STP operates as switches communicate with one another. Data messages are exchanged in the form of bridge protocol data units (BPDU).
A switch sends a BPDU frame out a port, using the unique MAC address of the port itself as a source address.
The switch is unaware of the other switches around it, so BPDU frames are sent with a destination address of the well-known STP multicast address 01-80-c2-00-00-00.
Two types of BPDU exist:
- Configuration BPDU, used for spanning-tree computation
- Topology Change Notification (TCN) BPDU, used to announce changes in the network topology
Electing a Root Bridge
For all switches in a network to agree on a loop-free topology, a common frame of reference must exist to use as a guide.
This reference point is called the root bridge.
An election process among all connected switches chooses the root bridge.
Each switch has a unique bridge ID that identifies it to other switches.
The bridge ID is an 8-byte value consisting of the following fields:
- Bridge Priority (2 bytes) — The priority or weight of a switch in relation to all other switches.
The Priority field can have a value of 0 to 65,535 and defaults to 32,768 (or 0x8000) on every Catalyst switch.
- MAC Address (6 bytes) — The MAC address used by a switch.
Rule:
A root bridge is considered better if the root bridge ID value is lower than another. Again,
The root bridge ID is being broken into Bridge Priority and MAC Address fields.
If two bridge priority values are equal, the lower MAC address makes the bridge ID better.
Electing Root Ports
Now that a reference point has been nominated and elected for the entire switched network, each nonroot switch must figure out where it is in relation to the root bridge.
This action can be performed by selecting only one root port on each nonroot switch. The root port always points toward the current root bridge.
Selecting a root port involves evaluating the root path cost. This value is the cumulative cost of all the links leading to the root bridge. A particular switch link also has a cost associated with it, called the path cost.
Electing Designated Ports
To remove the possibility of bridging loops, STP makes a final computation to identify one designated port on each network segment.
In each determination process discussed so far, two or more links might have identical
root path costs. This results in a tie condition, unless other factors are considered.
Rule:
All tiebreaking STP decisions are based on the following sequence of four conditions:
1. Lowest root bridge ID
2. Lowest root path cost to root bridge
3. Lowest sender bridge ID
4. Lowest sender port ID
STP States
A port begins its life in a Disabled state, moving through several passive states and, finally, into an active state if allowed to forward traffic.
The STP port states are as follows:
- Disabled: Ports that are administratively shut down by the network administrator, or by the system because of a fault condition.
- Blocking: After a port initializes, it begins in the Blocking state so that no bridging loops can form. In the Blocking state, a port cannot receive or transmit data and cannot add MAC addresses to its address table. Instead, a port is allowed to receive only BPDUs.
- Listening: In the Listening state, the port still cannot send or receive data frames. However, the port is allowed to receive and send BPDUs. The port finally is allowed to become a root port or designated port.
- Learning: After a period of time called the Forward Delay in the Listening state, the port is allowed to move into the Learning state. The port still sends and receives BPDUs as before. In addition, the switch now can learn new MAC addresses to add to its address table.
- Forwarding: After another Forward Delay period of time in the Learning state, the port is allowed to move into the Forwarding state. The port now can send and receive data frames, collect MAC addresses in its address table, and send and receive BPDUs.
STP Timers
- Hello Time - The time interval between Configuration BPDUs sent by the root bridge. Default is 2 seconds.
- Forward Delay - The time interval that a switch port spends in both the Listening and Learning states. Default is 15 seconds.
- Max Age - The time interval that a switch stores a BPDU before discarding it. Default is 20 seconds.
Note: A topology change occurs when a switch either moves a port into the Forwarding state or moves a port from the Forwarding or Learning states into the Blocking state.
In other words, a port on an active switch comes up or goes down. The switch sends a TCN BPDU out its root port so that, ultimately, the root bridge receives news of the topology change.
Types of STP
- Common Spanning Tree (CST) - It specifies only a single instance of STP that encompasses all VLANs. All CST BPDUs are transmitted over trunk links using the native VLAN with untagged frames.
- Per-VLAN Spanning Tree (PVST) - Per-VLAN Spanning Tree (PVST) operates a separate instance of STP for each individual VLAN. This allows the STP on each VLAN to be configured independently. It requires the use of Cisco Inter-Switch Link (ISL) trunking encapsulation between switches.
- Per-VLAN Spanning Tree Plus (PVST+) - A second proprietary version of STP that allows devices to interoperate with both PVST and CST.
STP Enhancements
- Rapid Spanning Tree Protocol (RSTP, 802.1w) - The IEEE 802.1w standard was developed to use 802.1D’s principal concepts and make the resulting convergence much faster.
As with 802.1D, RSTP’s basic functionality can be applied as a single instance or multiple instances.
This can be done by using RSTP as the underlying mechanism for the Cisco proprietary Per-VLAN Spanning Tree Protocol (PVST+).
The resulting combination is called Rapid PVST+ (RPVST+).
Syntax: Switch(config)# spanning-tree mode rapid-pvst
- Multiple Spanning Tree Protocol (MSTP, 802.1s) - MST is built on the concept of mapping one or more VLANs to a single STP instance.
Multiple instances of STP can be used, with each instance supporting a different group of VLANs.
If a switch is configured to use MST, it somehow must figure out which of its neighbors are using which type of STP. This is done by configuring switches into common MST regions, where every switch in a region runs MST with compatible parameters.
Syntax:
Step 1. Enable MST on the switch:
Switch(config)# spanning-tree mode mst
Step 2. Enter the MST configuration mode:
Switch(config)# spanning-tree mst configuration
Step 3. Assign a region configuration name (up to 32 characters):
Switch(config-mst)# name name
Step 4. Assign a region configuration revision number (0 to 65,535):
Switch(config-mst)# revision version
Step 5. Map VLANs to an MST instance:
Switch(config-mst)# instance instance-id vlan vlan-list
Step 6. Show the pending changes you have made:
Switch(config-mst)# show pending
Step 7. Exit the MST configuration mode; commit the changes to the active MST region configuration:
Switch(config-mst)# exit
Note: More information about all types of STP can be found in CCNP SWITCH 642-813 Official Certification Guide, David Hucaby, Cisco Press.
For this lab, we will configure all the trunk links between the Access and Distribution switches.
The only VLANs are the default ones.
For easier identification of interfaces on which trunks will be configured, we can use the "show cdp neighbors" command on each switch:
AS1#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
DS1.lab.local Fas 1/2 128 R S I 3660 Fas 1/2
DS2.lab.local Fas 1/4 169 R S I 3660 Fas 1/4
We should also disable DS1's, DS2's and DS3's Fa1/0 interfaces to C1 to exclude them from the STP process.
DS(config)#interface fastEthernet 1/0
DS(config-if)#shutdown
After setting all the trunks, these are the configurations on each switch (for further reference):
AS1:
!
interface FastEthernet1/2
switchport mode trunk
!
interface FastEthernet1/3
!
interface FastEthernet1/4
switchport mode trunk
!
interface FastEthernet1/5
switchport mode trunk
!
AS2:
!
interface FastEthernet1/3
switchport mode trunk
!
interface FastEthernet1/4
switchport mode trunk
!
interface FastEthernet1/5
switchport mode trunk
!
AS3:
!
interface FastEthernet1/4
switchport mode trunk
!
interface FastEthernet1/5
switchport mode trunk
!
interface FastEthernet1/6
switchport mode trunk
!
DS1:
!
interface FastEthernet1/1
switchport mode trunk
!
interface FastEthernet1/2
switchport mode trunk
!
interface FastEthernet1/3
!
interface FastEthernet1/4
switchport mode trunk
!
interface FastEthernet1/5
!
interface FastEthernet1/6
switchport mode trunk
!
DS2:
!
interface FastEthernet1/1
switchport mode trunk
!
interface FastEthernet1/2
switchport mode trunk
!
interface FastEthernet1/3
switchport mode trunk
!
interface FastEthernet1/4
switchport mode trunk
!
interface FastEthernet1/5
switchport mode trunk
!
DS3:
!
interface FastEthernet1/2
switchport mode trunk
!
interface FastEthernet1/3
!
interface FastEthernet1/4
switchport mode trunk
!
interface FastEthernet1/5
switchport mode trunk
!
interface FastEthernet1/6
switchport mode trunk
!
Now, having all trunks configured, let's study just the AS1-DS1-DS2 network and shut down any other links of those devices to other switches, to exclude irrelevant ports from the STP process.
AS1#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa1/2 on 802.1q trunking 1
Fa1/4 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa1/2 1-1005
Fa1/4 1-1005
Port Vlans allowed and active in management domain
Fa1/2 1
Fa1/4 1
Port Vlans in spanning tree forwarding state and not pruned
Fa1/2 1
Fa1/4 1
Switch AS1 is elected as root among the three switches:
AS1#show spanning-tree brief
VLAN1
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address cc03.07f0.0000
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768
Address cc03.07f0.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/2 128.43 128 19 FWD 0 32768 cc03.07f0.0000 128.43
FastEthernet1/4 128.45 128 19 FWD 0 32768 cc03.07f0.0000 128.45
Note: Fa1/15 of AS1 is the interface connecting to PC1, not included in the STP election process.
The PortFast feature shortens the Listening and Learning states to a negligible amount of time.
When a workstation link comes up, the switch immediately moves the PortFast port into the Forwarding state.
Syntax: Switch(config-if)# [no] spanning-tree portfast
You can also use a macro configuration command to force a switch port to support a single host:
Switch(config)# interface type mod/num
Switch(config-if)# switchport host
switchport mode will be set to access
spanning-tree portfast will be enabled
channel group will be disabled
Since all the bridge priorities are the same (default 32768), the decision was made based on the lowest MAC.
DS1 MAC: cc07.0cb0.0000
DS2 MAC: cc05.0cb0.0000
AS1 MAC: cc03.07f0.0000 (This bridge is the root)
Notice that AS1, being the root bridge, has no BLK ports. DS1's Fa1/1 is Blocked to avoid bridging loops.
DS1's Fa1/2 and DS2's Fa1/4 are the Root ports.
DS1#show spanning-tree brief
VLAN1
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address cc03.07f0.0000
Cost 19
Port 43 (FastEthernet1/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768
Address cc07.0cb0.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1 128.42 128 19 BLK 19 32768 cc05.0cb0.0000 128.42
FastEthernet1/2 128.43 128 19 FWD 0 32768 cc03.07f0.0000 128.43
DS2#show spanning-tree brief
VLAN1
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address cc03.07f0.0000
Cost 19
Port 45 (FastEthernet1/4)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768
Address cc05.0cb0.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1 128.42 128 19 FWD 19 32768 cc05.0cb0.0000 128.42
FastEthernet1/4 128.45 128 19 FWD 0 32768 cc03.07f0.0000 128.45
If we are adding other VLANs to the three switches, AS1 will also be elected as root for the new VLANs, based on the same criteria. This is PVST+.
AS1#show spanning-tree brief
VLAN1
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address cc03.07f0.0000
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768
Address cc03.07f0.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/2 128.43 128 19 FWD 0 32768 cc03.07f0.0000 128.43
FastEthernet1/4 128.45 128 19 FWD 0 32768 cc03.07f0.0000 128.45
VLAN2
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address cc03.07f0.0001
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768
Address cc03.07f0.0001
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/2 128.43 128 19 FWD 0 32768 cc03.07f0.0001 128.43
FastEthernet1/4 128.45 128 19 FWD 0 32768 cc03.07f0.0001 128.45
VLAN3
Spanning tree enabled protocol ieee
Root ID Priority 32768
Address cc03.07f0.0002
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32768
Address cc03.07f0.0002
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/2 128.43 128 19 LRN 0 32768 cc03.07f0.0002 128.43
FastEthernet1/4 128.45 128 19 LRN 0 32768 cc03.07f0.0002 128.45
Note: If the root bridge election is left to its default state, several things can occur to result in a poor choice. For example, the slowest switch (or bridge) could be elected as the root bridge.
To prevent scenarios where low performance switches are elected as root you should always do two things:
- Configure one switch as a root bridge in a determined fashion.
- Configure another switch as a secondary root bridge, in case of a primary root bridge failure.
You can configure a Catalyst switch to become the root bridge using one of two methods:
A. Manually setting the bridge priority value so that a switch is given a lower-thandefault bridge ID value to win a root bridge election.
Syntax: Switch(config)# spanning-tree vlan vlan-list priority bridge-priority
B. Causing the would-be root bridge switch to choose its own priority, based on some assumptions about other switches in the network.
Syntax: Switch(config)# spanning-tree vlan vlan-id root {primary | secondary} [diameter diameter]
In our topolgy, let's set DS1 as primary root bridge for VLAN 1, DS2 as primary root bridge for VLAN 2 and AS1 as primary root bridge for VLAN 3.
Also, we want DS2 to be the secondary root bridge for VLAN 1.
DS1(config)#spanning-tree vlan 1 root primary
VLAN 1 bridge priority set to 8192
VLAN 1 bridge max aging time unchanged at 20
VLAN 1 bridge hello time unchanged at 2
VLAN 1 bridge forward delay unchanged at 15
DS2(config)#spanning-tree vlan 2 root primary
VLAN 2 bridge priority set to 8192
VLAN 2 bridge max aging time unchanged at 20
VLAN 2 bridge hello time unchanged at 2
VLAN 2 bridge forward delay unchanged at 15
AS1(config)#spanning-tree vlan 3 priority 8192
DS2(config)#spanning-tree vlan 1 root secondary
VLAN 1 bridge priority set to 16384
VLAN 1 bridge max aging time unchanged at 20
VLAN 1 bridge hello time unchanged at 2
VLAN 1 bridge forward delay unchanged at 15
DS1#show spanning-tree vlan 1 brief
VLAN1
Spanning tree enabled protocol ieee
Root ID Priority 8192
Address cc07.0cb0.0000
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 8192
Address cc07.0cb0.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1 128.42 128 19 FWD 0 8192 cc07.0cb0.0000 128.42
FastEthernet1/2 128.43 128 19 FWD 0 8192 cc07.0cb0.0000 128.43
DS2#show spanning-tree vlan 2 brief
VLAN2
Spanning tree enabled protocol ieee
Root ID Priority 8192
Address cc05.0cb0.0001
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 8192
Address cc05.0cb0.0001
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1 128.42 128 19 FWD 0 8192 cc05.0cb0.0001 128.42
FastEthernet1/4 128.45 128 19 FWD 0 8192 cc05.0cb0.0001 128.45
AS1#show spanning-tree vlan 3 brief
VLAN3
Spanning tree enabled protocol ieee
Root ID Priority 8192
Address cc03.07f0.0002
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 8192
Address cc03.07f0.0002
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/2 128.43 128 19 FWD 0 8192 cc03.07f0.0002 128.43
FastEthernet1/4 128.45 128 19 FWD 0 8192 cc03.07f0.0002 128.45
DS2#show spanning-tree vlan 1 brief
VLAN1
Spanning tree enabled protocol ieee
Root ID Priority 8192
Address cc07.0cb0.0000
Cost 19
Port 42 (FastEthernet1/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 16384
Address cc05.0cb0.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Designated
Name Port ID Prio Cost Sts Cost Bridge ID Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1 128.42 128 19 FWD 0 8192 cc07.0cb0.0000 128.42
FastEthernet1/4 128.45 128 19 FWD 19 16384 cc05.0cb0.0000 128.45
Spanning-Tree Customization
Tuning the Root Path Cost
The root path cost for each active port of a switch is determined by the cumulative cost as a BPDU travels along.
As a switch receives a BPDU, the port cost of the receiving port is added to the root path cost in the BPDU.
Use the following interface configuration command to set a switch port’s path cost:
Switch (config-if)# spanning-tree [vlan vlan-id] cost cost
Tuning the Port ID
The fourth criteria of an STP decision is the port ID. The port ID value that a switch uses is actually a 16-bit quantity: 8 bits for the port priority and 8 bits for the port number.
The port priority is a value from 0 to 255 and defaults to 128 for all ports.
Obviously, a switch port’s port number is fixed because it is based only on its hardware location or index.
The port ID, however, can be modified to influence an STP decision by using the port priority.
You can configure the port priority with this interface-configuration command:
Switch(config-if)# spanning-tree [vlan vlan-list] port-priority port-priority
Modifying STP Timers
Manual:
Switch(config)# spanning-tree [vlan vlan-id] hello-time seconds
Switch(config)# spanning-tree [vlan vlan-id] forward-time seconds
Switch(config)# spanning-tree [vlan vlan-id] max-age seconds
Automated:
Switch(config)# spanning-tree vlan vlan-list root {primary | secondary} [diameter diameter [hello-time hello-time]]
STP troubleshooting commands:
Switch# show spanning-tree
Switch# show spanning-tree detail
Switch# show spanning-tree [vlan vlan-id] summary
Switch# show spanning-tree [vlan vlan-id] root
Switch# show spanning-tree [vlan vlan-id] bridge
Switch# show spanning-tree interface type port
Switch# show spanning-tree uplinkfast
Switch# show spanning-tree backbonefast
Note: If when modifying the vlan database you encounter the following error you can erase the flash to resolve this issue:
% not enough space on flash to store vlan database. trying squeeze...First create squeeze log by erasing the entire device
% error squeezing flash - (Missing or corrupted log)
Error on database apply 40: NV storage failure
Use 'abort' command to exit
AS1(vlan)#abort
Aborting....
AS1#erase flash:
Erasing the flash filesystem will remove all files! Continue? [confirm]
Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased
Erase of flash: complete
Note: Although we reload the switches whenever we want new default configs, the VLAN and VTP information is still present.
The reason is that this vlan and VTP information is actually kept in the VLAN.DAT file in Flash memory, and the contents of Flash are kept on a reload. The file has to be deleted manually.
More info at: http://www.mcmcse.com/cisco/guides/vlandat.shtml
Note: According to GNS3's documentation:
"Spanning Tree Protocol: simple STP supported but no MSTP, RSTP or other advanced stuff."
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment