Module 4 - Building a Redundant Switched Topology Flashcards
Switched Redundancy - Spanning Tree Protocol
Redundancy is vitally important and should be configured where possible.
Spanning tree offers loop-free redundancy capabilities. There is no TTL on a switch so that is where a need for a loop prevention mechanism was introduced.
STP was introduced to stop broadcast storms, also note that you can’t have two paths to a destination in switching.
Without STP then the following issues would occur:
- Broadcast storms
- multiple frame transmission
- Mac database instability.
Remember - There is only ever one active path with STP. It’s a loop avoidance technology to support redundant topology.
Spanning Tree Election Process
Root bridge election.
Switches do a really bad job with STP by default. The switch with the oldest MAC address, more than likely also the slowest performance wise is seleced by default.
Within STP there is one switch more important than the rest, this is known as the ‘Root Bridge’ and this takes place as the first step of the STP process.
All ports on the root bridge take the role of designated ports.
BPDU packets are sent from the root bridge.
Root ports
Root ports are the next to be chosen on the non root bridge switches. The root ports are the ports closest to the root bridge.
The lowest sending port-id of the connected switch wins in a tie break situation.
Comparison of STP Protocols
There are 5 implementations of STP, some of them are standards and some developed by Cisco.
STP (802.1D) - slow convergence - One tree
PVST+ (cisco proprietary) - slow convergence - one tree per vlan
RSTP (802.1W) - fast - one tree
RPVSTP+ (cisco proprieratry) - fast - one tree per vlan
MST (802.1S) - fast - one tree for multiple vlans
Bridge Protocol Data Unit (BPDU)
Sent every 2 seconds by an hello timer.
There are 3 types of BDPU.
Configuration BPDU’s always come from the root bridge. They also send out a TCA - topology change acknowledgement.
Topology Change Notifications (TCN’s) are sent to the root bridge from downstream switches.
Root Bridge
The Root Bridge is elected on the lowest bridge ID.
The bridge ID is made up of the BID + MAC address. The default bridge ID is 32768 + vlan number - example would be
switch one = 32768 and vlan 10 = BID = 32778
remember lowest MAC is generally older so the priority of the switch becomes important.
Tip - The root bridge should always be placed at the core or the distribution layer depending on the topology of your network.
STP Port States
There are 5 of them… do you know what they are
It can be upto 50 seconds before a switch can forward with STP 802.1D. Quite slow and noticeable on modern networks.
blocking - 20 seconds. This state won’t receive or forward BPDU’s
listening - 15 seconds - Can RX but won’t forward BDPU’s
learning - 15 seconds - can rx and tx BPDU’s , will also learn mac addresses at this state… it won’t forward data packets though.
forwarding - rx, tx, learns mac addresses and also forwards data packets.
disabled - doesn’t rx, tx, learn macs or forwards.
STP Timers
There are 3 timers used with STP:
Hello timer - every 2 seconds by default BPDU’s are sent out.
Forward delay - 15 seconds
Max age timer - 20 seconds
You can adjust STP timers. You can tune the hello time between 1 and 10 seconds, forward delay between 4 and 30 seconds, and maximum age between 6 and 40 seconds. However, the timer values should never be changed without consideration
Normally, you do not change the STP timers, you would instead use RSTP.
Designated Ports
The designated ports are chosen on non root bridge switches, they are any port which is not a root port or blocking port.
Designated ports have lower mac address.
Rapid Spanning Tree Protocol
RSTP (802.1w)
3 basic operations of a switch port operating in RSTP:
- discarding - blocking and listening states (combined)
- learning
- forwarding
RSTP Link Types
Edge Port - A PC or printer for example connected into a switch.
P2P - When two switches are interconnected, this link type allows full duplex
Shared - where multiple switches may reside off, for example a hub or dirty switch. Operates in half duplex mode.
It is recommended that Portfast be configured for any interfaces which have end devices such as PC’s connected.
Also worth noting that PVST is now the default mode of switches and that 802.1d is now obsolete in reality.
useful cmd
in interface configuration mode - spanning-tree link-type point-to-point
Bridge Priority
Configuration and Theory
Bridge priority on a switch can be configured in increments of 4096. Starting at 0. It can go up to 61,440.
recommended configuration, two commands can be run:
spanning-tree vlan vlanid root primary | secondary
if changing timers then this should only be done on the root bridge, it will then propogate to the other switches.
spanning-tree vlan vlan-id priority bridge-priority
Q.
In a redundant topology, which of the following is a problem where multiple copies of the same unicast frames are delivered to a destination station, causing problems with the receiving protocol?
A.
Multiple frame transmission
STP Port Roles
Root port
This port exists on non-root bridges. It is the switch port with the best path to the root bridge. Root ports forward traffic toward the root bridge and the source MAC address of the frames that are received on the root port that is capable of populating the MAC table. Only one root port is allowed per bridge.
Designated port
This port exists on root and non-root bridges. For root bridges, all switch ports are designated ports. For non-root bridges, a designated port is the switch port that will receive and forward frames toward the root bridge as needed. Only one designated port is allowed per segment. If multiple switches exist on the same segment, an election process determines the designated switch, and the corresponding switch port begins forwarding frames for the segment. Designated ports are capable of populating the MAC table.
Nondesignated port (blocking)
The nondesignated port is a switch port that is not forwarding (blocking) data frames and is not populating the MAC address table with the source addresses of frames that are seen on that segment.
Disabled port
The disabled port is a switch port that is shut down.
BPDU Frame Format
- Protocol ID: Identifies the STP
- Version: Identifies the current version of the protocol
- Message type: Identifies the type of BPDU—configuration or TCN (Topology Change Notification) BPDU
- Flags: Used in response to a TCN BPDU
- Root bridge ID: Identifies the bridge ID of the root bridge
- Root path cost: Identifies the cost from the transmitting switch to the root
- Sender bridge ID: Identifies the bridge ID of the transmitting switch
- Port ID: Identifies the transmitting port
- Message age: Indicates the age of the current BPDU
- Maximum age: Indicates the timeout value
- Hello time: Identifies the time interval between generation of configuration BPDUs by the root
- Forward delay: Defines the time a switch port must wait in the listening and learning state
STP Cost
Links between switches witin STP have costs. The cost is associated with the bandwidth of the link, it can be changed administratively, however this is not a common practice.
STP COSTS
16mbpbs - 62
100mbps - 19
1gbps - 4
2gbps - 3
10gbps - 2
The higher the bandwidth the lower the cost!
In the STP (Spanning Tree Protocol) which of the two port types are able to forward traffic? (Choose two.)
The answer is root port and designated port.
MST Configuration
You start by first creating a MST configuration before activating it.
1) spanning-tree mst coniguration
2) name CCNP
3) revision 1 (manual process but must match across switches)
You then create an instance and assign Vlans to the instance.
4) instance 1 vlan 1,2
5) instance 2 vlan 4,5
Mapping the instance as either primary/secondary on the Switch
SW1(config)# spanning-tree mst 1 root primary
SW1(config)# spanning-tree mst 2 root secondary
Enabling MST on the switch
config mode - spanning-tree mode mst
Verfication Cmds
show spanning-tree mst 1 - verification
show spanning-tree summary
show spanning-tree mst configuration
show spanning-tree mst configuration digest
**the digest information must match across all devices within an MST region.
Switch(config)# interface ethernet 0/2 Switch
(config-if)# spanning-tree mst 1 port-priority 64
Portfast and BPDU Guard
Overview
PortFast - Cisco developed this to speed up the transition for access port devices, STP is designed to stop loops, however it runs on all ports by default. The STP delay of waiting for state transition of upto 50 seconds can cause issues with DHCP for network devices.
BPDU Guard - Usually used in conjunction with PortFast, this will shut down an access port if it receives a bpdu received on the port. This is a mechanisim for stopping other switch devices from been introduced into the network and causing issues.
