Welcome to Jeremy’s IT Lab. This is a free, complete course for the CCNA. If you like these videos, please subscribe to follow along with the series. Also, please like and leave a comment, and share the video to help spread this free series of videos. Thanks for your help. Also, remember to download this practice lab from the link in the description and try it out yourself in packet tracer. If you want more labs like these, I highly recommend picking up Boson’s NetSim for the CCNA, click the link in the video description to check it out. It’s a network simulator like packet tracer, but it’s even better, and it includes all of these guided labs to not only help you get hands-on practice configuring and troubleshooting, but also deepen your understanding of the exam topics. I used it myself when studying for my certifications, so I feel confident about recommending it to all of you. Watch until the end of this video, we’ll take a look at a lab from NetSim. If you want to get your own copy of NetSim, please follow the link in the video description. In this lab we will do some basic STP configurations. STP runs by default, so you don’t actually have to configure it, however if you just leave it at the default settings there is no guarantee that traffic will be following the optimal path. So, it’s a good idea to explicitly configure which switch should be the root for each VLAN, and also set different roots for different VLANs so each VLAN uses different links, balancing the load of the network traffic. Step 1 in this video is to use the CLI to check the current STP topology, identify the root bridge, and the STP role and state of each port on each switch. I’ll start on SW1. First let’s get into privileged exec mode. ENABLE. We only need one show command for this. SHOW SPANNING-TREE. Information is displayed separately for VLAN1 and VLAN2, however because I haven’t done any configuration yet their settings will be the same, the same root bridge and the role of each port will be the same also, so let’s just look at VLAN1. SW1 is not the root bridge, notice the MAC address is different in the Root ID section and the Bridge ID section. As for the port roles, you can see them here. F0/3 is the root port, so I’m guessing SW2 is the root bridge. Let’s go on SW2 now to check if that is the case. First enter privileged exec mode. ENABLE. SHOW SPANNING-TREE. In the root ID section, it clearly states ‘this bridge is the root’. You can also see that all of its interfaces are designated ports, in a forwarding state. This is the case for both VLAN1 and VLAN2. Without any specific configuration, each VLAN will have the same root, and the port roles will be the same in each VLAN. Next let’s go on SW3. We know its not the root, but which port do you think is the root port? It should be F0/2, because it’s directly connected, and all of these connections are fastethernet, there are no gigabit ethernet connections which have a lower cost. ENABLE. SHOW SPANNING-TREE. Indeed, F0/2 is the root port, and F0/1 is designated. Finally, let’s check SW4. Its F0/1 interface should be the root port. ENABLE. SHOW SPANNING-TREE. As expected, F0/1 is the root port, also F0/2 is blocking. The role says ‘alternate’, this means a non-designated port. Step 2 is to configure load balancing by making SW1 the primary root for VLAN1 and secondary root for VLAN2, and the opposite on SW2. Let’s return to SW1. Go to global config mode, CONF T. Let’s configure it as the root for VLAN1. SPANNING-TREE VLAN 1 ROOT PRIMARY. Remember to include the VLAN in the command, in Cisco’s PVST+ all configurations are done on a per-VLAN basis. Next, the secondary root for VLAN2. SPANNING-TREE VLAN 2 ROOT SECONDARY. Now I’ll hop on to SW2. CONF T. SPANNING-TREE VLAN 1 ROOT SECONDARY. SPANNING-TREE VLAN 2 ROOT PRIMARY. Okay, that’s it. So, what is the STP role and state of each port now? Well, here on SW2, in VLAN2 all ports should be designated, but now on SW1 F0/3 should be the root port, because it’s directly connected to the new root SW1. Let’s check. DO SHOW SPANNING-TREE. So, for VLAN2 it is still the root, but for VLAN1 F0/3 is now the root port, as expected. The other ports are designated ports in a forwarding state. Let’s go back and check on SW1. In VLAN1 all ports should be designated, but in VLAN2 F0/3 should still be the root port, like before. DO SHOW SPANNING-TREE. So, indeed in VLAN2 F0/3 is the root port, F0/1 and F0/2 are designated. In VLAN1 however SW1 is now the root bridge, so all ports are designated. In step 3 and step 4 we are going to manipulate a couple STP port settings and see the effects. First up, we will increase the cost of SW4’s F0/2 interface to 100 in VLAN1, and see if it selects a different root port. First, let’s confirm that the current root port is F0/2, it should be for VLAN 1. Let’s view the spanning tree for VLAN1 only. SHOW SPANNING-TREE VLAN 1. Okay, as expected F0/2 is the root port, it has the lowest cost to SW1, the root. Let’s change that cost. Before doing so, what do you think will happen? What is the first criteria in selecting the root port? It’s the cost, so increasing the cost to over 5 times the current cost should cause SW4 to select a different root port. Let’s try. The configuration is done from interface config mode, so INTERFACE F0/2. SPANNING-TREE VLAN 1 COST 100. Now let’s view the spanning-tree just for VLAN 1 again. DO SHOW SPANNING-TREE VLAN 1. Okay, as expected F0/2 is no longer the root port, it has changed to a blocking state, and now F0/1 is the root port. For step 4 we will increase the priority of SW1’s F0/1 to 240, the highest possible priority number, however in STP a lower number is actually treated with higher priority, so really we are lowering the priority to 240, even though the number itself is greater. Will this effect SW3’s selection of a root port? First up, let’s check SW3’s root port for VLAN1, it should be F0/1. Let’s just view VLAN1. DO SHOW SPANNING-TREE VLAN 1. Indeed, F0/1 is the root port. Now, if we set the priority of SW1’s F0/1 port to 240, will this affect SW3’s root port selection? What do you think? Actually, it shouldn’t. Sender port ID is actually the last tiebreaker, after port cost and sender bridge ID. Because F0/1 has a lower root cost than F0/2, 19 versus 38, the port priority should have no effect. Let’s go configure that port priority on SW1. Enter interface config mode, INTERFACE F0/1. SPANNING-TREE VLAN 1 PORT-PRIORITY 240. First up let’s view that priority here on SW1. DO SHOW SPANNING-TREE VLAN 1. Here for interface F0/1 you can see the priority dot number column, this is the port ID, and the priority has increased to 240. Now let’s check on SW3. Use the up arrow to return to the previous command and hit enter. As expected, there is no change, F0/1 is still the root port. Finally, let’s configure PortFast and BPDU Guard. Before doing so, let’s test portfast. I will turn on link lights for this, click options, preferences, and then show link lights here. Next, let me delete the connection between SW3 and PC1. Now I will connect them again, PC1 to SW3’s F0/3 interface. After reconnecting the two devices, SW3’s F0/3 interface has to go through the STP listening and learning states before it can forward traffic again, so the link light will remain orange for about 30 seconds. Let’s go on the CLI and configure both portfast and BPDU guard on F0/3. INTERFACE F0/3. SPANNING-TREE PORTFAST. SPANNING-TREE BPDUGUARD ENABLE. Okay, that’s it, pretty simple configurations. Now that portfast is enabled, I will delete that connection once more, and now let’s reconnect them again, PC1 to SW3’s F0/3. Notice that it moves immediately to forwarding, the link light is green right away. Now, because BPDU guard is enabled, if we connect F0/3 to another switch and a BPDU is received, the interface should be shut down. Let’s try that. I’ll delete the connection once more, and this time let’s use a crossover cable to connect F0/3 to SW4. When SW3 receives a BPDU from SW4 on its F0/3 interface, the interface is shutdown to avoid a loop, and now the link light is red. Let’s delete that connection again, and use a regular straight through cable to connect to PC1. Now let’s return to the CLI, and to enable this interface that was disabled by BPDU guard, I will SHUTDOWN, and then NO SHUTDOWN the interface. Okay, now F0/3 is back up and running. Okay, since we finished our experiment I’ll just configure the same on SW4. INTERFACE F0/3. SPANNING-TREE PORTFAST. SPANNING-TREE BPDUGUARD ENABLE. Okay, that’s all for this lab. Next up let’s take a look at a lab in Boson NetSim. Okay, for today's Boson NetSim lab preview, we are once again doing a lab from NetSim for ENCOR. This is a CCNP-level lab. The reason for that is spanning tree configuration isn't actually in the CCNA exam topics list, so it's not included in Boson NetSim for CCNA. However I want to show you a lab anyway, so let's do a CCNP-level lab. The one we're going to look at is Spanning Tree Protocol PVST Load Balancing. So you click on the lab here, and then click on 'load lab'. But I've already done that. So this is the lab. Create a VTP management domain for distribution of VLANs to all switches, and configure a primary and secondary root bridge for the VLANs in the network. So this is definitely a CCNP-level lab. It's quite challenging, quite extensive, and it's not just about configuration, but Boson asks you a lot of really good questions to test your understanding of spanning tree protocol. And I think I've said it before, but that's something I really like about NetSim. It's not all about the configuration, it really does test your understanding and help get you...help you get ready for the exam. So these are commands you need to know. Although this is a CCNP-level exam (*lab), these are actually all commands you already know. SHOW SPANNING-TREE, SHOW VLAN, SPANNING-TREE VLAN ROOT, SPANNING-TREE VLAN PRIORITY, SWITCHPORT MODE, ENCAPSULATION DOT1Q. So these are all commands you already know. So although this lab might be a challenge, I think it actually is doable for someone studying for their CCNA. So, I'm not actually gonna do the configurations in this demonstration, I just want to walk through the lab and see what kind of tasks you're asked to do. Task 1 is perform the initial configurations. So these aren't actually spanning-tree configurations. These are trunk configurations, VTP configurations, and VLAN configurations. So that's something I really like about this lab, it's not focused entirely on spanning tree. It helps you review other topics you've studied. Okay, plan primary and secondary root bridge configuration. So in task 2 you're not actually doing any configuration, you're examining the network, answering some questions, thinking about what configurations you're going to do, before you actually implement and verify the configurations in task 3. So what kind of questions are you asked? For example number 1, how is the information provided by the network engineer useful? So that is in this explanation here. Your network engineer has determined that VLANs 1 though 3 represent half of the traffic and VLANs 4 through 6 represent the other half, so how is this information useful to you? And if you don't know how to answer one of these questions, if you look at the lab solutions you can find Boson's explanation. Here is task 2. So these are Boson's answers to those questions. Okay, task 3 is actually implement and verify the configurations. So, configure the primary and secondary root bridge for different VLANs to ensure load balancing. And task 4, this is something you're not gonna find on most practice labs, certainly not my practice labs. 'Document the network'. Look at these questions, how many root ports can each non-root bridge have per STP instance? How many designated ports can a non-root switch have? And then here, this one I really like. Start to document the network. So, you're going to have to use SHOW commands to find the bridge ID, root bridge ID, root port, and path cost to root of each of these switches. And then here, use the network diagrams below to document the root bridge, root ports, designated ports, alternate ports, and blocked ports. And then question 5, what path will a VLAN 1 packet take from ASW1 to R2 via CSW2? So again, these are just really good questions to really test your understanding of spanning tree protocol. And if you ever have problems answering these questions, once again just look at the lab solutions and you can find Boson's explanations here. For example, these are all the blocking ports and such in these network topologies here, from question 4. Okay, so if you want to get a copy of NetSim, and I highly recommend you do, as you can see these are really great, in-depth practice labs that not only test your knowledge of the show commands, the configuration commands, but your knowledge of the topics as a whole. So if you want to get a copy, please follow the link in the video description. Thank you for watching. Please subscribe to the channel, like the video, leave a comment, and share the video with anyone else studying for the CCNA. If you want to leave a tip, check the links in the description. I'm also a Brave verified publisher and accept BAT, or Basic Attention Token, tips via the Brave browser. That's all for now.