Skip to content
Mar 8

Cisco Switching VLANs STP EtherChannel for Exam Preparation

MT
Mindli Team

AI-Generated Content

Cisco Switching VLANs STP EtherChannel for Exam Preparation

Mastering Layer 2 switching technologies is non-negotiable for any network engineer and a cornerstone of Cisco certifications like CCNA and CCNP Enterprise. These protocols govern how devices communicate within a local network, ensuring efficiency, redundancy, and security. Your exam will test not just your ability to recall facts, but your skill in configuring, verifying, and troubleshooting these interconnected systems. This guide provides the comprehensive, applied knowledge you need to succeed.

Virtual LANs (VLANs) and Trunking

A Virtual LAN (VLAN) is a logical segmentation of a physical network switch that creates independent broadcast domains. Without VLANs, every device on a switch receives every broadcast frame, leading to security risks and inefficient bandwidth use. By placing interfaces into different VLANs (e.g., VLAN 10 for HR, VLAN 20 for Engineering), you isolate traffic at Layer 2.

Creating a VLAN is a two-step process. First, you create the VLAN in the VLAN database. Second, you assign switch access ports to it.

Switch(config)# vlan 10
Switch(config-vlan)# name HR
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10

To allow a single physical link to carry traffic for multiple VLANs between switches, you configure a trunk. The IEEE 802.1Q standard is the universal trunking protocol, which inserts a 4-byte "tag" into the Ethernet frame to identify the VLAN. A critical concept is the native VLAN, which carries untagged traffic on a trunk. For security, always change the native VLAN to an unused VLAN and ensure it matches on both ends of a trunk to prevent VLAN hopping attacks. A common exam task is trunk configuration:

Switch(config)# interface gigabitethernet0/24
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk native vlan 999
Switch(config-if)# switchport trunk allowed vlan 10,20,30

Key verification commands are show vlan brief, show interfaces trunk, and show interfaces [interface-id] switchport.

Spanning Tree Protocol (STP) Variants

Redundant Layer 2 links create switching loops, leading to broadcast storms and network failure. The Spanning Tree Protocol (STP) prevents loops by logically blocking redundant paths while maintaining them for backup. The core algorithm uses a root bridge election (based on Bridge ID), root port selection on non-root switches, and designated port selection per segment.

Cisco switches primarily use three STP variants, and you must know their differences for the exam:

  • PVST+ (Per-VLAN Spanning Tree Plus): This is the Cisco proprietary default on many older switches. It runs a separate STP instance for each VLAN, allowing for load balancing by making different switches the root for different VLANs. However, it has slower convergence times (30-50 seconds).
  • Rapid PVST+: This is the modern, rapid evolution of PVST+. It also runs a per-VLAN instance but uses the Rapid STP (RSTP) standard for vastly faster convergence, often under one second. It is the recommended and default mode on many current Cisco Catalyst switches.
  • MST (Multiple Spanning Tree): This protocol maps multiple VLANs to a single STP instance, reducing switch CPU overhead in large networks with many VLANs. You define MST regions with identical configuration names and revision numbers.

Configuring the root bridge is a frequent exam objective. You should use the spanning-tree vlan [vlan-id] root primary macro command, which automatically sets a lower priority than the default 32768.

Switch(config)# spanning-tree mode rapid-pvst
Switch(config)# spanning-tree vlan 10 root primary
Switch(config)# spanning-tree vlan 20 root secondary

Always verify with show spanning-tree summary, show spanning-tree vlan [vlan-id], and show spanning-tree interface [interface-id] detail.

EtherChannel and Load Balancing

EtherChannel (or Link Aggregation) bundles multiple physical Ethernet links into a single logical channel. This provides increased bandwidth, load balancing, and inherent redundancy—if one link fails, traffic automatically flows over the remaining links with no STP convergence delay.

Two negotiation protocols manage the formation of a channel:

  • PAgP (Port Aggregation Protocol): Cisco proprietary. Modes include desirable (actively negotiates) and auto (passively waits).
  • LACP (Link Aggregation Control Protocol): IEEE 802.3ad standard. Modes include active (actively negotiates) and passive (waits). LACP is the industry standard and is heavily emphasized on exams.

A critical rule is that all physical ports in the channel must have identical configurations (speed, duplex, VLAN membership, trunk status). You configure the logical port-channel interface first, then apply the settings to the physical member interfaces.

Switch(config)# interface port-channel 1
Switch(config-if)# switchport mode trunk
Switch(config)# interface range gigabitethernet0/1 - 2
Switch(config-if-range)# channel-group 1 mode active
Switch(config-if-range)# channel-protocol lacp

Once formed, traffic is load-balanced across the links. The default method is usually source and destination IP address (src-dst-ip). You can change this to optimize traffic flow based on your network patterns using the port-channel load-balance global command. Essential verification commands are show etherchannel summary, show etherchannel port-channel, and show lacp neighbor.

Troubleshooting Layer 2 Issues

Your exam will present scenarios where things are broken. A structured troubleshooting approach is key.

  1. Start with connectivity: Can devices ping their default gateway? If not, move to the switch.
  2. Check VLAN assignments: Use show vlan brief to confirm the access port is in the correct VLAN.
  3. Verify trunking: Use show interfaces trunk to ensure the link is trunking and the required VLANs are allowed.
  4. Investigate STP: Use show spanning-tree vlan [vlan-id] to check for ports in a blocking state that should be forwarding, or to identify an unexpected root bridge.
  5. Validate EtherChannel: Use show etherchannel summary. All ports in the channel should be in a (P) bundled state, not (s) standalone. A common sign of misconfiguration is a "misconfigured" flag in this output.

Common Pitfalls

  • Native VLAN Mismatch: If the native VLAN is different on two ends of a trunk, you will see intermittent connectivity and CDP/STP will log a mismatch error. The fix is to statically set the same, unused native VLAN on both switches.
  • Forgetting to Change from Default STP: Leaving a network in default PVST+ mode can lead to unacceptable convergence times after a link failure. Know how to enable Rapid PVST+ or MST.
  • EtherChannel Misconfiguration: Mixing settings like switchport mode access on one member and trunk on another will prevent the channel from forming. Always configure the port-channel interface first, then assign the physical interfaces to the group. Also, ensure all negotiation protocols (LACP/PAgP) and modes (active/desirable) are compatible between switches.

Summary

  • VLANs segment broadcast domains for security and efficiency, while 802.1Q trunking carries multiple VLANs across switches. Always secure the native VLAN.
  • STP prevents Layer 2 loops. Rapid PVST+ offers per-VLAN fast convergence, while MST scales by grouping VLANs into instances.
  • EtherChannel (using LACP or PAgP) aggregates links for bandwidth and redundancy. All member port configurations must be identical.
  • Master verification with key show commands (show vlan, show interfaces trunk, show spanning-tree, show etherchannel summary) to diagnose and troubleshoot configurations.
  • Exam questions often test your ability to interpret these commands' output to identify the root cause of a network problem.

Write better notes with AI

Mindli helps you capture, organize, and master any subject with AI-powered summaries and flashcards.