How to Configure Spanning Tree on Cisco Switch in GNS3

When configuring the Original Spanning-Tree Protocol (802.1D) on Layer 2 Cisco Switches, you must enable features such as PortFastUplinkFast, and BackboneFast to improve STP Convergence performance.

How to Configure Spanning Tree on Cisco Switch in GNS3

How to Build Spanning Tree Protocol (STP) on Layer 2 Switch using GNS3

We must enable these features when configuring the Spanning Tree Protocol. If you have old Cisco Switches, you will probably use the old STP protocol on these Switches. In such a case, you must enable the features mentioned above in order to improve performance for the Standard STP protocol.

In our previous articles, we have examined the GNS3 PortFast ConfigurationGNS3 UplinkFast Configuration, and GNS3 BackboneFast Configuration separately. We will configure all the STP features we learned in this article.

You can also configure PortFastUplinkFast, and BackboneFast by watching videos on our YouTube channel.

How to Configure Spanning Tree

Before proceeding with the SPT configuration steps in GNS3, see Adding the GNS3 Layer 2 Switch and Configuring the GNS3 VPCS. Then follow the steps below for SPT configuration.

   Step 1

First, create a new project on GNS3 simulator software.

Creating a New Project in GNS3

   Step 2

After adding L2 Switch to GNS3 program, create a redundant network topology as in the image below.

Creating a Redundant Network

   Step 3

Configure the TCP/IP configuration of the GNS3 VPCS computers and then test the network connection between them by pinging VPCS PC1 to VPCS PC5.

Configuring VPCS

How to Choose Root Bridge

In the following network topology, a Root Bridge selection in the network distribution layer makes sense. And configure the Secondary Root Bridge Switch as in step 1, which will be activated immediately if there is an error in the Root Bridge Switch.

   Step 1

Specify the Root Bridge Switch and Secondary Root Bridge for the following network topology.

Root and Secondary Bridge Configuration

   Step 2

Configure Cisco Switch L2-SW1 as Root Bridge and configure L2-SW-2 Switch as Secondary Root Bridge.

Priority values ​​are taken into consideration when selecting manual Root Bridge. You can configure this process in two ways;

1) You can configure it using the spanning-tree vlan 1 priority command.
2) You can configure it using the spanning-tree vlan 1 root command.

In this article, we will use the Root Primary command to select the Root Bridge. To select L2-SW-1 as Root Bridge, use the command below and then check with the show spanning-tree command.

L2-SW-1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-1(config)#
L2-SW-1(config)#spanning-tree vlan 1 root primary
L2-SW-1(config)#exit
L2-SW-1#
*Sep 27 17:18:03.648: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-1#  
L2-SW-1#show spanning-tree

VLAN0001
  ST enabled protocol ieee
  Root ID    Priority    24577
             Address     003f.181f.4800
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    24577  (priority 24576 sys-id-ext 1)
             Address     003f.181f.4800
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  15  sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Desg FWD 4         128.1    Shr 
Gi0/1               Desg FWD 4         128.2    Shr 
Gi0/2               Desg FWD 4         128.3    Shr 
Gi0/3               Desg FWD 4         128.4    Shr 
Gi1/0               Desg FWD 4         128.5    Shr 
Gi1/1               Desg FWD 4         128.6    Shr 


L2-SW-1#

 

Root Primary Command

   Step 3

To configure the Cisco Switch L2-SW-2 as a Secondary Root Bridge, use the following command, and then check the Priority value of the L2-SW-2 Switch.

L2-SW-2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-2(config)#
L2-SW-2(config)#spanning-tree vlan 1 root secondary
L2-SW-2(config)#exit
L2-SW-2#
L2-SW-2#show spanning-tree

VLAN0001
  ST enabled protocol ieee
  Root ID    Priority    24577
             Address     003f.181f.4800
             Cost        4
             Port        1 (GigabitEthernet0/0)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    28673  (priority 28672 sys-id-ext 1)
             Address     003f.18b2.5800
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Root FWD 4         128.1    Shr 
Gi0/1               Desg FWD 4         128.2    Shr 
Gi0/2               Desg FWD 4         128.3    Shr 
Gi0/3               Desg FWD 4         128.4    Shr 
Gi1/0               Desg FWD 4         128.5    Shr 
Gi1/1               Desg FWD 4         128.6    Shr 

          
L2-SW-2#

 

Root Primary Command

How to Set Port Status

In previous posts, we have reviewed the STP protocol for STP Port status. Determine the Port Status of Cisco Switches by following the steps below.

   Step 1

At the L2-SW-2 Switch CLI prompt, execute the show spanning-tree command and define the Designated, Root, and Blocked port states.

L2-SW-2#show spanning-tree

VLAN0001
  ST enabled protocol ieee
  Root ID    Priority    24577
             Address     003f.181f.4800
             Cost        4
             Port        1 (GigabitEthernet0/0)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    28673  (priority 28672 sys-id-ext 1)
             Address     003f.18b2.5800
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Root FWD 4         128.1    Shr 
Gi0/1               Desg FWD 4         128.2    Shr 
Gi0/2               Desg FWD 4         128.3    Shr 
Gi0/3               Desg FWD 4         128.4    Shr 
Gi1/0               Desg FWD 4         128.5    Shr 
Gi1/1               Desg FWD 4         128.6    Shr 

          
L2-SW-2#

 
Show Spanning-Tree

   Step 2

Cisco Switch L2-SW-3 show spanning-tree command output;

L2-SW-3#show spanning-tree 

VLAN0001
  ST enabled protocol ieee
  Root ID    Priority    24577
             Address     003f.181f.4800
             Cost        4
             Port        1 (GigabitEthernet0/0)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     003f.18f9.da00
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Root FWD 4         128.1    Shr 
Gi0/1               Altn BLK 4         128.2    Shr 
Gi0/2               Desg FWD 4         128.3    Shr 
Gi0/3               Desg FWD 4         128.4    Shr 


L2-SW-3#

 
Show Spanning-Tree

   Step 3

Cisco Switch L2-SW-4 show spanning-tree command output;

L2-SW-4#show spanning-tree 

VLAN0001
  ST enabled protocol ieee
  Root ID    Priority    24577
             Address     003f.181f.4800
             Cost        4
             Port        1 (GigabitEthernet0/0)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     003f.18f0.f400
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Root FWD 4         128.1    Shr 
Gi0/1               Altn BLK 4         128.2    Shr 
Gi0/2               Desg FWD 4         128.3    Shr 
Gi0/3               Desg FWD 4         128.4    Shr 


L2-SW-4#

 
Show Spanning-Tree

   Step 4

Cisco Switch L2-SW-5 show spanning-tree command output;

L2-SW-5#show spanning-tree 

VLAN0001
  ST enabled protocol ieee
  Root ID    Priority    24577
             Address     003f.181f.4800
             Cost        4
             Port        2 (GigabitEthernet0/1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     003f.183a.3300
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Altn BLK 4         128.1    Shr 
Gi0/1               Root FWD 4         128.2    Shr 
Gi0/2               Desg FWD 4         128.3    Shr 
Gi0/3               Desg FWD 4         128.4    Shr 


L2-SW-5#

 
Checking L2-SW Interfaces

   Step 5

Cisco Switch L2-SW-6 show spanning-tree command output;

L2-SW-6#show spanning-tree 

VLAN0001
  ST enabled protocol ieee
  Root ID    Priority    24577
             Address     003f.181f.4800
             Cost        4
             Port        2 (GigabitEthernet0/1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     003f.18a0.2400
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Altn BLK 4         128.1    Shr 
Gi0/1               Root FWD 4         128.2    Shr 
Gi0/2               Desg FWD 4         128.3    Shr 
Gi0/3               Desg FWD 4         128.4    Shr 


L2-SW-6#

 
L2-SW Interface States

   Step 6

Cisco Switch L2-SW-7 show spanning-tree command output;

L2-SW-7#show spanning-tree 

VLAN0001
  ST enabled protocol ieee
  Root ID    Priority    24577
             Address     003f.181f.4800
             Cost        4
             Port        1 (GigabitEthernet0/0)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     003f.1870.d400
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  15  sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Root FWD 4         128.1    Shr 
Gi0/1               Altn BLK 4         128.2    Shr 
Gi0/2               Desg FWD 4         128.3    Shr 
Gi0/3               Desg FWD 4         128.4    Shr 


L2-SW-7#

 
L2-SW-7 Interfaces

How to Configure PortFast

To configure STP PortFast on Cisco Switches, use the following commands on the Switch interfaces to which VPCS PCs are connected, and check the PortFast configuration with the “show running-config | begin interface GigabitEthernet0/3” command.

The purpose of PortFast configuration in Layer 2 Switches is to ensure that interfaces configure as PortFast from STP Convergence processing is not processed during BPDU packet exchange.

   Step 1

Cisco Switch L2-SW-3 Spanning Tree PortFast configuration process;

L2-SW-3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-3(config)#interface gigabitethernet0/3
L2-SW-3(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

%Portfast has been configured on GigabitEthernet0/3 but will only
 have effect when the interface is in a non-trunking mode.
L2-SW-3(config-if)#exit
L2-SW-3(config)#exit
L2-SW-3#
*Sep 27 17:40:32.880: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-3#show run | begin interface GigabitEthernet0/3
interface GigabitEthernet0/3
 media-type rj45
 negotiation auto
 spanning-tree portfast
!

 
spanning-tree portfast

   Step 2

Cisco Switch L2-SW-4 PortFast configuration process;

L2-SW-4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-4(config)#interface gigabitethernet0/3
L2-SW-4(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

%Portfast has been configured on GigabitEthernet0/3 but will only
 have effect when the interface is in a non-trunking mode.
L2-SW-4(config-if)#exit
L2-SW-4(config)#exit
L2-SW-4#
*Sep 27 17:41:23.448: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-4#show run | begin interface GigabitEthernet0/3
interface GigabitEthernet0/3
 media-type rj45
 negotiation auto
 spanning-tree portfast
!

 
PortFast Command

   Step 3

Cisco Switch L2-SW-5 PortFast operation;

L2-SW-5#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-5(config)#interface gigabitethernet0/3
L2-SW-5(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

%Portfast has been configured on GigabitEthernet0/3 but will only
 have effect when the interface is in a non-trunking mode.
L2-SW-5(config-if)#exit
L2-SW-5(config)#exit
L2-SW-5#
*Sep 27 17:44:49.861: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-5#show run | begin interface GigabitEthernet0/3
interface GigabitEthernet0/3
 media-type rj45
 negotiation auto
 spanning-tree portfast
!

 
Port-Fast Config

   Step 4

Cisco Switch L2-SW-6 PortFast operation;

L2-SW-6#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-6(config)#interface gigabitethernet0/3
L2-SW-6(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

%Portfast has been configured on GigabitEthernet0/3 but will only
 have effect when the interface is in a non-trunking mode.
L2-SW-6(config-if)#exit
L2-SW-6(config)#exit
L2-SW-6#
*Sep 27 17:45:26.583: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-6#show run | begin interface GigabitEthernet0/3
interface GigabitEthernet0/3
 media-type rj45
 negotiation auto
 spanning-tree portfast
!

 
show run | begin interface GigabitEthernet0/3

   Step 5

L2-SW-7 PortFast operation;

L2-SW-7#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-7(config)#interface gigabitethernet0/2 
L2-SW-7(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

%Portfast has been configured on GigabitEthernet0/2 but will only
 have effect when the interface is in a non-trunking mode.
L2-SW-7(config-if)#exit
L2-SW-7(config)#exit
L2-SW-7#
*Sep 27 17:55:22.994: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-7#show run | begin interface GigabitEthernet0/2
interface GigabitEthernet0/2
 media-type rj45
 negotiation auto
 spanning-tree portfast
!

 
L2-SW-7 PortFast Setting

How to Configure UplinkFast

The purpose of UplinkFast configuration on Layer 2 Switches is to enable the switching of Blocking Port state interfaces to Forwarding Mode immediately in case of a link failure.

In the config mode of Switches with Blocking Port status in the network topology, perform the following commands in sequence, and use the command “show running-config | begin spanning-tree” to check the UplinkFast configuration.

   Step 1

Switch L2-SW-3 UplinkFast operation;

L2-SW-3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-3(config)# 
L2-SW-3(config)#spanning-tree uplinkfast
L2-SW-3(config)#exit
L2-SW-3#
*Sep 27 17:58:58.051: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-3#
L2-SW-3#show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
!

 
UplinkFast Configuration

   Step 2

Switch L2-SW-4 UplinkFast operation;

L2-SW-4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-4(config)#spanning-tree uplinkfast
L2-SW-4(config)#exit
L2-SW-4#
*Sep 27 17:59:54.981: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-4#
L2-SW-4#show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
!

 
spanning-tree uplinkfast

   Step 3

Switch L2-SW-5 UplinkFast operation;

L2-SW-5#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-5(config)#spanning-tree uplinkfast
L2-SW-5(config)#exit
L2-SW-5#
*Sep 27 18:00:48.637: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-5#
L2-SW-5#show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
!

 
L2-SW-5 UplinkFast

   Step 4

Switch L2-SW-6 UplinkFast operation;

L2-SW-6#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-6(config)#spanning-tree uplinkfast
L2-SW-6(config)#exit
L2-SW-6#
*Sep 27 18:01:21.928: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-6#
L2-SW-6#show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
!

 
L2-SW-6 UplinkFast

   Step 5

L2-SW-7 UplinkFast operation;

L2-SW-7#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-7(config)#spanning-tree uplinkfast
L2-SW-7(config)#exit
L2-SW-7#
*Sep 27 18:04:16.250: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-7#
L2-SW-7#show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
!

 
L2-SW-7 UplinkFast

How to Configure BackboneFast

We need to enable the BackboneFast feature on all Layer 2 Switches on the network topology. The BackboneFast feature saves us 20 seconds by skipping the Max-Age Timer feature. As a result, STP Convergence takes 30 seconds.

Follow the steps below to configure BackboneFast on Switches in the network topology. Then activate the BackboneFast feature by using the spanning-tree backbonefast command at the CLI command prompt of the switches.

Finally, to verify the BackboneFast configuration, show running-config | begin spanning-tree command.

   Step 1

L2-SW-1 BackboneFast process;

L2-SW-1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-1(config)#spanning-tree backbonefast
L2-SW-1(config)#exit
L2-SW-1#
*Sep 27 18:03:17.737: %SYS-5-CONFIG_I: Configured from console by consoles    
% Type "show ?" for a list of subcommands
L2-SW-1#
L2-SW-1#show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree backbonefast
spanning-tree vlan 1 priority 24576
!

 
BackboneFast Configuration

   Step 2

L2-SW-2 BackboneFast process;

L2-SW-2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-2(config)#spanning-tree backbonefast
L2-SW-2(config)#exit
L2-SW-2#
*Sep 27 18:03:52.824: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-2#
L2-SW-2#show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree backbonefast
spanning-tree vlan 1 priority 28672
!

 
spanning-tree backbonefast

   Step 3

L2-SW-3 BackboneFast process;

L2-SW-3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-3(config)#spanning-tree backbonefast
L2-SW-3(config)#exit
L2-SW-3#
*Sep 27 18:04:44.459: %SYS-5-CONFIG_I: Configured from console by console
L2-SW-3#
L2-SW-3#show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
L2-SW-3 BackboneFast

   Step 4

L2-SW-4 BackboneFast process;

L2-SW-4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-4(config)#spanning-tree backbonefast
L2-SW-4(config)#
L2-SW-4(config)#do show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
L2-SW-4 BackboneFast

   Step 5

L2-SW-5 BackboneFast process;

L2-SW-5#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-5(config)#spanning-tree backbonefast
L2-SW-5(config)#
L2-SW-5(config)#do show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
L2-SW-5 BackboneFast

   Step 6

L2-SW-6 BackboneFast process;

L2-SW-6#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-6(config)#spanning-tree backbonefast
L2-SW-6(config)#
L2-SW-6(config)#do show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
L2-SW-6 BackboneFast

   Step 7

L2-SW-7 BackboneFast process;

L2-SW-7#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-7(config)#spanning-tree backbonefast
L2-SW-7(config)#
L2-SW-7(config)#do show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
L2-SW-7 BackboneFast

How to Configure BPDU Guard

We will configure BPDU Guard on Switches configured as PortFast on the network topology.

For the STP BPDU Guard configuration, execute the command “spanning-tree portfast bpduguard” in the Switches config mode, and then execute the “show running-config | begin spanning-tree” command to verify the BPDU Guard.

The purpose of using the BPDU Guard; if the BPDU received through the PortFast-enabled interface, it is to close that port immediately. Therefore, we need to activate the closed port manually. If we want to automate this situation, we execute the following commands;

1) errdisable recovery cause bpduguard
2) errdisable recovery interval 400

   Step 1

L2-SW-3 Switch BPDU Guard operation;

L2-SW-3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-3(config)#spanning-tree portfast bpduguard
L2-SW-3(config)#errdisable recovery cause bpduguard
L2-SW-3(config)#errdisable recovery interval 400   
L2-SW-3(config)#
L2-SW-3(config)#do show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
BPDU Guard Configuration

   Step 2

L2-SW-4 BPDU Guard operation;

L2-SW-4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-4(config)#spanning-tree portfast bpduguard
L2-SW-4(config)#errdisable recovery cause bpduguard
L2-SW-4(config)#errdisable recovery interval 400
L2-SW-4(config)#
L2-SW-4(config)#do show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
L2-SW-4 BPDU Guard

   Step 3

L2-SW-5 BPDU Guard operation;

L2-SW-5#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-5(config)#spanning-tree portfast bpduguard
L2-SW-5(config)#errdisable recovery cause bpduguard
L2-SW-5(config)#errdisable recovery interval 400
L2-SW-5(config)#
L2-SW-5(config)#do show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
L2-SW-5 BPDU Guard

   Step 4

L2-SW-6 BPDU Guard operation;

L2-SW-6#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-6(config)#spanning-tree portfast bpduguard
L2-SW-6(config)#errdisable recovery cause bpduguard
L2-SW-6(config)#errdisable recovery interval 400
L2-SW-6(config)#
L2-SW-6(config)#do show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
L2-SW-6 BPDU Guard

   Step 5

L2-SW-7 BPDU Guard operation;

L2-SW-7#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L2-SW-7(config)#spanning-tree portfast bpduguard
L2-SW-7(config)#errdisable recovery cause bpduguard
L2-SW-7(config)#errdisable recovery interval 400
L2-SW-7(config)#
L2-SW-7(config)#do show run | begin spanning-tree
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!

 
L2-SW-7 BPDU Guard

How to Verify Spanning Tree Protocol in GNS3

After enabling STP features on Layer 2 Switches using the GNS3 program, perform the following steps to verify the operability of the structure.

The standard STP Convergence time is faster with PortFast, UplinkFast, and BackboneFast, which will be 30 seconds in total.

Rapid Spanning-Tree Protocol combines these three features, and the STP Convergence time is almost 1 second.

   Step 1

Start the continuous Ping operation from VPCS PC1 to VPCS PC5.

Verify Spanning Tree

   Step 2

Sürekli Ping işlemini başlattıktan hemen sonra, L2-SW-3 ve L2-SW-1 arasındaki ağ kablosunu çıkarınız.

Immediately after starting continuous pinging, disconnect the network cable between L2-SW-3 and L2-SW-1.

Continuous Pinging

   Step 3

As you can see in the image below, there was a delay of about 30 seconds. To see the debug outputs on the Switch L2-SW-3, execute the debug spanning-tree events command.

debug spanning-tree events

   Step 4

Once the cable between L2-SW-1 and L2-SW-3 is disconnected, the debug logs of L2-SW-3 will occur as follows.

L2-SW-3#
*Sep 27 18:22:50.024: STP: VLAN0001 new root port Gi0/1, cost 3008
*Sep 27 18:22:50.024: STP: VLAN0001 Gi0/0 -> blocking (uplinkfast)
*Sep 27 18:22:50.024: STP[1]: Generating TC trap for port GigabitEthernet0/0
*Sep 27 18:22:50.024: %SPANTREE_FAST-7-PORT_FWD_UPLINK: VLAN0001 GigabitEthernet0/1 moved to Forwarding (UplinkFast).
*Sep 27 18:22:50.024: STP[1]: Generating TC trap for port GigabitEthernet0/1
*Sep 27 18:22:50.024: STP: VLAN0001 sent Topology Change Notice on Gi0/1
*Sep 27 18:22:50.024: STP: VLAN0001 Gi0/0 -> listening
*Sep 27 18:23:05.024: STP: VLAN0001 Gi0/0 -> learning
*Sep 27 18:23:20.024: STP[1]: Generating TC trap for port GigabitEthernet0/0
*Sep 27 18:23:20.024: STP: VLAN0001 sent Topology Change Notice on Gi0/1
*Sep 27 18:23:20.024: STP: VLAN0001 Gi0/0 -> forwarding
L2-SW-3#

 
debug spanning-tree events

VPCS PC Configuration and Show IP Commands


PC1> ip 192.168.1.1/24
Checking for duplicate address...
PC1 : 192.168.1.1 255.255.255.0

PC1> show ip

NAME : PC1[1]
IP/MASK : 192.168.1.1/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:01
LPORT : 10092
RHOST:PORT : 127.0.0.1:10093
MTU: : 1500

PC1>

 


PC2> ip 192.168.1.2/24
Checking for duplicate address...
PC1 : 192.168.1.2 255.255.255.0

PC2> show ip

NAME : PC2[1]
IP/MASK : 192.168.1.2/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:00
LPORT : 10088
RHOST:PORT : 127.0.0.1:10089
MTU: : 1500

PC2>

 


PC3> ip 192.168.1.3/24
Checking for duplicate address...
PC1 : 192.168.1.3 255.255.255.0

PC3> show ip

NAME : PC3[1]
IP/MASK : 192.168.1.3/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:02
LPORT : 10090
RHOST:PORT : 127.0.0.1:10091
MTU: : 1500

PC3>

 


PC4> ip 192.168.1.4/24
Checking for duplicate address...
PC1 : 192.168.1.4 255.255.255.0

PC4> show ip

NAME : PC4[1]
IP/MASK : 192.168.1.4/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:03
LPORT : 10094
RHOST:PORT : 127.0.0.1:10095
MTU: : 1500

PC4>

 


PC5> ip 192.168.1.5/24
Checking for duplicate address...
PC1 : 192.168.1.5 255.255.255.0

PC5> show ip

NAME : PC5[1]
IP/MASK : 192.168.1.5/24
GATEWAY : 0.0.0.0
DNS :
MAC : 00:50:79:66:68:04
LPORT : 10096
RHOST:PORT : 127.0.0.1:10097
MTU: : 1500

PC5>

 
Show Running Command Outputs


L2-SW-1#show running-config
Building configuration...

Current configuration : 4970 bytes
!
! Last configuration change at 18:07:43 UTC Wed Sep 27 2017
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname L2-SW-1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
ip cef
no ipv6 cef
!
!
!
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree backbonefast
spanning-tree vlan 1 priority 24576
!
vlan internal allocation policy ascending
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
interface GigabitEthernet1/0
media-type rj45
negotiation auto
!
interface GigabitEthernet1/1
media-type rj45
negotiation auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
line con 0
line aux 0
line vty 0 4
!
!
end

L2-SW-1#

 


L2-SW-2#show running-config
Building configuration...

Current configuration : 4929 bytes
!
! Last configuration change at 18:03:52 UTC Wed Sep 27 2017
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname L2-SW-2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
ip cef
no ipv6 cef
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree backbonefast
spanning-tree vlan 1 priority 28672
!
vlan internal allocation policy ascending
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
interface GigabitEthernet1/0
media-type rj45
negotiation auto
!
interface GigabitEthernet1/1
media-type rj45
negotiation auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
line con 0
line aux 0
line vty 0 4
!
!
end

L2-SW-2#

 


L2-SW-3#show running-config
Building configuration...

Current configuration : 4920 bytes
!
! Last configuration change at 18:20:38 UTC Wed Sep 27 2017
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname L2-SW-3
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
ip cef
no ipv6 cef
!
!
errdisable recovery cause bpduguard
errdisable recovery interval 400
!
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!
vlan internal allocation policy ascending
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
spanning-tree portfast
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
line con 0
line aux 0
line vty 0 4
!
!
end

L2-SW-3#

 


L2-SW-4#show running-config
Building configuration...

Current configuration : 4920 bytes
!
! Last configuration change at 18:21:37 UTC Wed Sep 27 2017
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname L2-SW-4
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
ip cef
no ipv6 cef
!
!
errdisable recovery cause bpduguard
errdisable recovery interval 400
!
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!
vlan internal allocation policy ascending
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
spanning-tree portfast
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
line con 0
line aux 0
line vty 0 4
!
!
end

L2-SW-4#

 


L2-SW-5#show running-config
Building configuration...

Current configuration : 4920 bytes
!
! Last configuration change at 18:24:45 UTC Wed Sep 27 2017
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname L2-SW-5
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
ip cef
no ipv6 cef
!
!
errdisable recovery cause bpduguard
errdisable recovery interval 400
!
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!
vlan internal allocation policy ascending
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
spanning-tree portfast
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
line con 0
line aux 0
line vty 0 4
!
!
end

L2-SW-5#

 


L2-SW-6#show running-config
Building configuration...

Current configuration : 4920 bytes
!
! Last configuration change at 18:25:59 UTC Wed Sep 27 2017
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname L2-SW-6
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
no ipv6 cef
!
!
errdisable recovery cause bpduguard
errdisable recovery interval 400
!
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!
vlan internal allocation policy ascending
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
spanning-tree portfast
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
line con 0
line aux 0
line vty 0 4
!
!
end

L2-SW-6#

 


L2-SW-7#show running-config
Building configuration...

Current configuration : 4920 bytes
!
! Last configuration change at 18:29:00 UTC Wed Sep 27 2017
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname L2-SW-7
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
ip cef
no ipv6 cef
!
!
errdisable recovery cause bpduguard
errdisable recovery interval 400
!
spanning-tree mode pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!
vlan internal allocation policy ascending
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
media-type rj45
negotiation auto
spanning-tree portfast
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
line con 0
line aux 0
line vty 0 4
!
!
end

L2-SW-7#

 

Spanning Tree LAB Configuration ⇒ Video

You can watch the video below to configure STP on Switches using the GNS3 program and also subscribe to our YouTube channel to support us!

   Final Word


In this article, we have examined all the features of the Spanning Tree protocol. After enabling STP features for (802.1D), we have performed a network verification. Thanks for following us!

   Related Articles


How Switch Works?
How to Configure Loopback Adapter
How to Add L2 Switch
How to Configure Cisco Switch
How to Configure Port Security

Add a Comment

Your email address will not be published. Required fields are marked *

shares
error: