2 STP InterVLANRouting

Spanning Tree Protocol
Inter-VLAN Routing
Malin Bornhager
Halmstad University
Session Number
Version 2002-1
2002, Svenska-CNAP Halmstad University
Objectives
Fundamentals of Spanning Tree Protocol
RSTP
MSTP
EtherChannel
Routing between VLANs
External route processors
CEF-based multilayer switching
Internal route processors
Version 2002-1
2002, Svenska-CNAP / Halmstad University.
Transparent Bridges
Do not modify frames that are forwarded
Learns addresses by listening on a port
Forwards broadcasts and unknown unicasts on all ports
Version 2002-1
Redundant Topologies
Layer 2 redundancy improves the availability

Implementing alternate paths by adding equipment and cabling
Goal to eliminate network outages caused by a single point of
failure
All networks need redundancy for enhanced reliability
Simple Redundant Switched Topology

Version 2002-1
Issues with Redundancy
Layer 2 loops
Broadcast storms
Duplicate unicast frames
MAC database instability
Version 2002-1
Layer 2 loops
Broadcast storm
Version 2002-1
Duplicate unicast frames
MAC Database Instability
Version 2002-1
Explaining a Loop Free Network

Loop free network can be achieved manually by shutting down or
disconnect redundant links
STP runs a Spanning Tree Algorithm (STA) to find and block
redundant links
Version 2002-1
Implementing Spanning Tree

With STP, a transparent bridge environment can be redundant
STP protect the network against accidental miscabling
Version 2002-1
Implementing Spanning Tree

STP executes an algorithm
called STA.
STA chooses a reference point,
called a root bridge, and
then determines the
available paths to that
reference point.
If more than two paths exists,
STA picks the best path and
blocks the rest
Version 2002-1
10
Port Roles
Root port
Designated port
Switch port closest to the root bridge
All non-root ports that are still permitted to forward traffic
Non-designated port
Version 2002-1
All ports configured to be in blocking state to prevent loops
11
Spanning-Tree Operation
Electing a root bridge
Selecting the root port on the non-root bridges
Selecting the designated port on each segment
How do the switches do this election?
Version 2002-1
12
BPDU
Bridge Protocol Data Unit (BPDU) is sent between switches to
establish and maintain a loop free topology
Root ID The lowest BID in the topology
Cost of Path Cost of all links from the transmitting switch to the root
bridge
Bridge ID (BID) of the transmitting switch
Port ID Transmitting switch port ID
STP timer values Max_Age, Hello Time, Forward Delay
Version 2002-1
13
Bridge PDU (Protocol Data Unit)
Each switch in the broadcast domain initially assumes that

it is the root bridge
Version 2002-1
14
Bridge ID
Lower BID values are preferred
Default priority = 32768
Version 2002-1
15
BPDU Process
Electing a root bridge
BPDUs are sent in the broadcast domain
Compare Bridge IDs
One root port is elected on each switch
Compares the path costs on all switch ports
Lowest overall path cost to the root is automatically assigned the

root port role
Assign designated and non-designated ports
All switch ports in the root bridge will be designated
Two switches connected to the same segment sends BPDUs, and

the lowest will become designated
Version 2002-1
16
Spanning-Tree Operation
Version 2002-1
17
Spanning Tree Operation

One root bridge per network
One root port per nonroot bridge
One designated port per segment
Nondesignated ports are blocking
Version 2002-1
18
Spanning Tree Operation

Port states (forward or block) based on:
Lowest path cost
Lowest sender BID
Lowest sender port ID
Version 2002-1
19
Port States
Version 2002-1
20
STP Timers
Version 2002-1
21
STP Port States
Version 2002-1
22
Spanning Tree Enhancements

Implementation of :
Portfast
Rapid Spanning Tree Protocol 802.1w (RSTP)
Per VLAN Spanning Tree 802.1q (PVST +)
Multiple Spanning Tree 802.1s (MST)
Load balancing across links
Version 2002-1
23
PortFast
Causes an interface to transition from blocking to forwarding state

immediately
Do not go through the listening and learning states
Configure PortFast on access ports connected to a single server or

workstation (or globally on all nontrunking interfaces)
Prevents DHCP timeouts
Version 2002-1
24
Rapid Spanning Tree - RSTP
STP convergence time = 30-50 seconds
RSTP offers better recovery at layer 2
RSTP requires full-duplex point-to-point connection
Alternate and Backup Ports
Edge Ports do not participate in STP
Version 2002-1
25
RSTP Port Roles
Alternate port
Offers an alternate path toward the root bridge
Backup port
Additional port with a redundant link to the segment
Version 2002-1
26
RSTP Port Roles
Edge port
A switch port never intended to

connect to another switch device
Transition to forwarding state

immediately
If BPDU is received, it becomes a

normal spanning-tree port
Version 2002-1
27
RSTP Port States
Discarding
Learning
Prevents the forwarding of data frames
Accepts data frames to populate the MAC table, to limit

flooding of unknown unicast frames
Forwarding
Version 2002-1
Forwarding of data frames in stable active topologies
28
Configuring Access Port Macro
Use the switchport host macro command on an interface connecting to

an end station.
Switch(config-if)# switchport host

switchport mode will be set to access
spanning-tree portfast will be enabled
channel group will be disabled
Switch(config-if)# end
Switch#
Version 2002-1
29
Multiple Spanning Tree - MSTP

MST (IEEE 802.1s) extends the IEEE 802.1w Rapid Spanning Tree
(RSTP) algorithm to multiple spanning-trees
Main purpose is to reduce the total number of spanning tree instances
to match the physical topology
Grouping VLANs and associate with spanning tree instances
Version 2002-1
30
MST Use of Extended System ID
MST carries the instance number in the 12-bit Extended System ID field
of the Bridge ID.
Version 2002-1
31
MST Configuration Example
SwitchA(config)# spanning-tree mode mst

SwitchA(config)# spanning-tree mst configuration
SwitchA(config-mst)# name XYZ
SwitchA(config-mst)# revision 1
SwitchA(config-mst)# instance 1 vlan 11, 21, 31
SwitchA(config-mst)# instance 2 vlan 12, 22, 32
SwitchA(config)# spanning-tree mst 1 root primary
SwitchB(config)# spanning-tree mode mst
SwitchB(config)# spanning-tree mst configuration
SwitchB(config-mst)# name XYZ
SwitchB(config-mst)# revision 1
SwitchB(config-mst)# instance 1 vlan 11, 21, 31
SwitchB(config-mst)# instance 2 vlan 12, 22, 32
SwitchB(config)# spanning-tree mst 2 root primary
Version 2002-1
32
Spanning Tree Enhancements
BPDU guard: Prevents accidental connection of switching devices to PortFast-enabled

ports. Connecting switches to PortFast-enabled ports can cause Layer 2 loops or
topology changes.
BPDU filtering: Restricts the switch from sending unnecessary BPDUs out access
ports.
Root guard: Prevents switches connected on ports configured as access ports from
becoming the root switch.
Loop guard: Prevents root ports and alternate ports from moving to forwarding state
when they stop receiving BPDUs.
Version 2002-1
33
BPDU Guard
BPDU Guard puts an interface configured for STP PortFast in the errdisable state upon receipt of a BPDU. BPDU guard disables interfaces
as a preventive step to avoid potential bridging loops.
BPDU guard shuts down PortFast-configured interfaces that receive

BPDUs, rather than putting them into the STP blocking state (the
default behavior). In a valid configuration, PortFast-configured
interfaces should not receive BPDUs. Reception of a BPDU by a
PortFast-configured interface signals an invalid configuration, such as
connection of an unauthorized device.
BPDU guard provides a secure response to invalid configurations,

because the administrator must manually re-enable the err-disabled
interface after fixing the invalid configuration. It is also possible to set
up a time-out interval after which the switch automatically tries to reenable the interface. However, if the invalid configuration still exists,
the switch err-disables the interface again.
Version 2002-1
34
BPDU Filtering
BPDU filtering prevents a Cisco switch from sending BPDUs on PortFastenabled interfaces, preventing unnecessary BPDUs from being transmitted to
host devices.
BPDU guard has no effect on an interface if BPDU filtering is enabled.
When enabled globally, BPDU filtering has these attributes:
It affects all operational PortFast ports on switches that do not have

BPDU filtering configured on the individual ports.
If BPDUs are seen, the port loses its PortFast status, BPDU filtering is
disabled, and STP sends and receives BPDUs on the port as it would with
any other STP port on the switch.
Upon startup, the port transmits ten BPDUs. If this port receives any
BPDUs during that time, PortFast and PortFast BPDU filtering are
disabled.
When enabled on an interface, BPDU filtering has these attributes:
It ignores all BPDUs received.
It sends no BPDUs.
Version 2002-1
35
Root Guard
Root guard is useful in avoiding Layer 2 loops during network

anomalies. The Root guard feature forces an interface to become a
designated port to prevent surrounding switches from becoming root
bridges.
Root guard-enabled ports are forced to be designated ports. If the

bridge receives superior STP BPDUs on a Root guard-enabled port,
the port moves to a root-inconsistent STP state, which is effectively
equivalent to the STP listening state, and the switch does not forward
traffic out of that port. As a result, this feature enforces the position of
the root bridge.
Version 2002-1
36
Root Guard Motivation
Switches A and B comprise the core of the network. Switch A is the root
bridge.
Switch C is an access layer switch. When Switch D is connected to Switch C,

it begins to participate in STP. If the priority of Switch D is 0 or any value
lower than that of the current root bridge, Switch D becomes the root bridge.
Having Switch D as the root causes the Gigabit Ethernet link connecting the
two core switches to block, thus causing all the data to flow via a 100-Mbps
link across the access layer. This is obviously a terrible outcome.
Version 2002-1
37
Root Guard Operation
After the root guard feature is enabled on a port, the switch does not
enable that port to become an STP root port.
Cisco switches log the following message when a root guard

enabled port receives a superior BPDU:
%SPANTREE-2-ROOTGUARDBLOCK: Port 1/1 tried to become nondesignated in VLAN 77.
Moved to root-inconsistent state.
Version 2002-1
38
Root Guard Operation
The current design recommendation is to enable root guard on all access ports so
that a root bridge is not established through these ports.
In this configuration, Switch C blocks the port connecting to Switch D when it

receives a superior BPDU. The port transitions to the root-inconsistent STP state.
No traffic passes through the port while it is in root-inconsistent state.
When Switch D stops sending superior BPDUs, the port unblocks again and goes
through regular STP transition of listening and learning, and eventually to the
forwarding state. Recovery is automatic; no intervention is required.
Version 2002-1
39
Loop Guard
The Loop Guard STP feature improves the stability of Layer 2 networks by preventing bridging loops.
In STP, switches rely on continuous reception or transmission of BPDUs, depending on the port role.
A designated port transmits BPDUs whereas a nondesignated port receives BPDUs.
Bridging loops occur when a port erroneously transitions to forwarding state because it has stopped
receiving BPDUs.
Ports with loop guard enabled do an additional check before transitioning to forwarding state. If a
nondesignated port stops receiving BPDUs, the switch places the port into the STP loop-inconsistent
blocking state.
If a switch receives a BPDU on a port in the loop-inconsistent STP state, the port transitions through
STP states according to the received BPDU. As a result, recovery is automatic, and no manual
intervention is necessary.
Version 2002-1
40
Loop Guard Messages
When the Loop Guard feature places a port into the loop-inconsistent
blocking state, the switch logs the following message:
SPANTREE-2-LOOPGUARDBLOCK: No BPDUs were received on port
3/2 in vlan 3.
Moved to loop-inconsistent state.
After recovery, the switch logs the following message:

SPANTREE-2-LOOPGUARDUNBLOCK: port 3/2 restored in vlan 3.
Version 2002-1
41
Loop Guard Operation
Version 2002-1
42
Loop Guard Configuration Considerations
Configure Loop Guard on a per-port basis,

although the feature blocks inconsistent
ports on a per-VLAN basis; for example, on a
trunk port, if BPDUs are not received for only
one particular VLAN, the switch blocks only
that VLAN (that is, moves the port for that
VLAN to the loop-inconsistent STP state). In
the case of an EtherChannel interface, the
channel status goes into the inconsistent
state for all the ports belonging to the
channel group for the particular VLAN not
receiving BPDUs.
Enable Loop Guard on all nondesignated

ports. Loop guard should be enabled on root
and alternate ports for all possible
combinations of active topologies.
Loop Guard is disabled by default on Cisco

switches.
Version 2002-1
43
Unidirectional Link Detection (UDLD)
The link between Switches B and C becomes unidirectional. Switch B can receive
traffic from Switch C, but Switch C cannot receive traffic from Switch B.
On the segment between Switches B and C, Switch B is the designated bridge

sending the root BPDUs and Switch C expects to receive the BPDUs.
Switch C waits until the max-age timer (20 seconds) expires before it takes action.
When this timer expires, Switch C moves through the listening and learning states
and then to the forwarding state. At this moment, both Switch B and Switch C are
forwarding to each other and there is no blocking port in the network.
Version 2002-1
44
UDLD Modes
Normal Mode UDLD detects unidirectional links due to misconnected

interfaces on fiber-optic connections. UDLD changes the UDLDenabled port to an undetermined state if it stops receiving UDLD
messages from its directly connected neighbor.
Aggressive Mode (Preferred) When a port stops receiving UDLD

packets, UDLD tries to reestablish the connection with the neighbor.
After eight failed retries, the port state changes to the err-disable
state. Aggressive mode UDLD detects unidirectional links due to oneway traffic on fiber-optic and twisted-pair links and due to
misconnected interfaces on fiber-optic links.
Version 2002-1
45
Flex Links
Version 2002-1
Flex Links is a Layer 2 availability

feature that provides an alternative
solution to STP and allows users to turn
off STP and still provide basic link
redundancy.
Flex Links can coexist with spanning

tree on the distribution layer switches;
however, the distribution layer switches
are unaware of the Flex Links feature.
Flex Links enables a convergence time

of less than 50 milliseconds. In addition,
this convergence time remains
consistent regardless of the number of
VLANs or MAC addresses configured on
switch uplink ports.
Flex Links is based on defining an

active/standby link pair on a common
access switch. Flex Links are a pair of
Layer 2 interfaces, either switchports or
port channels, that are configured to act
as backup to other Layer 2 interfaces.
46
EtherChannel
Bundles individual Ethernet links into a

single logical link
Up to 8 physical links can be bundle

together
Usually used for trunk links
Provides high bandwidth
Load balancing
Automatic failover
Simplifies subsequent logical

configuration (does not need to configure
each physical link)
Version 2002-1
47
EtherChannel - Protocols
PAgP Port Aggregation Protocol
Cisco proprietary
PAgP packets sent between ports to

negotiate the forming of a channel
Ensures that all ports have the same

type of configuration
LACP Link Aggregation Protocol
IEEE 802.3ad standard
Allows several physical ports to be

bundled together to form a single
logical channel
Version 2002-1
48
PAgP Modes
Mode
Purpose
Auto
Places an interface in a passive negotiating state in which the interface responds to the
PAgP packets that it receives but does not initiate PAgP negotiation (default).
Desirable
Places an interface in an active negotiating state in which the interface initiates

negotiations with other interfaces by sending PAgP packets. Interfaces configured in the
on mode do not exchange PAgP packets.
On
Forces the interface to channel without PAgP.
Nonsilent
If a switch is connected to a partner that is PAgP-capable, configure the switch interface

for non-silent operation. The non-silent keyword is always used with the auto or
desirable mode. If you do not specify non-silent with the auto or desirable mode, silent is
assumed. The silent setting is for connections to file servers or packet analyzers; this
setting enables PAgP to operate, to attach the interface to a channel group, and to use
the interface for transmission.
Version 2002-1
49
LACP Modes
Mode
Purpose
Passive
Places a port in a passive negotiating state. In this state, the port responds
to the LACP packets that it receives but does not initiate LACP packet
negotiation (default).
Active
Places a port in an active negotiating state. In this state, the port initiates
negotiations with other ports by sending LACP packets.
On
Forces the interface to the channel without PAgP or LACP.
Version 2002-1
50
Inter-VLAN Routing Options
External router with a separate interface for each VLAN.

External router trunked to Layer 2 switch (router-on-a-stick).
Multilayer switch (pictured).
Version 2002-1
51
Inter-VLAN routing with external router

L3 capability is needed to communicate between VLANs
Trunk between switch and router
Sub-interfaces configured on the router for all VLANs
Version 2002-1
52
Inter-VLAN routing with external router
Advantages:
Implementation is simple
Layer 3 services not required on the switch
Router provides communication between VLANs
Disadvantages:
The router is a single point of failure
Traffic path between switch and router may become congested
Latency is higher than on Layer 3 switch
Version 2002-1
53
Multilayer switching - MLS
Combines the functionality of a

switch and a router into one device
Software based routing process

(packet re-writing) to specialized ASIC
hardware
Optimized for campus LAN
When MLSs own MAC address is in

Layer 2 header
Destined for the MLS or
Destination IP address is
compared against Layer 3
forwarding table
Version 2002-1
54
High-Speed Memory Tables
Multilayer switches build routing, bridging, QoS, and ACL tables for
centralized or distributed switching.
Switches perform lookups in these tables to make decisions, such as

to determine whether a packet with a specific destination IP address is
supposed to be dropped according to an ACL.
These tables support high-performance lookups and search

algorithms to maintain line-rate performance.
Multilayer switches deploy these memory tables using specialized

memory architectures, referred to as content addressable memory
(CAM), and ternary content addressable memory (TCAM).
Version 2002-1
55
Tables
CAM table: Primary table used to make Layer 2 forwarding decisions.
The table is built by recording the source address and inbound port of
all frames. When a frame arrives at the switch with a destination MAC
address of an entry in the CAM table, the frame is forwarded out only
through the port associated with that specific MAC address.
TCAM table: Stores ACL, QoS, and other information generally
associated with upper-layer processing. TCAM is most useful for
building tables for searching on the longest match, such as IP routing
tables organized by IP prefixes.
Version 2002-1
56
Switch Virtual Interface - SVI
Virtual Layer 3 interface configured for

any VLAN
Acts as a default gateway for a VLAN

and traffic can be routed between
VLANs
Provide Layer 3 IP connectivity to the

switch
Support routing protocols
Version 2002-1
57
Routed ports on a multilayer switch
Physical switch port capable of Layer 3 packet processing
Not associated with a particular VLAN
Switch port functionality is removed
Behaves like a regular router interface, but does not support subinterfaces
Version 2002-1
58
Routed ports on a multilayer switch
Version 2002-1
59
Distributed Hardware Forwarding
Layer 3 switching software employs a distributed architecture in which

the control path and data path are relatively independent.
The control path code, such as routing protocols, runs on the route
processor.
Each interface module includes a microcoded processor that handles all

packet forwarding. The Ethernet interface module and the switching
fabric forward most of the data packets.
Version 2002-1
60
Cisco Switching Methods
Process Switching
Fast Switching
Cisco Express Forwarding (CEF)
Version 2002-1
61
Cisco Switching Methods Process Switching
Router strips off the Layer 2 header for each incoming frame
Looks up the Layer 3 destination network address in the routing table

for each packet, and then sends the frame with rewritten Layer 2
header, including computed cyclic redundancy check (CRC), to the
outgoing interface.
All these operations are done by software running on the CPU for each
individual frame.
Process switching is the most CPU-intensive method available in

Cisco routers.
It can greatly degrade performance and is generally used only as a last

resort or during troubleshooting.
Version 2002-1
62
Cisco Switching Methods Fast Switching
After the lookup of the first packet destined for a particular IP network,
the router initializes the fast-switching cache used by the fast
switching mode.
When subsequent frames arrive, the destination is found in this fastswitching cache.
The frame is rewritten with corresponding link addresses and is sent

over the outgoing interface.
Version 2002-1
63
Cisco Switching Methods - CEF
The default-switching mode.
CEF is less CPU-intensive than fast switching or process switching.
A router with CEF enabled uses information from tables built by the CPU, such as the
routing table and ARP table, to build hardware-based tables known as the Forwarding
Information Base (FIB) and adjacency tables.
These tables are then used to make hardware-based forwarding decisions for all frames in
a data flow
Although CEF is the fastest switching mode, there are limitations, such as other features
that are not compatible with CEF or rare instances in which CEF functions can actually
degrade performance, such as CEF polarization in a topology using load-balanced Layer 3
paths.
Version 2002-1
64
Cisco Forwarding Decision Methods
Route caching: Also known as flow-based or demand-based

switching, a Layer 3 route cache is built within hardware functions as
the switch sees traffic flow into the switch. This is functionally
equivalent to Fast Switching in the Cisco router IOS.
Topology-based switching: Information from the routing table is used

to populate the route cache, regardless of traffic flow. The populated
route cache is called the FIB. CEF is the facility that builds the FIB.
This is functionally equivalent to CEF in the Cisco router IOS.
Version 2002-1
65
Route Caching
First packet in a stream is

switched in software by the route
processor.
Information is stored in cache
table as a flow.
All subsequent packets are
switched in hardware.
Version 2002-1
66
Topology-Based Switching
Faster than route caching. Even first packet forwarded by hardware.
CEF populates FIB with information from routing table.
Version 2002-1
67
CEF Processing
CEF uses special strategies to switch data packets to their destinations

expediently. It caches the information generated by the Layer 3 routing
engine even before the switch encounters any data flows.
CEF caches routing information in one table (FIB) and caches Layer 2
next-hop addresses and frame header rewrite information for all FIB
entries in another table, called the adjacency table (AT).
Version 2002-1
68
Forwarding Information Base (FIB)
Derived from the IP routing table.
Arranged for maximum lookup throughput.
IP destination prefixes stored in TCAM, from most-specific to leastspecific entry.
FIB lookup based on Layer 3 destination address prefix (longest

match) matches structure of CEF entries within the TCAM.
When TCAM full, wildcard entry redirects frames to the Layer 3 engine.
Updated after each network change but only once. Each change in the
IP routing table triggers a similar change in the FIB.
Contains all known routes. Contains all next-hop addresses

associated with all destination networks.
Version 2002-1
69
Adjacency Table (AT)
Derived from ARP table and contains Layer 2 header rewrite (MAC)
information for each next hop contained in the FIB. Nodes in network
are said to be adjacent if they are within a single hop from each other.
Maintains Layer 2 next-hop addresses and link-layer header

information for all FIB entries.
Populated as adjacencies are discovered.
Each time adjacency entry created (such as via ARP), a Layer 2 header
for that adjacent node is pre-computed and stored in the adjacency
table.
When the adjacency table is full, a CEF TCAM entry points to the Layer
3 engine to redirect the adjacency.
Version 2002-1
70
CEF-based multilayer switches

Packets not processed in hardware:
IP packets that use IP header options
Packets forwarded to a tunnel interface
Packets with non-supported encapsulation types
Packet that exceed the maximum transmission unit (MTU)
Version 2002-1
71
CEF-based MLS Operation
Step 1: Host A sends a packet to Host B. The switch recognizes the

frame as a Layer 3 packet because the destination MAC (MAC-M)
matches the Layer 3 engine MAC
Version 2002-1
72
Step 2: The switch performs a CEF lookup based on the destination IP

address (IP-B). The packets hits the CEF entry for the connected
network (VLAN20) and is redirected to the Layer 3 engine
Version 2002-1
73
Step 3: The Layer 3 engine installs an ARP adjacency in the switch for
Host B IP address
Step 4: The Layer 3 engine sends ARP requests for Host B on VLAN20
Version 2002-1
74
Step 5: Host B sends an ARP response to the Layer 3 engine
Step 6: The Layer 3 engine installs the resolved adjacency in the

switch
Version 2002-1
75
Step 7: The switch forwards the packet to Host B
Step 8: The switch receives a subsequent packet for Host B (IP-B)
Version 2002-1
76
Step 9: The switch performs a Layer 3 lookup and finds a CEF entry
for Host B. The entry points to the adjacency with rewrite information
for Host B
Version 2002-1
77
Step 10: The switch rewrites packet per the adjacency information and
forwards the packet to Host B on VLAN20
Version 2002-1
78
Summary
STP protects the network from loops
RSTP quickly adapts to network topology transitions
MSTP reduces the burden of STP traffic and CPU processing
EtherChannel adds redundancy and creates high-bandwidth

connections between switches
Version 2002-1
79
Summary
An external router can be configured to route packets between the

VLANs on a Layer 2 switch
Multilayer switches allow routing and the configuration of interfaces to

pass packets between VLANs
CEF-based multilayer switching facilitates packet switching in

hardware
Version 2002-1
80

2 STP InterVLANRouting

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

2 STP InterVLANRouting

Caricato da

Copyright:

Formati disponibili

Spanning Tree Protocol

2002, Svenska-CNAP Halmstad University

2002, Svenska-CNAP / Halmstad University.

2002, Svenska-CNAP / Halmstad University.

Layer 2 redundancy improves the availability

Simple Redundant Switched Topology

2002, Svenska-CNAP / Halmstad University.

Issues with Redundancy

Duplicate unicast frames

MAC database instability

2002, Svenska-CNAP / Halmstad University.

2002, Svenska-CNAP / Halmstad University.

Duplicate unicast frames

MAC Database Instability

2002, Svenska-CNAP / Halmstad University.

Explaining a Loop Free Network

2002, Svenska-CNAP / Halmstad University.

Implementing Spanning Tree

2002, Svenska-CNAP / Halmstad University.

Implementing Spanning Tree

2002, Svenska-CNAP / Halmstad University.

Switch port closest to the root bridge

All non-root ports that are still permitted to forward traffic

All ports configured to be in blocking state to prevent loops

2002, Svenska-CNAP / Halmstad University.

Electing a root bridge

Selecting the root port on the non-root bridges

Selecting the designated port on each segment

How do the switches do this election?

2002, Svenska-CNAP / Halmstad University.

2002, Svenska-CNAP / Halmstad University.

Bridge PDU (Protocol Data Unit)

Each switch in the broadcast domain initially assumes that

2002, Svenska-CNAP / Halmstad University.

2002, Svenska-CNAP / Halmstad University.

Electing a root bridge

BPDUs are sent in the broadcast domain

Compare Bridge IDs

One root port is elected on each switch

Compares the path costs on all switch ports

Lowest overall path cost to the root is automatically assigned the

Assign designated and non-designated ports

All switch ports in the root bridge will be designated

Two switches connected to the same segment sends BPDUs, and

2002, Svenska-CNAP / Halmstad University.

2002, Svenska-CNAP / Halmstad University.

Spanning Tree Operation

2002, Svenska-CNAP / Halmstad University.

Spanning Tree Operation

2002, Svenska-CNAP / Halmstad University.

2002, Svenska-CNAP / Halmstad University.

2002, Svenska-CNAP / Halmstad University.

STP Port States

2002, Svenska-CNAP / Halmstad University.

Spanning Tree Enhancements

2002, Svenska-CNAP / Halmstad University.

Causes an interface to transition from blocking to forwarding state

Do not go through the listening and learning states

Configure PortFast on access ports connected to a single server or

Prevents DHCP timeouts

2002, Svenska-CNAP / Halmstad University.

Rapid Spanning Tree - RSTP

STP convergence time = 30-50 seconds

RSTP offers better recovery at layer 2