Home » Cisco CCNA Training » Fundamental Network Characteristics

Fundamental Network Characteristics

    Frame Relay – Part II


    In part one of this chapter, we looked at the concepts behind frame relay operation. We discussed the role of the PVC’s, DLCI mapping, inverse ARP among other topics. In part two of this chapter, we will discuss more advanced frame relay concepts and finally look at the commands used to troubleshoot frame relay.


    Advanced frame relay concepts

    Split horizon

    In NBMA networks, the topology used is mainly hub-and-spoke. This means that when we use routing protocols, we can have issues with reachability due to split horizon.

    If you can recall, Split horizon prevents a router from advertising routes out the interface it learnt them from.

    In the example shown below, R2 advertises the route, to R1. When R1 – the hub of the network receives this route, it has to advertise it to R3 so that the network can be converged, however, it cannot do this since there is only 1 interface and split horizon prevents it from advertising the route to R3 out the same interface.


    Recall we said that subinterfaces are virtual interfaces that are configured on a physical interfaces.

    To avoid split horizon in frame relay, we can divide the physical interface using subinterfaces that connect to different subnets. With this, we can have two types of implementation; point-to-point, where 2 points use one network address, or point-to-multipoint, where more than 2 points use 1 subnet.

    This would resolve the split horizon issue since the packets received on a physical interfaces are considered to be in a different interface which is the subinterface. This means that the same physical interface can then forward the packets out through another subinterfaces.

    Frame Relay subinterfaces can be either point-to-point or multipoint mode:

    Configuring subinterfaces

    Step 1. to configure the subinterfaces, we first need to remove any layer three addresses that may have been configured physical interface. This is because the physical interface will be used by the subinterface and if it has a layer three address, the frames will not be received. To accomplish this, we can use the “no ip address” command in the interface configuration mode for the interface that is connected to the frame relay cloud.

    Step 2. The configuration that is needed on the physical interface is the encapsulation command for frame relay as well as the activation of the interface using the “no shutdown” command. Step one and two are implemented as shown below.

    Step 3. The third step is the most vital. We need to create subinterfaces for each of the Virtual Circuits in the frame relay cloud. The creation of the subinterface is done using the command shown below.

    When configuring the subinterface, do not forget the period (.) between the interface ID and the subinterface ID. Which is our example above is shown in red.

    NOTE: as good practice, when configuring subinterfaces, you are adviced to use a subinterface number that is the same as the DLCI number for that network. This makes it easier to troubleshoot when there is a problem.

    When this command is executed, the prompt will take us into the subinterface configuration mode which is denoted by the prompt shown below.

    Step 4. The fourth task is to configure the layer three address that will be used for the particular network.

    Step 5. The fifth and final task is to map the DLCIs to the specific subinterface. This is shown below.

    with this configuration, we will be able to use routing without the problems associated with split horizon.

    NOTE: the concepts in frame relay subinterfaces will be explored in more detail in more advanced courses such as CCNP, however, it is important to know these concepts since they are usually examined in the CCNA exams.

    Other frame relay concepts

    The final concepts that we will look at in this chapter are the payment options in frame relay networks. These concepts are vital in the real world where you may be required to review the service levels of the WAN.

    Port speed – this is the speed at which the customer views the connection to the frame relay cloud. In most cases, this is the actual wire speed.

    CIR (Committed Information Rate) – this is the actual speed of data transfer that the customer pays the WAN provider for over the frame relay link.

    Bursting – in frame relay, if the network is not overloaded, the excess bandwidth is usually shared among the clients in the frame relay cloud without additional cost. This means that data can flow at speeds above the CIR.

    Frame relay congestion – in frame relay, the routers can be notified of congestion. These mechanisms are meant to minimize the impact of a congested link. The two notifications that are sent are the:

    • FECN – Forward Explicit Congestion Notification
    • BECN – Backward Explicit Congestion Notification

    When there is congestion in the network, the frame relay provider uses the following rules to frames that are sent to the frame relay cloud.

    To view these statistics on the router, the command needed is:

    Troubleshooting frame relay

    There are several commands that can be used to troubleshoot frame relay. Most of these we have discussed when configuring frame relay. The commands listed below are key in troubleshooting and verifying frame relay operation.

    Show interface serial <interface_ID>

    This command shows the operational status of the interface, the bandwith, the LMI type as well as the encapsulation that is in use, the output of this command on R1 is shown below.

    Show frame-relay map

    This command shows the various frame relay maps whether dynamic or static, it can also be used to check the inverse arp processes on a router. The output of this command is shown in the example below.

    If there are no mappings for frame relay, it is advisable to check the configuration made using the command “show running-config

    Show frame-relay pvc

    As mentioned earlier, this command shows the status and statistics of the various PVCs on the router.

    This command is also useful for viewing the number of BECN and FECN packets received by the router. The PVC status can be active, inactive, or deleted.

    The “show frame-relay pvc” command displays the status of all the PVCs configured on the router. The output of this command is shown below.

    Show frame-relay lmi

    The “show frame-relay lmi” command helps isolate the problem to a Frame Relay communications issue between the carrier’s switch and your router. Look for any non-zero “Invalid” items. The output of this command is shown below.

    Debug frame-relay lmi

    To find out if the router which is the DTE device and the frame relay switch which is the DCE are communicating properly through LMI packets, we can use the command “debug frame-relay lmi“. This is the last command that we will discuss in this chapter. The output of this command is shown below.

    The meaning of the keywords in this output is shown below:

    1. “out” at the end of the interface denotes LMI status messages sent out of the s0/0/0 interface of this router.
    2. Messages that are received from the frame relay cloud are denoted by “in” at the end of the interface ID
    3. “type 0” denotes a full LMI status message
    4. “type 1” denotes an LMI exchange.
    5. “dlci 102, status 0x2” means that DLCI 102 is in active state.

    The connection states made by a router as a result of inverse ARP requests are three. These are shown below.

    • ACTIVE – full connectivity on the PVC, both the remote and local router are connected.
    • INACTIVE – the connection to the frame relay switch is active, but the remote router is not connected to the frame relay cloud.
    • DELETED – denotes that the router is configured with an invalid DLCI

    The possible values of the status field are as follows:

    • 0x0 – the DLCI has been configured but the PVC is unusable
    • 0x2 – full connectivity
    • 0x4 – the frame relay switch has not been configured with the specific DLCI; it has either been removed by the WAN provider or deleted on the DTE device

    NOTE: the debug frame-relay lmi command can be very useful in troubleshooting a frame relay connection, however, debugging commands are usually resource intensive and thus they can affect the router’s performance. It is important to understand these verification and troubleshooting commands since they form a large part of question on WANs in the CCNA exams.

    Read more

    PPP (Point-to-Point Protocol)


    In the previous chapter, we discussed serial connections in the WAN, we also discussed the default data link encapsulation on CISCO switches which is HDLC. In this chapter, we will look at PPP, we will discuss some of its concepts, learn how to configure PPP as well as its authentication options and finally we will look at verification and troubleshooting of PPP.


    PPP explained

    PPP is a WAN protocol that works at layer 2 by encapsulating frames for transmission over a variety of physical links such as serial cables, cell phones, fiber optic cable among others. it offers many more features as compared to HDLC and it is an open standard. Some of the features that it offers which are not available in HDLC include:

    • Link quality management which is a way to monitor the quality of a link in PPP. When PPP detects too many errors on a link, the link is shut down.
    • Authentication using PAP and/or CHAP

    PPP operation is made using three parameters:

    • Encapsulation of frames using HDLC protocol
    • LCP (Link Control Protocol) for establishment, configuration and testing of the link
    • NCP (Network Control Protocols) to negotiate the different layer 3 protocols.

    Link Control Protocol (LCP)

    This is the main protocol that PPP uses for its operation. LCP works on top of layer 1 and it works by establishing, testing and configuring the physical connection. It also negotiates other WAN options that are handled by the NCPs. LCP configures the link in the ways listed below:

    • Determining transmission of different packet sizes
    • Detection of misconfiguration errors
    • Termination of the link
    • Determination of link failure

    LCP is also used to negotiate encapsulation parameters and other PPP configuration options such as authentication, error detection and compression when the link has been established.

    Network Control Protocol Layer

    NCPs are protocols that allow PPP to use different layer 3 protocols such as IP, IPX and Apple Talk.

    Establishing a PPP Session

    When establishing a PPP session, LCP negotiates the PPP configuration options at either point of the link. This is completed when acknowledgment frames are sent.

    The second step is usually optional and it is where LCP tests the link to ascertain whether it has the needed quality to support the various layer 3 protocols.

    Finally, NCP is used to configure the layer 3 protocols that are in use.

    Configuring PPP

    Now that we have learnt the workings of PPP, we can go ahead and configure it. The figure below shows the topology that we will be using in the configuration of PPP.

    In our lab, all the options for the PCs as well as the interfaces connecting to the routers from the PCs are configured. The routers have been correctly configured and our task is only to configure the PPP options on the serial links.

    The lab requires that we configure basic PPP and successful completion of the lab will be determined by the verification commands we learnt earlier.

    NOTE: the routers you will use should have serial interfaces.


    The main command used to enable PPP is: “encapsulation ppp” command. This command should be entered in the serial interface of the routers as shown below.

    The command shown above does not have any other options, however, to use PPP, you must have a layer 3 protocol.

    In our scenario, all we need to do is to enter this command on the serial interfaces of R1 and R2 as shown below.

    Link quality percentage

    As we mentioned earlier, the quality of a link is crucial to PPP. The link quality percentage configuration parameter is used to set the baseline quality percentage. When the link does not meet the specified quality, PPP does not activate the link.

    The link quality is usually maintained by a parameter called LQM (Link Quality Monitoring) which uses a time lag to make sure that the line does not fluctuate.

    To implement link quality percentage as a requirement for PPP establishment, we use the command: “ppp quality <PERCENTAGE>” in the interface configuration mode, this is shown below for our scenario.

    This will ensure that the link meets this threshold for PPP to work.

    Multilink PPP

    Multilink PPP is a way to use many physical WAN links with PPP. This in effect allows for load balancing.

    The command for configuring multilink PPP is: “ppp multilink” in the interface configuration mode as shown below for R1 and R2.

    NOTE: the quality and multilink commands are not frequently used, and they may not work on Packet tracer simulator.

    Verification of ppp

    To verify PPP configuration, the “show interface serial <interface_ID>”, “show interfaces” and “debug ppp” commands are mostly used. In this course however, we will mainly use the “show interfaces <interface_ID>” command, the output of this command is shown below.

    As you can see from the output of this command on R1, the interface is up and connected – shown in the yellow box, and the encapsulation is shown as PPP (HIGLIGHTED IN RED).

    NOTE: the interface status is one of the most important diagnostic features of serial interfaces as discussed in the previous chapter. The debug commands will give live updates for ppp on the router they are issued.

    PPP authentication

    In PPP, we can secure communication between two points using authentication. There are two ways in which we can configure PPP authentication as discussed below.

    PAP (Password Authentication Protocol)

    In this form of authentication, the username and password are usually sent in plain text. The central site initiates the authentication by sending a username and a password. The remote site can then reply by either accepting the authentication if the parameters are correct or rejecting it.

    CHAP (Challenge-Handshake Authentication Protocol)

    In this type of authentication, the remote router sends a challenge to a router that is trying to communicate. The router then responds with an encrypted username and password and if the parameters are correct, the remote router accepts the PPP connection.

    The figure below shows the two authentication processes on two routers.

    Configuring ppp authentication

    The command to enable authentication in PPP is “ppp authentication <pap/chap>“,You can enable both methods of authentication or either of the two.

    To configure PAP, the command we use in the interface configuration mode is:

    This is followed by specifying the username and password that will be used for authentication as shown below.

    On our routers, the commands needed to configure PAP are shown below.

    NOTE: The PAP username and password that each router sends must match those specified with the username name password password command of the other router. This is configured using the command “username <username_WORD> password <password>” in the global configuration mode as shown below for R1 and R2.

    REMEMBER: the username and password used in ppp authentication in the routers interface should be the username and the password for the other router as configured in the global configuration mode.

    You may enable PAP or CHAP or both. If both methods are enabled, the first method specified is requested during link negotiation. If the peer suggests using the second method or simply refuses the first method, the second method is tried. To enable both the command “ppp authentication” should be followed up with the authentication methods you would like to apply, in the order of preference.

    For example if we wanted to use CHAP first then PAP, we would need to enter the command shown below.

    To enable CHAP, the commands needed are slightly different.

    NOTE: The hostname on one router must match the username the other router has configured. The passwords must also match.

    Verification and troubleshooting ppp

    PPP configuration can be especially challenging. The ppp authentication options are especially tricky, therefore it is imperative that you follow these guidelines very carefully.

    To troubleshoot ppp, we can use the various show commands as well as debug commands. The commands for troubleshooting are listed below.

    • Show interface serial <INTERFACE_ID>
    • Show interface
    • Debug ppp

    NOTE: the debug ppp command has other keywords that may be used.Make sure you turn off debugging of ppp using “undebug ppp” or “undebug all”, since debugging is resource intensive and can affect performance of the router.

    The output of the “show interface serial” <interface_ID> for the serial interface on R1 Is shown below.

    With the output of this command, we have completed our topic on PPP. Be careful when it comes to PPP authentication since it is a very important element in understanding PPP.

    Read more

    Serial Connections and HDLC


    In the last chapter, we discussed some of the concepts that make the WAN work, we briefly described some of the protocols in the WAN. In this chapter, we will discuss serial links and the physical connections we use. We will then explore the default encapsulation on CISCO routers which is HDLC and finally discuss how to troubleshoot a serial connection.


    How serial communications work

    When communicating data, there are two types of transmissions that can be used; parallel and serial communication. In our computers, the distance between two points is short and therefore parallel communication is used. When the distance increases, we use serial communication whereby the electrical signals are converted to a form that can be transmitted over serial links.

    The figure below shows the difference between serial and parallel transmission of data.

    In serial communication, we can have only 1 bit transmitting at a time, while parallel communication the communication is much more efficient. However, timing in parallel communication means that all the bits must arrive at the destination at the same time. This is a major problem when communication is happening over long distances.

    In our example above, the parallel line can send 6 times as many bits as the serial connection therefore it is theoretically faster. The reason as to why this is the case is due to the fact that parallel communication need clocking to synchronize the arrival time of the bits. The stream must wait until all bits arrive for a full byte to be transmitted.

    Communication over serial connections requires fewer cables and wires as compared to that of parallel communications. These cables are also better insulated from noise and other forms of interference.

    With parallel cables, the bundling can cause crosstalk and noise.

    When using serial cables, the routers and other internetwork devices usually compensate for crosstalk before transmission of the bits. Therefore, the communication using serial cables is more efficient and can operate at higher frequencies.

    Serial connection standards

    In the previous chapter, we briefly discussed the various types of connectors used in the WAN. In the previously section we have seen that serial connections are less vulnerable to crosstalk, and since they require less wires, they are cheap to implement. This makes them ideal for WAN communications.

    The different standards used in serial communications use one of three standards when connecting LANs to the WAN. These are described below.

    1. RS-232 – this standard uses either 9 pin or 25 pin connectors. They are used in serial connections for a variety of purposes and not just limited to WAN connections. Some of the ways they are used include; connection of PCs to printers, modems and other devices.

      This is the port that we use to configure a router from the PC. The figure below shows the connector that is used.

    1. V.35 – this is the ITU standard for high speed serial communications. It combines the bandwidth of available on a couple of telephone circuits. This cable is used to connect the DTE devices to modems and similar digital line devices.

    1. High Speed Serial Interface (HSSI) – this standard supports speeds of up to 52Mbps, it can be used to connect LANs to WANs using high speed links such as the T3 lines.

    TDM (Time Division Multiplexing)

    Time division multiplexing is a technique employed in serial communications to split the bandwidth into slots so that simultaneous communication can happen between several devices. It was a technique first employed by Bell Laboratories to maximize the amount of voice traffic carried over a medium. Prior to the introduction of this technology, telephone calls required dedicated physical links from the source to the destination which was expensive to implement.

    In the figure below, we have demonstrated TDM using three conversations over a network, web browsing denoted by “H” voice traffic denoted by “V” and video conferencing denoted by “C”. Notice that the medium is not only carrying one type of traffic, rather it is splitting the communication streams. The recipient rarely sees this happening since the communication is reassembled at the destination.

    In serial transmissions, the use of TDM is used as a way to use the bandwidth more effectively. With this communication, the data is reassembled by the destination device.

    When the source sends data, the data is split according to the type of protocol as shown above. The data is then transmitted in slots over the physical medium. When the data reaches the destination, the destination device reassembles the data into the specific protocols.

    NOTE: in the above example, voice has been given first priority then video finally http data. This is typical in communication and it a principle under QOS (Quality Of Service) this will be discussed in more detail at the CCNP level and above.


    The communication through the WAN is through the DTE and the DCE device. A serial link is usually made up of two DCE devices at each end. The DCEs connect to DTEs in the remote LAN networks.

    The DTE is usually a router or similar device. This is usually the source of the information at a layer 2 perspective. The DTE usually sends the data to the DCE.

    The DCE which in the scenario shown below is a CSU/DSU device, converts the data received from the DTE device into a form that can be transmitted over the WAN provider using the serial link. When the signal is received by the DCE at the remote network, it is converted to a form that can be used by the DTE which delivers the data to the destination device.

    This is illustrated below.

    The DTE in networks is usually owned and maintained by the customer while the DCE devices are usually maintained by the WAN service provider.

    NOTE: a CSU/DSU converts digital signals into a form that can be understood by the DTE, in analog signals, a modem is used as a CSU/DSU. In our labs, we do not use the CSU/DSU rather we simulate them using the V. 35. Serial connection with one male side as the DTE and the female side as the DCE.

    WAN Encapsulation Protocols

    In the WAN environment, we need to specify the particular protocol that the DTE should use. This is so as to make sure that the frames that are sent over the WAN link are correct. The choice of WAN protocol can be determined by a couple of factors.

    Below, we have described the various WAN protocols that we will cover in this course.

    • HDLC – on point-to-point networks, this is the default WAN protocol that is used by CISCO devices. It also defines some of the communication parameters used in PPP.
    • PPP – is a protocols that connects many routers to the WAN, PPP is works at layer 2 and is independent of the Layer 3 protocol in use. This means that it can use IP, IPX and appletalk.
    • Frame relay – is an industry standard switched data link protocol. It uses virtual circuits and it evolved from the X.25 protocol. It is more efficient and does not include options such as flow control and error control.


    This protocol is defined by ISO and it is therefore an open standard. HDLC uses synchronous serial transmission for error free communication between two devices.

    HDLC is the default serial links layer 2 protocol and it is enabled by default. However, to configure HDLC on a router’s serial interface, the command: “encapsulation hdlc” is all that is needed.

    To verify the encapsulation type on a CISCO router, the command needed is:

    The output should show you the encapsulation type as shown in the output below highlighted in red.

    Troubleshooting serial interfaces

    Troubleshooting a serial interface is a very important aspect in understanding WAN communication, in the output above – highlighted in yellow, the status of the physical layer and data link layer are shown. In the table below, the various messages for the physical layer status and data link layer status are shown and they describe what to look for in every message.

    NOTE: these steps are very vital in passing the CCNA exams and are often asked, therefore it is imperative that you understand each message and the problems associated with it.

    Read more

    Introduction to WANs


    In the previous chapters, we have been primarily focused on LAN technologies, however, as an enterprise grows, so does its networking needs. Consider company ABC, they formed in 2010 in New York, however, over the last couple of years they have grown rapidly and they now have three branches, one in Los Angeles, Miami and they recently diversified into London.


    LANs would not be viable for communication over the four geographical information, and therefore there is need for WANs to be incorporated. In the next few chapters, we will look at the various WAN technologies that enterprises can use.

    In this chapter, we will look at some of the concepts and technologies that are used in the WAN.

    Definition of a WAN

    A WAN network can be defined as a network that extends and operates over a larger geographical area as compared to a LAN.

    Unlike LAN networks, which connect users and intermediary devices within a small area such as a building complex, WAN networks are large and they span over large geographical distances. The administration of the WAN is usually by the service provider and therefore for an enterprise to use the WAN, they have to pay.

    The characteristics that mainly differentiate the WANs from the LANs are:

    • Geographical scope. WANs can extend over very large geographical distances
    • The WAN networks are mainly administered by the service providers such as cable companies, internet service providers among others.
    • In the LANs, we primarily use parallel connections between the various devices, whereas in the WAN we mainly use the serial cables since they can span over large distances.

    WANs and the OSI Model

    The operation of the WAN is usually at the physical and the data link layers of the OSI model. The standards that are used usually describe how the signals are transmitted, and how the frames are addressed, encapsulated and given flow control.

    At the physical layer, the WAN describes how electrical signals are transmitted, the types of cables, the speeds and the connections from the ISPs perspective.

    At the data link layer, the encapsulation method, flow control, addressing of the frames are described.

    WAN physical layer concepts

    There are several concepts that describe the operation of WANs at the physical layer. The diagram below shows some of the terms that are used in relation to WAN technologies.

    • CPE (Customer Premises Equipment – these are the devices that are used by the subscriber to connect to the service provider.
    • DCE (Data Communications Equipment) – this is the device that is used to terminate data to the local loop. This means that it gets data from the DTE devices such as the router and converts it into a form that can be transmitted over the physical medium of the ISP.
    • DTE (Data Terminal Equipment) – this are the devices that get the data from the DCE and transmit them to the inside network, typically, a router is usually the DTE device.
    • Demarcation point – this is the point in the network where the service provider and the customer have agreed upon as to where responsibility for the WAN connection changes. It can be described as a border between the ISP and the CUSTOMER.
    • Local loop – the cables that connect the CPE to the service provider is called the local loop. Typically, this can be a cable that connects the company from the main cabling closet to the main trunk cable.
    • Central Office – this is a building that is used by an ISP to provide services to a particular area.

    Physical layer protocols

    The physical layer standard used in the WAN are shown below. They describe how the DTE and DCE interact, the electrical standards, the cabling types as well as the connectors to be used.

    • EIA/TIA- 232 is a protocol that specifies speeds of up to 64Kbps using a 25 pin connector for short distances.
    • EIA/TIA- 449/530 is a standard protocol that uses a 36 pin connector and offers speeds of up to 2Mbps, it can also span over larger distances than the EIA/TIA standard.
    • EIA/TIA -612/613 is a standard that provides speeds of up to 52Mbps using a 60 pin connector. It is also reffered to as (HSSI) High Speed Serial Interface Protocol.
    • V.35 is an ITU standard used between a DCE and DTE device, it offers speeds of up to 2Mbps using a 34 pin connector.
    • X.21 protocol is defined by the ITU and it uses a 15 pin connector.

    WAN connection options

    Circuit Switching

    In this type of connection, there is usually a dedicated circuit between the source and destination network, through the ISP. An example of this is when a person makes a telephone call. The dialed number is used to set switches in the exchanges along the route of the call so that there is a continuous circuit from the caller to the called party.

    ISDN (Integrated Services Digital Network) and PSTN (Public Switched Telephone Network) are good examples of Circuit switched WAN technologies.

    Packet switching

    In this type of connection, the data is split and transmitted over the common network, the packets are then reassembled at the destination network. With this type of connection, many user nodes can use the same network.

    With this connection option, we have two ways to determine the type of link in use.

    • Connectionless systems – each packet contains full address information
    • Connection oriented – these systems first determine the route to the destination before sending the packets.

    Data Link Protocols

    There are various Data link layer protocols that are used in the WAN. These define how the data is communicated from the source network to the destination. There are various protocols that can be used. In this course however, we will discuss the protocols listed below.

    • HDLC
    • Frame relay
    • PPP

    WAN technologies in use

    There are several technologies that are employed in the WAN, in this course, however, you are not expected to configure them. Most of these technologies are covered in more advanced courses such as CCNP.

    • DSL
    • 3g/4g
    • T1/E1
    • VSAT
    • ISDN
    • metro Ethernet
    • cable

    In as much as these technologies have not been discussed in this course, it would be wise to research them and know what they entail.

    Read more

    STP Part III


    In part 1 and 2 of this chapter, we focused on 802.1D STP, in this chapter, we continue with STP but we will focus on the different variations of STP mainly; PVSTP and RSTP. We will begin with the concepts that make these protocols different from 802.1D STP, then we will configure PVSTP and finally look at troubleshooting and verification of STP.



    The development of PVSTP was a major improvement of the conventional 802.1D STP, PVST is a CISCO proprietary variant of STP that allows STP to be run per VLAN in the network. With this implementation of STP, we can have different root bridges, and port roles on the switches in the network depending on the VLAN. This also allows for load sharing.

    In PVST+, you can configure different switches to be the root bridge as shown in the diagram below. Switch AS1 is the root bridge for VLAN 10 and 100 and 99. Switch AS2 is the root bridge for VLAN 20 and switch AS3 is the root bridge for VLAN 30.

    In this topology, each switch is a root bridge for its local VLANs, this means, AS1 is the root bridge for the VLANs connected to it, and so is AS2 and AS3.

    VLAN 99 is a special VLAN and it is the management VLAN, it is on each switch. For this VLAN, we have configured AS1 as the root bridge.

    To configure PVSTP, the steps that are taken are shown below.

    Step 1. For each of the VLANs, choose the switches that will be the root bridge and the secondary root bridge respectively. Ideally, these should be the switches that have been configured with the VLANs you want to assign them to.

    Step 2. For each of the VLANs, configure the switch that was chosen as the root bridge.

    Step 3. The secondary root bridge for each of the VLANs should then be configured.

    The modified topology below, will be our lab for PVSTP.


    In this scenario, AS1 will be the primary root bridge for VLAN 10, and VLAN 99, it will be the root secondary for VLAN 100.

    • AS2 will be the root bridge for VLAN 20 and 100 and the secondary for VLAN 99.
    • AS3 will be the primary root bridge for VLAN 30 and the secondary for VLAN 10.

    To configure the topology above, we use the following commands.

    in our scenario, we will use the root primary and root secondary command.

    NOTE: when using the priority command, the lower the priority the better and the priority value is always a multiple of 4096, e.g 4096, 8192, 16384.

    To configure PVST in our scenario, the commands used are shown in the table below.

    This is the configuration needed on the switches for PVSTP to be enabled.

    We can use the command “show spanning-tree summary” to verify that the mode of STP in use is PVSTP. As you can see from the output below, the mode of STP is shown as PVSTP, 802.1D is shown as IEEE STP.

    RSTP (Rapid STP)

    RSTP is an open standard enhancement of the first STP standard which was 802.1D, it is also known as IEEE 802.1W. Most of the options in RSTP are unchanged from those in 802.1D. However, it is much faster. In this section, we discuss RSTP and discover how it differs from the conventional 802.1D implementation of STP.

    The main advantage that RSTP offers is the speed by which it recalculates the Spanning tree when there is a topological change. When properly configured, it is usually faster than STP and convergence is usually faster. In RSTP, we have different port states and roles. There is introduction of the alternate paths which speeds up the convergence after failure since this port immediately transitions to forwarding without the STA recalculation. Some of the RSTP characteristics are discussed below.

    Since RSTP is an open standard, and it offers better speeds than 802.1D, it is the most commonly used form of STP. RSTP does not need any additional configuration on switches and in most new model switches, it is on by default.

    The enhancements made in CISCO’s variant of STP such as the BackboneFast and the UplinkFast are not compatible with RSTP.

    RSTP is faster than 802.1D STP and it maintains backward compatibility with this protocol.

    RSTP can transition switch ports into the forwarding state without necessarily relying on timers that have been configured.

    Link Types

    In RSTP, we have several port roles as discussed below. On each links, the state of the port is determined by the state of the link. In RSTP, we have the edge ports and the non-edge ports. The types of links are point-to-point and shared.

    • Edge ports in STP are similar to the portfast ports we had for CISCO. These ports will automatically transition to forwarding state.
    • Root ports are not determined by the link type. These ports can transition rapidly to forwarding state.
    • Alternate ports and the backup ports do not use the link type. These are the equivalent of the blocked or non-designated ports in STP.
    • The designated ports use the link type to determine whether they will transition to the forwarding state. The designated ports that will transition to forwarding state are only those on point-to-point links.

    In RSTP, the role of the port is not the same as the state of a port. For example, we can have a designated port role that is in the discarding state. In the table below, the three RSTP port states have been described.

    The table below shows the difference between the STP and RSTP port states.

    NOTE: that the STP and RSTP port roles are very key concepts and they are often asked in the CCNA certification exams.

    Verification and Troubleshooting of STP

    In this section, we will review some of the STP and PVSTP troubleshooting commands using the scenario shown below.

    In this scenario, we are supposed to determine the root bridge for the VLANs on the three switches, using various show commands.


    The first command we use is the show VLAN brief, so that we can identify the VLANs that are active on the switches. And based on the output below, there are 4 configured VLANs which are; 10, 20, 30, and 99 on all switches.

    The next step is identifying the spanning tree mode that is in operation on the switches using the command show spanning-tree summary, and as you can see from the output below, all the switches are operating in PVST mode.

    From this we can determine that different switches will be the root bridges for different VLANs, we can use the command

    When we execute this command on S1, the output will be as shown below.

    Based on the output above, S1 is the root bridge for VLAN 10 only, as shown by the identical bridge ID and root ID mac address. As well as two designated ports for this VLAN.


    When this command is executed on S2 and S3, we should be able to see the root bridge for the other VLANs as shown in the output below for s2 and S3 respectively.

    Based on the output above, S2 is the root bridge for VLAN 20 and 30 respectively, and in the figure below, S3 is the root bridge for VLAN 99.

    The troubleshooting and verification commands we have learnt above are very important and can help you figure out STP issues. These concepts are usually examined thoroughly in the CCNA certification exams.

    Read more

Social Media Auto Publish Powered By : XYZScripts.com