Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Layer 2 Security

    Încărcat de

    AdilsonHood Adilson
    8 vizualizări1 pagină
    Assign the 3560 Central swi tch as the root bridge. Issue the show spanning-tree command to verify that 3560 Central switch is the r oot bridge.

    Descriere originală:

    Titlu original

    Layer 2 Security.txt

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    TXT, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    Assign the 3560 Central swi tch as the root bridge. Issue the show spanning-tree command to verify that 3560 Central switch is the r oot bridge.

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    8 vizualizări1 pagină

    Layer 2 Security

    Încărcat de

    AdilsonHood Adilson
    Assign the 3560 Central swi tch as the root bridge. Issue the show spanning-tree command to verify that 3560 Central switch is the r oot bridge.

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 1

    Task 1: Configure Root Bridge

    S tep 1. Determine the current root bridge.


    From Central, issue the show spanning-tree command to determine the current root
    bridge
    Using the spanning-tree vlan 1 root primary command, assign the 3560 Central swi
    tch as the root bridge.
    Central(config)# spanning-tree vlan 1 root primary
    SW-1(config)# spanning-tree vlan 1 root secondary
    S tep 4. Verify the s panning-tree configuration.
    Issue the show spanning-tree command to verify that 3560 Central switch is the r
    oot bridge.
    Which switch is the current root-bridge?
    Task 2: Protect Against STP Attacks
    SW-A(config)# interface range fastethernet 0/1 - 4
    SW-A(config-if-range)# spanning-tree portfast
    SW-B(config)# interface range fastethernet 0/1 - 4
    SW-B(config-if-range)# spanning-tree portfast
    SW-A(config)# interface range fastethernet 0/1 - 4
    SW-A(config-if-range)# spanning-tree bpduguard enable
    SW-B(config)# interface range fastethernet 0/1 - 4
    SW-B(config-if-range)# spanning-tree bpduguard enable
    Fa0/23 and Fa0/24.
    SW-1(config)# interface fa0/23
    SW-1(config-if)# spanning-tree guard root
    SW-1(config-if)# interface fa0/24
    SW-1(config-if)# spanning-tree guard root
    SW-2(config)# interface fa0/23
    SW-2(config-if)# spanning-tree guard root
    SW-2(config-if)# interface fa0/24
    SW-2(config-if)# spanning-tree guard root
    Task 3: Enable Storm Control
    SW-1(config)# interface gi1/1
    SW-1(config-if)# storm-control broadcast level 50
    SW-1(config-if)# interface fa0/1
    SW-1(config-if)# storm-control broadcast level 50
    SW-1(config-if)# interface fa0/23
    SW-1(config-if)# storm-control broadcast level 50
    SW-1(config-if)# interface fa0/24
    SW-1(config-if)# storm-control broadcast level 50
    **Repeat on SW-2 (gig1/1, fa0/1, fa0/23, and fa0/24) and Central (gig0/1,
    gig0/2, fa0/1) connection to other switches

    S-ar putea să vă placă și