Transcript Slide 1

Author: Bill Buchanan
Applied Cisco Networking
(CCNP BCMSN)
CO32061
Unit 3
STP
Transparent bridge
Transparent bridge. Learns the MAC
addresses on other side of the bridge, and
forwards data frames that are destined for
other networks.
Src: MAC1
Standardised: IEEE 802.1D
Avoids loops, Learns stations, Filters on
MAC addresses
Dest: MAC4
P1
P2
MAC1
MAC2
MAC3
MAC4
Author: Bill Buchanan
Bridging table
P1: MAC1
P1: MAC2
P2: MAC3
P2: MAC4
CAM
Content Addressable Memory (CAM).
These days bridges are hardly ever used,
and switches are used instead. The CAM
contains a table of MAC addresses for
each port, and forwards as required.
Src: MAC1
Dest: MAC4
P2
P1
MAC1
MAC2
MAC3
MAC4
Author: Bill Buchanan
CAM
P1: MAC1, MAC2
P2: MAC3, MAC4
Showing CAM table
To show the CAM table:
Switch# sh mac address-table dynamic
Mac Address Table
-------------------------------------------
Src: MAC1
Vlan
---1
1
1
10
20
Dest: MAC4
Mac Address
----------000d.298e.a19a
0011.5c5e.ac41
0011.5c5e.ac42
000d.298e.a19a
000d.298e.a19a
Type
-------DYNAMIC
DYNAMIC
DYNAMIC
DYNAMIC
DYNAMIC
Ports
----Gi0/2
Fa0/3
Fa0/4
Gi0/2
Gi0/2
P2
P1
MAC1
MAC2
MAC3
MAC4
Author: Bill Buchanan
CAM
P1: MAC1, MAC2
P2: MAC3, MAC4
Learning and ageing
The MAC2 address is
learnt, but after some time
will be aged out of the
CAM table
P2
P1
MAC1
MAC3
MAC4
Author: Bill Buchanan
CAM
P1: MAC1, MAC2
P2: MAC3, MAC4
Loops
MAC3
MAC4
Requirement for STP (Spanning-tree
protocol) – removes loops
MAC3
MAC4
Author: Bill Buchanan
Redundant/parallel links
have been added, to
increase robustness
Loops. In this case two redundant/parallel
loops have been added. Transparent
switches cannot cope with multiple routes
to a destination.
STP and BPDUs
Spanning tree provides:
· Detection/elimination of loops.
· Detect faults, and find alternative routes.
· Fine-tuning of the network performance.
Bridge Protocol Data
Units (BPDUs) are sent
out as a multicast
packet. These advertise
the changes to the
topology.
On an update, ports can
be placed either into a
forward or blocking
mode, in order to stop
two paths to a
destination.
MAC3
MAC4
MAC3
MAC4
Author: Bill Buchanan
BPDUs sent out which a
new switch, new route,
new port cost, and so
on.
STP – key terms
Bridge Identifiers. This
is a unique bridge ID.
Contains: Bridge priority
and one of its MAC
addresses
Protocol ID (2 bytes)
Bridge ID (8 bytes)
Version (1 byte)
Port ID (2 bytes)
Message Type (1 byte)
Message age (2 bytes)
Flags (1 byte)
Max. age (2 bytes)
Root identifier (8 bytes)
Hello Time (2 bytes)
Root cost path (4 bytes)
Forward delay (2 bytes)
Port priority. If two
ports to a destination are
the same accumulated
port costs, the port with
the highest priority wins!
Port cost. Each port
has a cost:
10Mbps – 100
100Mbps – 19
1Gbps – 4
10Gbps – 2
To determine forwarding
ports, the lowest
accumulated port cost to
the root switch wins!
Author: Bill Buchanan
Bridge Protocol Data
Units (IEEE 802.1D)
Root switch election
Root switch election
The starting of the STP is a root switch
election. All the paths will then be
measured related to the root switch.
Priority (2 bytes)
MAC address (6 bytes)
· Lowest identifier wins the election.
· If all the switches have the same priority,
the lowest MAC address wins.
Root switch
Author: Bill Buchanan
Switch ID
Root switch election
> enable
# config t
Priority (2 bytes)
(config)# spanning-tree ?
backbonefast
MAC
address (6Enable
bytes) BackboneFast Feature
etherchannel Spanning tree etherchannel specific configuration
extend
Spanning Tree 802.1t extensions
loopguard
Spanning tree loopguard options
mode
Spanning tree operating mode
mst
Multiple spanning tree configuration
pathcost
Spanning tree pathcost options
portfast
Spanning tree portfast options
uplinkfast
Enable UplinkFast Feature
Root switch
vlan
VLAN Switch Spanning Tree
(config)# spanning-tree vlan ?
WORD vlan range, example: 1,3-5,7,9-11
(config)# spanning-tree vlan 1 ?
forward-time Set the forward delay for the spanning tree
hello-time
Set the hello interval for the spanning tree
max-age
Set the max age interval for the spanning tree
priority
Set the bridge priority for the spanning tree
root
Configure switch as root
<cr>
(config)# spanning-tree vlan 1 priority 10
Author: Bill Buchanan
Switch ID
STP – Port costs
Priority (2 bytes)
(config)# spanning-tree vlan 2 root primary
(config)# int fa0/1
(config-if)# spanning-tree cost ?
<1-200000000> port path cost
(config-if)# spanning-tree cost 32
(config)# int fa0/2
(config-if)# spanning-tree cost 31
Author: Bill Buchanan
Switch ID
(config)# spanning-tree ?
backbonefast Enable BackboneFast Feature
etherchannel Spanning tree etherchannel specific configuration
extend
Spanning Tree 802.1t extensions
loopguard
Spanning tree loopguard options
mode
Spanning tree operating mode
pathcost
MAC
address (6Spanning
bytes) tree pathcost options
portfast
Spanning tree portfast options
uplinkfast
Enable UplinkFast Feature
vlan
VLAN Switch Spanning Tree
(config)# spanning-tree vlan ?
WORD vlan range, example: 1,3-5,7,9-11
(config)# spanning-tree vlan 2
forward-time Set the forward delay for the spanning tree
hello-time
Set the hello interval for
the switch
spanning tree
Root
max-age
Set the max age interval for the spanning tree
priority
Set the bridge priority for the spanning tree
root
Configure switch as root
<cr>
(config)# spanning-tree vlan 2 root ?
primary
Configure this switch as primary root for this
spanning tree
secondary Configure switch as secondary root
STP – Root port selection
After the root switch election, there is a root port
section on each switch.
Author: Bill Buchanan
Root port on
each switch
will be the
one used to
connect to
the root
switch
· It is the lowest accumulated path cost to the root
switch.
· On a tie, choose the neighbouring switch with the
lowest bridge ID.
· If a tie for the ID, select port with the lowest
priority.
· If a tie, select the lowest port number.
Convergence times
After the root switch has
been selected, and the root
ports. The ports can be in the
following state.
Blocking. Only listens to
BPDUs. It does not
forward any data frames.
20 seconds.
Listening. Detects paths to the
root. It does not forward any data
frames.
15 seconds.
Forwarding. Normal
mode. Learns and
forwards data frames.
Learning. The port learns from the
source MAC addresses and puts
into the CAM table. It does not
forward any data frames.
15 seconds.
Disabled. This is
typically caused by a
broken connection or
the administrator has
disabled it.
Author: Bill Buchanan
Time to converge: 30-50
seconds.
STP Enhancements
• Portfast. Excludes ports which are not connected
to bridges or switches. Reduces the STP data
size. Ports do not go through blocking, listening,
learning and forwarding phases, but go straight to
forwarding. If DHCP is required on a machine,
Portfast is needed, as there will be a 30-50 delay
as the port goes through the main phases.
(config)# int fa0/1
(config-if)# spanning-tree portfast
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
no ip address
spanning-tree portfast
Author: Bill Buchanan
# sh running
STP Enhancements
• Portfast. Excludes ports which are not connected
to bridges or switches. Reduces the STP data
size. Ports do not go through blocking, listening,
learning and forwarding phases, but go straight to
forwarding. If DHCP is required on a machine,
Portfast is needed, as there will be a 30-50 delay
as the port goes through the main phases.
# show spanning-tree summary
Switch is in pvst mode
Root bridge for: none
EtherChannel misconfiguration guard is enabled
Extended system ID
is enabled
Portfast
is disabled by default
PortFast BPDU Guard is disabled by default
Portfast BPDU Filter is disabled by default
Loopguard
is disabled by default
UplinkFast
is disabled
BackboneFast
is disabled
Pathcost method used is short
Name
Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ---------VLAN0001
4
0
0
3
7
---------------------- -------- --------- -------- ---------- ---------1 vlan
4
0
0
3
7
Author: Bill Buchanan
# show spanning int fa0/2
Vlan
Role Sts Cost
Prio.Nbr Type
---------------- ---- --- --------- -------- -------------------------------VLAN0001
Altn BLK 19
128.2
P2p
# sh spanning int fa0/3
Vlan
Role Sts Cost
Prio.Nbr Type
---------------- ---- --- --------- -------- -------------------------------VLAN0001
Desg FWD 19
128.3
P2p
STP Enhancements
• BPDU Guard. Shuts down the port when it
receives a BPDU, and goes into an error disable
state.
Switch(config-if)# spanning ?
bpdufilter
Don't send or receive BPDUs on this interface
bpduguard
Don't accept BPDUs on this interface
cost
Change an interface's spanning tree port path cost
guard
Change an interface's spanning tree guard mode
link-type
Specify a link type for spanning tree protocol use
mst
Multiple spanning tree
port-priority Change an interface's spanning tree port priority
portfast
Enable an interface to move directly to forwarding on
link up
stack-port
Enable stack port
vlan
VLAN Switch Spanning Tree
Switch(config-if)#spanning bpduguard enable
Switch(config-if)#
00:17:16: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port FastEthernet0/1
with BPDU Guard enabled. Disabling port.
Author: Bill Buchanan
Switch(config-if)# spanning bpduguard ?
disable Disable BPDU guard for this interface
enable
Enable BPDU guard for this interface
STP Enhancements
• BPDU Filter. Filters BPDU packets on a port of a
switch. If it receives more than 10 BPDU packets
is disables PortFast, and returns to normal.
Switch(config-if)#spanning portfast ?
disable Disable portfast for this interface
trunk
Enable portfast on the interface even in trunk mode
<cr>
Switch(config-if)#spanning bpduf ?
disable Disable BPDU filtering for this interface
enable
Enable BPDU filtering for this interface
Switch(config-if)#spanning bpduf enable
Author: Bill Buchanan
Switch(config)#int fa0/1
Switch(config-if)#spanning ?
bpdufilter
Don't send or receive BPDUs on this interface
bpduguard
Don't accept BPDUs on this interface
cost
Change an interface's spanning tree port path cost
guard
Change an interface's spanning tree guard mode
link-type
Specify a link type for spanning tree protocol use
mst
Multiple spanning tree
port-priority Change an interface's spanning tree port priority
portfast
Enable an interface to move directly to forwarding on link up
stack-port
Enable stack port
vlan
VLAN Switch Spanning Tree
STP Enhancements - Uplinks
Switch(config)#
backbonefast
etherchannel
extend
logging
loopguard
mode
mst
pathcost
portfast
transmit
uplinkfast
vlan
sp ?
Enable BackboneFast Feature
Spanning tree etherchannel specific configuration
Spanning Tree 802.1t extensions
Enable Spanning tree logging
Spanning tree loopguard options
Spanning tree operating mode
Multiple spanning tree configuration
Spanning tree pathcost options
Spanning tree portfast options
STP transmit parameters
Enable UplinkFast Feature
VLAN Switch Spanning Tree
Author: Bill Buchanan
• Uplink. Uses a redundant link connection to
reduce the convergence time to less than 4
seconds. Required:
– Uplink enabled.
– One port in a blocking state (on alternative
path).
– Failure is on the current switch.
STP Enhancements - RSTP
Author: Bill Buchanan
• Rapid STP (RSTP). 802.1W allows rapid
convergence. Standard on many devices. PVST+
used on ISL or 802.1Q links to allow RSTP to work
correctly – defined as RPVST+ (enabled by
default).
• RSTP can converge the spanning-tree instance in
less than a second, as apposed to almost 50
seconds for standard 802.1D spanning tree). This
type of setup is important in real-time applications
such as voice and video traffic.
STP Enhancements - MST
Multiple Spanning Tree (MST). MSTP (Multiple STP – IEEE
802.1S) are used to provide rapid convergence of the spanning-tree
protocol. MSTP is used to group VLANs into a single spanning-tree
instance. It allows multiple instances of STP, and reduce overhead
time for PVST. Advantages: Load balancing and redundant
connections. Disadvantages: more complex that standard, and
more skill required. MST defines regions, and each switch has the
same region name, the same revision number and the same VLAN
table content.
(config)# spanning-tree ?
backbonefast Enable BackboneFast Feature
etherchannel Spanning tree etherchannel specific configuration
extend
Spanning Tree 802.1t extensions
loopguard
Spanning tree loopguard options
mode
Spanning tree operating mode
mst
Multiple spanning tree configuration
pathcost
Spanning tree pathcost options
portfast
Spanning tree portfast options
uplinkfast
Enable UplinkFast Feature
vlan
VLAN Switch Spanning Tree
(config)# spanning-tree mst ?
WORD
MST instance range, example: 0-3,5,7-9
configuration Enter MST configuration submode
forward-time
Set the forward delay for the spanning tree
hello-time
Set the hello interval for the spanning tree
max-age
Set the max age interval for the spanning tree
max-hops
Set the max hops value for the spanning tree
(config)# spanning-tree mst configuration
Author: Bill Buchanan
•
STP Enhancements - MST
•
Multiple Spanning Tree (MST). Allows multiple instances of STP,
and reduce overhead time for PVST. Advantages: Load balancing
and redundant
connections.
Disadvantages:
more complex that
(config)#
spanning-tree
mst configuration
(config-mst)#
?
standard, and
more skill required.
abort
Exit region configuration mode, aborting changes
exit
Exit region configuration mode, applying changes
instance and each
Map vlans
to an
instance
MST defines regions,
switch
hasMSTthe
same region name,
name
Set configuration name
the same revision
number and
thea same
content.
no
Negate
commandVLAN
or settable
its defaults
private-vlan Set private-vlan synchronization
revision
Set configuration revision number
show
Display region configurations
(config-mst)# instance ?
<0-15> MST instance id
(config-mst)# instance 1 ?
vlan Range of vlans to add to the instance mapping
(config-mst)# instance 1 vlan ?
LINE vlan range ex: 1-65, 72, 300 -200
(config-mst)# instance 1 vlan 1
(config-mst)# name ?
WORD Configuration name
(config-mst)# name fred
(config-mst)# revision ?
<0-65535> Configuration revision number
(config-mst)# revision 1
(config-mst)# exit
(config)# spanning-tree mode ?
mst
Multiple spanning tree mode
pvst
Per-Vlan spanning tree mode
rapid-pvst Per-Vlan rapid spanning tree mode
(config)# spanning-tree mode mst
Author: Bill Buchanan
•
STP Enhancements - Etherchannels
Etherchannels allow
ports to aggregated to
be treated as a single
channel. They use
LACP (Link Aggregation
Control Protocol - IEEE
802.3ad). The LACP
packets use
EtherChannels to
intercommunicate,
where the neighours
and and port group
capabilities are learnt
and compared with
local switch capabilities.
In LACP there are roles
assigned to the
EtherChannel
endpoints. Thus the
switch with the lowest
system priority is then
elected to make
decisions about what
ports are actively
participating in the
EtherChannel.
(config)# lacp ?
system-priority LACP priority for the system
(config)# lacp system-priority ?
<1-65535> Priority value
(config)# lacp system-priority 2
(config)# interface fa0/1
(config-if)# channel-protocol ?
lacp Prepare interface for LACP protocol
pagp Prepare interface for PAgP protocol
(config-if)# channel-protocol lacp
(config-if)# channel-group ?
<1-6> Channel group number
(config-if)# channel-group 1 ?
mode Etherchannel Mode of the interface
(config-if)# channel-group 1 mode ?
active
Enable LACP unconditionally
auto
Enable PAgP only if a PAgP device is detected
desirable Enable PAgP unconditionally
on
Enable Etherchannel only
passive
Enable LACP only if a LACP device is detected
(config-if)# channel-group 1 mode active
(config-if)# lacp ?
port-priority LACP priority on this interface
(config-if)# lacp port-priority ?
<1-65535> Priority value
(config-if)# lacp port-priority 1
Author: Bill Buchanan
•