1. Elect the root switch: lowest bridge ID wins.
2. Determine each switch's Root Port: the one port on each switch with the least cost path back to the root.
3. Determine the Designated Port for each segment: the port of the switch that forwards the least cost Hello onto a segment.
Electing a Root Switch
Each switch begins sending STP Hello BPDU.
When a switch hears a superior Hello, it stops claiming to be root and starts forwarding the superior Hellos.
The original 802.1d bridge ID has two fields:
- Priority (2B)
- System ID == MAC Address (6B)
The original 802.1d has been redefined:
- Priority, multiple of 4096 (4b)
- System ID Extension == VLAN ID (12b)
- System ID == MAC Address (6B)
Determining the Root Port
The root send a Hello every Hello timer (2 seconds by default).
Each switch that receives a Hello forwards it after updating:
- Cost (received cost + port cost of the port on which the hello was received)
- Bridge ID (forwarder's BID)
- Port priority (forwarder's port priority)
- Port number (forwarder's port number)
Port costs:
Original IEEE Cost Revised IEEE Cost 10 Mbps 100 100 100 Mbps 10 19 1 Gbps 1 4 10 Gbps 1 2
Tiebreakers to elect the Root Port:
- Use the port with the least cost to the root.
- If the cost is equal, use the port with the lowest BID.
- If the BID is the same, use the port with the lowest priority.
- If the priority is equal, use the port with the lowest port number.
Switch(config)#no spanning-tree vlan 10Switch(config-if)#spanning-tree vlan 11 cost 10Switch(config-if)#spanning-tree vlan 12 port-priority 120
Determining the Designated Port
The switch that forwards Hellos onto a LAN segment is called the designated switch and the port onto that segment is called the Designated Port (DP).
The DP sends the lowest advertised cost.
The tiebreakers are the same.
Converging to a New STP Topology
If a switch does not receive Hellos over a RP during max age timer (by default 20 seconds), it begins a new root election by claiming to be the root and flooding Hellos out every port.
If it does not receive Hellos over a Blocking port during max age timer, it changes to listening state on that port.
Topology Change Notification and Updating the CAM
- A switch experiencing a port state change send a TCN (Topology Change Notification) BPDU out its Root Port. It repeats this message every Hello time until it is acknowledged.
- A designated switch receiving that TCN BPDU sends back a normal Hello BPDU marking the TCA (Topology Change Acknowledgment) bit.
- The process is repeated until the root receives a TCN BPDU. One received, the root set the TC (Topology Change) bit on the next Hellos. A switch receiving a Hello BPDU with TC bit set times out entries in the CAM.
Transitioning from Blocking to Forwarding
The switch waits forward delay timer (by default 15 seconds) before changing from Listening/Learning port states.
802.1d port states:
Forwards data frames? Learns source MACs? Stable? Blocking No No Stable Listening No No Transitory Learning No Yes Transitory Forwarding Yes Yes Stable Disabled No No Stable
Per-VLAN Spanning Tree and STP over Trunks
802.1Q does not support PVST+ natively, however, Cisco switches do.
Non-Cisco switches using 802.1Q run only one STP instance (Common Spanning Tree) over VLAN 1 for all VLANs.
Two PVST+ regions, separated by a single CST region, share PVST+ information sending BPDUs using a multicast destination MAC (01:00:0c:cc:cc:cd) and being VLAN tagged.
Non-Cisco switches do not interpret these BPDUs but Cisco switches do.
Non-Cisco switches using 802.1Q support multiple STP instances with 802.1s (MST).
Switch(config)# spanning-tree mode pvstSTP Configuration and Analysis
Default STP priority is 32768.
Switch(config)# spanning-tree vlan 1 root {primary | secondary } [diameter]primary sets the priority to 24576 if the current root has a priority larger than 24576 else sets 4096 less than the current root priority.secondary sets the priority to 28672.diameter calculates new STP timers based on the max number of switches/hops (by default 7 switches) between two end stations.Optimizing Spanning Tree
Convergence might take between 30 and 50 seconds.
PortFast, UplinkFast, and BackboneFast
These Cisco-propietary features solve specific STP problems.
- PortFast: Used on access ports. Immediately puts the port into forwarding state.
- UplinkFast: Used on access switches. Immediately replaces a lost Root Port with an alternate Root Port.
- BackboneFast: Used to detect indirect link failures. Avoids waiting for Maxage when a Root Port ceases to receive Hellos.
PortFast
To be safe, also enable the BPDU Guard and Root Guard features.
UplinkFast
The command takes three actions:
- Increases the root priority to 49152.
- Sets the port cost to 3000.
- Tracks alternate Root Ports.
When the Root Port fails, the switch fails over to an alternate Root Port and forwards immediately.
Also, the switch sends fake frames (station MAC entries as source and 01:00:0c:cd:cd:cd as multicast destination) to update the other switches CAM table (does not use the TCN process).
BackboneFast
When the first Hello goes missing, a BackboneFast switch sends a Root Link Query BPDU asking the neighboring switch about a direct link failure. Once known, converges without waiting Maxage timer. All switches must have BackboneFast configured.
PortFast, UplinkFast, and BackboneFast Configuration
Switch(config-if)#spanning-tree portfastSwitch(config)#spanning-tree portfast defaultSwitch(config)#spanning-tree uplinkfast [max-update-rate rate]Switch(config)#spanning-tree backbonefast
Load Balancing Across PortChannels
Load balancing is based on the contents of layer 2, 3 and/or 4 headers.
The goal is to use a blancing method for which the fields in the frame vary.
Switch(config)# port-channel load-balance {src-mac | dst-mac | src-dst-mac \
| src-ip | dst-ip | src-dst-ip \
| src-port | dst-port | src-dst-port | mpls}PortChannel Discovery and Configuration
The dynamic protocols are Port Aggregation Protocol (PAgP) and Link Aggregation Control Protocol (LACP ~ 802.1ad).
Switch(config-if)# channel-protocol {lacp | pagp}PAgP LACP Action on on Disables PAgP and LACP. Forces the port into the PortChannel. off off Disables PAgP and LACP. Prevents the port from being part of a PortChannel. auto passive Uses PAgP or LACP. Waits on the other side messages. desirable active Uses PAgP or LACP. Initiates the negotiation.
Several items must be identical on the links to be added to the PortChannel:
- Same speed and duplex
- If not trunking, same access VLAN
- If trunking, same trunk type, allowed VLANs and native VLAN
- The same STP cost per VLAN
- No SPAN configured
Rapid Spanning Tree Protocol
IEEE 802.1w improves STP convergence and is backward compatible with 802.1d.
The key components are:
- Waiting only 3 misses Hellos on a RP before reacting (versus 10 missed with 802.1d).
- Bypassing the 802.1d listening state (discarding -> learning).
- Inclusion Cisco features: PortFast, UplinkFast and BackboneFast (RLQ).
- Backup Designated Port feature
Link types:
- Point-to-point: connects a switch to one other switch:
spanning-tree link-type point-to-point- Shared: connects a switch to a hub.
- Edge:
spanning-tree portfastPort states:
- Discarding
- Learning
- Forwarding
Port roles:
- Root Port
- Designated Port
- Alternate Port: Backup Root Port (UplinkFast)
- Backup Port: Backup Designated Port
RPVST+ and MST uses 802.1w.
Switch(config)# spanning-tree mode rapid-pvstRapid Per-VLAN Spanning Tree Plus (RPVST+)
RPVST+ is compatible with MSTP and PVST+.
Multiple Spanning Trees: 802.1s
Two switches belong to the same MST region if they use the same region name, the same revision number and the same configured instances.
When connecting an MST region to a non-MST region or to a different MST region, MST makes the MST region appear to be a single switch. This STP instance is called the Internat Spanning Tree (IST).
Switch(config)# spanning-tree mode mstRoot Guard and BPDU Guard: Protecting Access Ports
- BPDU Guard: does not recover from err-disabled state.
- Root Guard: recovers from loop-inconsistent state when the superior BPDUs are no longer received.
UDLD and Loop Guard: Protecting Trunks
- UDLD normal mode: puts the port into unknown state.
- UDLD aggressive mode: puts the port into error-disabled state and ceases sending traffic.
- Loop Guard: when normal BPDUs are no longer received, the port does not go through normal STP convergence, but rather falls into loop-inconsistent state.
Troubleshooting Using Basic Interface Statistics
Switch#show interfaceSwitch#show controllers
Troubleshooting Spanning Tree Protocol
Switch#show spanning-tree rootSwitch#show interfaces status err-disabledSwitch#show spanning-tree inconsistentports
Troubleshooting Trunking
Switch#show interfaces switchportSwitch#show spanning-tree inconsistentportsSwitch#show interfaces trunk
Troubleshooting VTP
Switch# show vtp statusTroubleshooting EtherChannels
Switch#show etherchannel summarySwitch#show interface etherchannelSwitch#show interface port-channel 1
No comments:
Post a Comment