# 1d00h: %SYS-5-CONFIG_I: Configured from console by console S5#mmmmmmm       config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#con   int fa 0/18 9 S5(config-if)#st S5(config-if)#storm-control b S5(config-if)#storm-control broadcast l S5(config-if)#storm-control broadcast level 25 ? <0.00 - 100.00> Enter falling threshold S5(config-if)#storm-control broadcast level 25 S5# 1d00h: %SYS-5-CONFIG_I: Configured from console by console S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int fa 0/19 S5(config-if)#sw S5(config-if)#switchport p S5(config-if)#switchport pro S5(config-if)#switchport protected ? S5(config-if)#switchport protected S5# 1d00h: %SYS-5-CONFIG_I: Configured from console by console S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#int fa 0/19 S5(config-if)#do sh run int fa 0/19 Building configuration... Current configuration : 85 bytes ! interface FastEthernet0/19 switchport access vlan 20 switchport mode access end S5(config-if)#exit S5(config)#\ defa S5(config)#default int fa 0/19 Interface FastEthernet0/19 set to default configuration S5(config)#default int fa 0/19exit do sh run int fa 0/19 Building configuration... Current configuration : 69 bytes ! interface FastEthernet0/19 switchport mode dynamic desirable end S5(config)#macro name PortiSetup Enter macro commands one per line. End with the character '@'. @ % Macro command failed. S5(config)#@macro name PortiSetupnmacro name PortiSetupomacro name PortiSetup macro name PortiSetup % Macro 'PortiSetup' does not exist. S5(config)#no macro name PortiSetupSetup  % Macro 'PortSetup' does not exist. S5(config)#no macro name PortSetupno macro name PortSetup  macro name PortSetup  Enter macro commands one per line. End with the character '@'. switchport mode access switchport access vlan $VLAN switchport port-security switchport port-security maximum $MAX storm-control broadcast level 25 switchport protected @ S5(config)#int fa 0/12 S5(config-if)#marc S5(config-if)#marco S5(config-if)#marco ? % Unrecognized command S5(config-if)#marco       macro ? apply Apply a macro description Macro description for this interface trace Apply a macro with tracing on S5(config-if)#macro trav ce ? WORD Name of the macro to apply S5(config-if)#macro trace Prot   ortSetup $VLAN 22 $MAX 4 Applying command... 'switchport mode access' Applying command... 'switchport access vlan 22' % Access VLAN does not exist. Creating vlan 22 Applying command... 'switchport port-security' Applying command... 'switchport port-security maximum 4' Applying command... 'storm-control broadcast level 25 ' Applying command... 'switchport protected' S5(config-if)#int fa 0/19 S5(config-if)#int fa 0/19macro trace PortSetup $VLAN 22 $MAX 4 PortSetup $VLAN 22 $MAX 4  PortSetup $VLAN 22 $MAX 4  PortSetup $VLAN 22 $MAX 4  PortSetup $VLAN 22 $MAX 4  PortSetup $VLAN 22 $MAX 4 a PortSetup $VLAN 22 $MAX 4p PortSetup $VLAN 22 $MAX 4p PortSetup $VLAN 22 $MAX 4 S5(config-if)#do sh run int fa 0/19 Building configuration... Current configuration : 235 bytes ! interface FastEthernet0/19 switchport access vlan 22 switchport mode access switchport protected switchport port-security maximum 4 switchport port-security macro description PortSetup storm-control broadcast level 25.00 end S5(config-if)#int fa 0/13 S5(config-if)#int fa 0/13do sh run int fa 0/19macro app PortSetup $VLAN 22 $MAX 4 6 $MAX 6 4 $MAX 6 % Access VLAN does not exist. Creating vlan 24 S5(config-if)#^Z S5#sh run 1d00h: %SYS-5-CONFIG_I: Configured from console by console S5#sh run | b mar cr macro name PortSetup switchport mode access switchport access vlan $VLAN switchport port-security switchport port-security maximum $MAX storm-control broadcast level 25 switchport protected @ ! no file verify auto spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! vlan access-map Prob12 10 action drop match ip address 100 vlan access-map Prob12 20 action forward vlan filter Prob12 vlan-list 1-4094 ! ! --More--   S5#sh span VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address 0013.80cf.cd00 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.80cf.cd00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/8 Desg FWD 100 128.8 Shr Fa0/23 Desg FWD 19 128.23 P2p --More--   VLAN0010 Spanning tree enabled protocol ieee Root ID Priority 32778 Address 0013.80cf.cd00 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32778 (priority 32768 sys-id-ext 10) Address 0013.80cf.cd00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 100 128.1 Shr Fa0/24 Desg FWD 19 128.24 P2p --More--   VLAN0020 Spanning tree enabled protocol ieee Root ID Priority 32788 Address 0013.80cf.cd00 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32788 (priority 32768 sys-id-ext 20) Address 0013.80cf.cd00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/24 Desg FWD 19 128.24 P2p --More--   S5#config t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#sp S5(config)#spanning-tree ? backbonefast Enable BackboneFast Feature etherchannel Spanning tree etherchannel specific configuration extend Spanning Tree 802.1t extensions logging Enable Spanning tree logging loopguard Spanning tree loopguard options mode Spanning tree operating mode mst Multiple spanning tree configuration pathcost Spanning tree pathcost options portfast Spanning tree portfast options transmit STP transmit parameters uplinkfast Enable UplinkFast Feature vlan VLAN Switch Spanning Tree S5(config)#spanning-tree mode ? mst Multiple spanning tree mode pvst Per-Vlan spanning tree mode rapid-pvst Per-Vlan rapid spanning tree mode S5(config)#spanning-tree mode      mst ? WORD MST instance range, example: 0-3,5,7-9 configuration Enter MST configuration submode forward-time Set the forward delay for the spanning tree hello-time Set the hello interval for the spanning tree max-age Set the max age interval for the spanning tree max-hops Set the max hops value for the spanning tree S5(config)#spanning-tree mst con S5(config)#spanning-tree mst configuration ? S5(config)#spanning-tree mst configuration S5(config-mst)#? abort Exit region configuration mode, aborting changes exit Exit region configuration mode, applying changes instance Map vlans to an MST instance name Set configuration name no Negate a command or set its defaults private-vlan Set private-vlan synchronization revision Set configuration revision number show Display region configurations S5(config-mst)#name Prob17 S5(config-mst)#re S5(config-mst)#revision 1 S5(config-mst)#int S5(config-mst)#int s S5(config-mst)#instance 1 ? vlan Range of vlans to add to the instance mapping S5(config-mst)#instance 1 vlan ? LINE vlan range ex: 1-65, 72, 300 -200 S5(config-mst)#instance 1 vlan 10 S5(config-mst)#? abort Exit region configuration mode, aborting changes exit Exit region configuration mode, applying changes instance Map vlans to an MST instance name Set configuration name no Negate a command or set its defaults private-vlan Set private-vlan synchronization revision Set configuration revision number show Display region configurations S5(config-mst)#exit S5(config)#spa S5(config)#spanning-tree mode mst S5(config)# 1d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to down 1d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to down S5(config)#do sh spa MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.cd00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg BLK 2000000 128.1 Shr Fa0/3 Desg BLK 200000 128.3 P2p Fa0/8 Desg BLK 2000000 128.8 Shr Fa0/23 Desg BLK 200000 128.23 P2p Fa0/24 Desg BLK 200000 128.24 P2p --More--   MST1 Spanning tree enabled protocol mstp Root ID Priority 32769 Address 0013.80cf.cd00 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.80cf.cd00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg LRN 2000000 128.1 Shr Fa0/24 Desg LRN 200000 128.24 P2p Bound(PVST) S5(config)# 1d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up 1d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up S5(config)#do sh spa MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.cd00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 2000000 128.1 Shr Fa0/3 Desg FWD 200000 128.3 P2p Fa0/8 Desg FWD 2000000 128.8 Shr Fa0/23 Desg FWD 200000 128.23 P2p Fa0/24 Desg FWD 200000 128.24 P2p Bound(PVST) --More--   MST1 Spanning tree enabled protocol mstp Root ID Priority 32769 Address 0013.80cf.cd00 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.80cf.cd00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 2000000 128.1 Shr Fa0/24 Desg FWD 200000 128.24 P2p Bound(PVST) S5(config)#^Z S5#sh run 1d01h: %SYS-5-CONFIG_I: Configured from console by console S5#sh run | b span spanning-tree mode mst spanning-tree extend system-id ! spanning-tree mst configuration name Prob17 revision 1 instance 1 vlan 10 ! ! vlan internal allocation policy ascending ! vlan access-map Prob12 10 action drop match ip address 100 vlan access-map Prob12 20 action forward vlan filter Prob12 vlan-list 1-4094 ! ! interface FastEthernet0/1 switchport access vlan 10 switchport mode access ! --More--   S5# RACK15AS>6 [Resuming connection 6 to r6 ... ] S6#config t Enter configuration commands, one per line. End with CNTL/Z. S6(config)#spanning-tree mst configuration S6(config-mst)# name Prob17 S6(config-mst)# revision 1 S6(config-mst)# instance 1 vlan 10 S6(config-mst)#! name prob17 S6(config-mst)#exit S6(config)#spa S6(config)#spanning-tree mode mst S6(config)#do sp  an   h span S6(config)#do sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg LRN 200000 128.2 P2p Fa0/4 Desg LRN 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p Bound(RSTP) --More--   S6(config)#do sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg FWD 200000 128.2 P2p Fa0/4 Desg FWD 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p Bound(RSTP) --More--   S6(config)#do sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg FWD 200000 128.2 P2p Fa0/4 Desg FWD 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p Bound(RSTP) --More--   S6(config)#do sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg FWD 200000 128.2 P2p Fa0/4 Desg FWD 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p Bound(RSTP) --More--   S6(config)#[Ado sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg FWD 200000 128.2 P2p Fa0/4 Desg FWD 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p Bound(RSTP) --More--   S6(config)#do sh spanspanning-tree mode mstexit name prob17 instance 1 vlan 10revision 1 name Prob17spanning-tree mst configuration S6(config-mst)#spanning-tree mst configurationdo sh span spanning-tree mode mstexit name prob17rob17 Prob17 S6(config-mst)#name Prob17spanning-tree mst configurationdo sh span  MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg FWD 200000 128.2 P2p Fa0/4 Desg FWD 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p Bound(RSTP) --More--   S6(config-mst)#do sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg FWD 200000 128.2 P2p Fa0/4 Desg FWD 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p Bound(RSTP) --More--   S6(config-mst)#[A ^ % Invalid input detected at '^' marker. S6(config-mst)#[A ^ % Invalid input detected at '^' marker. S6(config-mst)#[Ado sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg FWD 200000 128.2 P2p Fa0/4 Desg FWD 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p Bound(RSTP) --More--   S6(config-mst)#[A ^ % Invalid input detected at '^' marker. S6(config-mst)#w exit S6(config)#sw pa S6(config)#spanning-tree mode pv S6(config)#spanning-tree mode pv  mst S6(config)#spanning-tree mode mstpv exit [A do sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 0 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg BLK 200000 128.2 P2p Fa0/4 Desg BLK 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p --More--   MST1 Spanning tree enabled protocol mstp Root ID Priority 32769 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/24 Root FWD 200000 128.24 P2p S6(config)#w do sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 32768 Address 0013.80cf.cd00 Cost 0 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/2 Desg LRN 200000 128.2 P2p Fa0/4 Desg LRN 200000 128.4 P2p Fa0/24 Root FWD 200000 128.24 P2p --More--   MST1 Spanning tree enabled protocol mstp Root ID Priority 32769 Address 0013.80cf.cd00 Cost 200000 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 0013.80cf.e780 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/24 Root FWD 200000 128.24 P2p S6(config)#sp S6(config)#spanning-tree mst ? WORD MST instance range, example: 0-3,5,7-9 configuration Enter MST configuration submode forward-time Set the forward delay for the spanning tree hello-time Set the hello interval for the spanning tree max-age Set the max age interval for the spanning tree max-hops Set the max hops value for the spanning tree S6(config)#spanning-tree mst 1 ? priority Set the bridge priority for the spanning tree root Configure switch as root S6(config)#spanning-tree mst 1 pri S6(config)#spanning-tree mst 1 priority ? <0-61440> bridge priority in increments of 4096 S6(config)#spanning-tree mst 1 priority 0 S6(config)#spanning-tree mst 1 priority 0nspanning-tree mst 1 priority 0ospanning-tree mst 1 priority 0 spanning-tree mst 1 priority 0 S6(config)#no spanning-tree mst 1 priority 0spanning-tree mst 1 priority 0  priority 0 0 priority 0 S6(config)#^Z S6# RACK15AS>5 [Resuming connection 5 to r5 ... ] S5#copnf   nfig t Enter configuration commands, one per line. End with CNTL/Z. S5(config)#spa mst 0 pri   S5(config)#spa mst 0 priority            1 pri 0 S5(config)#^Z S5# 1d01h: %SYS-5-CONFIG_I: Configured from console by console S5#sh span MST0 Spanning tree enabled protocol mstp Root ID Priority 0 Address 0013.80cf.e780 Cost 0 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 (priority 32768 sys-id-ext 0) Address 0013.80cf.cd00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 2000000 128.1 Shr Fa0/3 Desg FWD 200000 128.3 P2p Fa0/8 Desg FWD 2000000 128.8 Shr Fa0/23 Desg FWD 200000 128.23 P2p Fa0/24 Root FWD 200000 128.24 P2p --More--   MST1 Spanning tree enabled protocol mstp Root ID Priority 1 Address 0013.80cf.cd00 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 1 (priority 0 sys-id-ext 1) Address 0013.80cf.cd00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 2000000 128.1 Shr Fa0/24 Desg FWD 200000 128.24 P2p S5#sh spa mst ? WORD MST instance list, example 0,2-4,6,8-12 configuration MST current region configuration detail show detailed information interface Spanning tree interface status and configuration | Output modifiers S5#sh spa mst >  ##### MST0 vlans mapped: 1-9,11-4094 Bridge address 0013.80cf.cd00 priority 32768 (32768 sysid 0) Root address 0013.80cf.e780 priority 0 (0 sysid 0) port Fa0/24 path cost 0 Regional Root address 0013.80cf.e780 priority 0 (0 sysid 0) internal cost 200000 rem hops 19 Operational hello time 2 , forward delay 15, max age 20, txholdcount 6 Configured hello time 2 , forward delay 15, max age 20, max hops 20 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 2000000 128.1 Shr Fa0/3 Desg FWD 200000 128.3 P2p Fa0/8 Desg FWD 2000000 128.8 Shr Fa0/23 Desg FWD 200000 128.23 P2p Fa0/24 Root FWD 200000 128.24 P2p ##### MST1 vlans mapped: 10 Bridge address 0013.80cf.cd00 priority 1 (0 sysid 1) Root this switch for MST1 Interface Role Sts Cost Prio.Nbr Type --More--   S5#sh spa mst ? WORD MST instance list, example 0,2-4,6,8-12 configuration MST current region configuration detail show detailed information interface Spanning tree interface status and configuration | Output modifiers S5#sh spa mst con S5#sh spa mst configuration Name [Prob17] Revision 1 Instances configured 2 Instance Vlans mapped -------- --------------------------------------------------------------------- 0 1-9,11-4094 1 10 ------------------------------------------------------------------------------- S5#qsh spa mst configuration               de ##### MST0 vlans mapped: 1-9,11-4094 Bridge address 0013.80cf.cd00 priority 32768 (32768 sysid 0) Root address 0013.80cf.e780 priority 0 (0 sysid 0) port Fa0/24 path cost 0 Regional Root address 0013.80cf.e780 priority 0 (0 sysid 0) internal cost 200000 rem hops 19 Operational hello time 2 , forward delay 15, max age 20, txholdcount 6 Configured hello time 2 , forward delay 15, max age 20, max hops 20 FastEthernet0/1 of MST0 is designated forwarding Port info port id 128.1 priority 128 cost 2000000 Designated root address 0013.80cf.e780 priority 0 cost 0 Design. regional root address 0013.80cf.e780 priority 0 cost 200000 Designated bridge address 0013.80cf.cd00 priority 32768 port id 128.1 Timers: message expires in 0 sec, forward delay 0, forward transitions 1 Bpdus sent 347, received 0 FastEthernet0/3 of MST0 is designated forwarding Port info port id 128.3 priority 128 cost 200000 Designated root address 0013.80cf.e780 priority 0 cost 0 Design. regional root address 0013.80cf.e780 priority 0 cost 200000 Designated bridge address 0013.80cf.cd00 priority 32768 port id 128.3 --More--  Timers: message expires in 0 sec, forward delay 0, forward transitions 1 Bpdus sent 346, received 0 FastEthernet0/8 of MST0 is designated forwarding Port info port id 128.8 priority 128 cost 2000000 Designated root address 0013.80cf.e780 priority 0 cost 0 Design. regional root address 0013.80cf.e780 priority 0 cost 200000 Designated bridge address 0013.80cf.cd00 priority 32768 port id 128.8 Timers: message expires in 0 sec, forward delay 0, forward transitions 1 Bpdus sent 347, received 0 FastEthernet0/23 of MST0 is designated forwarding Port info port id 128.23 priority 128 cost 200000 Designated root address 0013.80cf.e780 priority 0 cost 0 Design. regional root address 0013.80cf.e780 priority 0 cost 200000 Designated bridge address 0013.80cf.cd00 priority 32768 port id 128.23 Timers: message expires in 0 sec, forward delay 0, forward transitions 1 Bpdus sent 349, received 0 FastEthernet0/24 of MST0 is root forwarding Port info port id 128.24 priority 128 cost 200000 Designated root address 0013.80cf.e780 priority 0 cost 0 Design. regional root address 0013.80cf.e780 priority 0 cost 0 --More--   S5# RACK15AS>5  [Resuming connection 5 to r5 ... ] S5#sh ru n  n | i span spanning-tree mode mst spanning-tree extend system-id spanning-tree mst configuration spanning-tree mst 1 priority 0 S5# S5# RACK15AS>6 [Resuming connection 6 to r6 ... ] 1d0 S6#sdh    h run | b spann spanning-tree mode mst spanning-tree extend system-id ! spanning-tree mst configuration name Prob17 revision 1 instance 1 vlan 10 ! spanning-tree mst 0 priority 0 ! vlan internal allocation policy ascending ! vlan access-map Prob12 10 action drop match ip address 100 vlan access-map Prob12 20 action forward vlan filter Prob12 vlan-list 1-4094 ! ! interface FastEthernet0/1 no switchport ip address 17.57.100.2 255.255.255.0 --More--   S6#