Switching

Topic 5Spanning tree protocol

Agenda

• Redundancy• Spanning tree concepts

– BPDUs– Root bridge and elections– Port roles– Port states– Timers– PortFast and BPDU guard

• Spanning tree evolves

Redundancy• Networks need redundancy to be highly available• Redundancy is achieved by having alternate

devices and alternate links• In a switching environment, whenever multiple

paths exist layer 2 loops can occur• Layer 2 loops escalate to broadcast storms which

very quickly overwhelm switches and the network is down

• In complex wiring closets, connections can be accidentally duplicated resulting in lost connectivity

Issues with alternate links

• Broadcast frames circulate and cause MAC address tables to constantly update and fill causing the switch to flood on all ports

• Duplicate unicast frames arrive at the destination and are dropped

Issues with redundant links

Issues with redundant links

Issues with redundant links

STP topology

• Redundancy protects the network from a single point of failure

• STP protects the network from layer 2 loops• STP:

– Only one logical path between switches– Blocks alternate links– Blocked links do not forward data frames– Blocked links receive STP frames – If a cable or switch fails, STP unblocks the link to

provide an alternative path

STA spanning tree algorithm• IEEE 802.1d standard• Determines which ports to block• Single switch is elected as a root bridge• On each other switch, STA calculates which link

has the shortest path to the root bridge • STA assigns roles to switchports on the switch:

– Root port (non-root bridges)• The port with the shortest path to the root bridge

– Designated port• Non-root port that is allowed to forward data

– Non-designated port• Put into a blocked state to prevent loops

Bridge ID

• BID is a unique number to identify switches• Consists of :

– Bridge priority, defaults to 32768 (1 to 65526)– MAC address of switch– Extended system ID (VLAN ID)

• BID can be set by admin by changing the priority value (in increments of 4096)

• The switch with the lowest BID is elected as the root bridge

BPDU frame structure

Root bridge election process

• The root bridge is the STP reference point for the broadcast domain

• Election process:– Each switch sends out BPDUs every 2 secs– BPDUs contain the switch BID and the root BID– Switch receives BPDUs from other switches– IF the root BID in the update < root BID of the switch

• Switch updates its rootBID to the new value– Switch forwards BPDUs with new root BID – BPDUs circulate and converge to one root BID – that

of the elected root bridge

Best paths• BPDUs are sent out by the root bridge• BPDU contain a field for path cost which is updated by

each switch that receives it• Path cost is calculated by adding port cost of the

receiving port to the path cost in the BPDU• Port costs are based on the speed of the port

– 10gig = 2, gig = 4, fa = 19, eth = 100 (to set IEEE values)– Port cost can be manually set by admin

• spanning-tree cost value• no spanning-tree cost (to set IEEE values)

• The lowest cost path forwards and the other alternate paths are blocked

STP process• On start, each switch sets the root BID with its own BID and

sends out BPDUs every two seconds (hello interval) on all switchports

• Switch records its own BID, root BID and path cost to root bridge

• Switch receives BPDUs– If root BID < local BID (I am not root bridge)

• Update root BID on switch• Update the path cost by adding cost of port receiving BPDU

(0 +19 = 19)• Send BPDUs with the updated rootBID and path cost values to other

switches– If root BID = local BID (I am root bridge)

• Received BPDUs are dropped• No values are updated

Port roles• Root port

– One root port per non-root switch– If there two equal cost paths from switch to root bridge

• Which port has lowest port priority? 128 is the default• Which port has lowest interface ID?

– Port with lowest value becomes root port, other becomes alternate port and is blocked

• Designated port– One designated port per segment– Designated port receives and forwards frames– All ports on the root bridge are designated– If a segment has equal cost paths from each end of the segment

• Switches send each other BPDUs to determine which switch has the lower BID• Switch with lower BID places its port into designated role, the port is blocked

• Non-designated port (alternate port)– Is blocked to prevent loops– Does not forward frames or populate its MAC address table– Does continue to receive BPDUs– If a link fails, the non-designated port may transition to a forwarding state

Port states

• Switchports transition through five states to forward data– Blocking

• The port receives BPDUs to determine the root bridge location and its STP role

– Listening• Port is receiving and transmitting BPDUs to inform adjacent

switches that it is preparing to transition to forwarding state– Learning

• Port populates its MAC address table to prepare to forward data– Forwarding

• Port is active and forwards frames and sends and receives BPDUs– Disabled

• Administratively shutdown

Port timersPort timers determine the time the port spends in each STP

state• Forward delay

– time spent in listening and learning states, by default 15 + 15 secs• Max age

– length of time the switch saves BPDU information – after 20 seconds of receiving no BPDUs, the link to root is considered

down• Hello time

– time between each BPDU frame sent – two second default• Default values allow for convergence on a network of diameter 7

(number of switches that separate hosts at far ends of the network)– Reconfigure timers by configuring the network diameter (do this with

caution)– Only the root bridge can send information to adjust timers

How does it all work?

How does it all work?

DP

SP 1

DP

DP

Root Bridge

SP 2

This bridge wins the election

starts sending BPDUS down all port

Root

Switch 1

Switch 4

Switch 3Switch 2

All ports start with a state of blocking

1Gig100Mbps

100Mbps100Mbps

100Mbps100Mbps

How does it all work?

How does it all work?

How does it all work?

How does it all work?

How does it all work?

How does it all work

How does it all work

How does it all work?

How does it all work?

PortFast

• Allows a port to transition from blocking to forwarding without the listening and learning delay

• Supports DHCP by allowing the DHCP request to go out immediately and avoids the DHCP timeout due to switch transitioning time

• Cisco® proprietary(config-if)#spanning-tree portfast

BPDU guard

• BPDU guard places a PortFast port into blocking state if a BPDU is received on that port– Protects a port configured with PortFast– If a switch is attached to a port configured with

PortFast a layer 2 loop may occur, followed by a broadcast storm

Topology change notification

• When any switch has a topology change it sends a topology change notification BPDU to the root bridge

• The root bridge sets the TC flag on BPDUs it sends to all switches

• Switches reduce the aging time on STP information to flush out stale information and speed up convergence

Configure the STP root

• STP is enabled by default• Method 1

Spanning-tree VLAN VID root primarySpanning-tree VLAN VID root secondary (backup root)

• Method 2Spanning-tree VLAN VID priority value

• Verify configurationShow spanning tree

STP variants• PVST

– Spanning tree for each VLAN (using ISL) – Different STP root bridges for each VLAN– BackboneFast, UplinkFast and PortFast

• PVST+ – Spanning tree for each VLAN (using 802.1q)

• RSTP– Version 2 with faster convergence

• Rapid PVST+ – Cisco® RSTP

• MSTP– Multiple VLANs mapped to the same spanning tree instance– Multiple paths and load balancing

Configure PVST+

• Select the switches for primary and secondary root bridges for each VLAN

• Configure root bridges(config)#spanning-tree VLAN VLANID root primary(config)#spanning-tree VLAN VLANID root secondary

• Verify configuration#Show spanning-tree active#Show run to see priority values

Default settings

• Default settings for Cisco® 2960– VLAN 1– PVST+– Priority 32768– Port priority 128– Port cost Gig = 4, fa = 19, eth = 100– Hello time = 2 secs– Forwarding delay = 15 + 15 secs– Max age = 20 secs

Agenda

• Redundancy• Spanning tree concepts

– BPDUs– Root bridge and elections– Port roles– Port states– Timers– PortFast and BPDU guard

• Spanning tree evolves

Switching

Topic 5Spanning tree protocol