Politecnico di Torino

Progetto di Reti Locali

Homework 6: Network Design

Fulvio Risso

March 9, 2011

Contents
I. Introduction 3
4

1. Methodology

II. Exercises
2. HSRP 2.1. Exercise 2.2. Exercise 2.3. Exercise 2.4. Exercise 2.5. Exercise n. n. n. n. n. 1 2 3 4 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

6
7 . 7 . 8 . 9 . 10 . 11 12 12 13 14 15 16 17

3. Network Design 3.1. Exercise n. 6 3.2. Exercise n. 7 3.3. Exercise n. 8 3.4. Exercise n. 9 3.5. Exercise n. 10 3.6. Exercise n. 11

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

III. Solutions

18

4. HSRP 19 4.1. Solution for exercise n. 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 4.2. Solution for exercise n. 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5. Network Design 5.1. Solution for exercise n. 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.2. Solution for exercise n. 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.3. Solution for exercise n. 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 21 24 25

Part I.

Introduction

1. Methodology
In this set of exercise we focus rst on HSRP/VRRP analysis, and then on network design and analysis when L2/L3 switches are present. The rst kind of exercises are denitely simple and require only the application of the general rules of the associated protocols specications. Therefore, in this methodology section we concentrate on the problems that may arise when facing with L2-L3 network design, which includes the application of the the most important technologies that can be found in a modern corporate network. Most of the exercises related to the network design require to predict the path of a set of packets, given a specic network topology (in terms of switches and routers, physical links, interfaces congured at L2 or L3, VLANs). The solution usually requires the following main steps: 1. If multilayers are present in the network, take each one of them, plot its L2 and L3 components as discrete objects, then mark each interface as part of the L2 or L3 domain. 2. Determine the outcome of the Spanning Tree (i.e., which L2 ports are active and are then able to forward frames), for each VLAN present in the topology. Beware that a network may have multiple instances of the Spanning Tree. 3. If HSRP/VRRP is congured in the network, determine which is the active router (for each IP network present in the topology). 4. Analyze the packet ow generated by the application (e.g., PING), associating each packet with the proper source and destination addresses at both L2 and L3, and to the proper VLAN-ID. 5. Given that points (3) and (4) have been completed, we can now determine the path of each frame on the network topology. For this, we can exploit the source and destination MAC addresses contained in the frame in order to determine the source and destination stations on the network, and analyze the actual path of this frame according to the STP topology derived before. Please remember that in an L2 network the path between two stations is unique (the STP does not allow multiple paths between stations) and that we have to select the right STP instance related to that frame in case multiple instances are present.

Expand any possible multilayer into its L2 and L3 components, marking each interface as L2 or L3

Determine the HSRP/VRRP active router (per IP network)

Determine Spanning Tree Topology (per VLAN)

Determine the packet flow (i.e. ARP., IP, etc.), associating each frame with proper IP and MAC addresses and VLAN IDs

Determine the path of each packet according to the actual topology

Part II.

Exercises

2. HSRP
2.1. Exercise n. 1
Referring to the network topology depicted below, congure the proper HSRP parameters on routers R1 and R2 in order to guarantee redundancy when connecting to the Internet, with R1 acting as primary router. Congure also the proper value for the default gateway on the hosts.

H1 IP: 130.192.16.1/24

H2 IP: 130.192.16.2/24

R1 IP: 130.192.16.253

R2 IP: 130.192.16.254

Internet

2.2. Exercise n. 2
Referring to the network topology depicted below, congure the proper HSRP parameters on routers R1 and R2 in order to guarantee redundancy and load balancing when connecting to the Internet. Congure also the proper value for the default gateway on the hosts.

H1 IP: 130.192.16.1/2 DG: -

H2 IP: 130.192.16.2/24 DG: -

R1 IP: 130.192.16.253

R2 IP: 130.192.16.254

Internet

2.3. Exercise n. 3
Referring to the network topology depicted below, determine the path of a packet sent by host H1 toward the Internet in case the routers have the conguration shown in the gure and the link from R1 to the Internet has a fault.
H1 IP: 130.192.16.1/24 DG: 130.192.16.252 H2 IP: 130.192.16.2/24 DG: 130.192.16.252

Exercise 3

FastEthernet0 R1 Interface FastEthernet 0 IP: 130.192.16.254 HSRP Group 1 (active) Priority: 110 Virtual IP: 130.192.16.252 Track interface Serial 0 R2 IP: 130.192.16.253 HSRP Group 1 (standby) Virtual IP: 130.192.16.252

Serial 0

Internet

2.4. Exercise n. 4
Referring to the network topology depicted below that includes hosts belonging to two VLANs: congure the proper HSRP parameters on routers R1 and R2 in order to guarantee redundancy and load balancing in connecting to the Internet; for all the interfaces of the switches and host/routers, list whether they are congured in access/trunk mode and associate the proper VLAN to them. Let us suppose that R1 and R2 do not generate any routing trac (e.g. OSPF) within the LAN. Finally, do not include in the solution the interfaces connected to the Internet.

H1, VLAN1 IP: 130.192.16.1/24 DG: 130.192.16.254

H2, VLAN2 IP: 130.192.17.1/24 DG: 130.192.17.254

Fe0

Fe1 SW1

Fe2

Fe3

Fe0
R1

Fe0
R2

Internet

10

2.5. Exercise n. 5
Referring to the network topology depicted below, a server S is congured in a faulttolerant mode using HSRP. Both interfaces are part of the same HSRP group in order to achieve protection against a fault of the links between the server itself and one of the two switches. Vice versa, hosts into the network are equipped with a fault-tolerant NIC (without HSRP) that features two dierent interfaces connected to the two available switches. The fault-tolerant NIC will select automatically one of the link as active, and the other will be put in stand-by. Supposing that the link (S SW-1) is active, while the link (S SW-2) has a fault, will the HSRP work properly in this conguration? In general, is it correct to deploy HSRP in such a network?
H1 H2 H3

SW-1

SW-2

If0 IP: 1.1.1.1 V-IP: 1.1.1.254 HSRP Group: 1

If1 IP: 1.1.1.2 V-IP: 1.1.1.254 HSRP Group:1

11

3. Network Design
3.1. Exercise n. 6
Referring to the network topology depicted below that includes hosts belonging to two VLANs: Determine the STP topology (all switches have default parameters); Congure the proper HSRP parameters on routers R1 and R2 in order to guarantee redundancy and load balancing when connecting to the Internet; For all the interfaces of the switches and host/routers, list whether they are congured in access/trunk mode and associate the proper VLAN to them; Determine the links crossed by HSRP packets exchanged between R1 and R2. Please note that R1 and R2 are expected to exchange routing trac (e.g. OSPF) among them in order to calculate the routing topology. Finally, do not include interfaces connected to the Internet in the solution.

H1, VLAN1 IP: 130.192.16.1/24 DG: 130.192.16.254

H2, VLAN2 IP: 130.192.17.1/24 DG: 130.192.17.254

Fe0 SW1 MAC: 00:00:00:AA:AA:AA Fe2

Fe1

Fe1

Fe0 SW2 MAC: 00:00:00:BB:BB:BB Fe2

Fe0
R1

Fe1

Fe1

Fe0
R2

Internet

12

3.2. Exercise n. 7
Referring to the network conguration depicted below, write a possible conguration (using a Cisco-like syntax) of the interfaces of the multilayer switch, focusing on the L2-L3 interfaces conguration commands.
H1, VLAN 1 IP: 10.1.1.1/24 H2, VLAN 2 IP: 10.1.2.2/24

Fe0 SW-1 MAC: 00:00:00:11:11:11 Fe2

Fe1

Fe1

Fe0 SW-2 MAC: 00:00:00:22:22:22 Fe2

Fe0

Fe1

ML-1 BP: 24576 MAC: 00:00:00:33:33:33 IP (VLAN1): 10.1.1.253/24 IP (VLAN2): 10.1.2.253/24 IP (internet): 20.2.2.2/30

Fe2

Internet

13

3.3. Exercise n. 8
Referring to the network topology depicted below that includes hosts belonging to two VLANs: Determine the path of an IP packet directed from host H1 to H2 and write the most important parameters (e.g. MAC source /destination, IP source/destination) of that packet; Repeat the same for an IP packet directed from host H2 to host H1. Assume that all the ports of the multilayer switch are congured in L2 mode.

H1, VLAN1 MAC: 00:00:00:11:11:11 IP: 10.1.1.1/24 DG: 10.1.1.254

H2, VLAN2 MAC: 00:00:00:22:22:22 IP: 10.1.2.1/24 DG: 10.1.2.254

Fe0 SW-1 Fe1 Fe1

Fe0 SW-2

ML-1 BP: 24576 MAC: 00:00:00:CC:CC:CC IP (VLAN1): 10.1.1.253/24 IP (VLAN2): 10.1.2.253/24 HSRP Group 1 (active) V-IP: 10.1.1.254 V-MAC: 00:00:0C:07:AC:01 HSRP Group 2 (active) V-IP: 10.1.2.254 V-MAC: 00:00:0C:07:AC:02

Fe0 Fe1

Fe0 Fe1

ML-2 BP: 28672 MAC: 00:00:00:DD:DD:DD IP (VLAN1): 10.1.1.252/24 IP (VLAN2): 10.1.2.252/24 HSRP Group 1 (standby) V-IP: 10.1.1.254 VMAC: 00:00:0C:07:AC:01 HSRP Group 2 (standby) V-IP: 10.1.2.254 V-MAC: 00:00:0C:07:AC:02

14

3.4. Exercise n. 9
Referring to the network topology depicted below that includes hosts belonging to two VLANs: determine the STP topology; congure the proper interfaces (e.g. IP addresses) and HSRP parameters on multilayer switches ML-1 and ML-2 in order to guarantee redundancy and load balancing in connecting to the Internet; associate all the interfaces of switches and hosts to the proper VLAN and indicate weather they are in access /trunk mode; Determine the path of the HSRP packets exchanged by ML-1 and ML-2; Determine how many HSRP packets do you expect on the link between ML-1 and SW-1. Please note that ML-1 and ML-2 are expected to generate routing trac (e.g. OSPF) among them in order to exchange the routing topology. Do not include in the solution the interfaces connected to the Internet. Repeat the exercise in case the direct link between ML-1 and ML-2 fails. Finally, discuss whether the direct link between ML-1 and ML-2 work better if congured in L2 more or in L3 mode.

H1, VLAN1 IP: 130.192.16.1/24 DG: 130.192.16.254

H2, VLAN2 IP: 130.192.17.1/24 DG: 130.192.17.254

Fe0 SW-1 Fe2

Fe1

Fe1

Fe0 SW-2 Fe2

Fe0 ML-1 BP: 24576

Fe1 Fe2

Fe1 Fe2

Fe0 ML-2 BP: 28672

Internet

15

3.5. Exercise n. 10
Given the network topology depicted below that includes hosts belonging to three VLANs: 1. Determine the path of an IP packet from host H1 to host H3; 2. Determine the path of the same packet when a fault occurs on the direct link between ML-1 and ML-2; 3. Suggest three possible modications of the network (either at the physical or at the conguration level) in order to optimize the L3 paths; 4. Indicate the number of VLANs that we expect to congure over that network; 5. List the possible IP addresses congured on the two multilayer switches ML-1 and ML-2. All the interfaces of the multilayer switches are congured in L2 mode, except the interface that connects to the WAN. Finally, let us suppose the use of the standard STP protocol (not the per-VLAN STP).
SW-1

H1 10.1.1.11

BP: 32768 MAC: 00:00:00:AA:AA:AA

H2 10.1.2.22

Hosts distributed across 3 VLANs. VLAN1: 10.1.1.0/24 VLAN2: 10.1.2.0/24 VLAN3: 10.1.3.0/24

SW-2
BP: 32768 MAC: 00:00:00:BB:BB:BB

SW-3
BP: 32768 MAC: 00:00:00:CC:CC:CC

H3 10.1.3.33

ML-1

HSRP OSPF Routing

ML-2 HSRP active (for all groups)

BP: 24576 MAC: 00:00:00:DD:DD:DD

BP: 28672 MAC: 00:00:00:EE:EE:EE

Wide Area Network

16

3.6. Exercise n. 11
Given the network topology depicted below that includes hosts belonging to two VLANs, propose a conguration that: enables optimized load balancing on the external links toward the Internet; optimizes the paths for the exiting trac, so that packets directed to the WAN always crosses only a single multilayer switch. Let us suppose that all the interfaces of the multilayer switches are congured in L2 mode, except the interface that connects to the WAN and that we use the Per-VLAN STP protocol. Finally, show also the nal outcome of the Spanning Tree Protocol and the path of an IP packet from host H1 to host H2.
SW-1

BP: 32768 MAC: 00:00:00:AA:AA:AA H1 10.1.1.11

Hosts distributed across 2 VLANs. VLAN1: 10.1.1.0/24 VLAN2: 10.1.2.0/24

SW-2
BP: 32768 MAC: 00:00:00:BB:BB:BB
H2 10.1.2.22

ML-1

HSRP OSPF Routing

ML-2

MAC: 00:00:00:DD:DD:DD

MAC: 00:00:00:EE:EE:EE

Wide Area Network

17

Part III.

Solutions

18

4. HSRP
4.1. Solution for exercise n. 1
Although HSRP can be congured to provide also load balancing in addition to redundancy, the exercise focuses only on the rst objective. Therefore a single HSRP group is required and the solution is shown in the network topology below. Since the IP address of router R1 is smaller than the IP address of router R2, the priority value has to be congured in order to force the election of that router as active. The default gateway for each host is shown on the network topology below.

H1

IP: 130.192.16.1/24 DG: 130.192.16.252

H2

IP: 130.192.16.2/24 DG: 130.192.16.252

IP: 130.192.16.253 HSRP Group 1 (active) Priority: 105 Virtual IP: 130.192.16.252

R1

R2

IP: 130.192.16.254 HSRP Group 1 (standby) Virtual IP: 130.192.16.252 Internet

19

4.2. Solution for exercise n. 4

The network includes two VLANs, hence we can achieve load balancing by forwarding VLAN1 trac through R1 and VLAN2 trac through R2; hence load balancing does not rely on HSRP. HSRP will provide only gateway redundancy and will have to be congured per-VLAN. Since routers must participate in all VLANs (i.e. they must be able to receive all the VLAN packets on their interfaces), their NICs must be congured in trunk mode. Virtual VLAN interfaces must be created and associated to VLANs; these virtual interfaces will be congured at the IP level. All hosts have access ports; the switch has access ports toward clients and trunk ports toward the routers. The resulting conguration is depicted in the picture below.

H1, VLAN1 IP: 130.192.16.1/24 DG: 130.192.16.254 No VLAN configuration

H2, VLAN2 IP: 130.192.17.1/24 DG: 130.192.17.254 No VLAN configuration

Fe0 SW1 Access port, VLAN1 Fe2 Trunk port, VLAN 1-2

Fe1 Access port, VLAN2

Fe3 Trunk port, VLAN 1-2

Fe0 Trunk port, VLAN 1-2 Virtual interface VLAN1 IP: 130.192.16.252 HSRP Group 1 Virtual IP: 130.192.16.254 Priority 105 Virtual interface VLAN2 IP: 130.192.17.252 HSRP Group 2 Virtual IP: 130.192.17.254 R1 R2

Fe0 Trunk port, VLAN 1-2 Virtual interface VLAN1 IP: 130.192.16.253 HSRP Group 1 Virtual IP: 130.192.16.254 Virtual interface VLAN2 IP: 130.192.17.253 HSRP Group 2 Virtual IP: 130.192.17.254

Internet

20

5. Network Design
5.1. Solution for exercise n. 6
Question 1
The STP topology is extremely simple, since we do not have loops in the L2 network (in fact, the direct link between R1 and R2 is a pure L3 link and hence it belongs to a dierent broadcast domain of the switches). Therefore, the STP topology on the L2 network overlaps with the physical topology.

Questions 2 and 3
The conguration of the VLAN ports and the HSRP on the routers can be the following: Router R1 --------Interface Fe0 Trunk port, VLAN 1-2 Virtual Interface VLAN 1 IP: 130.192.16.252/24 HSRP Group 1 Virtual IP: 130.192.16.254 Priority 105 Virtual Interface VLAN 2 IP: 130.192.17.252/24 HSRP Group 2 Virtual IP: 130.192.17.254 Interface Fe1 Access port, no VLANs IP: 130.192.18.1/24 OSPF: active Router R2 --------Interface Fe0 Trunk port, VLAN 1-2 Virtual Interface VLAN 1 IP: 130.192.16.253/24

21

HSRP Group 1 Virtual IP: 130.192.16.254 Virtual Interface VLAN 2 IP: 130.192.17.253/24 HSRP Group 2 Virtual IP: 130.192.17.254 Interface Fe1 Access port, no VLANs IP: 130.192.18.2/24 OSPF: active Routers have their Fe1 interface congured in pure L3 mode, hence the interface is not associated to any VLAN (it operates in access mode) and it has an IP address active on it. Hosts are VLAN-unaware (no VLANs are congured on their ports); the conguration of the VLANs on the switches is the following:

Switch SW-1
Interface Fe0 Fe1 Fe2 Mode Access Trunk Trunk VLAN-ID 1 1,2 1,2

Switch SW-2
Interface Fe0 Fe1 Fe2 Mode Access Trunk Trunk VLAN-ID 2 1,2 1,2

Question 4
With respect to the path followed by HSRP packets, we have to note that these packets are generated on the VLAN interfaces of the routers, which are linked to the upper interface (Fe0 ). Therefore HSRP packets will exit from interface Fe0 of router R1, will go through switch SW-1, SW-2 and then will reach interface Fe0 of R2, where they will be redirected to the proper VLAN interface. HSRP packets from R2 to R1 will follow the opposite path. It is worthy noticing that the direct link between R1 and R2 will not transport any HSRP packet. Instead, it can be used to transport routing trac. In case of absence of this link, the routing trac would have to be transported anyway and a possible cong-

22

uration involves a new VLAN (e.g. VLAN 3) that will be dedicated to such this trac. While such a new VLAN for routing trac is not mandatory (routing messages can also exchanged through VLAN 1 or VLAN 2), it is a good practice to have it in order not to have routing trac received from network hosts, therefore avoiding possible attacks coming from the clients present in the edge network.

23

5.2. Solution for exercise n. 7

Interfaces Fe0 and Fe1 are L2 interfaces (switched interfaces) and belong to the same switching domain of switches SW-1 and SW-2. Interfaces are in trunk mode and should support all the VLANs present in the network. Additionally, some virtual VLAN interfaces must be congured in order to implement the default gateway functionalities on the switched network. Interface Fe2 is congured in L3 mode (routed interface) and connects the network to the Internet. The conguration can be the following1 : ! interface fe0 switchport mode trunk switchport trunk allowed vlan 1,2 ! interface fe1 switchport mode trunk switchport trunk allowed vlan 1,2 ! interface vlan 1 ip address 10.1.1.253 255.255.255.0 ! interface vlan 2 ip address 10.1.2.253 255.255.255.0 ! interface fe2 no switchport ip address 20.2.2.2 255.255.255.252 !

Please note that dierent Cisco devices may use a slightly dierent syntax. Therefore the commands used must be considered as an indication of a possible conguration and may not work on all the devices.

24

5.3. Solution for exercise n. 11

Since the network requires both redundancy and load balancing of the Internet access, the HSRP conguration requires two groups, one per VLAN, in which ML-1 is the active router for the rst group and ML-2 is active for the second. A possible solution is shown in the gure below:

Trunk links

Virtual Interface VLAN1 IP: 10.1.1.253/24 IP (HSRP Group 1): 10.1.1.254 Virtual Interface VLAN2 IP: 10.1.2.253/24 IP (HSRP Group 2): 10.1.2.254

Virtual Interface VLAN4 IP: 10.1.4.1/30 No HSRP

Virtual Interface VLAN4 IP: 10.1.4.2/30 No HSRP

Virtual Interface VLAN1 IP: 10.1.1.253/24 IP (HSRP Group 1): 10.1.1.254 Virtual Interface VLAN2 IP: 10.1.2.253/24 IP (HSRP Group 2): 10.1.2.254

Interface FastEthernet0 IP: 20.2.2.1/30 No HSRP

Interface FastEthernet0 IP: 30.3.3.1/30 No HSRP

WAN links

In order to optimize the exit paths toward the WAN, we can use the PVST (Per-VLAN Spanning Tree) protocol in order to concentrate on the same multilayer switch both the HSRP active and the root bridge functionalities. In this case, the exit trac will reach the HSRP active router, and from there it will go directly to the Internet. This can be achieved by setting the Bridge Priority of ML-1 equal to 24576 and 28672 (respectively for VLANs 1 and 2), which corresponds to a better priority for VLAN 1, and invert those values for ML-2 (which corresponds to a better priority for VLAN 2). In addition, HSRP groups must be congured accordingly (i.e., a better HSRP priority for ML-1 on network 10.1.1.0/24, and a better priority for ML-2 on network 10.1.2.0/24). This conguration leads to the two topologies (respectively for VLAN 1 and VLAN 2) shown in the gures below2 .

Please note that in the most recent STP specications the Bridge Priority is allowed only in multiple of 4096, and that only the most signicant 4 bits are actually used and inserted in the BPDU, while the remaining 12 bits correspond to the VLAN-ID. In other words, a priority of 28672 for VLAN 1 will lead to the value 28673 in the BPDU generated for that VLAN, while the priority of 24576 for VLAN 2 will lead to the value 24578 in the BPDU generated for that VLAN.

25

SW-1

Topology for VLAN 1

H1 10.1.1.11

24576
BP: 32768 MAC: 00:00:00:AA:AA:AA

VLAN 1

1101 0000 0000 0001

SW-2

Pri

VLAN-ID

BP: 32768 MAC: 00:00:00:BB:BB:BB

H2 10.1.2.22

28672

VLAN 1

1110 0000 0000 0001 Pri VLAN-ID

HSRP HSRP active (for group1) Root Bridge ML-1 OSPF Routing HSRP active (for group2) ML-2
BP: 28672 (VLAN 1) BP: 24576 (VLAN 2) MAC: 00:00:00:EE:EE:EE

BP: 24576 (VLAN 1) BP: 28672 (VLAN 2) MAC: 00:00:00:DD:DD:DD

Wide Area Network

SW-1

Topology for VLAN 2

H1 10.1.1.11

24576
BP: 32768 MAC: 00:00:00:AA:AA:AA

VLAN 2

1101 0000 0000 0010

SW-2

Pri

VLAN-ID

BP: 32768 MAC: 00:00:00:BB:BB:BB

H2 10.1.2.22

28672

VLAN 2

1110 0000 0000 0010 Pri VLAN-ID

HSRP OSPF Routing HSRP active (for group1) ML-1

BP: 24576 (VLAN 1) BP: 28672 (VLAN 2) MAC: 00:00:00:DD:DD:DD

HSRP active (for group2) ML-2 Root Bridge

BP: 28672 (VLAN 1) BP: 24576 (VLAN 2) MAC: 00:00:00:EE:EE:EE

Wide Area Network

It is worthy noting that this conguration optimizes the exit paths toward the Internet, but it corresponds to a worsening of the internal paths (e.g., from H1 to H2). In fact, a packet from H1 to H2 will be generated in VLAN 1 and it will traverse the network

26

(according to the topology allowed for VLAN 1) till it reaches its default gateway (i.e., ML-1, which is the HSRP active router for VLAN 1). From there, the packet will belong to VLAN 2 and then it will traverse the network according to the topology allowed for that VLAN, till it reaches the nal destination H2. It is evident (as shown in the gure below) that internal paths require the traversal of both multilayer switches and therefore are not as much optimized.
SW-1 SW-1

BP: 32768 MAC: 00:00:00:AA:AA:AA H1 10.1.1.11

BP: 32768 MAC: 00:00:00:AA:AA:AA H1 10.1.1.11

SW-2

SW-2

BP: 32768 MAC: 00:00:00:BB:BB:BB H2 10.1.2.22

BP: 32768 MAC: 00:00:00:BB:BB:BB H2 10.1.2.22

Root Bridge HSRP active (for group1)

HSRP active (for group2)

HSRP active (for group1)

Root Bridge HSRP active (for group2)

ML-1
BP: 24576 (VLAN 1) BP: 28672 (VLAN 2) MAC: 00:00:00:DD:DD:DD

ML-2
BP: 28672 (VLAN 1) BP: 24576 (VLAN 2) MAC: 00:00:00:EE:EE:EE

ML-1
BP: 24576 (VLAN 1) BP: 28672 (VLAN 2) MAC: 00:00:00:DD:DD:DD

ML-2
BP: 28672 (VLAN 1) BP: 24576 (VLAN 2) MAC: 00:00:00:EE:EE:EE

Wide Area Network

Wide Area Network

Path on VLAN 1

Path on VLAN 2

27