L-2008-01.ppt

Full Transcript

WIA2008
Advanced Network Technology

Chapter 1
Spanning Tree Protocol (STP)
Contents
 Introduction
 Spanning Tree Protocol

 STP Operation

 Evolution of STP

 STP Configuration
Introduction
 A well-designed Layer 2 network will have redundant
switches and paths to ensure that if one switch goes
down, another path to a different switch is available to
forward data. Users of the network would not experience
any disruption of service.
 Redundant links can also share the traffic load and
increase capacity.
 Redundant devices, such as multilayer switches or
routers, provide the capability for a client to use an
alternate default gateway should the primary default
gateway fail.
Introduction
 Redundancy in a hierarchical network design fixes the
problem of a single point of failure, yet it can create a
different kind of problem called Layer 2 loops.
 Ethernet LANs require a loop-free topology with a single
path between any two devices.
 Spanning Tree Protocol (STP) is a loop-prevention
network protocol that allows for redundancy while
creating a loop-free Layer 2 topology.
 IEEE 802.1D is the original IEEE MAC Bridging standard
for STP.
Spanning Tree Protocol
 Without STP enabled, Layer 2 loops can form, causing
broadcast, multicast and unknown unicast frames to loop
endlessly. This can bring down a network within a very
short amount of time, sometimes in just a few seconds.
 Unknown unicast frames sent onto a looped network can
result in duplicate frames arriving at the destination
device.
 When a loop occurs, the MAC address table on a switch
will constantly change with the updates from the
broadcast frames, which results in MAC database
instability. This can cause high CPU utilization, which
makes the switch unable to forward frames.
Spanning Tree Protocol
 A Layer 2 loop can result in three primary issues
 MAC Database Instability
 Broadcast Storm
 Multiple Frame Transmission
 MAC Database Instability
 Ethernet frames do not have a time to live (TTL)

attribute.
 The frame continues to propagate between switches

endlessly.
 When a loop occurs, it is possible for the MAC address

table on a switch to constantly change with the
updates from the broadcast frames, resulting in MAC
database instability.
Spanning Tree Protocol
 Broadcast Storm
 A broadcast storm occurs when there are so many

broadcast frames caught in a Layer 2 loop that all
available bandwidth is consumed.
 This can cause the end device to malfunction because

of the high processing requirements for sustaining such
a high traffic load on the NIC.
 Multiple Frame Transmission
 Unicast frames sent onto a looped network can result in

duplicate frames arriving at the destination device.
 Most upper layer protocols are not designed to

recognize, or cope with, duplicate transmissions.
Spanning Tree Protocol
Spanning Tree Protocol
 STP ensures that there is only one logical path
between all destinations on the network by intentionally
blocking redundant paths that could cause a loop.
 A port is considered blocked when user data is
prevented from entering or leaving that port.
 If the port is required, STP recalculates the paths and
unblocks the necessary ports to allow the redundant
path to become active.
 STP recalculations can also occur any time a new switch
is added to the network.
Spanning Tree Protocol
Spanning Tree Protocol
 STP uses the Spanning Tree Algorithm (STA) to
determine the blocking port.
 STP ensures that there is only one logical path between
all destinations on the network by intentionally blocking
redundant paths that could cause a loop. Each switch
has only a single path to the root bridge.
 If the path is ever needed to compensate for a network
cable or switch failure, STP recalculates the paths and
unblocks the necessary ports to allow the redundant
path to become active.
Spanning Tree Protocol
Spanning Operation
 Using the STA, STP builds a loop-free topology in a four-
step process:
 Elect the root bridge

 Elect the root ports

 Elect designated ports

 Elect alternate (blocked) ports

 Switches use Bridge Protocol Data Units (BPDUs) to share
information about themselves and their connections.
 BPDUs are used to elect the root bridge, root ports,
designated ports, and alternate ports. Each BPDU contains
a bridge ID (BID) that identifies which switch sent the
BPDU.
Spanning Operation
 BID contains a priority value, the MAC address of the
switch, and an extended system ID. The lowest BID
value is determined by the combination of these three
fields.
Spanning Operation
 Bridge Priority
 The default priority value for all Cisco switches is the

decimal value 32768. The range is 0 to 61440 in
increments of 4096. A lower bridge priority is
preferable. A bridge priority of 0 takes precedence
over all other bridge priorities.
 MAC address
 When two switches are configured with the same

priority and have the same extended system ID, the
switch having the MAC address with the lowest value
will have the lower BID.
Spanning Operation
 Extended System ID
 The extended system ID (12-bit) value is to identify

the VLAN for this BPDU. This ID allows
implementations of Rapid STP (RSTP) to have
different root bridges for different sets of VLANs.
 This can allow for redundant, non-forwarding links in a

STP topology for one set of VLANs to be used by a
different set of VLANs using a different root bridge.
 After a switch boots, it begins to send out BPDU frames
every two seconds. The switch with the lowest BID
automatically becomes the root bridge for the STA
calculations.
STP Operation
Spanning Operation
 When the root bridge has been elected for a given
spanning tree instance, the STA starts the process of
determining the best paths to the root bridge from all
destinations in the broadcast domain.
 The path information, known as the internal root path
cost, is determined by the sum of all the individual port
costs along the path from the switch to the root bridge.
 The default port costs are defined by the speed at which
the port operates.
Spanning Operation
 Every non-root switch will select one root port. The root
port is the port closest to the root bridge in terms of
overall cost (best path) to the root bridge.
Spanning Tree Protocol
 After each switch selects a root port, the switches will
then select designated ports. The designated port is a
port on the segment (with two switches) that has the
internal root path cost to the root bridge. In other words,
the designated port has the best path to receive traffic
leading to the root bridge.
 All ports on the root bridge are designated ports.
Spanning Tree Protocol
 Both S2 and S3 have the same path cost to the root
bridge. The spanning tree algorithm will use the bridge
ID as a tie breaker. S2 has a lower BID. Therefore, the
F0/2 port of S2 will be chosen as the designated port.
Spanning Tree Protocol
 If a port is not a root port or a designated port, then it
becomes an alternate (or backup) port. Alternate ports
and backup ports are in discarding or blocking state to
prevent loops.
Spanning Tree Protocol
 When a switch has multiple equal-cost paths to the root
bridge, the switch will determine a port using the
following criteria:
 Lowest sender BID

 Lowest sender port priority

 The default port priority is 128

 Lowest sender port ID
Spanning Tree Protocol
Spanning Tree Protocol
 STP convergence requires three timers:
 Hello Timer - The hello time is the interval between

BPDUs. The default is 2 seconds but can be modified
to between 1 and 10 seconds.
 Forward Delay Timer -The forward delay is the time

that is spent in the listening and learning state. The
default is 15 seconds but can be modified to between
4 and 30 seconds.
 Max Age Timer -The max age is the maximum length

of time that a switch waits before attempting to
change the STP topology. The default is 20 seconds
but be modified to between 6 and 40 seconds.
Spanning Tree Protocol
Spanning Tree Protocol
Evolution of STP
 The varieties of spanning tree protocols include:
 PVST+

 This is a Cisco enhancement of STP that provides a

separate 802.1D spanning tree instance for each
VLAN configured in the network.
 The separate instance supports PortFast,

UplinkFast, BackboneFast, BPDU guard, BPDU
filter, root guard, and loop guard.
 Rapid Spanning Tree Protocol (RSTP) or IEEE

802.1w
 This is an evolution of STP that provides faster

convergence than STP.
Evolution of STP
 Rapid PVST+
 Rapid PVST+ provides a separate instance of

802.1w per VLAN. The separate instance supports
PortFast, BPDU guard, BPDU filter, root guard, and
loop guard.
 Multiple Spanning Tree Protocol (MSTP)
 Maps multiple VLANs into the same spanning tree

instance.
 Each instance supports PortFast, BPDU guard,

BPDU filter, root guard, and loop guard.
Evolution of STP
 RSTP increases the speed of the recalculation of the
spanning tree when the Layer 2 network topology
changes. RSTP can achieve much faster convergence in
a properly configured network, sometimes in as little as a
few hundred milliseconds.
 If a port is configured to be an alternate port it can
immediately change to a forwarding state without waiting
for the network to converge.
 There are only three port states in RSTP that correspond
to the three possible operational states in STP. The
802.1D disabled, blocking, and listening states are
merged into a unique 802.1w discarding state.
Evolution of STP
Evolution of STP
Evolution of STP
 When a switch powers up, the switch port goes through
both the listening and learning states, each time waiting
for the Forward Delay timer to expire. This delay is 15
seconds for each state, listening and learning, for a total
of 30 seconds. This delay can present a problem for
DHCP clients trying to discover a DHCP server.
 When a switch port is configured with PortFast, that port
transitions from blocking to forwarding state
immediately, bypassing the usual 802.1D STP transition
states (the listening and learning states) and avoiding a
30 second delay.
 You can use PortFast on access ports to allow devices
connected to these ports, such as DHCP clients.
Evolution of STP
 In a valid PortFast configuration, BPDUs should never
be received on PortFast-enabled switch ports because
that would indicate that another bridge or switch is
connected to the port.
 BPDU guard immediately puts the switch port in an
errdisabled (error-disabled) state on receipt of any
BPDU. This protects against potential loops by
effectively shutting down the port. The BPDU guard
feature provides a secure response to invalid
configurations because an administrator must manually
put the interface back into service.
Evolution of STP
Evolution of STP
 STP has adapted to the added redundancy and
complexity with enhancements as part of RSTP and
MSTP.
 Although STP will most likely continue to be used as a
loop prevention mechanism in the enterprise, on access
layer switches, other technologies are also being used,
including the following:
 Multi System Link Aggregation (MLAG)

 Shortest Path Bridging (SPB)

 Transparent Interconnect of Lots of Links (TRILL)
STP Configuration
STP Configuration
 Configure Switch Port
 Although switch ports have a default port cost

associated with them, the port cost is configurable.
 interface fa0/1

 spanning-tree cost [1 - 200,000,000]

 To restore the port cost back to the default value,

enter the no spanning-tree cost.
STP Configuration
 In order to specify a root bridge, the bridge priority value
must be adjusted to ensure it is lower than the bridge
priority values of all the other switches on the network.
STP Configuration
STP Configuration
STP Configuration