Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
STP provides loop resolution by managing the physical paths to given network segments.
STP allows physical path redundancy while preventing the undesirable effects of active
loops in the network. STP is an IEEE committee standard defined as 802.1D. Figure 2-21
illustrates how a blocked port would prevent traffic flow between the segments.
Figure 2-21 Blocking on a Port
STP behaves as follows:
■ STP forces certain ports into a standby state so that they do not listen to, forward, or
flood data frames. The overall effect is that there is only one path to each network
segment that is active at any one time.
Server/Host X Router Y
Port 1
Port 2
Port 1
Port 2
Unicast
Segment 1
Segment 2
Unicast
Switch A Switch B
Block
50 Chapter 2: Medium-Sized Switched Network Construction
■ If any of the segments in the network have a connectivity problem, STP reestablishes
connectivity by automatically activating a previously inactive path, if one exists.
Figure 2-22 shows the final state of a Layer 2 network after spanning tree has performed
the operations to eliminate loops.
Figure 2-22 Loop Avoidance
Spanning-Tree Operation
STP performs three steps to provide a loop-free logical network topology:
1. Elects one root bridge: STP has a process to elect a root bridge. Only one bridge can
act as the root bridge in a given network. On the root bridge, all ports are designated
ports. Designated ports are in the forwarding state and are designated to forward traffic
for a given segment. When in the forwarding state, a port can send and receive traffic.
In Figure 2-22, switch X is elected as the root bridge.
2. Selects the root port on the nonroot bridge: STP establishes one root port on each
nonroot bridge. The root port is the lowest-cost path from the nonroot bridge to the root
bridge. Root ports are in the forwarding state. Spanning-tree path cost is an
accumulated cost calculated on the bandwidth. In Figure 2-22, the lowest-cost path to
the root bridge from switch Y is through the 100BASE-T FastEthernet link.
3. Selects the designated port on each segment: On each segment, STP establishes one
designated port. The designated port is selected on the bridge that has the lowest-cost
path to the root bridge. Designated ports are in the forwarding state, forwarding traffic
for the segment. In Figure 2-22, the designated port for both segments is on the root
bridge because the root bridge is directly connected to both segments. The 10BASE-T
Ethernet port on switch Y is a nondesignated port because there is only one designated
port per segment. Nondesignated ports are normally in the blocking state to logically
break the loop topology. When a port is in the blocking state, it is not forwarding data
traffic but can still receive traffic.
Designated Port (F) Nondesignated Port (B)
Designated Port (F)
Nonroot Bridge
Root Port (F)
Root Bridge
100 BASE-T
10 BASE-T
Switch X Switch Y
Improving Performance with Spanning Tree 51
Switches and bridges running the Spanning Tree Algorithm exchange configuration
messages with other switches and bridges at regular intervals (every 2 seconds by default).
Switches and bridges exchange these messages using a multicast frame called the BPDU.
One of the pieces of information included in the BPDU is the bridge ID (BID).
STP calls for each switch or bridge to be assigned a unique BID. Typically, the BID is
composed of a priority value (2 bytes) and the bridge MAC address (6 bytes). The default
priority, in accordance with IEEE 802.1D, is 32,768 (1000 0000 0000 0000 in binary, or
0x8000 in hex format), which is the midrange value. The root bridge is the bridge with the
lowest BID.
Example: Selecting the Root Bridge
In Figure 2-23, both switches use the same default priority. The switch with the lowest
MAC address is the root bridge. In the example, switch X is the root bridge, with a BID of
0x8000 (0c00.1111.1111).
Figure 2-23 Root Bridge Selection
There are five STP port states:
■ Blocking
■ Listening
■ Learning
■ Forwarding
■ Disabled
NOTE A Cisco Catalyst switch uses one of its MAC addresses from a pool of MAC
addresses that are assigned either to the backplane or to the supervisor module,
depending on the switch model.
Switch Y
Default Priority 32768
(0x8000)
MAC 0c00.2222.2222
Switch X
Default Priority 32768
(0x8000)
MAC 0c00.1111.1111
BPDU
Switch X Switch Y
52 Chapter 2: Medium-Sized Switched Network Construction
When STP is enabled, every bridge in the network goes through the blocking state and the
transitory states of listening and learning at power-up. If properly configured, the ports then
stabilize to the forwarding or blocking state. Forwarding ports provide the lowest-cost path
to the root bridge. During a topology change, a port temporarily implements the listening
and learning states.
The disabled state is not strictly part of STP; a network administrator can manually disable
a port, or a security or an error condition may disable it. An example of a port that is
disabled would be a port that is shut down.
Figure 2-24 shows the flow of spanning-tree port states.
Figure 2-24 Spanning-Tree Port States
All bridge ports initially start in the blocking state, from which they listen for BPDUs.
When the bridge first boots, it functions as if it were the root bridge and transitions to the
listening state. An absence of BPDUs for a certain period is called the maximum age
(max_age), which has a default of 20 seconds. If a port is in the blocking state and does not
receive a new BPDU within the max_age, the bridge transitions from the blocking state to
the listening state. When a port is in the transitional listening state, it can send and receive
BPDUs to determine the active topology. At this point, the switch is not passing user data.
During the listening state, the bridge performs these three steps:
1. Selects the root bridge
2. Selects the root ports on the nonroot bridges
3. Selects the designated ports on each segment
Link Comes Up
Blocking
(Moves to Listening
After It Decides
It Is a Root
Port or a
Designated Port)
Blocking
(Loss of BPDU Detected)
(Max Age = 20 Sec)
Listening
(Forward Delay = 15 Sec)
Learning
(Forward Delay = 15 Sec)
Forwarding
Improving Performance with Spanning Tree 53
The time that it takes for a port to transition from the listening state to the learning state or
from the learning state to the forwarding state is called the forward delay. The forward
delay has a default value of 15 seconds.
The learning state reduces the amount of flooding required when data forwarding begins.
If a port is still a designated or root port at the end of the learning state, the port transitions
to the forwarding state. In the forwarding state, a port is capable of sending and receiving
user data. Ports that are not the designated or root ports transition back to the blocking state.
A port normally transitions from the blocking state to the forwarding state in 30 to 50
seconds. You can tune the spanning-tree timers to adjust the timing, but these timers are
meant to be set to the default value. The default values are put in place to give the network
enough time to gather all the correct information about the network topology.
Spanning-tree PortFast causes an interface that is configured as a Layer 2 access port to
transition immediately from the blocking state to the forwarding state, bypassing the
listening and learning states. You can use PortFast on Layer 2 access ports that are
connected to a single workstation or server to allow those devices to connect to the network
immediately rather than wait for spanning tree to converge. Figure 2-25 shows access ports
connected with PortFast enabled.
Figure 2-25 PortFast
If an interface that is configured with PortFast receives a BPDU, then spanning tree can
transition the port to the blocking state. Using a feature called BPDU guard, the port can be
disabled completely when it receives a BPDU to prevent any potential loops caused by
PortFast.
CAUTION Because the purpose of PortFast is to minimize the time that access ports
must wait for spanning tree to converge, you should use it only on access ports. If you
enable PortFast on a port connecting to another switch, you risk creating a spanning-tree
loop.
Trunk
Trunk
PortFast
Access Port
PortFast
Access Port
Trunk
Switch Z
Switch X Switch Y
54 Chapter 2: Medium-Sized Switched Network Construction
Table 2-10 lists the commands used to implement and verify PortFast on an interface.
Example: Spanning-Tree Operation
The best way to understand how spanning tree operates is to look at an operation example.
Figure 2-26 shows a sample network spanning tree topology and the relevant information
used by spanning tree.
Figure 2-26 Spanning Tree Topology
Table 2-10 PortFast Commands
Command Description
Switch(config-if)#spanningtree
portfast
Enables PortFast on a Layer 2 access port and forces it to
enter the forwarding state immediately.
Switch(config-if)#spanningtree
portfast bpdu-guard
Enables PortFast with BPDU guard. This disables the
switch port if a BPDU is ever received, preventing any
possibility of a loop.
Switch(config-if)#no
spanning-tree portfast
Disables PortFast on a Layer 2 access port. PortFast is
disabled by default.
Switch(config)#spanning-tree
portfast default
Globally enables the PortFast feature on all nontrunking
ports. When the PortFast feature is enabled, the port
changes from a blocking state to a forwarding state
without making the intermediate spanning-tree state
changes.
Switch#show running-config
interface type slot/port
Indicates whether PortFast has been configured on a port.
It can also be used to show if configuration has occurred
on an EtherChannel link by specifying port-channel
channel_number in place of type slot/port.
100Base-T
10Base-T
Root Bridge
Default Priority 32768
MAC 0c00.1111.0000
Port 1 Port 1
Port 0
Default Priority 32768
MAC 0c00.1111.2222
Default Priority 32768
MAC 0c00.1111.1111
Port 0
Switch Z
Switch X Switch Y
Port 0 Port 1
Improving Performance with Spanning Tree 55
The following describes the STP port states illustrated in Figure 2-26:
■ The root bridge is switch Z, which has the lowest BID.
■ The root port is port 0 on switches X and Y. Port 0 is the lowest-cost path to the root
on both switches.
■ The designated ports on switch Z are port 0 and port 1. All ports on the root are
designated ports. Port 1 of switch X is a designated port for the segment between
switch X and switch Y. Because switch X and switch Y have the same path cost to the
root bridge, the designated port is selected to be on switch X because it has a lower BID
than switch Y.
■ Port 1 on switch Y is the nondesignated port on the segment and is in the blocking state.
■ All designated and root ports are in the forwarding state.
Example: Spanning-Tree Path Cost
The spanning-tree path cost is an accumulated total path cost based on the bandwidth of all
the links in the path. In the figure, some of the path costs specified in the 802.1D
specification are shown. The 802.1D specification has been revised; in the older
specification, the cost was calculated based on a bandwidth of 1000 Mbps. The calculation
of the new specification uses a nonlinear scale to accommodate higher-speed interfaces.
Table 2-11 describes the spanning-tree path cost calculations based on bandwidth of a link.
When there is a topology change because of a bridge or link failure, spanning tree adjusts
the network topology to ensure connectivity by placing blocked ports in the forwarding
state.
NOTE Most Cisco Catalyst switches incorporate the revised cost calculations. A key
point to remember about STP cost is that lower costs are better.
Table 2-11 Spanning-Tree Path Costs
Link Speed Cost (Revised IEEE Specification) Cost (Previous IEEE Specification)
10 Gbps 2 1
1 Gbps 4 1
100 Mbps 19 10
10 Mbps 100 100
56 Chapter 2: Medium-Sized Switched Network Construction
Example: Spanning-Tree Recalculation
In Figure 2-27, if switch Z (the root bridge) fails and does not send a BPDU to switch Y
within the max_age time (default is 20 seconds, which equals 10 missed BPDUs), switch
Y detects the missing BPDU from the root bridge. When the max_age timer on switch Y
expires before a new BPDU has been received from switch Z, a spanning-tree recalculation
is initiated. Switch Y transitions its blocking port (port 1) from the blocking state to the
listening state to the learning state, and then finally to the forwarding state.
Figure 2-27 Spanning-Tree Recalculation
After all the switch and bridge ports have transitioned to either a forwarding state or a
blocking state, switch X becomes the root bridge and forwards traffic between the
segments.
STP Convergence
Convergence in STP is a state in which all the switch and bridge ports have transitioned to
either the forwarding or the blocking state. Convergence is necessary for normal network
operations. For a switched or bridged network, a key issue is the time required for
convergence when the network topology changes.
Fast convergence is a desirable network feature because it reduces the time that bridge and
switch ports are in transitional states and not sending user traffic. The normal convergence
time is 30 to 50 seconds for 802.1D STP.
Per VLAN Spanning Tree+
The 802.1D standard defines a Common Spanning Tree (CST) that assumes only one
spanning-tree instance for the entire switched network, regardless of the number of
VLANs. In a network running CST, these statements are true:
100Base-T
10Base-T
Designated
Port (F)
Designated
Port (F)
Root Bridge
Default Priority 32768
MAC 0c00.1111.0000
Port 1
Designated
Port (F)
Port 1
Nondesignated
Port (BLK)
Root Port (F)
Port 0
Default Priority 32768
MAC 0c00.1111.2222
Default Priority 32768
MAC 0c00.1111.1111
Root Port (F)
Port 0
Switch Z
Switch X Switch Y
Port 0 Port 1
Improving Performance with Spanning Tree 57
■ No load sharing is possible; one uplink must block for all VLANs.
■ The CPU is spared; only one instance of spanning tree must be computed.
Per VLAN Spanning Tree Plus (PVST+) defines a spanning-tree protocol that has several
spanning-tree instances running for the network, one instance of STP per VLAN. Figure 2-28
shows an example of how you can use PVST+ to forward traffic on all network segments
but still maintain STP integrity.
Figure 2-28 Per VLAN Spanning Tree+
In a network running several spanning-tree instances, these statements are true:
■ Optimum load sharing can result.
■ One spanning-tree instance for each VLAN maintained can mean a considerable waste
of CPU cycles for all the switches in the network (in addition to the bandwidth used
for each instance to send its own BPDUs).
PVST+ Operation
In a Cisco PVST+ environment, you can tune the spanning-tree parameters so that half of
the VLANs forward on each uplink trunk. To easily achieve this, you configure one switch
to be elected the root bridge for half of the total number of VLANs in the network and a
second switch to be elected the root bridge for the other half of the VLANs. Providing
different STP root switches per VLAN creates a more redundant network.
Spanning-tree operation requires that each switch has a unique BID. In the original 802.1D
standard, the BID was composed of the bridge priority and the MAC address of the switch,
and all VLANs were represented by a CST. Because PVST+ requires that a separate
instance of spanning tree runs for each VLAN, the BID field is required to carry VID
information. This is accomplished by reusing a portion of the Priority field as the extended
system ID to carry a VID. Figure 2-29 shows how modifying the bridge priority offers this
support.
Root for VLAN 1 Root for VLAN 2
Forwarding Port for VLAN 2
Blocking Port for VLAN 1
Forwarding Port for VLAN 1
Blocking Port for VLAN 2
58 Chapter 2: Medium-Sized Switched Network Construction
Figure 2-29 PVST+ VLAN ID
To accommodate the extended system ID, the original 802.1D 16-bit bridge priority field is
split into two fields, resulting in these components in the BID:
■ Bridge priority: A 4-bit field still used to carry bridge priority. Because of the limited
bit count, the priority is conveyed in discreet values in increments of 4096 rather than
discreet values in increments of 1, as they would be if the full 16-bit field were
available. The default priority, in accordance with IEEE 802.1D, is 32,768, which is
the midrange value.
■ Extended system ID: A 12-bit field carrying, in this case, the VID for PVST+.
■ MAC address: A 6-byte field with the MAC address of a single switch.
By virtue of the MAC address, a BID is always unique. When the priority and extended
system ID are prepended to the switch MAC address, each VLAN on the switch can be
represented by a unique BID.
If no priority has been configured, every switch will have the same default priority, and the
election of the root for each VLAN will be based on the MAC address. This method is a
random means of selecting the ideal root bridge; for this reason, it is advisable to assign a
lower priority to the switch that should serve as the root bridge. The root bridge should be
located in the center of your network traffic flow.
Rapid Spanning Tree Protocol
Rapid Spanning Tree Protocol (RSTP), specified in the IEEE 802.1w standard, supersedes
STP as specified in 802.1D, while remaining compatible with STP. RSTP can be seen as an
evolution of the 802.1D standard rather than a revolution. The 802.1D terminology remains
primarily the same. Most parameters have been left unchanged, so users familiar with
802.1D can configure the new protocol comfortably.
Bridge ID Without the
Extended System ID
Bridge ID = 8 Bytes
Bridge ID = 8 Bytes
Bridge
Priority
Bridge
Priority
Extend
System ID
MAC Address
MAC Address
2 Bytes 6 Bytes
Extended Bridge ID
with System ID
System ID = VLAN
4 Bits 12 Bits 48 Bits
Improving Performance with Spanning Tree 59
RSTP significantly reduces the time to reconverge the active topology of the network when
changes to the physical topology or its configuration parameters occur. RSTP defines the
additional port roles of alternate and backup, and it defines port states as discarding,
learning, or forwarding.
RSTP selects one switch as the root of a spanning-tree active topology and assigns port
roles to individual ports on the switch, depending on whether the ports are part of the active
topology.
RSTP provides rapid connectivity following the failure of a switch, a switch port, or a LAN.
A new root port and the designated port on the other side of the bridge transition to
forwarding through an explicit handshake between them. RSTP allows switch port
configuration so that the ports can transition to forwarding directly when the switch
reinitializes. Figure 2-30 shows an RSTP topology.
Figure 2-30 RSTP Topology
Per VLAN RSTP
The RSTP (802.1w) standard uses CST, which assumes only one spanning-tree instance for
the entire switched network, regardless of the number of VLANs. Per VLAN Rapid
Spanning Tree Plus (PVRST+) defines a spanning-tree protocol that has one instance of
RSTP per VLAN.
Multiple Spanning Tree Protocol
Multiple Spanning Tree Protocol (MSTP), originally defined in IEEE 802.1s and later
merged into IEEE 802.1Q-2003, defines a spanning-tree protocol that has several spanningtree
instances running for the network. But unlike PVRST+, which has one instance of
RSTP per VLAN, MSTP reduces the switch load by allowing a single instance of spanning
tree to run for multiple VLANs.
100Base-T
10Base-T
Designated
Port (F)
Designated
Port (F)
Root Bridge
Port 1
Designated
Port (F)
Port 1
Alternate
Port (DIS)
Root Port (F)
Port 0
Root Port (F)
Port 0
Switch Z
Switch X Switch Y
Port 0 Port 1
60 Chapter 2: Medium-Sized Switched Network Construction
RSTP Port Roles
RSTP defines the port roles as follows:
■ Root: A forwarding port elected for the spanning-tree topology.
■ Designated: A forwarding port elected for every switched LAN segment.
■ Alternate: An alternate path to the root bridge that is different from the path that the
root port takes.
■ Backup: A backup path that provides a redundant (but less desirable) connection to a
segment to which another switch port already connects. Backup ports can exist only
where two ports are connected in a loopback by a point-to-point link or bridge with two
or more connections to a shared LAN segment.
■ Disabled: A port that has no role within the operation of spanning tree.
Root and designated port roles include the port in the active topology. Alternate and backup
port roles exclude the port from the active topology.
The port state controls the forwarding and learning processes and provides the values of
discarding, learning, and forwarding. Table 2-12 compares STP port states with RSTP port
states.
NOTE The Cisco implementation of 802.1D includes some features that are standard in
802.1w. For example, the Cisco implementation of 802.1D determines an alternate root
port if it exists.
Table 2-12 Comparing RSTP Port States to STP
Operational Status STP Port State RSTP Port State
Port Included in
Active Topology
Enabled Blocking Discarding No
Enabled Listening Discarding No
Enabled Learning Learning Yes
Enabled Forwarding Forwarding Yes
Disabled Disabled Discarding No
Improving Performance with Spanning Tree 61
In a stable topology, RSTP ensures that every root port and designated port transitions to
forwarding, while all alternate ports and backup ports are always in the discarding state.
No comments:
Post a Comment