2-1 LAN switching _ STP
Which two best practices does Cisco recommend to migrate a network from PVST+ to MST?
- Before starting the transition, ensure that one node is the root bridge for all VLANs in the network. - Start the migration at the edge nodes and work toward the root bridge.
Which three configuration settings must match for switches to be in the same MST region? A. password B. domain name C. VLAN names D. revision number E. VLAN-to-instance assignment F. region name
- region name - revision number - VLAN-to-instance assignment
Which three values are used to generate a unique bridge ID for each VLAN in PVST+? (Choose three) A. port cost B. max age C. spanning-tree MAC address D. port priority E. switch priority F. extended system ID
Answer: C,E,F Each VLAN on each switch has a unique 64-bit bridge ID consisting of a bridge priority value, an extended system ID (IEEE 802.1t), and an STP MAC address allocation.
Spanning-tree loop guard cannot work with which one(s)? UplinkFast PortFast RootGuard
Loop guard cannot be enabled on PortFast ports. Loop guard cannot be enabled on a switch that also has root guard enabled.
Spanning-tree features: Port Fast , BPDU Guard , UplinkFast , EtherChannel guard , BPDU filtering , BackboneFast
*Port Fast*: can make loop when configured on non-host port! *BPDU Guard*: Error-disables a port when it receives an erroneous BPDU. *UplinkFast*: Enables the root port to transition directly from the blocking state to the forwarding state. *EtherChannel guard*: detects misconfigurations between a switch and a connected device. BPDU filtering: discards inbound BPDUs and prevents the interface from sending outbound BPDUs. BackboneFast: Starts spanning-tree reconfiguration when it detects an indirect link failure.
Which two statements about the output are true? sw#sh spanning-tree vlan 1 detail VLAN0001 is executing ... Bridge identifier priority 32768 ... configured hello time 2, max age 20, ... current root priority 8192 ... Root port is 65 (Gi2/1), cost of root path is 119 Topology change flag not set, detected ... Number of topology changes 1 last ... from GigabithEthernet1/1 Times: hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Timers: hold 0, topology change 0, notification 0,aging300 STP protocol? What if use Priority 0 on VLAN1? Timers are modified? Is portFast enabled on Gi1/1?
- 802.1D spanning tree is being used. - Setting the priority of this switch to 0 for VLAN 1 would cause it to become the new root. Timers are modified? No, they are as default. Is portFast enabled on Gi1/1? No, because it received TCN.
Which technology does the use of bi-directional BPDUs on all ports in the topology support? swA <<<-BPDU->>> swB
- Bridge Assurance BPDUs are sent out on all operational network ports, including alternate and backup ports, for each hello time period. Bridge Assurance monitors the receipt of BPDUs on point-to-point links on all network ports. When a port does not receive BPDUs within the allotted hello time period, the port is put into a blocked state (the same as a port inconsistent state, which stops forwarding of frames). (Only supported on RPVST+ and MST )
Which three statements about bridge assurance are true? A. Bridge assurance must be enabled on both ends of a link. B. Bridge assurance can be enabled on one end of a link or on both ends. C. Bridge assurance is enabled on STP point-to-point links only. D. Bridge assurance is enabled on STP multipoint links only. E. If a bridge assurance port fails to receive a BPDU after a timeout, the port is put into a blocking state. F. If a bridge assurance port fails to receive a BPDU after a timeout, the port is put into an error disabled state.
- Bridge assurance must be enabled on both ends of a link. - Bridge assurance is enabled on STP point-to-point links only. - If a bridge assurance port fails to receive a BPDU after a timeout, the port is put into a blocking state.
Which two statements are true about RSTP? A. By default, RTSP uses a separate TCN BPDU when interoperating with 802.1D switches. B. By default, RTSP does not use a separate TCN BPDU when interoperating with 802.1D switches. C. If a designated port receives an inferior BPDU, it immediately triggers a reconfiguration. D. By default, RTSP uses the topology change TC flag. E. If a port receives a superior BPDU, it immediately replies with its own information, and no reconfiguration is triggered.
- By default, RTSP does not use a separate TCN BPDU when interoperating with 802.1D switches. - By default, RTSP uses the topology change TC flag.
While troubleshooting high CPU utilization on one of your Cisco Catalyst switches, you find that the issue is due to excessive flooding that is caused by STP. What can you do to prevent this issue from happening again? SW#sh spanning-tree detail MST0 is executing ... Bridge identifier priority 32768 ... configured hello time 2, max age 20, ... current root priority 24576 ... Root port is 56 (Port-channel1), cost of root path is 0 Topology change flag not set, detected ... Number of topology changes 296 last ... from GigabithEthernet0/15
- Configure PortFast on interface Gi0/15 Topology Changes (TC) should be a rare event in a well-configured network. When a link on a switch port goes up or down, there is eventually a TC, once the STP state of the port is changing to or from forwarding. When the port is flapping, this would cause repetitive TCs and flooding. Ports with the STP portfast feature enabled will not cause TCs when going to or from the forwarding state. The configuration of portfast on all end-device ports (such as printers, PCs, and servers) should limit TCs to a low amount and is highly recommended.
Refer to the exhibit. If you change the Spanning Tree Protocol from pvst to rapid-pvst, what is the effect on the interface Fa0/1 port state? sw#show apanning-tree vlan0001 This bridge is the root Priority 32768 int Role Sts Cost Prio.Nbr Type ----- ---- ---- ----- ------- ------ Fa0/1 Desg FWD 19 128.1 P2p
- It transitions to the blocking state, then the learning state, and then the forwarding state. First, the port will transition to the blocking state, immediately upon the change, then it will transition to the new RSTP states of learning and forwarding.
In which 802.1D port state are the root bridge, the root port, and the designated port(s) elected? A. Listening B. learning C. forwarding D. blocking E. disabled
- Listening
What is the source MAC address of a BPDU frame that is sent out of a port? A. A the lowest MAC address on the switch B. the highest MAC address on the switch C. the MAC address of the individual port that is sending the BPDU D. the same as the MAC address in the bridge ID
- The MAC address of the individual port that is sending the BPDU will be the source MAC address of a BPDU frame.
Which two statements are true about the displayed STP state? sw#sh spanning-tree detail MST0 is executing ... Bridge identifier priority 32768 ... configured hello time 2, max age 20, ... current root priority 24576 ... Root port is 56 (Po1), cost of root path is 0 Topology change flag not set, detected ... Number of topology changes 296 last ... from GigabithEthernet0/15
- The switch does not have PortFast configured on Gi0/15. - BPDUs with the TCN bit set are transmitted over port channel 1. A port enabled with portfast will not send topology changes when a port goes up or down, but here we see that 296 TCN's were sent so we know that Gi0/15 does not have portfast enabled. TCN's are sent using BPDU's over the root port, which we see is port channel 1.
When you migrate a network from PVST+ to rapid-PVST+, which two features become inactive?
- UplinkFast - BackboneFast You can see in the show spanning-tree summary command output that UplinkFast and BackboneFast are enabled, but are inactive in rapid-PVST mode. It is optional to remove both the commands. It does not affect any of the rapid-PVST operation if you do not remove the commands.
Which flag in a configuration BPDU instructs all switches to shorten their bridge table aging process from the default 300 seconds to the current forward delay value? A. topology change bit B. topology change acknowledgment bit C. priority bit D. max-age bit
- topology change bit The Root Bridge continues to set the Topology Change flag (TCN bit) in all Configuration BPDUs that it sends out for a total of (Forward Delay + Max Age) seconds default = 35 (20+15) seconds. This flag instructs all bridges to shorten their MAC address table (Bridge table) aging process from the default value of 300 seconds to the current Forward Delay value of the bridge (default=15 seconds).
Which three fields are part of a TCN BPDU?
A. protocol ID (Always 0. Future enhancements to the protocol might cause the Protocol ID values to increase.) B. version (Always 0. Future enhancements to the protocol might cause the Version value to increase.) C. type (Determines which of the two BPDU formats this frame contains (Configuration BPDU or *TCN BPDU(0x80)*)).
Which two statements about BPDU guard are true? (Choose two.) A. The global configuration command spanning-tree portfast bpduguard default shuts down interfaces that are in the PortFast-operational state when a BPDU is received on that port. B. The interface configuration command spanning-tree portfast bpduguard enable shuts down only interfaces with PortFast enabled when a BPDU is received. C. BPDU guard can be used to prevent an access port from participating in the spanning tree in the service provider environment. D. BPDU guard can be used to protect the root port. E. BPDU guard can be used to prevent an invalid BPDU from propagating throughout the network.
AC. When enabled on a port, BPDU Guard shuts down a port that receives a BPDU. When configured globally, BPDU Guard is only effective on ports in the operational PortFast (edge) state.
An access switch at a remote location is connected to the spanning-tree root with redundant uplinks. A network engineer notices that there are issues with the physical cabling of the current root port. The engineer decides to force the secondary link to be the desired forwarding root port. Which action accomplishes this task?
Adjust the secondary link to have a lower priority than the primary link. STP Root Port selection process in a Non-Root Switch: 1-port connected to the path with the *lowest ST Path Cost* to the Root Bridge. 2-port connected to the neighbor switch which has the *lowest Switch ID* value as the Root Port. 3-local port which receives the *lowest port ST Port Priority* value from neighbor Switch. 4-port which receives the *lowest physical port number* from neighbor Switch as the Root Port.
In an STP domain, which two statements are true for a nonroot switch, when it receives a configuration BPDU from the root bridge with the TC bit set? (Choose two.) A. It sets the MAC table aging time to max_age time. B. It sets the MAC table aging time to forward_delay time. C. It recalculates the STP topology upon receiving topology change notification from the root switch. D. It does not recalculate the STP topology upon receiving topology change notification from the root switch.
Answer: B,D
In an STP domain, which two statements are true for a nonroot switch, when it receives a configuration BPDU from the root bridge with the TC bit set? A. It sets the MAC table aging time to max_age + forward_delay time. B. It sets the MAC table aging time to forward_delay time. C. It recalculates the STP topology upon receiving topology change notification from the root switch. D. It receives the topology change BPDU on both forwarding and blocking ports.
BD. When the TC bit is received, every bridge is then notified and reduces the aging time to forward_delay (15 seconds by default) for a certain period of time (max_age + forward_delay). It receives the topology change BPDU on both forwarding and blocking ports.
In which way does the Bridge Assurance mechanism modify the default spanning-tree behavior in an effort to prevent bridging loops? A. Received BPDUs are looped back toward the sender to ensure that the link is bidirectional. B. If BPDUs are no longer received on a port, the switch immediately sends out a TCN BPDU. C. Extended topology information is encoded into all BPDUs. D. BPDUs are sent bidirectional on all active network ports, including blocked and alternate ports.
BPDUs are sent bidirectional on all active network ports, including blocked and alternate ports.
What is the destination multicast MAC address for BPDUs on the native VLAN, for a switch that is running 802.1D? A. 0185. C400. 0000 B. 0100.0CCC.CCCC C. 0100.0CCC.CCCD D. 0180.C200.0000
BPDUs generated by a Cisco Catalyst switch on 802.1q trunks are destined to the MAC address *0180.C200.0000* only for VLAN 1: BPDUs for other vlans have a destination MAC address of 0100.0CCC.CCCD. This address is a multicast address and it is Cisco proprietary. 0100.0ccc.cccc is used by UDLD / DTP / VTP / Pagp control plane PDUs. 0100.0cdd.dddd is used in CGMP multicast.
Refer to the exhibit. While troubleshooting an issue with a blocked switch port, you find this error in the switch log. Which action should you take first to locate the problem? "Spt..loopguardblock: No BPDUs received on Fa0/1 in VLAN 10. Moved to loop-inconsistent state." A. Check the attached switch for a BPDU filter. B. Test the link for unidirectional failures. C. Execute the show interface command to check FastEthernet0/1. D. Check the attached switch for an interface configuration issue.
Check the attached switch for a BPDU filter.
STP Dispute
Cisco's implementation of MSTP allows for detecting unidirection condition, by comparing the downstream port state reported in BPDUs. If the upstream switch sends superior root bridge information to the downstream bridge but receives the BPDUs with Designated bit set, the upstream switch concludes that the downstream does not hear its BPDU's. The upstream switch then blocks the downstream port and marks it as STP dispute link.
Switch DSW1 should share the same MST region with switch DSW2. Which statement is true? DSW1#sh vtp status vs DSW2#sh vtp status (There is mismatch VTP Domain Name.) A. Configure DSW1 with the same version number, and VLAN-to-instance mapping as shown on DSW2. B. Configure DSW1 with the same region name, number, and VLAN-to-instance mapping as shown on DSW2. C. DSW2 uses the VTP server mode to automatically propagate the MST configuration to DSW1. D. DSW1 is in VTP client mode with a lower configuration revision number, therefore, it automatically inherits MST configuration from DSW2. E. DSW1 automatically inherits MST configuration from DSW2 because they have the same domain name.
Configure DSW1 with the same region name, number, and VLAN-to-instance mapping as shown on DSW2.
Refer to the exhibit. Switch A is connected to two MSTP domains for the first time. This error is observed on Switch A. %SPANTREE-2-PVSTSIM_FAIL: Blocking designated port Fa0/1: Inconsistent superior PVST BPDU received on VLAN 10 How can this error be resolved?
Configure PVST+ to allow MST Region 1 to the root for VLAN 10.
What will happens if an interface which is enabled for portfast receives BDPU?
If an interface is enabled for portfast receives BDPU, the port goes through the spanning-tree listening, learning, and forwarding states.
Refer to the exhibit. This network is undergoing a migration from PVST+ to MST. SI is the MSTO root bridge and S2 is the MSTO secondary root. Which statement about traffic from S3 is true? [PVST+]S3(G0/0)--(G0/1)S1[MST] [PVST+]S3(G0/1)--(G0/1)S2[MST] Interface ... is blocked on S3 for VLAN40 and VLAN50. PVST+ inherits the load-balancing configuration from MST? Will load-balancing fails?
Interface G0/1 is blocked on S3 for VLAN40 and VLAN50 and load balancing fails until S3 is migrated to MST.
Which two statements about the STP dispute function are true? (Choose two) A. It compares the downstream port states reported in received BPDUs. B. The upstream switch uses received BPDUs to detect unidirectional link failures. C. The downstream switch uses received BPDUs to detect unidirectional link failures. D. When a designated port detects a conflict, it changes its role by reverting to a discarding state.
It compares the downstream port states reported in received BPDUs. The upstream switch uses received BPDUs to detect unidirectional link failures.
How does MSTP provide backward compatibility with RSTP?
It encodes the MSTP-specific region information before the legacy RSTP BPDU.
Which three statements are true for a network with 10 switches and 126 segments? It has ... root ports. It has ... designated ports. It has ... (how many) root bridge.
It has 9 root ports. It has 126 designated ports. It has only one root bridge.
Which two statements about RSTP and MSTP BPDUs are true? (Choose two.) A. MSTP switches can detect boundary ports when they receive RSTP version 2 BPDUs. B. MSTP switches can detect boundary ports when they receive RSTP version 1 BPDUs. C. RSTP switches can process MSTP version 3 BPDUs. D. When all boundary switches are running RSTP, MST sends only version 0 configuration BPDUs.
MSTP switches can detect boundary ports when they receive RSTP version 2 BPDUs. RSTP switches can process MSTP version 3 BPDUs.
The VLAN-to-MST mapping is shown. Map = Sw1(Gi0/23)--VLAN 300--(Gi0/23)Sw2 Sw1(Gi0/24)--VLAN 200--(Gi0/24)Sw2 (Assume SW1 acts as root for all possible MST instances.) spanning-tree mst configuration name MST revision 2 instance 0 vlan 1-200,301-4094 instance 1 vlan 201-300 ! If this topology is deployed, which action is required for traffic to flow on VLAN 200 and 300?
Map VLAN 200 to instance 2. MST is not a "per-vlan" STP, it is a "per-instance" STP. Instance 0 is the Internal Spanning Tree instance or IST. The IST BPDU is sent on ALL ports. The switches see vlan 200 on all ports since vlan 200 is mapped to instance 0. Therefore it blocks it on one of the ports. If you move vlan 200 to another instance (such as instance 2) then it no longer is seen on all ports so it no longer gets blocked.
Can Spanning-tree loop guard detect a unidirectional link?
No, STP loop guard only work on point-to-point links.
Is changing spanning-tree timers can affect Loop guard?
Nope!
How does MSTP maintain compatibility with RSTP?
RSTP encodes region information from an MSTP BPDU into a single instance.
STP port roles? Root port Designated port Alternate port Backup port
Root port: closest path cost to root bridge Designated port: sends best BPDU Alternate port: blocked port_receives more useful BPDUs from a different bridge. *Backup port*: blocked port_receives more useful BPDUs from a *own bridge*.
Assume that the following MAC addresses are used for the bridge ID MAC address by four different switches in a network. Which switch will be elected as the spanning-tree root bridge? SwA uses MAC 1000.AA-AA-AA-AA-AA-AA. SwB uses MAC 2000.BB-BB-BB-BB-BB-BB. SwC uses MAC 3000.CC-CC-CC-CC-CC-CC. SwD uses MAC 4000.DD-DD-DD-DD-DD-DD
SwA with MAC 1000.AA-AA-AA-AA-AA-AA The switch with the highest switch priority (the lowest numerical priority value) is elected as the root switch.
How ports roles in STP choosen? Switch A - G all have same priority. Path cost also similar.
The MAC address will be used. Root bridge will be the one with smallest MAC. From any non-root we see links toward upstairs switches, the path to switch with lower MAC address choose as Root port and forwarding state, the other port will move to blocking state. In other side its ports toward downstairs switches will be Designated.
Which type of port would have root guard enabled on it? A. A root port B. An alternate port C. A blocked port D. A designated port
The Root Guard, prevent Designated port from become a Root port. The root guard ensures that the port on which root guard is enabled is the designated port. Normally, root bridge ports are all designated ports, unless two or more ports of the root bridge are connected together.
TCA flag?
The TCA flag is set by the upstream bridge to tell the downstream bridges to stop sending TCN BPDUs. The TC flag is set in configuration BPDU by the Root Bridge to shorten the bridge table age-out period from default 300 seconds to Forward Delay seconds.
Which two statements about the spanning-tree timers in a switched network are true? (Choose two) A. After receiving a BPDU from the root bridge, a non-root bridge waits for the hello interval before forwarding it out. B. The root bridge sends out a TCN every max-age interval. C. The root bridge sends out a configuration BPDU every hello interval. D. The default hello time is two seconds.
The root bridge sends out a configuration BPDU every hello interval. The default hello time is two seconds.
What is the destination MAC address of a BPDU frame? A. 01-80-C2-00-00-00 B. 01-00-5E-00-00-00 C. FF-FF-FF-FF-FF-FF D. 01-80-C6-00-00-01
The root-bridge election process begins by having every switch in the domain believe it is the root and claiming it throughout the network by means of Bridge Protocol Data Units (BPDU). BPDUs are Layer 2 frames multicast to a well-known MAC address in case of IEEE STP (01-80-C2-00-00-00) or vendor-assigned addresses, in other cases.
How long will the root bridge continue to send configuration BPDUs to notify all bridges to age out their MAC address tables? A. Three times the hello interval B. The forward delay + max-age time C. The max-age time D. The forward delay time
The total of forward delay and max-age time.
Where must the spanning-tree timers be configured if they are not using the default timers? A. They must be on the root bridge. B. They must be on any non-root bridge. C. Changing the default timers is not allowed. D. Timers must be modified manually on each switch.
They must be on the root bridge.
Which two 802.1D port states are expected in a stable Layer 2 network? A. forwarding B. learning C. listening D. blocking E. disabled
forwarding or blocking In a stable topology with consistent port roles throughout the network, the RSTP ensures that every root port and designated port immediately transition to the forwarding state while all alternate and backup ports are always in the discarding state (equivalent to blocking in IEEE 802.1D).