http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/12013-17.html
http://sysnetnotes.blogspot.in/2013/07/spanning-tree-protocol-stp-ieee-8021d.html
http://networkerinterview.net/entries/spanning-tree-protocol/STP
http://sysnetnotes.blogspot.in/2013/07/bridge-protocol-data-unit-bpdu.html
https://networklessons.com/switching/spanning-tree-topology-change-notification-tcn/
How STP works:
=============
1. Elect on Root
Bridge
2. Elect one root port
per bridge
3. Elect Designated
ports
Root bridge act as ref
point and path calculation happens based on it.
Switch with Lowest Bridge ID in network
becomes Root Bridge
Bridge ID contains.
- Bridge Priority: 0 -
61440: Default is 32767
- Mac address
Priority of 0 is most preferred for Root Bridge
Refer to the below
exercise:
Root and designated
port election:
-============================
DPs are downstream
facing away from Root Bridge
Like root port
election based on..
-Lowest root path cost
-lowest BID
-lowest Port ID
All other ports go
into blocking mode
- receive BPDUs
- Discard all other
traffic
- Cannot send traffic
Root port opposite is
always DP
STP Timers
==========
Timers effect the
transition between port states
- set only on
the root bridge
Hello
- How often
configuration BPDUs are sent
- Defaults to 2 sec
Max Age
- How long to
wait in blocking state without hearing BPDU
- Defaults to 20 sec
Forward Delay
- How long to
wait in each the listening and learning phases while building CAM table.
- defaults to 15 sec
Note : In STP, CST and PVSTP only root bridge is allowed to generate
BPDUs. BPDU start at root and forward towards leafs.
Worst case convergence timer for STP is 50 sec
Timers are set in Root Bridge only:
Advanced STP
features
=======================
Portfast (direct from
blocking to forwarding)
-edge ports shouldn't
be subject to forward delay
- also effects TCN
generation
UplinkFast
-Direct root port
failure should reconverge immediately if Alternate port available
Backbone Fast
-Indirect failures
should start recalculating immediatley.
CAM age time ==
max-age time. when topology change notification happens
default CAM aging time
is 300 sec
portfast is also
called as edge port.
portfast interface
will not generate the TCN and edge ports are not subject to forward delay. Also
CAM table does not flushed out and hence cuts down unknown unicast flooding on
the network. when portfast is on it does not mean STP is disabled the switch is
still sending and listening BPDU's and (their is a default defense protection
mechanism and if interface receives BPDU's it put itself out of edge port or
portfast status) ie if router or any end device need to run stp, we will enable
stp on router ie end device and the switch interface which receives BPDU will
put itself out of edge port.
So instead of
configuring portfast on every interface we have command which will enable
portfast on all interfaces of switch ie spanning-tree portfast default this is
equivalent as # int range fa0/1 - 24 , g0/1 -2 + spanning tree portfast and
interfaces will acutomatically figure it out which one should run portfast and
which one should not based on built on mechanism.
For trunk link
portfast will not be on by defualt. if trunk links goes down and comes up its
not going to create TCN
UplinkFast
=========
Spanning-tree
uplinkfast == should be configure in single switch
Backbonefast
============
Spanning-tree
backbonefast = > should be configure on all switches
These features are
used for fast convergence. We need not to wait for max age time.
Still with this
feature convergence time is around 30 sec which is not enough.
STP BPDU Filter
============
BPDU Filter:
-To drop STP packet as
they come in to the interface or go out of the interface ie filter BPDUs in and
out
- Can be configured
per interface bassis or globally . If configured at interface, the STP is
disabled at interface and if configured globally stp is disabled on all
interfaces. Typically used at access layer. This is mainly used to avoid L2
attacks.
Spanning-tree
bpdufilter enable. Its like a passive interface. Disadvantage is when a router
connected to this switch want to run STP, router will send BPDUs but switch
will not receive BPDUs.
BPDU Guard
-If BPDU is received
shut port down. Link is put in err-disable state.it will not come out of it
until err-disable recovery timeout or manually brought up.
Root Guard
-if superior BPDU is
received shut port down.
Loop Guard & UDLD
-Prevent
unidirectional links
Typically in the case
of fiber network where send channel might be working but receiving channel
might not be working. One physical link for sending traffic and other physical
link for receiving traffic. It is possible to have one working and other break.
In STP if we are able to send BPDUS but not able to receive BPDUs then max age
time out will happen and port will move from blocking to forwarding since it
will not rx BPDUs from other end and it will put itself in DP and it might
happen both switches elect DP ports and both interface will be in
forwarding state. This is violation of STP but STP will not detect this since
it is a L1 issue. Solution is loop guard and unidirectional link detection
Rapid Spanning-tree
protocol
==========================
Rapid convergence
based on sync process
Enabled through..
-spanning-tree mode
mst
-spanning-tree mode
rapid-pvst
Sync process only
occurs on point-to-point non-edge ports
-implies link-type
must be accurate
-spanning-tree
link-type [point-to-point|shared]
-spanning-tree
portfast
Root -----à downstream
Upstream--à Root
If links are not point
to point ie full duplex then proposal process will not happen. Specially in the
case when link is connected to hub.
In that case we have
to use legacy STP.
So requirement is
links between the switches are point to point and non-edge ports and all other
interfaces connected to end host should be defined as edge port as defined
portfast command in STP.
Port fast in STP is
equivalent to edge port in rstp.
Very informative and helpful for networking interview.
ReplyDeletehttp://w7cloud.com/stp-interview-questions/