(config)spanning-tree mst [instance #] root primary
as Borat would say.....niooooooccceeeee
Then I did a VACL to block a host from reaching his intended vlan. He was still allowed access other vlans, unless the acl read somthing like
access-list 1 permit 192.168.10.100 0.0.0.0
then he didnt get to shit!
I changed it to:
access-list 101 permit ip host 192.168.10.100 192.168.10.0 0.0.0.255
and it worked as planned.
I also set up some inter-vlan routing using one of my 3550's. Easy config....just set the default gateway on the other switches....configure routing with "ip routing", and configure the interfaces. Works flawlessly. Going to go to bed and read some foundation summary's now.