Reliable network configuration based on STP
1.Project background
In order to improve the reliability of the network, Jan16 company uses two high-performance switches as core switches. The access layer switches are interconnected with the core layer switches to form a redundant structure. The topology is shown in Figure 1. The specific requirements are as follows:
(1) In order to avoid switching loop problems, the STP function of the switch needs to be configured, requiring the core switch to have a higher priority. SW1 is the root switch, SW2 is the backup root switch, and SW1-SW3 and SW1-SW4 are the main links;
(2) The technical department uses VLAN10, the network address is 10.0.1/24, and PC1 and PC2 are connected to SW3 and SW4 respectively.
Figure 1 Network topology diagram
2. Project planning and design
According to the topology diagram 1, SW1 and SW2 are core switches, SW1 is configured as the root switch, and SW2 is the backup root switch; SW3 and SW4 are used as access switches, and the links of SW1-SW3 and SW1-SW4 are the main links. , the two links SW2-SW4 and SW2-SW3 are used as backup links.
Therefore, in the STP configuration, the priority of SW1 can be set to the highest and the priority of SW2 to the second highest. For example, the priority of SW1 is 0 and the priority of SW2 is 4096.
At the same time, considering that the computers in the technical department are divided into the network segment of VLAN 10 and the computers are connected to different switches, the links between the switches need to be configured in Trunk mode.
The specific configuration steps are as follows:
(1) Create VLAN
(2) Assign switch ports to corresponding VLANs
(3) Turn on STP
(4) Configure STP priority
(5) Configure the IP addresses of computers in each department
The specific plan is as follows:
Table 1 VLAN planning table
| VLAN ID |
VLAN description information |
IP address range |
use |
| Vlan10 |
Technical |
192.168.1.1-5/24 |
Technology Department |
Table 2 Port planning table
| Local device |
The port number |
port type |
Peer device |
Peer interface |
| SW1 |
GE0/0/1 |
Trunk |
SW3 |
GE0/0/1 |
| SW1 |
GE0/0/2 |
Trunk |
SW4 |
GE 0/0/1 |
| SW1 |
GE0/0/3 |
Trunk |
SW2 |
GE 0/0/3 |
| SW2 |
GE0/0/1 |
Trunk |
SW3 |
GE0/0/2 |
| SW2 |
GE0/0/2 |
Trunk |
SW4 |
GE0/0/2 |
| SW2 |
GE0/0/3 |
Trunk |
SW1 |
GE0/0/3 |
| SW3 |
GE0/0/1 |
Trunk |
SW1 |
GE0/0/1 |
| SW3 |
GE0/0/2 |
Trunk |
SW2 |
GE0/0/1 |
| SW3 |
Eth0/0/1 |
Access |
Technology Department PC1 |
Eth0/0/1 |
| SW4 |
GE0/0/1 |
Trunk |
SW1 |
GE0/0/2 |
| SW4 |
GE0/0/2 |
Trunk |
SW2 |
GE0/0/2 |
| SW4 |
Eth0/0/1 |
Access |
Technology Department PC1 |
Eth0/0/1 |
| PC1 |
GE0/0/1 |
Null |
SW3 |
Eth0/0/1 |
| PC2 |
GE0/0/1 |
Null |
SW4 |
Eth0/0/1 |
Table 3 IP address planning table
| computer |
IP address |
| Technology Department PC1 |
192.168.1.1/24 |
| Technology Department PC2 |
192.168.1.2/24 |
3. Project implementation
(1) Create VLAN
Create corresponding VLANs for each department.
- Configuration of SW1
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname SW1
[SW1]vlan 10
[SW1-vlan10]description Technical
- Configuration of SW2
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname SW2
[SW2]vlan 10
[SW2-vlan10]description Technical
- SW3 configuration
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname SW3
[SW3]vlan 10
[SW3-vlan10]description Technical
- Configuration of SW4
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname SW4
[SW4]vlan 10
[SW4-vlan10]description Technical
(2) Assign the port to the corresponding VLAN
①Configuration of SW1
[SW1]port-group group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/3
[SW1-port-group]port link-type trunk
[SW1-GigabitEthernet0/0/1]port link-type trunk
[SW1-GigabitEthernet0/0/2]port link-type trunk
[SW1-GigabitEthernet0/0/3]port link-type trunk
[SW1-port-group]port trunk allow-pass vlan 10
[SW1-GigabitEthernet0/0/1]port trunk allow-pass vlan 10
[SW1-GigabitEthernet0/0/2]port trunk allow-pass vlan 10
[SW1-GigabitEthernet0/0/3]port trunk allow-pass vlan 10
[SW1-port-group]
②Configuration of SW2
[SW2]port-group group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/3
[SW2-port-group]port link-type trunk
[SW2-GigabitEthernet0/0/1]port link-type trunk
[SW2-GigabitEthernet0/0/2]port link-type trunk
[SW2-GigabitEthernet0/0/3]port link-type trunk
[SW2-port-group]port trunk allow-pass vlan 10
[SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan 10
[SW2-GigabitEthernet0/0/2]port trunk allow-pass vlan 10
[SW2-GigabitEthernet0/0/3]port trunk allow-pass vlan 10
[SW2-port-group]
③Configuration of SW3
[SW3]interface Ethernet 0/0/1
[SW3-Ethernet0/0/1]port link-type access
[SW3-Ethernet0/0/1]port default vlan 10
[SW3-Ethernet0/0/1]port-group group-member GigabitEthernet 0/0/1 to GigabitEther
net 0/0/2
[SW3-port-group]port link-type trunk
[SW3-GigabitEthernet0/0/1]port link-type trunk
[SW3-GigabitEthernet0/0/2]port link-type trunk
[SW3-port-group]port trunk allow-pass vlan 10
[SW3-GigabitEthernet0/0/1]port trunk allow-pass vlan 10
[SW3-GigabitEthernet0/0/2]port trunk allow-pass vlan 10
[SW3-port-group]
- Configuration of SW4
[SW4]interface Ethernet 0/0/1
[SW4-Ethernet0/0/1]port link-type access
[SW4-Ethernet0/0/1]port default vlan 10
[SW4-Ethernet0/0/1]port-group group-member GigabitEthernet 0/0/1 to GigabitEther
net 0/0/2
[SW4-port-group]port link-type trunk
[SW4-GigabitEthernet0/0/1]port link-type trunk
[SW4-GigabitEthernet0/0/2]port link-type trunk
[SW4-port-group]port trunk allow-pass vlan 10
[SW4-GigabitEthernet0/0/1]port trunk allow-pass vlan 10
[SW4-GigabitEthernet0/0/2]port trunk allow-pass vlan 10
[SW4-port-group]
(3) Turn on STP
①Configuration of SW1
[SW1]stp enable
[SW1]stp mode stp
②Configuration of SW2
[SW2]stp enable
[SW2]stp mode stp
③Configuration of SW3
[SW3]stp enable
[SW3]stp mode stp
④Configuration of SW4
[SW4]stp enable
[SW4]stp mode stp
(4) Configure STP priority
Configure SW1 as the primary root switch and SW2 as the backup root switch.
Method 1: Change the priority of SW1 to 0 and the priority of SW2 to 4096
①Configuration of SW1
[SW1]stp priority 0
②Configuration of SW2
[SW2]stp priority 4096
Method 2:
First delete the priority configured on SW1 and use the stp root primary command to configure the primary root
Change the machine.
[SW1]undo stp priority
[SW1]stp root primary
Delete the priority configured on SW2 and use the stp root secondary command to configure the backup root switch.
[SW2]undo stp priority
[SW2] stp root secondary
(5) Configure the IP addresses of computers in each department
Figure 2 PC1 IP configuration diagram of the Technology Department
Figure 3 PC2 IP configuration diagram of the technical department
4.Project verification
(1) Verify the VLAN configuration information of each switch
①Configuration of SW1
[SW1]display vlan
The total number of vlans is : 2
--------------------------------------------------------------------------------
U: Up; D: Down; TG: Tagged; UT: Untagged;
MP: Vlan-mapping; ST: Vlan-stacking;
#: ProtocolTransparent-vlan; *: Management-vlan;
--------------------------------------------------------------------------------
VID Type Ports
--------------------------------------------------------------------------------
1 common UT:GE0/0/1(U) GE0/0/2(U) GE0/0/3(U) GE0/0/4(D)
GE0/0/5(D) GE0/0/6(D) GE0/0/7(D) GE0/0/8(D)
GE0/0/9(D) GE0/0/10(D) GE0/0/11(D) GE0/0/12(D)
GE0/0/13(D) GE0/0/14(D) GE0/0/15(D) GE0/0/16(D)
GE0/0/17(D) GE0/0/18(D) GE0/0/19(D) GE0/0/20(D)
GE0/0/21(D) GE0/0/22(D) GE0/0/23(D) GE0/0/24(D)
10 common TG:GE0/0/1(U) GE0/0/2(U) GE0/0/3(U)
VID Status Property MAC-LRN Statistics Description
--------------------------------------------------------------------------------
1 enable default enable disable VLAN 0001
10 enable default enable disable Technical
[SW1]
②Configuration of SW2
[SW2]display vlan
The total number of vlans is : 2
--------------------------------------------------------------------------------
U: Up; D: Down; TG: Tagged; UT: Untagged;
MP: Vlan-mapping; ST: Vlan-stacking;
#: ProtocolTransparent-vlan; *: Management-vlan;
--------------------------------------------------------------------------------
VID Type Ports
--------------------------------------------------------------------------------
1 common UT:GE0/0/1(U) GE0/0/2(U) GE0/0/3(U) GE0/0/4(D)
GE0/0/5(D) GE0/0/6(D) GE0/0/7(D) GE0/0/8(D)
GE0/0/9(D) GE0/0/10(D) GE0/0/11(D) GE0/0/12(D)
GE0/0/13(D) GE0/0/14(D) GE0/0/15(D) GE0/0/16(D)
GE0/0/17(D) GE0/0/18(D) GE0/0/19(D) GE0/0/20(D)
GE0/0/21(D) GE0/0/22(D) GE0/0/23(D) GE0/0/24(D)
10 common TG:GE0/0/1(U) GE0/0/2(U) GE0/0/3(U)
VID Status Property MAC-LRN Statistics Description
--------------------------------------------------------------------------------
1 enable default enable disable VLAN 0001
10 enable default enable disable Technical
[SW2]
③Configuration of SW3
[SW3]display vlan
The total number of vlans is : 2
--------------------------------------------------------------------------------
U: Up; D: Down; TG: Tagged; UT: Untagged;
MP: Vlan-mapping; ST: Vlan-stacking;
#: ProtocolTransparent-vlan; *: Management-vlan;
--------------------------------------------------------------------------------
VID Type Ports
--------------------------------------------------------------------------------
1 common UT: Eth0/0/2(D) Eth0/0/3(D) Eth0/0/4(D) Eth0/0/5(D)
Eth0/0/6(D) Eth0/0/7(D) Eth0/0/8(D) Eth0/0/9(D)
Eth0/0/10(D) Eth0/0/11(D) Eth0/0/12(D) Eth0/0/13(D)
Eth0/0/14(D) Eth0/0/15(D) Eth0/0/16(D) Eth0/0/17(D)
Eth0/0/18(D) Eth0/0/19(D) Eth0/0/20(D) Eth0/0/21(D)
Eth0/0/22(D) GE0/0/1(U) GE0/0/2(U)
10 common UT:Eth0/0/1(U)
TG:GE0/0/1(U) GE0/0/2(U)
VID Status Property MAC-LRN Statistics Description
--------------------------------------------------------------------------------
1 enable default enable disable VLAN 0001
10 enable default enable disable Technical
[SW3]
④Configuration of SW4
[SW4]display vlan
The total number of vlans is : 2
--------------------------------------------------------------------------------
U: Up; D: Down; TG: Tagged; UT: Untagged;
MP: Vlan-mapping; ST: Vlan-stacking;
#: ProtocolTransparent-vlan; *: Management-vlan;
--------------------------------------------------------------------------------
VID Type Ports
--------------------------------------------------------------------------------
1 common UT: Eth0/0/2(D) Eth0/0/3(D) Eth0/0/4(D) Eth0/0/5(D)
Eth0/0/6(D) Eth0/0/7(D) Eth0/0/8(D) Eth0/0/9(D)
Eth0/0/10(D) Eth0/0/11(D) Eth0/0/12(D) Eth0/0/13(D)
Eth0/0/14(D) Eth0/0/15(D) Eth0/0/16(D) Eth0/0/17(D)
Eth0/0/18(D) Eth0/0/19(D) Eth0/0/20(D) Eth0/0/21(D)
Eth0/0/22(D) GE0/0/1(U) GE0/0/2(U)
10 common UT:Eth0/0/1(U)
TG:GE0/0/1(U) GE0/0/2(U)
VID Status Property MAC-LRN Statistics Description
--------------------------------------------------------------------------------
1 enable default enable disable VLAN 0001
10 enable default enable disable Technical
[SW4]
(2) Check the STP status of each switch
Check the STP status information of each switch. SW1 and SW2 use the display stp command to check whether the stp mode is correct. SW3 and SW4 use the display stp brief command to check whether the backup port is in the Discarding state.
①Configuration of SW1
[SW1]display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge :0 .4c1f-cc23-1a63
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :0 .4c1f-cc23-1a63 / 0
CIST RegRoot/IRPC :0 .4c1f-cc23-1a63 / 0
CIST RootPortId :0.0
BPDU-Protection :Disabled
CIST Root Type :Primary root
TC or TCN received :161
TC count per hello :0
STP Converge Mode :Normal
Time since last TC :0 days 0h:0m:12s
Number of TC :86
Last TC occurred :GigabitEthernet0/0/2
----[Port1(GigabitEthernet0/0/1)][FORWARDING]----
Port Protocol :Enabled
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=20000
Designated Bridge/Port :0.4c1f-cc23-1a63 / 128.1
Port Edged :Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :147 packets/hello-time
---- More ----
②Configuration of SW2
[SW2]display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge :4096 .4c1f-ccd3-3e10
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :0 .4c1f-cc23-1a63 / 20000
CIST RegRoot/IRPC :4096 .4c1f-ccd3-3e10 / 0
CIST RootPortId :128.3
BPDU-Protection :Disabled
CIST Root Type :Secondary root
TC or TCN received :400
TC count per hello :0
STP Converge Mode :Normal
Time since last TC :0 days 0h:1m:18s
Number of TC :88
Last TC occurred :GigabitEthernet0/0/3
----[Port1(GigabitEthernet0/0/1)][FORWARDING]----
Port Protocol :Enabled
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=20000
Designated Bridge/Port :4096.4c1f-ccd3-3e10 / 128.1
Port Edged :Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :147 packets/hello-time
---- More ----
③Configuration of SW3
[SW3]display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge :32768.4c1f-cc13-6b1a
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :0 .4c1f-cc23-1a63 / 20000
CIST RegRoot/IRPC :32768.4c1f-cc13-6b1a / 0
CIST RootPortId :128.23
BPDU-Protection :Disabled
TC or TCN received :335
TC count per hello :0
STP Converge Mode :Normal
Time since last TC :0 days 0h:0m:25s
Number of TC :95
Last TC occurred :GigabitEthernet0/0/1
----[Port1(Ethernet0/0/1)][LEARNING]----
Port Protocol :Enabled
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=200000
Designated Bridge/Port :32768.4c1f-cc13-6b1a / 128.1
Port Edged :Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :147 packets/hello-time
Protection Type :None
---- More ----
④W4 configuration
[SW4]display stp
-------[CIST Global Info][Mode STP]-------
CIST Bridge :32768.4c1f-ccd5-6d06
Config Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
Active Times :Hello 2s MaxAge 20s FwDly 15s MaxHop 20
CIST Root/ERPC :0 .4c1f-cc23-1a63 / 20000
CIST RegRoot/IRPC :32768.4c1f-ccd5-6d06 / 0
CIST RootPortId :128.23
BPDU-Protection :Disabled
TC or TCN received :665
TC count per hello :0
STP Converge Mode :Normal
Time since last TC :0 days 0h:0m:39s
Number of TC :90
Last TC occurred :GigabitEthernet0/0/1
----[Port1(Ethernet0/0/1)][FORWARDING]----
Port Protocol :Enabled
Port Role :Designated Port
Port Priority :128
Port Cost(Dot1T ) :Config=auto / Active=200000
Designated Bridge/Port :32768.4c1f-ccd5-6d06 / 128.1
Port Edged :Config=default / Active=disabled
Point-to-point :Config=auto / Active=true
Transit Limit :147 packets/hello-time
Protection Type :None
---- More ----
(3) Test the interoperability of computers in various departments
Use the Ping command to test the internal communication of each department. Use the technical computer to ping the department's computer:
Figure 4 Technical Department PC1 pings Technical Department PC2 test chart
Figure 5 Technical Department PC2 ping Technical Department PC1 test chart
5. Placement script
- SW1
//SW1
system-view
sysname SW1
vlan 10
description Technical
quit
port-group group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/3
port link-type trunk
port trunk allow-pass vlan 10
quit
stp enable
stp mode stp
stp priority 0
return
save
y
!
- SW2
//SW2
system-view
sysname SW2
vlan 10
description Technical
quit
port-group group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/3
port link-type trunk
port trunk allow-pass vlan 10
quit
stp enable
stp mode stp
stp priority 4096
return
save
y
!
- SW3
//SW3
system-view
sysname SW3
vlan 10
description Technical
quit
interface Ethernet 0/0/1
port link-type access
port default vlan 10
port-group group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/2
port link-type trunk
port trunk allow-pass vlan 10
quit
stp enable
stp mode stp
return
save
y
!
- SW4
//SW4
system-view
sysname SW4
vlan 10
description Technical
quit
interface Ethernet 0/0/1
port link-type access
port default vlan 10
port-group group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/2
port link-type trunk
port trunk allow-pass vlan 10
quit
stp enable
stp mode stp
return
save
y
!
Network technology is a vast and constantly evolving field, and continuous learning and updating of knowledge are the keys to success. You've taken the first step to learn and deploy STP , and this is just the tip of the iceberg. Keep moving forward, explore more network protocols and technologies, and keep improving your skills