Networking Protocols Lab - Faculty of Engineering Technology
Document Details
Uploaded by FamousChromium
BAU
Tags
Related
- Cisco Networking Protocols and Models PDF
- Level 4 - CN4015 (Introduction to Computer Systems and Networks) Lecture 6 - OSI Model Protocols PDF
- Computer Networks PDF
- Networking Protocols Lab PDF
- COM204 Computer Networks Chapter 4 PDF
- Networking Protocols Lab - Week 8 - Faculty of Engineering Technology
Summary
This document is a course plan for a networking protocols lab. It covers basic information about the course, including the instructor and class schedule, as well as details about the lab 8: STP and redundancy considerations. The document's main focus is on the implementation and concepts of the Spanning Tree Protocol (STP).
Full Transcript
# Networking Protocols Lab ## Course Plan ### First: Basic Information - College: Faculty of engineering technology - Department: Computer and networks engineering - Course Title: networks protocols lab - Course Code: 30106432 - Credit Hours: 1 - Prerequisite: 30106431 - Instructor: - Name:...
# Networking Protocols Lab ## Course Plan ### First: Basic Information - College: Faculty of engineering technology - Department: Computer and networks engineering - Course Title: networks protocols lab - Course Code: 30106432 - Credit Hours: 1 - Prerequisite: 30106431 - Instructor: - Name: Dr. Belal Ayyoub - Office No: B17 F4 - Tel (Ext): 515 - E-mail: [email protected]. - Office Hours: - Class Times: - Building: 17 - Day: Tue-Wed - Start Time: 16 - End Time: 18 - Room No: 9 - Building: 17 - Day: SUN-Tue-ThR - Start Time: 10 - End Time: 11 ## Week 9 ### Lab 8: STP #### Redundancy at OSI Layers 1 and 2 The three-tier hierarchical network design that uses core, distribution, and access layers with redundancy, attempts to eliminate a single point of failure on the network. Multiple cabled paths between switches provide physical redundancy in a switched network. This improves the reliability and availability of the network. Having alternate physical paths for data to traverse the network makes it possible for users to access network resources, despite path disruption. For many organizations, the availability of the network is essential to supporting business needs; therefore, the network infrastructure design is a critical business element. Path redundancy provides the necessary availability of multiple network services by eliminating the possibility of a single point of failure. **Note:** The OSI Layer 1 redundancy is illustrated using multiple links and devices, but more than just physical planning is required to complete the network setup. For the redundancy to work in a systematic way, the use of OSI Layer 2 protocols, such as STP, is also required. Redundancy is an important part of the hierarchical design for preventing disruption of network services to users. Redundant networks require the addition of physical paths, but logical redundancy must also be part of the design. However, redundant paths in a switched Ethernet network may cause both physical and logical Layer 2 loops. Logical Layer 2 loops may occur due to the natural operation of switches, specifically, the learning and forwarding process. When multiple paths exist between two devices on a network, and there is no spanning tree implementation on the switches, a Layer 2 loop occurs. A Layer 2 loop can result in the three primary issues listed in Figure. #### Considerations When Implementing Redundancy - MAC database instability Instability in the content of the MAC address table results from copies of the same frame being received on different ports of the switch. Data forwarding can be impaired when the switch consumes the resources that are coping with instability in the MAC address table. - Broadcast storms - Without some loop-avoidance process, each switch may flood broadcasts endlessly. This situation is commonly called a broadcast storm. - Multiple frame transmission - Multiple copies of unicast frames may be delivered to destination stations. Many protocols expect to receive only a single copy of each transmission. Multiple copies of the same frame can cause unrecoverable errors. #### Spanning Tree Algorithm: Introduction Redundancy increases the availability of the network topology by protecting the network from a single point of failure, such as a failed network cable or switch. When physical redundancy is introduced into a design, loops and duplicate frames occur. Loops and duplicate frames have severe consequences for a switched network. The Spanning Tree Protocol (STP) was developed to address these issues. STP ensures that there is only one logical path between all destinations on the network by intentionally blocking redundant paths that could cause a loop. A port is considered blocked when user data is prevented from entering or leaving that port. This does not include bridge protocol data unit (BPDU) frames that are used by STP to prevent loops. Blocking the redundant paths is critical to preventing loops on the network. The physical paths still exist to provide redundancy, but these paths are disabled to prevent the loops from occurring. If the path is ever needed to compensate for a network cable or switch failure, STP recalculates the paths and unblocks the necessary ports to allow the redundant path to become active. A diagram is provided of a network with two ports. STP prevents loops from occurring by configuring a loop-free path through the network using strategically placed "blocking-state" ports. The switches running STP are able to compensate for failures by dynamically unblocking the previously blocked ports and permitting traffic to traverse the alternate paths. Up to now, we have used the term Spanning Tree Protocol and the acronym STP. The usage of the Spanning Tree Protocol term and the STP acronym can be misleading. Many professionals generically use these to refer to various implementations of spanning tree, such as Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP). In order to communicate spanning tree concepts correctly, it is important to refer to the particular implementation or standard in context. The latest IEEE documentation on spanning tree (IEEE-802.1D-2004) says, "STP has now been superseded by the Rapid Spanning Tree Protocol (RSTP)."The IEEE uses "STP" to refer to the original implementation of spanning tree and "RSTP" to describe the version of spanning tree specified in IEEE-802.1D-2004. In this curriculum, when the original Spanning Tree Protocol is the context of a discussion, the phrase “original 802.1D spanning tree” is used to avoid confusion. Since the two protocols share much of the same terminology and methods for the loop-free path, the primary focus will be on the current standard and the Cisco proprietary implementations of STP and RSTP. #### Spanning Tree Algorithm: Port Roles A diagram is provided showing the switch with root port, alternate port, and designated ports. #### Spanning Tree Algorithm: Root Bridge A diagram is provided showing the switch with the three ports and the root bridge. As shown in Figure above, every spanning tree instance (switched LAN or broadcast domain) has a switch designated as the root bridge. The root bridge serves as a reference point for all spanning tree calculations to determine which redundant paths to block. An election process determines which switch becomes the root bridge. #### Bridge ID with the Extended System ID A diagram is provided showing the switch with the four ports and the root bridge along with mac address. Figure shows the BID fields. The BID is made up of a priority value, an extended system ID, and the MAC address of the switch. The bridge priority value is automatically assigned, but can be modified. The extended system ID is used to specify a VLAN ID or a multiple spanning tree protocol (MSTP) instance ID. The MAC address field initially contains the MAC address of the sending switch. All switches in the broadcast domain participate in the election process. After a switch boots, it begins to send out BPDU frames every two seconds. These BPDUs contain the switch BID and the root ID. The switch with the lowest BID will become the root bridge. At first, all switches declare themselves as the root bridge. Eventually, the switches exchange BPDUs, and agree on one root bridge. As the switches forward their BPDU frames, adjacent switches in the broadcast domain read the root ID information from the BPDU frames. If the root ID from a BPDU received is lower than the root ID on the receiving switch, then the receiving switch updates its root ID, identifying the adjacent switch as the root bridge. However, it may not be an adjacent switch. It could be any other switch in the broadcast domain. The switch then forwards new BPDU frames with the lower root ID to the other adjacent switches. Eventually, the switch with the lowest BID ends up being identified as the root bridge for the spanning tree instance. There is a root bridge elected for each spanning tree instance. It is possible to have multiple distinct root bridges for different sets of VLANs. If all ports on all switches are members of VLAN 1, then there is only one spanning tree instance. The extended system ID includes the VLAN ID, and plays a role in how spanning tree instances are determined. The BID consists of a configurable bridge priority number and a MAC address. Bridge priority is a value between 0 and 65,535. The default is 32,768. If two or more switches have the same priority, the switch with the lowest MAC address will become the root bridge. **Note:** The reason the bridge priority value in Figure 1 displays 32,769 instead of the default value of 32,768 is because STA algorithm also adds the default VLAN number (VLAN 1) to the priority value. #### Spanning Tree Algorithm: Root Path Cost When the root bridge has been elected for the spanning tree instance, the STA starts the process of determining the best paths to the root bridge from all destinations in the broadcast domain. The path information, known as the internal root path cost, is determined by summing up the individual port costs along the path from the switch to the root bridge. #### Best Paths to the Root Bridge A table is provided showing the link speed and cost for the revised and previous IEEE specification. #### Configure Port Cost The configuration commands for configuring and resetting port cost are listed. #### Reset Port Cost The configuration commands for configuring and resetting port cost are listed. A diagram is provided showing the switch with the three ports and the root bridge. #### Port Role Decisions for RSTP Port Role Decision for RSTP In the example, switch S1 is the root bridge. Switches S2 and S3 have root ports configured for the ports connecting back to S1. After STP has determined which switch port serves in the root port role on each switch, STP needs to decide which ports have the designated and alternate roles. The root bridge automatically configures all of its switch ports in the designated role. Other switches in the topology configure their non-root ports as designated or alternate ports. Designated ports are configured for all LAN segments. When two switches are connected to the same LAN segment, and root ports have already been defined, the two switches have to decide which port to configure as a designated port and which port remains the alternate port. The switches on the LAN segment exchange BPDU frames, which contain the switch BID. Generally, the switch with the lower BID has its port configured as a designated port while the switch with the higher BID has its port configured as an alternate port. However, keep in mind that the first priority is the lowest path cost to the root bridge and that the sender’s BID is used only if the port costs are equal. Each switch determines which port roles are assigned to each of its ports to create the loop-free spanning tree. #### Extended System ID A diagram is provided showing the switch with the four ports and the root bridge. The bridge ID (BID) is used to determine the root bridge on a network. The BID field of a BPDU frame contains three separate fields: - Bridge priority - Extended system ID - MAC address Each field is used during the root bridge election. #### Bridge Priority The bridge priority is a customizable value that can be used to influence which switch becomes the root bridge. The switch with the lowest priority, which implies the lowest BID, becomes the root bridge because a lower priority value takes precedence. For example, to ensure that a specific switch is always the root bridge, set the priority to a lower value than the rest of the switches on the network. The default priority value for all Cisco switches is the decimal value 32768. The range is 0 to 61440 in increments of 4096. Valid priority values are 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, and 61440. All other values are rejected. A bridge priority of 0 takes precedence over all other bridge priorities. #### Extended System ID Early implementations of IEEE 802.1D were designed for networks that did not use VLANs. There was a single common spanning tree across all switches. For this reason, in older Cisco switches, the extended system ID could be omitted in BPDU frames. As VLANs became common for network infrastructure segmentation, 802.1D was enhanced to include support for VLANs, which required that the VLAN ID be included in the BPDU frame. VLAN information is included in the BPDU frame through the use of the extended system ID. All newer switches include the use of the extended system ID by default. As shown in Figure 1, the bridge priority field is 2 bytes or 16-bits in length. 4-bits are used for the bridge priority and 12-bits are used for the extended system ID, which identifies the VLAN participating in this particular STP process. Using these 12 bits for the extended system ID reduces the bridge priority to 4 bits. This process reserves the rightmost 12 bits for the VLAN ID and the far left 4 bits for the bridge priority. This explains why the bridge priority value can only be configured in multiples of 4096, or 2^12. If the far left bits are 0001, then the bridge priority is 4096. If the far left bits are 1111, then the bridge priority is 61440 (= 15 x 4096). The Catalyst 2960 and 3560 Series switches do not allow the configuration of a bridge priority of 65536 (= 16 x 4096) because it assumes use of a 5th bit that is unavailable due to the use of the extended system ID. The extended system ID value is a decimal value added to the bridge priority value in the BID to identify the priority and VLAN of the BPDU frame. When two switches are configured with the same priority and have the same extended system ID, the switch having the MAC address with the lowest value, expressed in hexadecimal, will have the lower BID. Initially, all switches are configured with the same default priority value. The MAC address is then the deciding factor as to which switch is going to become the root bridge. To ensure that the root bridge decision best meets network requirements, it is recommended that the administrator configure the desired root bridge switch with a lower priority. This also ensures that the addition of new switches to the network does not trigger a new spanning tree election, which can disrupt network communication while a new root bridge is being selected. S1 has a lower priority than the other switches. Therefore, it is preferred as the root bridge for that spanning tree instance. A diagram is provided showing the switch with the three ports and the root bridge. When all switches are configured with the same priority, as is the case with all switches kept in the default configuration with a priority of 32768, the MAC address becomes the deciding factor as to which switch becomes the root bridge, as shown in Figure A diagram is provided showing the switch with the three ports and the root bridge. **Note:** In the example, the priority of all the switches is 32769. The value is based on the 32768 default priority and the VLAN 1 assignment associated with each switch (32768+1). The MAC address with the lowest hexadecimal value is considered to be the preferred root bridge. In the example, S2 has the lowest value for its MAC address and is, therefore, designated as the root bridge for that spanning tree instance. #### Cisco Proprietary - PVST: - Uses the Cisco proprietary ISL trunking protocol - Each VLAN has an instance of spanning tree - Ability to load balance traffic at layer-2 - PVST+: - Includes extensions BackboneFast, UplinkFast, and PortFast - Supports ISL and IEEE 802. 1Q trunking - Supports Cisco proprietary STP extensions - Adds BPDU guard and Root guard enhancements - rapid-PVST+: - Based on IEEE802.1w standard - Has faster convergence than 802.1D #### IEEE Standard - RSTP: - Introduced in 1982 provides faster convergence than 802.1D - Implements generic versions of the Cisco proprietary STP extensions - IEEE has incorporated RSTP into 802.1D, identifying the specification as IEEE 802.1D-2004 - MSTP: - Multiple VLANs can be mapped to the same spanning-tree instance - Inspired by the Cisco Multiple Instances Spanning Tree Protocol (MISTP) - IEEE 802.1Q-2003 now includes MSTP A table is provided comparing each protocol with its standard, resources needed, convergence, and tree calculation #### Configuring and Verifying the Bridge ID When an administrator wants a specific switch to become a root bridge, the bridge priority value must be adjusted to ensure it is lower than the bridge priority values of all the other switches on the network. There are two different methods to configure the bridge priority value on a Cisco Catalyst switch. #### Method 1 To ensure that the switch has the lowest bridge priority value, use the spanning-tree vlan vlan-id root primary command in global configuration mode. The priority for the switch is set to the predefined value of 24,576 or to the highest multiple of 4,096, less than the lowest bridge priority detected on the network. If an alternate root bridge is desired, use the spanning-tree vlan vlan-id root secondary global configuration mode command. This command sets the priority for the switch to the predefined value of 28,672. This ensures that the alternate switch becomes the root bridge if the primary root bridge fails. This assumes that the rest of the switches in the network have the default 32,¬768 priority value defined. In Figure, S1 has been assigned as the primary root bridge using the spanning-tree vlan 1 root primary command , and S2 has been configured as the secondary root bridge using the spanning-tree vlan 1 root secondary command. A diagram is provided showing the switch with the three ports and the root bridge. #### Method 2 Another method for configuring the bridge priority value is using the spanning-tree vlan vlanid priority value global configuration mode command. This command gives more granular control over the bridge priority value. The priority value is configured in increments of 4,096 between 0 and 61,440. In the example, S3 has been assigned a bridge priority value of 24,576 using the spanning-tree vlan 1 priority 24576 command. To verify the bridge priority of a switch, use the show spanning-tree command. In Figure, the priority of the switch has been set to 24,576. Also notice that the switch is designated as the root bridge for the spanning treeInstance. #### PVST+ Load Balancing The topology in Figure 1 shows three switches with 802.1Q trunks connecting them. There are two VLANs, 10 and 20, that are being trunked across these links. The goal is to configure S3 as the root bridge for VLAN 20 and S1 as the root bridge for VLAN 10. Port F0/3 on S2 is the forwarding port for VLAN 20 and the blocking port for VLAN 10. Port F0/2 on S2 is the forwarding port for VLAN 10 and the blocking port for VLAN 20. The configuration commands to force S3 to be the primary root for VLAN 20, S3 to be the secondary root for VLAN 10, S1 to be the primary root for VLAN 10, and S1 to be the secondary root for VLAN 20 are listed. ## Packet Tracer – Configuring PVST+ #### Topology A diagram is provided showing the switch with the three ports and the root bridge. #### Addressing Table A table is provided showing the Device, Interface, IP Address, and Subnet Mask. #### Switch Port Assignment Specifications A table is provided showing the ports, assignments, and network. #### Objectives - Part 1: Configure VLANs - Part 2: Configure Spanning Tree PVST+ and Load Balancing - Part 3: Configure PortFast and BPDU Guard #### Background In this activity, you will configure VLANs and trunks, Rapid Spanning Tree PVST+, primary and secondary root bridges, and examine the configuration results. You will also optimize the network by configuring PortFast, and BPDU Guard on edge ports. #### Part 1: Configure VLANs - Step 1: Enable the user ports on S2 in access mode. - Refer to the topology diagram to determine which switch ports on S2 are activated for end¬-user device access. These three ports will be configured for access mode and enabled with the no shutdown command. - Step 2: Create VLANs. - Using the appropriate command, create VLANs 10, 20, 30, 40, 50, 60, 70, 80, and 99 on all of the switches. - Step 3: Assign VLANs to switch ports. - Port assignments are listed in the table at the beginning of the activity. Save your configurations after assigning switch ports to the VLANs. - Step 4: Verify the VLANs. - Use the show vlan brief command on all switches to verify that all VLANs are registered in the VLAN table. - Step 5: Assign the trunks to native VLAN 99. - Use the appropriate command to configure ports F0/1 to F0/4 on each switch as trunk ports and assign these trunk ports to native VLAN 99. - Step 6: Configure the management interface on all three switches with an address. - Verify that the switches are correctly configured by pinging between them. #### Part 2: Configure Rapid Spanning Tree PVST+ Load Balancing The Rapid Spanning Tree Protocol (RSTP; IEEE 802.1w) can be seen as an evolution of the 802.1D standard more so than a revolution. The 802.1D terminology remains primarily the same. Most parameters have been left unchanged so users familiar with 802.1D can rapidly configure the new protocol comfortably. In most cases, RSTP performs better than proprietary extensions of Cisco without any additional configuration. 802.1w can also revert back to 802.1D in order to interoperate with legacy bridges on a per-port basis. - Step 1: Configure STP mode. - Use the spanning-tree mode command to configure the switches to use rapid PVST as the STP mode. - Step 2: Configure Rapid Spanning Tree PVST+ load balancing. - Configure S1 to be the primary root for VLANs 1, 10, 30, 50, and 70. Configure S3 to be the primary root for VLANs 20, 40, 60, 80, and 99. Configure S2 to be the secondary root for all of the VLANs. - Verify your configurations by using the show spanning-tree command. #### Part 3: Configure PortFast and BPDU Guard - Step 1: Configuring PortFast on S2. - PortFast causes a port to enter the forwarding state almost immediately by dramatically decreasing the time of the listening and learning states. PortFast minimizes the time it takes for the server or workstation to come online. Configure PortFast on S2 interfaces that are connected to PCs. - Step 2: Configuring BPDU Guard on S2. - The STP PortFast BPDU Guard enhancement allows network designers to enforce the STP domain borders and keep the active topology predictable. The devices behind the ports that have STP PortFast enabled are not able to influence the STP topology. At the reception of BPDUs, the BPDU Guard operation disables the port that has PortFast configured. The BPDU Guard transitions the port into err-disable state, and a message appears on the console. Configure BPDU Guard on S2 interfaces that are connected to PCs. - Step 3: Verify your configuration. - Use the show run command to verify your configuration. #### Packet Tracer – Configuring Rapid PVST+ #### Topology A diagram is provided showing the switch with the three ports and the root bridge. #### Addressing Table A table is provided showing the Device, Interface, IP Address, and Subnet Mask. #### Switch Port Assignment Specifications A table is provided showing the ports, assignments, and network. #### Objectives - Part 1: Configure VLANs - Part 2: Configure Rapid Spanning Tree PVST+ Load balancing - Part 3: Configure PortFast and BPDU Guard #### Background In this activity, you will configure VLANs and trunks, Rapid Spanning Tree PVST+, primary and secondary root bridges, and examine the configuration results. You will also optimize the network by configuring PortFast, and BPDU Guard on edge ports. #### Part 1: Configure VLANs - Step 1: Enable the user ports on S2 in access mode. - Refer to the topology diagram to determine which switch ports on S2 are activated for end-user device access. These three ports will be configured for access mode and enabled with the no shutdown command. - Step 2: Create VLANs. - Using the appropriate command, create VLANs 10, 20, 30, 40, 50, 60, 70, 80, and 99 on all of the switches. - Step 3: Assign VLANs to switch ports. - Port assignments are listed in the table at the beginning of the activity. Save your configurations after assigning switch ports to the VLANs. - Step 4: Verify the VLANs. - Use the show vlan brief command on all switches to verify that all VLANs are registered in the VLAN table. - Step 5: Assign the trunks to native VLAN 99. - Use the appropriate command to configure ports F0/1 to F0/4 on each switch as trunk ports and assign these trunk ports to native VLAN 99. - Step 6: Configure the management interface on all three switches with an address. - Verify that the switches are correctly configured by pinging between them. #### Part 2: Configure Rapid Spanning Tree PVST+ Load Balancing - Step 1: Configure STP mode. - Use the spanning-tree mode command to configure the switches to use rapid PVST as the STP mode. - Step 2: Configure Rapid Spanning Tree PVST+ load balancing. - Configure S1 to be the primary root for VLANs 1, 10, 30, 50, and 70. Configure S3 to be the primary root for VLANs 20, 40, 60, 80, and 99. Configure S2 to be the secondary root for all of the VLANs. - Verify your configurations by using the show spanning-tree command. #### Part 3: Configure PortFast and BPDU Guard - Step 1: Configuring PortFast on S2. - PortFast causes a port to enter the forwarding state almost immediately by dramatically decreasing the time of the listening and learning states. PortFast minimizes the time it takes for the server or workstation to come online. Configure PortFast on S2 interfaces that are connected to PCs. - Step 2: Configuring BPDU Guard on S2. - The STP PortFast BPDU Guard enhancement allows network designers to enforce the STP domain borders and keep the active topology predictable. The devices behind the ports that have STP PortFast enabled are not able to influence the STP topology. At the reception of BPDUs, the BPDU Guard operation disables the port that has PortFast configured. The BPDU Guard transitions the port into err-disable state, and a message appears on the console. Configure BPDU Guard on S2 interfaces that are connected to PCs. - Step 3: Verify your configuration. - Use the show run command to verify your configuration. #### Packet Tracer – Configuring Rapid PVST+ #### Topology A diagram is provided showing the switch with the three ports and the root bridge. #### Addressing Table A table is provided showing the Device, Interface, IP Address, and Subnet Mask. #### Switch Port Assignment Specifications A table is provided showing the ports, assignments, and network.
