Hello All.
I would like obtain Your help, because subject is wide & I didn't find explanation in Google nor manuals :(
I need schematic guide rather than ready config - I will then dig further to check &repair my configs.
What should be minimal required configuration for rtr and switches to properly run spanning-tree when router is a root? What should be configured to have ip arp inspection when router is dhcp server? (I have statically assigned IP addresses for DHCP pool) What I need also to give acces to 2-3 servers whih have static addresses configured (to do ip arp inspection) What I need to run ip arp inspection on c2960?
I realize that are BIG questions rather, but I believe here is Someone which could explain a little
thanks in advance Przemek
Connections:
router (adv ip serv.) -->c3560(ip base)-->c2960(ip base)
Router config:
----------------------
1.DHCP for LAN (for vlan103)- four vlans defined as "interface VlanXXX" (not as routed interface's subinterface) Let's call them vlan101, vlan102, vlan103, vlan104
- internal 4-port switch: fa0/1/0 configured as a trunk containing that four defined vlans (output to c3560)
important parts of real config:
ip dhcp pool LAN_USERS import all origin file flash:database.txt default-router a.b.c.d dns-server lease 0 17
interface FastEthernet0/1/0 description TRUNK switchport trunk native vlan 103 switchport mode trunk logging event subif-link-status
interface Vlan101 description ** Voice VLAN ** ip address x.y.z.w 255.255.255.0 ip directed-broadcast ip nbar protocol-discovery ip flow ingress ip flow egress ip virtual-reassembly
interface Vlan103 description ** Old Data VLAN * ip address q.w.e.r 255.255.255.0 ip nbar protocol-discovery ip flow ingress ip flow egress ip dns view-group default-list ip nat inside ip virtual-reassembly ip policy route-map lan-pbr
c3560 config:
----------------------
- Gi0/1 as trunk, connected to the router's fa0/1/0
- all other ports assigned to their vlans as access...
- except Gi0/2, which is trunk - to connect c2960
important parts of real config:
no service dhcp udld aggressive ip subnet-zero
errdisable recovery cause udld errdisable recovery cause bpduguard ... ........................................................... (all others possible - set like above) ... errdisable recovery cause arp-inspection errdisable recovery cause loopback errdisable recovery interval 30
spanning-tree mode pvst spanning-tree loopguard default spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface FastEthernet0/1