This document addresses initial connectivity delays that occur when workstations that are connected to switches have one of these two issues:
Unable to log in to a network domain, either Microsoft Windows NT or Novell
Unable to obtain a DHCP address
The steps in this document are easy to implement and address the most common causes of workstation connectivity delays that you encounter during the workstation initialization/startup phase.
As more and more customers deploy switching to the desktop and replace shared hubs with switches, an initial connectivity delay is often introduced in client/server environments. Most commonly, Windows 95/98/NT, Novell, Banyan Virtual Integrated Network Service (VINES), IBM NetworkStation/IBM Thin Clients, and AppleTalk clients are unable to connect to their servers. If the software on these clients is not persistent during the startup procedure, the clients give up on attempts to connect to a server before the switch has even allowed traffic to pass through the switch to the client.
Note: This initial connectivity delay often manifests itself as errors that appear when you first boot a workstation. These are several examples of error messages and errors you may see:
A Microsoft networking client displays No Domain Controllers Available.
DHCP reports No DHCP Servers Available.
A Novell Internetwork Packet Exchange (IPX) networking workstation does not have the Novell Login screen upon bootup.
An AppleTalk networking client displays Access to your AppleTalk network has been interrupted. To re-establish your connection, open and close the AppleTalk control panel. There is also a possibility that the AppleTalk client Chooser application either does not display a zone list or displays an incomplete zone list.
IBM Network Stations can have one of these messages:
NSB83619--Address resolution failed
NSB83589--Failed to boot after 1 attempt
NSB70519--Failed to connect to a server
IBM has created fixes to help deal with this problem. IBM included the fixes in the PTF 7 for V2R1 code. Customers should be at Network Station Firmware level B3052500 (as of May 25, 2000) before they attempt to connect to the switches that this document lists.
The initial connectivity delay also frequently occurs in a switched environment in which a network administrator updates software or drivers. Often in this case, a vendor optimizes the drivers so that network initialization procedures happen earlier in the client startup process (before the switch is ready to process the packets).
With the various features that some switches now include, nearly a minute is sometimes necessary before a switch begins to service a newly connected workstation. This delay affects the workstation every time you turn on or reboot the workstation. The four main features that cause this delay are:
Spanning Tree Protocol (STP)
EtherChannel negotiation
Trunking negotiation
Link speed/duplex negotiation between the switch and the workstation
These four features are listed in order of the delay they cause. STP causes the greatest delay and speed/duplex negotiation causes the least delay. A workstation that connects to a switch usually does not cause spanning tree loops, usually does not need EtherChannel, and usually does not need to negotiate a trunking method. The disablement of link speed/detection negotiation can also reduce port delay if you need to optimize your startup time as much as possible.
This document shows how to implement startup speed-optimization commands on three Cisco Catalyst switch platforms. The timing sections show how the switch port delay is reduced, and by how much.
The examples in this document were created with this equipment:
A console cable that is suitable for the Supervisor Engine in the switch
Note: Refer to Connecting a Terminal to the Console Port on Catalyst Switches.
A Catalyst 5505 switch that runs Catalyst OS (CatOS) software version 4.5(1)
A Catalyst 6000 switch that runs Cisco IOSĀ® Software Release 12.1(6)E
A Catalyst 4000 switch that runs Cisco IOS Software Release 12.1(11b)EW
A Catalyst 2948G-L3 switch
A Catalyst 2900XL switch that runs Cisco IOS Software Release 11.2(8.2)SA6
A Catalyst 1900 switch that runs Enterprise Edition software version 8
A Fast Ethernet module that is capable of Port Aggregation Protocol (PAgP) and trunking
An RJ-45 Ethernet crossover cable to connect to the switch
A PC to connect to the switch
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Refer to Cisco Technical Tips Conventions for more information on document conventions.
This document uses the terms "workstation", "end station", and "server" interchangeably. These terms refer to any device that directly connects to a switch with a single network interface card (NIC). The terms can also refer to devices with multiple NICs, in which the NIC is used only for redundancy. In other words, the workstation or server is not configured to act as a bridge, but the workstation/server has multiple NICs for redundancy.
Note: There are some server NICs that support trunking and/or EtherChannel. There are situations in which the server needs to live on several VLANs at the same time (trunking) or the server needs more bandwidth on the link that connects the server to the switch (EtherChannel). In these cases, you do not turn PAgP off and do not turn trunking off. Also, these devices are rarely turned off or reset. The instructions in this document do not apply to these types of devices.
This section describes four features that some switches have which cause initial delays when you connect a device to the switch. A workstation typically does not cause the spanning tree problem (loops) or does not need the feature, commonly PAgP and/or Dynamic Trunking Protocol (DTP), so the delay is unnecessary.
If you have recently migrated from a hub environment to a switch environment, startup connectivity delays can appear because a switch works much differently than a hub. A switch provides connectivity at the data link layer, not at the physical layer. The switch uses a bridging algorithm in order to decide if packets that are received on a port need to be transmitted out other ports. The bridging algorithm is susceptible to physical loops in the network topology. Because of this susceptibility to loops, switches run the protocol STP that causes loops to be eliminated in the topology. When you run STP, all ports that are included in the spanning tree process become active much slower than they otherwise become active as STP detects and blocks loops. A bridged network that has physical loops, without STP, breaks. Despite the time that the process involves, STP is beneficial. STP that runs on Catalyst switches is an industry-standard specification (IEEE 802.1D).
After a port on the switch has linked and joined the bridge group, STP runs on that port. A port that runs STP can be in one of five states:
blocking
listening
learning
forwarding
disabled
STP dictates that the port starts out blocking, and then immediately moves through the listening and learning phases. By default, the port spends approximately 15 seconds listening and 15 seconds learning. During the listening state, the switch tries to determine where the port fits in the spanning tree topology. The switch especially wants to know whether this port is part of a physical loop. If the port is part of a loop, the port can be chosen to go into blocking mode. The blocking mode means that the port does not send or receive user data in order to eliminate loops. If the port is not part of a loop, the port proceeds to the learning state, in which the port learns which MAC addresses live off this port. This entire STP initialization process takes about 30 seconds.
If you connect a workstation or a server with a single NIC card or an IP phone to a switch port, the connection cannot create a physical loop. These connections are considered leaf nodes. There is no reason to make the workstation wait 30 seconds while the switch checks for loops if the workstation cannot cause a loop. Cisco added the PortFast or fast-start feature. With this feature, the STP for this port assumes that the port is not part of a loop and immediately moves to the forwarding state and does not go through the blocking, listening, or learning states. This command does not turn STP off. This command makes STP skip a few initial steps (unnecessary steps, in this circumstance) on the selected port.
Caution: Never use the PortFast feature on switch ports that connect to other switches, hubs, or routers. These connections can cause physical loops, and spanning tree must go through the full initialization procedure in these situations. A spanning tree loop can bring your network down. If you turn on PortFast for a port that is part of a physical loop, there can be a window of time when packets are continuously forwarded (and can even multiply) in such a way that the network cannot recover.
Other features that you can enable on switches are EtherChannel, Fast EtherChannel (FEC), or Gigabit EtherChannel (GEC). These features allow multiple links between the same two devices to work as if the links were one fast link, with the traffic load balanced among the links. A switch can form these bundles automatically with a neighbor with the use of PAgP. Switch ports that can run PAgP usually default to a passive mode called auto mode. In auto mode, the switches form a bundle if the neighbor device across the link requests it. If you run the protocol in auto mode, a port delay of up to 15 seconds can occur before the pass of control to the spanning-tree algorithm (STA). PAgP runs on a port before STP does. There is no reason for you to run PAgP on a port that connects to a workstation. If you set the switch port PAgP mode to off, you eliminate this delay.
Another switch feature is the ability for a port to form a trunk. A trunk is configured between two devices when they need to carry traffic from multiple VLANs. A VLAN is what switches create in order to make a group of workstations appear to be on its own segment or broadcast domain. Trunk ports make these VLANs extend across multiple switches so that a single VLAN can cover an entire campus. In order to extend the VLANs in this way, the trunk ports add tags to the packets that indicate the VLAN to which the packet belongs.
There are different types of trunking protocols. If a port can become a trunk, there is a possibility that the port can trunk automatically. And, in some cases, the port can even negotiate the type of trunking to use on the port. DTP provides this ability to negotiate the trunking method with the other device. The precursor to DTP is a protocol named Dynamic Inter-Switch Link Protocol (ISL) (DISL). If these protocols run, they can delay when a port on the switch becomes active.
Usually, a port that connects to a workstation belongs to only one VLAN. Therefore, the port does not need to trunk. If a port has the ability to negotiate the formation of a trunk, the port usually defaults to the auto mode. If you change the port trunking mode to off, you can further reduce the delay of when a switch port becomes active.
If you turn on PortFast and turn off PAgP (if PAgP is present), you can usually solve an initial connectivity delay. If you need to eliminate every possible second, you can also set the port speed and duplex manually on the switch, if the port is a multispeed port (10/100 Mbps). While autonegotiation is a nice feature, you can save 2 seconds if you turn it off on a Catalyst 5500/5000. Autonegotiation does not help much on the Catalyst 2800 or Catalyst 2900XL.
Note: If you turn off autonegotiation on the switch but leave autonegotiation active on the workstation, the switch does not negotiate with the client. Potentially, the client can fail to choose the same duplex setting that the switch uses. Refer to Configuring and Troubleshooting Ethernet 10/100/1000Mb Half/Full Duplex Auto-Negotiation for additional information on the caveats of autonegotiation.
The commands in this section show how to turn on PortFast, turn off PAgP negotiation, and turn off trunking negotiation (DISL, DTP). You can issue the set spantree portfast command for a range of ports if you issue, for example, set spantree portfast 2/1-12 enable. Usually, you must use a valid group of channel-capable ports in order to turn off the set port channel command. In the example in this section, module 2 has the ability to channel with ports 2/1-2 or with ports 2/1-4. Either of these groups of ports is valid to use.
Note: Switch software version 5.2 for the Catalyst 4500/4000 and 5500/5000 switches has a new command. The set port host command is a macro that combines the commands that the Configuration section shows into one easy-to-use command. Issue the set port host command in order to reduce the time that is necessary to start up packet forwarding. In order to optimize the port configuration, the set port host command sets the channel mode to off, enables spanning tree PortFast, sets the trunk mode to off, and disables the IEEE 802.1Q (dot1q) tunnel feature. If spanning tree PortFast is enabled, issue the set port host command only on ports that connect to a single host. If you connect hubs, concentrators, switches, and bridges to a fast-start port, temporary spanning tree loops can result.
Switch -A> (enable) set spantree portfast 2/1 enable Warning: Spantree port fast start should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc. to a fast start port can cause temporary spanning tree loops. Use with caution. Spantree port 2/1 fast start enabled. Switch-A> (enable) set port channel 2/1-2 off Port(s) 2/1-2 channel mode set to off. Switch-A> (enable) set trunk 2/1 off Port(s) 2/1 trunk mode set to off.
The changes to the configuration are automatically saved to NVRAM.
The version of the switch software that this document uses is 4.5(1). For the full output of the show version command and the show module commands, see the Timing Tests with and Without DTP, PAgP, and PortFast on a Catalyst 5500 section of this document.
Switch-A> (enable) show version WS-C5505 Software, Version McpSW: 4.5(1) NmpSW: 4.5(1)
The show port spantree command shows how to view the current state of a port with regard to STP. Currently, the port is in the STP forwarding state (sends and receives packets), and the Fast-Start column shows that PortFast is currently disabled. The port takes at least 30 seconds to move to the forwarding state whenever it initializes.
Switch-A> (enable) show port spantree 2/1 Port Vlan Port-State Cost Priority Fast-Start Group-Method -------- ---- ------------- ----- -------- ---------- ------------ 2/1 1 forwarding 19 32 disabled
Enable PortFast on this switch port. The switch warns you that you should use this command only on ports that connect to a single host (a workstation, server, and so on) and never on ports that connect to other hubs or switches. With a single host, PortFast is enabled, and the port starts forwarding immediately. A workstation or server does not cause a network loop.
Switch-A> (enable) set spantree portfast 2/1 enable Warning: Spantree port fast start should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc. to a fast start port can cause temporary spanning tree loops. Use with caution. Spantree port 2/1 fast start enabled.
In order to verify that PortFast is enabled for this port, issue this command:
Switch-A> (enable) show port spantree 2/1 Port Vlan Port-State Cost Priority Fast-Start Group-Method -------- ---- ------------- ----- -------- ---------- ------------ 2/1 1 forwarding 19 32 enabled
Another way to view the PortFast settings for one or more ports is to view the STP information for a specific VLAN. The Timing Tests with and Without DTP, PAgP, and PortFast on a Catalyst 5500 of this document shows how to have the switch report each stage of STP that it moves through in real time. This output of the show spantree command also shows the forward delay time (15 seconds). This time is the length of time that STP will be in the listening state and the length of time that STP will be in the learning state for each port in the VLAN:
Switch-A> (enable) show spantree 1 VLAN 1 Spanning tree enabled Spanning tree type ieee Designated Root 00-e0-4f-94-b5-00 Designated Root Priority 8189 Designated Root Cost 19 Designated Root Port 2/24 Root Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Bridge ID MAC ADDR 00-90-92-b0-84-00 Bridge ID Priority 32768 Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Port Vlan Port-State Cost Priority Fast-Start Group-Method --------- ---- ------------- ----- -------- ---------- ------------ 2/1 1 forwarding 19 32 enabled !--- Output suppressed.
In order to verify that PAgP is off, use the show port channel command. Be sure to specify the module number so that the command shows you the channel mode even if there is no channel formed. If you issue the show port channel with no channels formed, the output reports that there are no ports channeling. You need to go further and see the current channel mode.
Here is an example of the show port channel command. The example specifies the module number 2:
Switch-A> (enable) show port channel No ports channeling Switch-A> (enable) show port channel 2 Port Status Channel Channel Neighbor Neighbor mode status device port ----- ---------- --------- ----------- ------------------------- ---------- 2/1 notconnect auto not channel 2/2 notconnect auto not channel !--- Output suppressed. Switch-A> (enable) set port channel 2/1-2 off Port(s) 2/1-2 channel mode set to off. Switch-A> (enable) show port channel 2 Port Status Channel Channel Neighbor Neighbor mode status device port ----- ---------- --------- ----------- ------------------------- ---------- 2/1 connected off not channel 2/2 connected off not channel !--- Output suppressed.
In order to verify that trunking negotiation is off, issue the set trunk off command. The example output of the set trunk off command in this section shows:
The default state
That trunking is off
The resulting state
The example specifies module number 2 so that you can see the current channel mode for the ports in this module:
Switch-A> (enable) show trunk 2 Port Mode Encapsulation Status Native vlan -------- ----------- ------------- ------------ ----------- 2/1 auto negotiate not-trunking 1 2/2 auto negotiate not-trunking 1 !--- Output suppressed. Switch-A> (enable) set trunk 2/1-2 off Port(s) 2/1-2 trunk mode set to off. Switch-A> (enable) show trunk 2 Port Mode Encapsulation Status Native vlan -------- ----------- ------------- ------------ ----------- 2/1 off negotiate not-trunking 1 2/2 off negotiate not-trunking 1 !--- Output suppressed.
This document does not show an example that turns off speed/duplex autonegotiation via the manual set of the speed and duplex on the switch. This step is not necessary, except in the rarest of cases.
The test in this section shows what happens with switch port initialization timing as you apply the various commands. The default settings of the port are used first in order to give a benchmark. These settings are:
PortFast is disabled.
The PAgP (EtherChannel) mode is set to auto.
Note: The port will channel if it is asked to channel.
The trunking mode (DTP) is set to auto.
Note: The port will trunk if it is asked to trunk.
The test then proceeds in this way:
Turn PortFast on and measure the time.
Turn PAgP off and measure the time.
Turn trunking off and measure the time.
Turn autonegotiation off and measure the time.
All of these tests are done on a Catalyst 5500 with a 10/100-Mbps Fast Ethernet card that supports DTP and PAgP.
Note: To turn PortFast on is not the same as if you turn STP off, as the Spanning Tree section of this document explains. With PortFast on, STP still runs on the port. The blocking, listening, and learning states are skipped, and the port immediately goes to the forwarding state. Do not turn STP off because it affects the entire VLAN and can leave the network vulnerable to physical topology loops. Serious network problems can result.
Complete these steps:
Issue the show version command and the show module command in order to show the switch software version and configuration.
Switch-A> (enable) show version WS-C5505 Software, Version McpSW: 4.5(1) NmpSW: 4.5(1) Copyright (c) 1995-1999 by Cisco Systems NMP S/W compiled on Mar 29 1999, 16:09:01 MCP S/W compiled on Mar 29 1999, 16:06:50 System Bootstrap Version: 3.1.2 Hardware Version: 1.0 Model: WS-C5505 Serial #: 066507453 Mod Port Model Serial # Versions --- ---- ---------- --------- ---------------------------------------- 1 0 WS-X5530 006841805 Hw : 1.3 Fw : 3.1.2 Fw1: 3.1(2) Sw : 4.5(1) 2 24 WS-X5225R 012785227 Hw : 3.2 Fw : 4.3(1) Sw : 4.5(1) DRAM FLASH NVRAM Module Total Used Free Total Used Free Total Used Free ------ ------- ------- ------- ------- ------- ------- ----- ----- ----- 1 32640K 13648K 18992K 8192K 4118K 4074K 512K 119K 393K Uptime is 28 days, 18 hours, 54 minutes Switch-A> (enable) show module Mod Module-Name Ports Module-Type Model Serial-Num Status --- ------------------- ----- --------------------- --------- --------- ------- 1 0 Supervisor III WS-X5530 006841805 ok 2 24 10/100BaseTX Ethernet WS-X5225R 012785227 ok Mod MAC-Address(es) Hw Fw Sw --- -------------------------------------- ------ ---------- ----------------- 1 00-90-92-b0-84-00 to 00-90-92-b0-87-ff 1.3 3.1.2 4.5(1) 2 00-50-0f-b2-e2-60 to 00-50-0f-b2-e2-77 3.2 4.3(1) 4.5(1) Mod Sub-Type Sub-Model Sub-Serial Sub-Hw --- -------- --------- ---------- ------ 1 NFFC WS-F5521 0008728786 1.0
Issue the set logging level spantree 7 command in order to set logging for STP to the most verbose.
This example shows the default logging level (2) for STP, which means that only critical situations are reported:
Switch-A> (enable) show logging Logging buffer size: 500 timestamp option: enabled Logging history size: 1 Logging console: enabled Logging server: disabled server facility: LOCAL7 server severity: warnings(4) Facility Default Severity Current Session Severity ------------- ----------------------- ------------------------ !--- Output suppressed. spantree 2 2 !--- Output suppressed. 0(emergencies) 1(alerts) 2(critical) 3(errors) 4(warnings) 5(notifications) 6(information) 7(debugging)
Change the level for STP to 7 (debug) in order to view the STP state change on the port. This configuration change lasts only for the current terminal session.
Switch-A> (enable) set logging level spantree 7 System logging facility <spantree> for this session set to severity 7(debugging) Switch-A> (enable) show logging !--- Output suppressed. Facility Default Severity Current Session Severity ------------- ----------------------- ------------------------ !--- Output suppressed. spantree 2 7 !--- Output suppressed.
Issue the set port disable command in order to shut down the port.
Switch-A> (enable) set port disable 2/1 Port 2/1 disabled.
Check the time and enable the port in order to determine the length of time that the switch stays in each state.
This example uses the show time command and the set port enable 2/1 command. In order to get the most accurate timing information, issue the commands as quickly as possible. One idea is to enter each command on a separate line in a text file, copy the commands to the clipboard, and then paste them into the switch.
Switch-A> (enable) show time Fri Feb 25 2000, 12:20:17 Switch-A> (enable) set port enable 2/1 Port 2/1 enabled. Switch-A> (enable) 2000 Feb 25 12:20:39 %PAGP-5-PORTTOSTP: Port 2/1 joined bridge port 2/1 2000 Feb 25 12:20:39 %SPANTREE-6-PORTBLK: port 2/1 state in vlan 1 changed to blocking. 2000 Feb 25 12:20:39 %SPANTREE-6-PORTLISTEN: port 2/1 state in vlan 1 changed to Listening. 2000 Feb 25 12:20:53 %SPANTREE-6-PORTLEARN: port 2/1 state in vlan 1 changed to Learning. 2000 Feb 25 12:21:08 %SPANTREE-6-PORTFWD: port 2/1 state in vlan 1 changed to forwarding.
In this example, about 22 seconds (from 20:17 to 20:39) passed before the port began the STP blocking stage. During this time, the port joined the bridge group and completed DTP and PAgP negotiation. After blocking is started, you enter the STP realm. After blocking, STP went immediately to the listening state (20:39 to 20:39). The listening state took approximately 14 seconds (from 20:39 to 20:53). The learning state (until the forwarding state began) took 15 seconds (from 20:53 to 21:08). The total time before the port actually became functional for traffic was about 51 seconds (from 20:17 to 21:08).
Note: Technically, the listening and learning stages should both be 15 seconds, which is how the forward delay parameter is set for this VLAN. The learning stage would be 15 seconds (rather than 14 seconds) if there were more accurate measurements. None of the measurements here are perfectly accurate.
Issue the show port capabilities command and the show trunk command.
As the output in Step 4 and the show spantree command output shows, STP is active on this port. There are other factors that can slow the port as it reaches the forwarding state. The show port capabilities command shows that this port has the ability to trunk and to create an EtherChannel. The show trunk command shows that this port is in auto mode and that the port is set to negotiate the type of trunking to use, either ISL or 802.1Q. The type of trunking to use is negotiated through DTP.
Switch-A> (enable) show port capabilities 2/1 Model WS-X5225R Port 2/1 Type 10/100BaseTX Speed auto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel 2/1-2,2/1-4 Broadcast suppression percentage(0-100) Flow control receive-(off,on),send-(off,on) Security yes Membership static,dynamic Fast start yes Rewrite yes Switch-A> (enable) show trunk 2/1 Port Mode Encapsulation Status Native vlan -------- ----------- ------------- ------------ ----------- 2/1 auto negotiate not-trunking 1 !--- Output suppressed.
Enable PortFast on the port.
Trunking negotiation (DTP) and EtherChannel (PAgP) are still in the auto mode.
Switch-A> (enable) set port disable 2/1 Port 2/1 disabled. Switch-A> (enable) set spantree portfast 2/1 enable Warning: Port fast start should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc. to a fast start port can cause temporary spanning tree loops. Use with caution. Spantree port 2/1 fast start enabled. Switch-A> (enable) show time Fri Feb 25 2000, 13:45:23 Switch-A> (enable) set port enable 2/1 Port 2/1 enabled. Switch-A> (enable) Switch-A> (enable) 2000 Feb 25 13:45:43 %PAGP-5-PORTTOSTP: Port 2/1 joined bridgeport 2/1 2000 Feb 25 13:45:44 %SPANTREE-6-PORTFWD: port 2/1 state in vlan 1 change to forwarding.
There is a total time of 21 seconds. Twenty seconds passed before the port joined the bridge group (from 45:23 to 45:43). Because PortFast is enabled, only 1 second passed before STP started forwarding (instead of 30 seconds). You save 29 seconds when you enable PortFast. Now, try to reduce the delay further.
Turn the PAgP mode to off.
The show port channel command shows that the PAgP mode is set to auto, which means that the port will channel if a neighbor that runs PAgP asks the port to channel. You must turn off channeling for at least a group of two ports. You cannot turn off channeling for an individual port.
Switch-A> (enable) show port channel 2/1 Port Status Channel Channel Neighbor Neighbor mode status device port ----- ---------- --------- ----------- ------------------------- ---------- 2/1 connected auto not channel Switch-A> (enable) set port channel 2/1-2 off Port(s) 2/1-2 channel mode set to off.
Shut down the port and repeat the test.
Switch-A> (enable) set port disable 2/1 Port 2/1 disabled. Switch-A> (enable) show time Fri Feb 25 2000, 13:56:23 Switch-A> (enable) set port enable 2/1 Port 2/1 enabled. Switch-A> (enable) 2000 Feb 25 13:56:32 %PAGP-5-PORTTOSTP: Port 2/1 joined bridgeport 2/1 2000 Feb 25 13:56:32 %SPANTREE-6-PORTFWD: port 2/1 state in vlan 1 changed to forwarding.
Notice that, now, only 9 seconds are necessary to reach the forwarding state (from 56:23 to 56:32), instead of 21 seconds as in the test in Step 6. When you change PAgP from auto to off in this test, you save about 12 seconds.
Turn trunking to off (instead of auto) and determine how that affects the time that is necessary for the port to reach the forwarding state.
Turn the port off and on, and record the time.
Switch-A> (enable) set trunk 2/1 off Port(s) 2/1 trunk mode set to off. Switch-A> (enable) set port disable 2/1 Port 2/1 disabled.
Start the test with trunking set to off (instead of auto).
Switch-A> (enable) show time Fri Feb 25 2000, 14:00:19 Switch-A> (enable) set port enable 2/1 Port 2/1 enabled. Switch-A> (enable) 2000 Feb 25 14:00:22 %PAGP-5-PORTTOSTP: Port 2/1 joined bridge port 2/1 2000 Feb 25 14:00:23 %SPANTREE-6-PORTFWD: port 2/1 state in vlan 1 change for forwarding.
You saved a few seconds at the start because only 4 seconds passed before the port reached the STP forwarding state (from 00:19 to 00:22). You save about 5 seconds with the change of trunking mode from auto to off.
If the switch port initialization time was the problem, you should have solved the problem at this point. If you need to reduce the time by a few more seconds, perform step 10.
(Optional) Set the port speed and duplex manually instead of using autonegotiation in order to reduce the time by a few more seconds.
Note: This step is not usually necessary in order to resolve startup delay issues.
If you set the speed and duplex manually on one side, you must set the speed and duplex on the other side as well. When you set the port speed and duplex, you disable autonegotiation on the port, and the connecting device does not see autonegotiation parameters. The connecting device connects only at half duplex. This duplex mismatch results in poor performance and port errors. Remember to set speed and duplex on both sides in order to avoid these problems.
In order to view the port status after you set the speed and duplex, issue the show port command.
Switch-A> (enable) set port speed 2/1 100 Port(s) 2/1 speed set to 100Mbps. Switch-A> (enable) set port duplex 2/1 full Port(s) 2/1 set to full-duplex. Switch-A> (enable) show port Port Name Status Vlan Level Duplex Speed Type ----- ------------------ ---------- ---------- ------ ------ ----- ------------ 2/1 connected 1 normal full 100 10/100BaseTX !--- Output suppressed.
This example shows the timing results:
Switch-A> (enable) show time Fri Feb 25 2000, 140528 Eastern Switch-A> (enable) set port enable 2/1 Port 2/1 enabled. Switch-A> (enable) 2000 Feb 25 140529 Eastern -0500 %PAGP-5-PORTTOSTP: Port 2/1 joined bridgeport 2/1 2000 Feb 25 140530 Eastern -0500 %SPANTREE-6-PORTFWD: port 2/1 state in vlan 1 changed to forwarding.
The final result gives a time of 2 seconds (from 0528 to 0530).
Complete these steps to perform another visually timed test (with use of your watch):
Issue a continuous ping (ping -t), directed to the switch, on a PC that is attached to the switch.
Disconnect the cable from the switch.
The pings start to fail.
Reconnect the cable to the switch, and check your watch to determine the length of time that passes before the switch responds to the pings from the PC.
The length of time is about 5 to 6 seconds with autonegotiation for speed and duplex turned on, and about 4 seconds with autonegotiation for speed and duplex turned off. There are a lot of variables in this test, such as PC initialization, PC software, the switch console port response to requests, and others. However, this test provides an idea of the length of time that is necessary to get a response from the PC point of view. All the other tests in this procedure are from the switch internal debug message point of view.
This section presents the commands to turn on spanning tree PortFast and turn off trunking negotiation (DISL, DTP). With this operating system, PAgP is not active until you add a port to an EtherChannel. You do not need to turn it off. You can issue the interface range command in order to apply these commands to a group of ports at one time. The interface range command in this example allows you to apply the commands to ports 3/2 through 3/4 at the same time:
Note: There is a space between the 2 and the - in the interface range fastethernet 3/2 -4 command. This space is mandatory in order to avoid a syntax error.
Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface range fastethernet 3/2 -4 Native_IOS(config-if-range)#
This example uses only one port. A port in Cisco IOS Software defaults to be a routed port (Layer 3 [L3]), as you would encounter on a router. You only need to add the commands to ports that are configured to be switch ports (Layer 2 [L2]) because these are the ports that run L2 protocols (spanning tree and DTP) and are subject to startup delay as a result. In order to make a routed port a switched port, issue the switchport command (with no parameters after it) in interface mode.
Start with a port in the default (L3) state and complete these steps:
Issue the switchport command in order to configure the port as a switch port.
Note: Issue the command on a line by itself.
In order to turn off DTP, configure the port as an access port (only).
Turn on the spanning tree PortFast feature.
Save the configuration.
The show run interface fastethernet 3/13 command in this example shows the current configuration for this port:
Native_IOS#show run interface fastethernet 3/13 Building configuration... Current configuration : 61 bytes ! interface FastEthernet3/13 no ip address shutdown end Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface fastethernet 3/13 Native_IOS(config-if)#switchport Native_IOS(config-if)#switchport mode access Native_IOS(config-if)#spanning-tree portfast %Warning: PortFast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc.to this interface when PortFast is enabled, can cause temporary Spanning Tree loops. Use with CAUTION %PortFast has been configured on FastEthernet3/13 but will only have effect when the interface is in a non-trunking mode. Native_IOS(config-if)#no shutdown Native_IOS(config-if)#^Z Native_IOS#copy run start
The version of the switch software that this document uses is Cisco IOS Software Release 12.1(6)E. For the full output of the show version command and the show module command, refer to the Timing Tests on a Catalyst 6500/6000 That Runs Cisco IOS System Software section of this document.
Native_IOS#show version Cisco Internetwork Operating System Software IOS (tm) c6sup1_rp Software (c6sup1_rp-JSV-M), Version 12.1(6)E, EARLY DEPLOYME)
This is how the configuration looks after the changes that you have made go into effect:
Native_IOS#show run interface fastethernet 3/13 Building configuration... Current configuration : 109 bytes ! interface FastEthernet3/13 no ip address switchport switchport mode access spanning-tree portfast end Native_IOS#show interfaces fastethernet 3/13 switchport Name: Fa3/13 Switchport: Enabled Administrative Mode: static access Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Native_IOS#show spanning-tree interface fastethernet 3/13 Port 141 (FastEthernet3/13) of VLAN1 is forwarding Port path cost 19, Port priority 128, Port Identifier 128.141. Designated root has priority 32768, address 00d0.024f.6001 Designated bridge has priority 32768, address 00d0.024f.6001 Designated port id is 128.141, designated path cost 0 Timers: message age 0, forward delay 0, hold 0 Number of transitions to forwarding state: 1 BPDU: sent 8984, received 0 The port is in the PortFast mode Native_IOS#
The test in this section shows what happens with switch port initialization timing as you apply the various commands. The default settings of the port are used first in order to give a benchmark. These settings are:
PortFast is disabled.
The trunking mode (DTP) is set to auto.
Note: The port will trunk if it is asked to trunk.
Note: PAgP is not active by default in this operating system.
The test then proceeds in this way:
Turn PortFast on and measure the time.
Turn trunking off and measure the time.
Turn autonegotiation off and measure the time.
Note: To turn PortFast on is not the same as if you turn STP off, as the Spanning Tree section of this document explains. With PortFast on, STP still runs on the port. The blocking, listening, and learning states are skipped, and the port immediately goes to the forwarding state. Do not turn STP off because it affects the entire VLAN and can leave the network vulnerable to physical topology loops. Serious network problems can result.
Complete these steps:
Issue the show version command and the show module command in order to show the switch software version and configuration.
Native_IOS#show version Cisco Internetwork Operating System Software IOS (tm) c6sup1_rp Software (c6sup1_rp-JSV-M), Version 12.1(6)E, EARLY DEPLOYME) TAC Support: http://www.cisco.com/cgi-bin/ibld/view.pl?i=support Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Sat 17-Mar-01 00:14 by eaarmas Image text-base: 0x60020950, data-base: 0x6165E000 ROM: System Bootstrap, Version 12.0(3)XE, RELEASE SOFTWARE BOOTFLASH: MSFC Software (C6MSFC-BOOT-M), Version 12.1(6)E, EARLY DEPLOYMENT RE) Native_IOS uptime is 12 hours, 36 minutes System returned to ROM by reload (SP by reload) System image file is "sup-bootflash:c6sup11-jsv-mz.121-6.E" cisco Catalyst 6000 (R5000) processor with 114688K/16384K bytes of memory. Processor board ID SAD04281AF6 R5000 CPU at 200Mhz, Implementation 35, Rev 2.1, 512KB L2 Cache Last reset from power-on Bridging software. X.25 software, Version 3.0.0. SuperLAT software (copyright 1990 by Meridian Technology Corp). TN3270 Emulation software. 24 Ethernet/IEEE 802.3 interface(s) 1 Virtual Ethernet/IEEE 802.3 interface(s) 48 FastEthernet/IEEE 802.3 interface(s) 4 Gigabit Ethernet/IEEE 802.3 interface(s) 381K bytes of non-volatile configuration memory. 4096K bytes of packet SRAM memory. 16384K bytes of Flash internal SIMM (Sector size 256K). Configuration register is 0x2102 Native_IOS#show module Slot Ports Card Type Model Serir ---- ----- ----------------------------------------- --------------------- ----- 1 2 Cat 6000 sup 1 Enhanced QoS (active) WS-X6K-SUP1A-2GE SAD0 2 2 Cat 6000 sup 1 Enhanced QoS (other) WSSUP1A-2GE SAD0 3 48 48 port 10/100 mb RJ45 WS-X6348-RJ-45 SAD0 6 24 24 port 10baseFL WS-X6024-10FL-MT SAD0 Slot MAC addresses Hw Fw Sw ---- ---------------------------------- ----- ------------ ---------- 1 00d0.c0d2.5540 to 00d0.c0d2.5541 3.2 unknown 6.1(0.105)OR 2 00d0.bceb.8bb4 to 00d0.bceb.8bb5 5.0 unknown unknown 3 0002.7ef1.36e0 to 0002.7ef1.370f 1.1 5.3(1) 1999- 6.1(0.105)OR 6 00d0.9738.5338 to 00d0.9738.534f 0.206 5.3(1) 1999- 6.1(0.105)OR
Turn on debugging in order to see the various spanning tree states and determine when the port is ready to send and receive data, and turn on timestamps in order to see timing information in the messages that display.
In Cisco IOS Software, the Switch Processor (SP) and the Route Processor (RP) work together to present one command-line interface (CLI) to the user, with the RP in charge of the CLI. Each module is responsible for different functions behind the scenes. In order to see debugs for spanning tree that run on a port that is configured as a switch port (L2), you need to turn on debugging on the SP. Complete these steps:
Issue the remote login command in order to access the SP.
Note: The prompt changes in order to let you know that you are on the SP.
In order to return to the RP, issue the exit command.
Note: Although the message in the output indicates otherwise, do not enter "^C^C^C".
Limit the debugging information to only the port of interest.
Issue the debug interface fastethernet 3/13 command.
Turn on spanning tree debugging on the SP.
Return to the RP in order to continue the test.
The switch defaults to sending debug output to the console.
Native_IOS#configure terminal Native_IOS(config)#service timestamps debug datetime msec Native_IOS(config)#service timestamps log datetime msec !--- If you turn on timestamps, the time displays whenever debug and/or !--- log messages are produced. This allows you to measure the time !--- between various messages. Native_IOS(config)#exit Native_IOS#remote login Trying Switch ... Entering CONSOLE for Switch Type "^C^C^C" to end this session Switch-sp#debug interface fastethernet 3/13 Condition 1 set Switch-sp#debug spanning-tree events spanning tree event debugging is on Switch-sp#exit [Connection to Switch closed by foreign host] Native_IOS#
Issue these commands in order to shut down the port:
Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface fastethernet 3/13 Native_IOS(config-if)#shutdown Native_IOS(config-if)#^Z Native_IOS#
Check the time and enable the port in order to determine the length of time that the switch stays in each state.
This example uses the show clock command, the configure terminal command, the interface fastethernet 3/13 command, and the no shut command. In order to get the most accurate timing information, issue the commands as quickly as possible. One idea is to enter each command on a separate line in a text file, copy the commands to the clipboard, and then paste them into the switch.
Native_IOS#show run interface fastethernet 3/13 Building configuration... Current configuration : 71 bytes ! interface FastEthernet3/13 no ip address shutdown switchport end Native_IOS#show clock *08:35:55.059 UTC Sun Jan 2 2000 Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface fastethernet 3/13 Native_IOS(config-if)#no shut *Jan 2 08:36:00.847: SP: STP: VLAN1 Fa3/13 -> listening *Jan 2 08:36:15.847: SP: STP: VLAN1 Fa3/13 -> learning *Jan 2 08:36:30.847: SP: STP: VLAN1 Fa3/13 -> forwarding
In this example, about 5.8 seconds (from 35:55 to 36:00) passed before the port began the STP listening stage. During this time, the port joined the bridge group and completed DTP negotiation. The listening state took 15 seconds (from 36:00 to 36:15). The learning state (until the forwarding state began) took 15 seconds (from 36:15 to 36:30). The total time before the port actually became functional for traffic was about 35 seconds (from 35:55 to 36:30).
Issue the show interfaces fastethernet 3/13 switchport command.
As the output in Step 4 shows, STP is active on this port. There are other factors that can slow the port as it reaches the forwarding state. The show interfaces fastethernet 3/13 switchport command shows that this port will dynamically become a trunk if the other side of the link will. In this case, the administrative mode is dynamic desirable. However, the current operational mode is static access, which means that the other side is not willing to trunk. Notice that the negotiation of trunking is on and should remain on for the duration of the test.
Native_IOS#show interfaces fastethernet 3/13 switchport Name: Fa3/13 Switchport: Enabled Administrative Mode: dynamic desirable Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001
Enable PortFast on the port.
Trunking negotiation (DTP) is still in the auto mode.
Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface fastethernet 3/13 Native_IOS(config-if)#spanning-tree portfast %Warning: PortFast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc.to this interface when PortFast is enabled, can cause temporary spanning tree loops. Use with CAUTION %PortFast has been configured on FastEthernet3/13 but will only have effect when the interface is in a non-trunking mode. Native_IOS(config-if)#shutdown Native_IOS(config-if)#^Z Native_IOS#
Perform the test.
Native_IOS#show clock *08:41:09.531 UTC Sun Jan 2 2000 Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface fastethernet 3/13 Native_IOS(config-if)#no shut *Jan 2 08:41:15.175: SP: STP: VLAN1 Fa3/13 ->jump to forwarding from blocking
There is a total time of about 5.7 seconds (from 41:09 to 41:15). You save about 30 seconds when you enable PortFast. Try to reduce the delay further.
Turn trunking to off (instead of auto) and determine how that affects the time that is necessary for the port to reach the forwarding state.
Turn the port off and on, and record the time. In order to turn trunking off in Cisco IOS Software, issue the switchport mode access command.
Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface fastethernet 3/13 Native_IOS(config-if)#switchport mode access Native_IOS(config-if)#shutdown Native_IOS(config-if)#^Z Native_IOS#
Start the test with trunking set to off (instead of auto).
Native_IOS#show clock *08:42:01.767 UTC Sun Jan 2 2000 Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface fastethernet 3/13 Native_IOS(config-if)#no shut *Jan 2 08:42:04.363: SP: STP: VLAN1 Fa3/13 ->jump to forwarding from blocking
You saved a few seconds at the start because only about 3 seconds passed before the port reached the STP forwarding state (from 00:19 to 00:22). You save about 2 seconds with the change of trunking mode from auto to off.
If the switch port initialization time was the problem, you should have solved the problem at this point. If you need to reduce the time by a few more seconds, perform step 8.
(Optional) Set the port speed and duplex manually instead of using autonegotiation in order to reduce the time by a few more seconds.
Note: This step is not usually necessary in order to resolve startup delay issues. This step can, in fact, lead to performance problems if you do not take the other side of the link out of autonegotiation and manually set the other side with the same settings.
If you set the speed and duplex manually on one side, you must set the speed and duplex on the other side as well. When you set the port speed and duplex, you disable autonegotiation on the port, and the connecting device does not see autonegotiation parameters. The connecting device connects only at half duplex. This duplex mismatch results in poor performance and port errors. Remember to set speed and duplex on both sides in order to avoid these problems.
Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface fastethernet 3/13 Native_IOS(config-if)#speed 100 Native_IOS(config-if)#duplex full Native_IOS(config-if)#shutdown Native_IOS(config-if)#^Z Native_IOS#
This example shows the timing results:
Native_IOS#show clock *08:43:47.367 UTC Sun Jan 2 2000 Native_IOS#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Native_IOS(config)#interface fastethernet 3/13 Native_IOS(config-if)#no shut *Jan 2 08:43:49.079: SP: STP: VLAN1 Fa3/13 ->jump to forwarding from blocking
The final result gives a time of roughly 2 seconds (from 43:47 to 43:49).
In order to turn off the debugging on the SP, issue this sequence of commands:
Native_IOS#remote login Trying Switch ... Entering CONSOLE for Switch Type "^C^C^C" to end this session Switch-sp#undebug all All possible debugging has been turned off Switch-sp#exit [Connection to Switch closed by foreign host] Native_IOS#
The commands in this section show how to turn on spanning tree PortFast and turn off trunking negotiation (DISL, DTP). With this operating system, PAgP is not active until you add a port to an EtherChannel, so you do not need to turn PAgP off. You can issue the interface range command in order to apply these commands to a group of ports at one time. The command in this example allows you to apply the commands to ports 3/2 through 3/4 at the same time:
Note: There is a space between the 2 and the - in the interface range fastethernet 3/2 - 4 command. This space is mandatory in order to avoid a syntax error.
Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#interface range fastethernet 3/2 -4 Switch(config-if-range)#
The examples focus on one port. A port in a Catalyst 4000 switch that runs Cisco IOS system software defaults to switch ports (L2). These are the ports that run L2 protocols (spanning tree and DTP) and are subject to startup delay.
Start with a port in the default (L2) state and complete these steps:
In order to turn off DTP, configure the port as an access port (only).
Turn on the spanning tree PortFast feature.
Save the configuration.
The show run interface fastethernet 5/4 command in this example shows the current configuration for this port:
SwitchB#show run interface fastethernet 5/4 Building configuration... Current configuration : 59 bytes ! interface FastEthernet5/4 no snmp trap link-status end SwitchB#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchB(config)#interface fastethernet 5/4 SwitchB(config-if)#switchport mode access SwitchB(config-if)#spanning-tree portfast %Warning: PortFast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc.to this interface when PortFast is enabled, can cause temporary spanning tree loops. Use with CAUTION %PortFast has been configured on FastEthernet5/4 but will only have effect when the interface is in a non-trunking mode. SwitchB(config-if)#^Z SwitchB# SwitchB#copy run start
The version of the switch software that this document uses is Cisco IOS Software Release 12.1(11b)EW. For the full output of the show version command and the show module command, refer to the Timing Tests on a Catalyst 4500/4000 That Runs Cisco IOS System Software section of this document.
Switch#show version Cisco Internetwork Operating System Software IOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(11b)EW,
This is how the configuration looks after the changes that you have made:
SwitchB#show run interface fastethernet 5/4 Building configuration... Current configuration : 107 bytes ! interface FastEthernet5/4 switchport mode access no snmp trap link-status spanning-tree portfast end SwitchB#show interfaces fastethernet 5/4 switchport Name: Fa5/4 Switchport: Enabled Administrative Mode: static access Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none Appliance trust: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 SwitchB#show spanning-tree interface fastethernet 5/4 Port 260 (FastEthernet5/4) of VLAN1 is forwarding Port path cost 19, Port priority 128, Port Identifier 129.4. Designated root has priority 1, address 0060.8355.7b00 Designated bridge has priority 32768, address 0001.96d9.f300 Designated port id is 129.4, designated path cost 38 Timers: message age 0, forward delay 0, hold 0 Number of transitions to forwarding state: 109 BPDU: sent 148, received 0 The port is in the PortFast mode
The test in this section shows what happens with switch port initialization timing as you apply the various commands. The default settings of the port are used first in order to give a benchmark. These settings are:
PortFast is disabled.
The trunking mode (DTP) is set to auto.
Note: The port will trunk if it is asked to trunk.
Note: PAgP is not active by default in this operating system.
The test then proceeds in this way:
Turn PortFast on and measure the time.
Turn trunking off and measure the time.
Turn autonegotiation off and measure the time.
Note: To turn PortFast on is not the same as if you turn STP off, as the Spanning Tree section of this document explains. With PortFast on, STP still runs on the port. The blocking, listening, and learning states are skipped, and the port immediately goes to the forwarding state. Do not turn STP off because it affects the entire VLAN and can leave the network vulnerable to physical topology loops. Serious network problems can result.
Complete these steps:
Issue the show version command and the show module command in order to show the switch software version and configuration.
Here is an example:
SwitchB#show version Cisco Internetwork Operating System Software IOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(11b)EW, EARLY DEPLOYMENT RELEASE SOFTWARE (fc2) TAC Support: http://www.cisco.com/tac Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Tue 14-May-02 13:31 by hqluong Image text-base: 0x00000000, data-base: 0x00B1C1F8 ROM: 12.1(11br)EW SwitchB uptime is 4 minutes System returned to ROM by reload System image file is "bootflash:cat4000-is-mz.121-11b.EW" cisco WS-C4006 (MPC8245) processor (revision 5) with 262144K bytes of memory. Processor board ID FOX04169082 Last reset from Reload 32 FastEthernet/IEEE 802.3 interface(s) 4 Gigabit Ethernet/IEEE 802.3 interface(s) 467K bytes of non-volatile configuration memory. Configuration register is 0x2102 SwitchB#show module Mod Ports Card Type Model Serial No. ----+-----+--------------------------------------+-----------------+----------- 1 2 1000BaseX (GBIC) Supervisor Module WS-X4014 JAB054109FE 5 34 10/100BaseTX (RJ45), 1000BaseX (GBIC) WS-X4232 JAB0253010D M MAC addresses Hw Fw Sw Status --+--------------------------------+---+------------+----------------+--------- 1 0001.96d9.f300 to 0001.96d9.f6ff 0.5 12.1(11br)EW 12.1(11b)EW, EAR Ok 5 0050.730a.da18 to 0050.730a.da39 1.0 Ok
Turn on debugging in order to see the various spanning tree states and determine when the port is ready to send and receive data, and turn on timestamps in order to see timing information in the messages that display.
Issue the debug interface fastethernet 5/4 command in order to limit the debugging information to only the port that you are interested in. The switch defaults to sending debug output to the console.
SwitchB#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchB(config)#service timestamps debug datetime msec SwitchB(config)#service timestamps log datetime msec SwitchB(config)#end !--- If you turn on timestamps, the time displays whenever debug and/or !--- log messages are produced. This allows you to measure the time !--- between various messages. SwitchB#debug interface fastethernet 5/4 Condition 1 set SwitchB#debug spanning-tree events Spanning Tree event debugging is on
Issue these commands in order to shut down the port:
SwitchB#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchB(config)#interface fastethernet 5/4 SwitchB(config-if)#shutdown SwitchB(config-if)#end SwitchB#
Check the time and enable the port in order to determine the length of time that the switch stays in each state.
This example uses the show clock command, the configure terminal command, the interface fastethernet 5/4 command, and the no shut command. In order to get the most accurate timing information, issue the commands as quickly as possible. One idea is to enter each command on a separate line in a text file, copy the commands to the clipboard, and then paste them into the switch.
SwitchB#show running-config interface fastethernet 5/4 Building configuration... Current configuration : 69 bytes ! interface FastEthernet5/4 shutdown no snmp trap link-status end SwitchB#show clock 21:31:34.027 UTC Thu Jul 25 2002 SwitchB#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchB(config)#interface fastethernet 5/4 SwitchB(config-if)#no shut Jul 25 21:31:38.187: set portid: VLAN1 Fa5/4: new port id 8104 Jul 25 21:31:38.187: STP: VLAN1 Fa5/4 -> listening Jul 25 21:31:53.187: STP: VLAN1 Fa5/4 -> learning Jul 25 21:32:08.187: STP: VLAN1 sent Topology Change Notice on Fa5/34 Jul 25 21:32:08.187: STP: VLAN1 Fa5/4 -> forwarding
In this example, about 4.2 seconds (from 34.02 to 38.18) passed before the port began the STP listening stage. During this time, the port joined the bridge group and completed DTP negotiation. The listening state took 15 seconds (from 38.18 to 53.18). The learning state (until the forwarding state began) took 15 seconds (from 53.18 to 08:18). The total time before the port actually became functional for traffic was about 34 seconds (from 34:02 to 08.18).
Issue the show interfaces fastethernet 5/4 switchport command.
STP is active on this port. There are other factors that can slow the port as it reaches the forwarding state. The show interfaces fastethernet 5/4 switchport command shows that this port is in passive negotiating state and will become trunk if the other side of the link initiates negotiation. The administrative mode is dynamic auto. Currently, the operational mode is static access, which means that the other side is not willing to trunk.
Notice that negotiation of trunking is on and should remain on for the duration of the test:
SwitchB#show interfaces fastethernet 5/4 switchport Name: Fa5/4 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Voice VLAN: none Appliance trust: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001
Enable PortFast on the port.
Trunking negotiation (DTP) is still in the auto mode.
SwitchB#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchB(config)#interface fastethernet 5/4 SwitchB(config-if)#spanning-tree portfast %Warning: PortFast should only be enabled on ports connected to a single host Connecting hubs, concentrators, switches, bridges, etc.to this interface when PortFast is enabled, can cause temporary spanning tree loops. Use with CAUTION %PortFast has been configured on FastEthernet5/4 but will only have effect when the interface is in a non-trunking mode. SwitchB(config-if)#shutdown SwitchB(config-if)#^Z SwitchB#
The total time was about 4.7 seconds (from 16.41 to 21:15). You save about 30 seconds when you enable PortFast. Try to reduce the delay further.
Turn trunking to off (instead of auto) and determine how that affects the time that is necessary for the port to reach the forwarding state.
Turn the port off and on, and record the time. In order to turn trunking off in Cisco IOS system software, issue the switchport mode access command.
SwitchB#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchB(config)#interface fastethernet 5/4 SwitchB(config-if)#switchport mode access SwitchB(config-if)#shutdown SwitchB(config-if)#^Z SwitchB#
Start the test with trunking set to off (instead of auto). Here is an example:
SwitchB#show clock 22:06:11.947 UTC Thu Jul 25 2002 SwitchB#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchB(config)#interface fastethernet 5/4 SwitchB(config-if)#no shut Jul 25 22:06:16.143: set portid: VLAN1 Fa5/4: new port id 8104 Jul 25 22:06:16.143: STP: VLAN1 Fa5/4 ->jump to forwarding from blocking
You saved a small amount of time at the start because about 4 seconds passed before the port reached the STP forwarding state (from 12.00 to 16.10). You save about 0.5 second with the change of trunking mode from auto to off.
If the switch port initialization time was the problem, you should have solved the problem at this point. If you need to reduce the time by a few more seconds, perform step 8.
(Optional) Set the port speed and duplex manually instead of using autonegotiation in order to reduce the time by a few more seconds.
Note: This step is not usually necessary in order to resolve startup delay issues. This step can lead to performance problems if you do not take the other side of the link out of autonegotiation and manually set the other side with the same settings.
If you set the speed and duplex manually on this side, you must set the speed and duplex on the other side as well. When you set the port speed and duplex, you disable autonegotiation on the port, and the connecting device does not see the autonegotiation parameters. The connecting device connects only at half duplex. This duplex mismatch results in poor performance and port errors. Remember to set the speed and duplex on both sides in order to avoid these problems.
SwitchB#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchB(config)#interface fastethernet 5/4 SwitchB(config-if)#speed 100 SwitchB(config-if)#duplex full SwitchB(config-if)#shutdown SwitchB(config-if)#^Z SwitchB#
This example shows the timing results:
SwitchB#show clock 22:14:49.219 UTC Thu Jul 25 2002 SwitchB#configure terminal Enter configuration commands, one per line. End with CNTL/Z. SwitchB(config)#interface fastethernet 5/4 SwitchB(config-if)#no shut Jul 25 22:14:53.135: set portid: VLAN1 Fa5/4: new port id 8104 Jul 25 22:14:53.135: STP: VLAN1 Fa5/4 ->jump to forwarding from blocking
The final result gives a time of roughly 3.9 seconds (from 49.21 to 53.13).
In order to turn off the debugging on the SP (which you turned on earlier), issue this sequence of commands:
SwitchB#undebug all All possible debugging has been turned off SwitchB#exit
The 2948G-L3/4908G-L3/4840G series switches are another group of switches that run Cisco IOS Software. These switches do not have the ability to make ports into switch ports like the Cisco IOS Software on the Catalyst 6500/6000. These are some things to understand about these switches:
From a configuration standpoint, the Catalyst 2948G-L3 is a router. This switch uses a Cisco IOS configuration interface and, by default, all interfaces are routed interfaces.
The Catalyst 2948G-L3 does not extend your VLANs. This switch terminates them on a routed interface. But, with the use of bridging commands, you can simulate the functionality of VLANs to a certain degree.
The Catalyst 2948G-L3 does not support several L2-oriented protocols, such as VLAN Trunk Protocol (VTP), DTP, and PAgP, that you find on other Catalyst switches.
If you decide to configure ports for bridging on these devices, the spanning tree is active on these ports and you have the normal 30-second startup delay as the port moves through the blocking, listening, and learning stages. If you know that only end stations will be connected to these ports, you can turn off spanning tree on these ports in order to reduce the startup delay. This is different and more dangerous than use of PortFast. However, PortFast is not available on these devices.
Note: To disable spanning tree on a bridged router interface is not the same as if you enable spanning tree PortFast on a switch port. The router does not block the port if bridge protocol data units (BPDUs) are received from a switch or if a bridge is mistakenly connected to the interface. Be careful to connect only workstations or other end hosts to interfaces with spanning tree disabled. Do not disable spanning tree on the port to which you connect a hub or switch.
This output shows how to configure the Catalyst 2948G-L3 for bridging. This configuration assigns all the Fast Ethernet interfaces to a single bridge group and disables spanning tree in order to prevent various end station startup issues:
2948G-L3#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 2948G-L3(config)#bridge irb 2948G-L3(config)#bridge 1 protocol ieee 2948G-L3(config)#bridge 1 route ip 2948G-L3(config)#interface bvi 1 2948G-L3(config-if)#ip add 10.1.1.1 255.255.255.0 2948G-L3(config-if)#exit 2948G-L3(config)#interface fastethernet 1 2948G-L3(config-if)#no shutdown 2948G-L3(config-if)#bridge-group 1 2948G-L3(config-if)#bridge-group 1 spanning-disabled 2948G-L3(config-if)#exit 2948G-L3(config)#interface fastethernet 2 2948G-L3(config-if)#no shutdown 2948G-L3(config-if)#bridge-group 1 2948G-L3(config-if)#bridge-group 1 spanning-disabled . . .
For more information on how to configure 2948G-L3 switches, refer to Catalyst 2948G-L3 Sample Configurations - Single VLAN, Multi-VLAN, and Multi-VLAN Distribution Layer Connecting to Network Core.
You can configure the Catalyst 2900XL/3500XL and Catalyst 2950/3550 models from a web browser with either Simple Network Management Protocol (SNMP) or CLI. The recommendation is to use the CLI. This section provides an example in which you view the STP state of a port, turn on PortFast, and then verify that PortFast is on. The 2900XL/3500XL does support EtherChannel and trunking, but the switch does not support dynamic EtherChannel creation (PAgP) or DTP. There is no need to turn these protocols off in this test. Also, after you turn on PortFast, the elapsed time for the port to come up is less than 1 second. So you do not need to try to change the speed/duplex negotiation settings in order to speed things up. By default, PortFast is off on the switch ports. The 2950/3550 does support both PAgP and DTP. PAgP is not active by default in these switches, but DTP is active. The 2950 does not support DTP or PAgP if the switch runs Cisco IOS Software Release 12.0. The Configuration section provides the commands to turn PortFast on.
2900XL#configure terminal 2900XL(config)#interface fastethernet 0/1 2900XL(config-if)#spanning-tree portfast 2900XL(config-if)#exit 2900XL(config)#exit 2900XL#copy run start
Note: The Catalyst 2950 and 3550 support DTP. Issue the switchport mode access command as well. This command turns off DTP.
This platform is like a Cisco IOS router. You must issue the copy run start command in order to save the configuration permanently.
In order to verify that PortFast is enabled, issue this command:
2900XL#show spanning-tree interface fastethernet 0/1 Interface Fa0/1 (port 13) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 8192, address 0010.0db1.7800 Designated bridge has priority 32768, address 0050.8039.ec40 Designated port is 13, path cost 19 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 2105, received 1 The port is in the PortFast mode
You can also view the switch configuration if you issue this command:
2900XL#show running-config Building configuration... Current configuration: ! version 11.2 !--- Output suppressed. ! interface VLAN1 ip address 172.16.84.5 255.255.255.0 no ip route-cache ! interface FastEthernet0/1 spanning-tree portfast ! interface FastEthernet0/2 ! !--- Output suppressed.
Perform these steps in order to execute timing tests on the Catalyst 2900XL:
Issue the show version command in order to show the software version.
This example uses Cisco IOS Software Release 11.2(8.2)SA6 on the 2900XL:
Switch#show version Cisco Internetwork Operating System Software IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 11.2(8.2)SA6, MAINTENANCE INTERIM SOFTWARE Copyright (c) 1986-1999 by cisco Systems, Inc. Compiled Wed 23-Jun-99 16:25 by boba Image text-base: 0x00003000, data-base: 0x00259AEC ROM: Bootstrap program is C2900XL boot loader Switch uptime is 1 week, 4 days, 22 hours, 5 minutes System restarted by power-on System image file is "flash:c2900XL-c3h2s-mz-112.8.2-SA6.bin", booted via console cisco WS-C2924-XL (PowerPC403GA) processor (revision 0x11) with 8192K/1024K bytes of memory. Processor board ID 0x0E, with hardware revision 0x01 Last reset from power-on Processor is running Enterprise Edition Software Cluster command switch capable Cluster member switch capable 24 Ethernet/IEEE 802.3 interface(s) 32K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address: 00:50:80:39:EC:40 Motherboard assembly number: 73-3382-04 Power supply part number: 34-0834-01 Motherboard serial number: FAA02499G7X Model number: WS-C2924-XL-EN System serial number: FAA0250U03P Configuration register is 0xF
Issue these commands in order to determine what occurs on the switch:
2900XL(config)#service timestamps debug uptime 2900XL(config)#service timestamps log uptime 2900XL#debug spantree events Spanning Tree event debugging is on 2900XL#show debug General spanning tree: Spanning Tree event debugging is on
Shut down the port in question.
2900XL#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 2900XL(config)#interface fastethernet 0/1 2900XL(config-if)#shut 2900XL(config-if)# 00:31:28: ST: sent Topology Change Notice on FastEthernet0/6 00:31:28: ST: FastEthernet0/1 -> blocking 00:31:28: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down 00:31:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down 2900XL(config-if)#exit 2900XL(config)#exit 2900XL#
Check the time, turn the port back on, and determine the length of time that the switch stays in each state.
In order to get the most accurate timing information, issue the commands in this step as quickly as possible. One idea is to enter each command on a separate line in a text file, copy the commands to the clipboard, and then paste them into the switch:
show clock configure terminal interface fastethernet 0/1 no shut
Confirm that PortFast is off.
Note: PortFast is off by default.
You can confirm that PortFast is off in one of these two ways:
Issue the show spanning-tree interface command. If PortFast is off, the output does not mention PortFast.
2900XL#show spanning-tree interface fastethernet 0/1 Interface Fa0/1 (port 13) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 8192, address 0010.0db1.7800 Designated bridge has priority 32768, address 0050.8039.ec40 Designated port is 13, path cost 19 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 887, received 1
Note: There is no message that states you are in PortFast mode in this spot.
Look at the running configuration. If PortFast is off, you do not see the spanning-tree portfast command under the interface.
2900XL#show running-config Building configuration... !--- Output suppressed. ! interface FastEthernet0/1 !--- There is no spanning-tree portfast command under this interface. ! !--- Output suppressed.
Conduct the first timing test with PortFast off.
2900XL#show clock *00:27:27.632 UTC Mon Mar 1 1993 2900XL#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 2900XL(config)#interface fastethernet 0/1 2900XL(config-if)#no shut 2900XL(config-if)# 00:27:27: ST: FastEthernet0/1 -> listening 00:27:27: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up 00:27:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up 00:27:42: ST: FastEthernet0/1 -> learning 00:27:57: ST: sent Topology Change Notice on FastEthernet0/6 00:27:57: ST: FastEthernet0/1 -> forwarding
The total time from shutdown until the port started forwarding was 30 seconds (from 27:27 to 27:57).
In order to turn on PortFast, issue these commands:
2900XL#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 2900XL(config)#interface fastethernet 0/1 2900XL(config-if)#spanning-tree portfast 2900XL(config-if)#exit 2900XL(config)#exit 2900XL#
In order to verify that PortFast is enabled, issue the show spanning tree interface command. At the end of the command output, the output states that PortFast is enabled.
2900XL#show spanning tree interface fastethernet 0/1 Interface Fa0/1 (port 13) in Spanning tree 1 is FORWARDING Port path cost 19, Port priority 128 Designated root has priority 8192, address 0010.0db1.7800 Designated bridge has priority 32768, address 0050.8039.ec40 Designated port is 13, path cost 19 Timers: message age 0, forward delay 0, hold 0 BPDU: sent 1001, received 1 The port is in the PortFast mode.
You can also see that PortFast is enabled in this configuration output:
2900XL#show run Building configuration... !--- Output suppressed. interface FastEthernet0/1 spanning-tree portfast !--- Output suppressed.
Perform the timing test with PortFast enabled.
2900XL#show clock *00:23:45.139 UTC Mon Mar 1 1993 2900XL#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 2900XL(config)#interface fastethernet 0/1 2900XL(config-if)#no shut 2900XL(config-if)# 00:23:45: ST: FastEthernet0/1 ->jump to forwarding from blocking 00:23:45: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up 00:23:45: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
In this case, the total time was under 1 second. If port initialization delay on the switch was the problem, PortFast should solve the problem. Remember that the switch does not currently support trunk negotiation or PAgP, so you do not need to turn them off. The switch does support autonegotiation of speed and duplex. But because the delay is so short, delay would not be a reason to turn it off.
Perform the ping test from a workstation to the switch.
Note: See Step 11 of the Timing Tests with and Without DTP, PAgP, and PortFast on a Catalyst 5500 section of this document for the ping test.
The length of time that is necessary for the response to come from the switch is about 5 to 6 seconds. This time is the same whether autonegotiation for speed and duplex is on or off.
The Catalyst 1900 and Catalyst 2820 call PortFast "spantree start-forwarding". For the 8.01.05 version of software, the switch default is to have PortFast enabled on the Ethernet (10-Mbps) ports, and PortFast disabled on the FastEthernet (uplink) ports. When you issue the show run command in order to view the configuration and an Ethernet port does not indicate PortFast, PortFast is enabled. If a port reports no spantree start-forwarding in the configuration, PortFast is disabled. On a Fast Ethernet (100-Mbps) port, the reporting is the opposite. For a Fast Ethernet port, PortFast is on only if the port shows spantree start-forwarding in the configuration.
This section provides an example that sets PortFast on a Fast Ethernet port. The example uses Enterprise Edition software, version 8. The Catalyst 1900 automatically saves the configuration after changes have been made to NVRAM. Remember that you do not want PortFast to be enabled on any port that connects to another switch or hub. You only want PortFast to be enabled on a port that attaches to an end station.
1900#show version Cisco Catalyst 1900/2820 Enterprise Edition Software Version V8.01.05 Copyright (c) Cisco Systems, Inc. 1993-1998 1900 uptime is 0day(s) 01hour(s) 10minute(s) 42second(s) cisco Catalyst 1900 (486sxl) processor with 2048K/1024K bytes of memory Hardware board revision is 5 Upgrade Status: No upgrade currently in progress. Config File Status: No configuration upload/download is in progress 27 Fixed Ethernet/IEEE 802.3 interface(s) Base Ethernet Address: 00-50-50-E1-A4-80 1900#configure terminal Enter configuration commands, one per line. End with CNTL/Z 1900(config)#interface fastethernet 0/26 1900(config-if)#spantree start-forwarding 1900(config-if)#exit 1900(config)#exit 1900#
One way to verify that PortFast is on is to look at the configuration. Remember that a Fast Ethernet port must indicate that PortFast is on. An Ethernet port has PortFast on unless the configuration shows that PortFast is off. Here is an example:
1900#show running-config Building configuration... !--- Output suppressed. ! interface Ethernet 0/1 no spantree start-forwarding ! interface Ethernet 0/2 ! !--- Output suppressed. ! interface FastEthernet 0/26 spantree start-forwarding !
In this configuration, you can see that:
Interface Ethernet 0/1 has PortFast turned off. You can see the command to turn it off.
Interface Ethernet 0/2 has PortFast on. You see no statements about PortFast, which means that it is on.
Interface Fast Ethernet 0/26 (which is port A in the menu system) has PortFast on. You can see the command to turn it on.
The easiest way to view the PortFast status is through the menu system. If you select (P) for Port Configuration from the main menu and select a port, the output tells you if the PortFast mode is enabled. This example output is for port Fast Ethernet 0/26 (which is port A on this switch):
Catalyst 1900 - Port A Configuration Built-in 100Base-FX 802.1d STP State: Blocking Forward Transitions: 0 ----------------------- Settings --------------------------------------- [D] Description/name of port [S] Status of port Suspended-no-linkbeat [I] Port priority (spanning tree) 128 (80 hex) [C] Path cost (spanning tree) 10 [H] Port fast mode (spanning tree) Enabled [E] Enhanced congestion control Disabled [F] Full duplex / Flow control Half duplex ----------------------- Related Menus ---------------------------------- [A] Port addressing [V] View port statistics [N] Next port [G] Goto port [P] Previous port [X] Exit to Main Menu Enter Selection:
The timing values are hard to verify on a Catalyst 1900/2820 because of the lack of debugging tools. Complete these steps:
Start a ping that is directed to the switch on a PC that is connected to the switch.
Disconnect the cable from the switch.
Reconnect the cable, and record the length of time that passes before the switch responds to the ping.
Perform this procedure with PortFast on and with PortFast off. For an Ethernet port with PortFast on (the default state), the PC receives a response within 5 to 6 seconds. With PortFast off, the PC receives a response in 34 to 35 seconds.
There is another STP-related benefit of the use of PortFast in your network. Every time that a link becomes active and moves to the forwarding state in STP, the switch sends a special STP packet named a Topology Change Notification (TCN). The TCN is passed up to the root of the spanning tree where the TCN is propagated to all the switches in the VLAN. This causes all the switches to age out their table of MAC addresses with use of the forward delay parameter, which is usually set to 15 seconds. So, every time that a workstation joins the bridge group, the MAC addresses on all the switches are aged out after 15 seconds instead of the normal 300 seconds.
When a workstation becomes active, it does not change the topology to any significant degree. There is no need for all the switches in the VLAN to go through the fast-aging TCN period. If you turn on PortFast, the switch does not send TCN packets when a port becomes active.