Implementing Multiple Spanning Tree

advertisement
CCNP 3 v4 Module 4
Spanning Tree Enhancements
© 2003, Cisco Systems, Inc. All rights reserved.
1
Objectives
•
Troubleshooting Spanning Tree
•
Preventing Forwarding Loops
•
Implementing Rapid Spanning Tree (RSTP)
•
Implementing Multiple Spanning Tree (MST)
© 2003, Cisco Systems, Inc. All rights reserved.
2
Overview
•
Enhancements have been made to the STP protocol to help
reduce the likelihood of anomalous STP conditions.
•
Forwarding Loops and Black Holes are conditions that can
result from improper Spanning Tree operation.
•
Two major enhancements have been made to original 802.1D:
– Rapid Spanning Tree – 802.1w
– Multiple Spanning Tree – 802.1s
•
RSTP – 802.1w, provides a faster and more resilient means of
adapting to topology changes.
•
MSTP – 802.1s, provides an alternative to Per VLAN and
Common Spanning Tree by requiring only a minimal number
of STP instances and the ability to group instances together.
© 2003, Cisco Systems, Inc. All rights reserved.
3
STP Problems
•
The STP operates at Layer 2 of the OSI mode,
exchanging BPDUs between bridges, and
selecting the ports that will eventually forward
or block traffic.
•
If BPDUs are not being sent or received over a
link between switches, the role of the protocol
in preventing loops may fail.
– Any condition that prevents BPDUs from being sent
or received can result in a bridge loop.
© 2003, Cisco Systems, Inc. All rights reserved.
4
STP Problems
STP problems are most often evidenced by the existence of
a bridge loop.
The primary function of the spanning-tree algorithm (STA) is to
remove loops created by redundant links in bridged networks.
© 2003, Cisco Systems, Inc. All rights reserved.
5
Duplex Mismatch
•
There are two common duplex mismatch scenarios between
switches and their resulting STP problems:
1. Switch configured for full duplex connected to a host in
autonegotiation mode
•
The rule of autonegotiation is that upon negotiation
failure, a port is required to assume half-duplex
operation.
•
As the error rate goes up BPDUs may not successfully
negotiate the link.
2. Switch configured for half duplex on a link, the peer
switch is configured for full duplex
•
The switch configured for full duplex does not perform
carrier sense when accessing the link and will start
sending frames even if the half-duplex switch is already
using the link, resulting in a collision.
•
The result is that frames, including BPDUs, may be
deferred or collide and eventually be dropped.
© 2003, Cisco Systems, Inc. All rights reserved.
6
Duplex Mismatch Example
© 2003, Cisco Systems, Inc. All rights reserved.
7
Frame Corruption
•
Frame corruption can occur from duplex
mismatch, bad cables, or incorrect cable length
and lead to an STP failure.
•
If a link is receiving a high number of frame
errors, BPDUs can be lost.
•
In 802.1D, if a blocking port does not see any
BPDUs for 50 seconds, it will transition to the
forwarding state.
–
Setting STP timing parameters too low can also
cause a blocking port to transition to forwarding
too soon.
© 2003, Cisco Systems, Inc. All rights reserved.
8
Resource Errors
•
If the CPU of the bridge is over utilized, the
switch may lack the resources to send out or to
receive BPDUs.
–
Lack of BPDUs can cause ports to transition from
blocking to forwarding
–
The STA, however, is not processor-intensive and
has priority over other processes.
–
Therefore, a CPU utilization problem is unlikely on
current Catalyst switch platforms.
© 2003, Cisco Systems, Inc. All rights reserved.
9
PortFast Configuration Problems
•
PortFast ports skip the first two phases of STP
and transition directly to forwarding.
•
If a switch is inadvertently attached to a
PortFast port, a loop may occur.
•
PortFast with BPDU Guard or BPDU Filtering
helps to alleviate this kind of problem.
Switch(config)# spanning-tree portfast bpduguard default
Switch(config)# spanning-tree portfast bpdufilter default
© 2003, Cisco Systems, Inc. All rights reserved.
10
BPDU Guard and Filter on PortFast Ports
© 2003, Cisco Systems, Inc. All rights reserved.
11
EtherChannel Issues
•
•
•
When configuring EtherChannel, make sure
that ports on both sides of the EtherChannel
have identical settings.
When EtherChannel fails, it may transition all
ports in the channel group to err-disable to
prevent a loop.
Even after the configuration errors are
corrected, the channel may fail to come up.
–
It is best to remove all EtherChannel configurations
from the switchports and start over.
© 2003, Cisco Systems, Inc. All rights reserved.
12
Spanning Tree Debug Commands
© 2003, Cisco Systems, Inc. All rights reserved.
13
Unidirectional Link Failure
•
A unidirectional link is one that stays up while
providing only one-way communication.
•
A port will block only if it receives BPDUs from a
bridge with a higher BID.
–
All the BPDUs coming from bridge A are lost so
bridge B will never see the BPDU with the higher
BID.
–
Bridge B will unblock the port and eventually
forward traffic, potentially creating a loop
© 2003, Cisco Systems, Inc. All rights reserved.
14
Unidirectional Link Failure Example
After Bridge B unblocks its port, both
ports will be forwarding and a loop
will be created.
After 50 sec.
© 2003, Cisco Systems, Inc. All rights reserved.
15
Unidirectional Link Detection (UDLD)
•
A unidirectional link occurs when traffic is transmitted
between neighbors in one direction only.
•
UDLD allows devices to detect when a unidirectional link
exists, and shut down the affected interface.
•
–
UDLD is a Layer 2 protocol that works with the Layer 1
mechanisms to determine the physical status of a link
–
The switch periodically transmits UDLD packets on an
interface with UDLD enabled.
–
If the packets are not echoed back within a specific time
frame, the link is flagged as unidirectional and the
interface is shut down.
Devices on both ends of the link must support UDLD for
the protocol to successfully identify and disable
unidirectional links.
© 2003, Cisco Systems, Inc. All rights reserved.
16
UDLD Example
fiber example
© 2003, Cisco Systems, Inc. All rights reserved.
17
Default Status of UDLD
Or enabled globally for all fiber interfaces
•
UDLD has two modes of operation:
–
Normal (enable) and Aggressive
•
Normal mode allows a unidirectional link to continue its operation
and generates a syslog message.
•
Aggressive mode tries to re-establish the link by sending UDLD
frames once a second for 8 seconds and then shuts down the port.
Switch(config)# udld {aggressive | enable | message time}
Switch(config-if)# udld port {aggressive | cr}
© 2003, Cisco Systems, Inc. All rights reserved.
18
Loop Guard
•
Like UDLD, loop guard provides protection for STP when a
link is unidirectional and BPDUs are being sent, but not
received.
•
Without loop guard, a blocking port will transition to
forwarding if it stops receiving BPDUs.
–
•
If loop guard is enabled, and the link stops receiving
BPDUs, the interface will move into the STP loopinconsistent blocking state.
Once a BPDU is received on a loop guard port that is in a
loop-inconsistent state, the port will transition to the
appropriate state as determined by STP.
© 2003, Cisco Systems, Inc. All rights reserved.
19
Loop Guard Example
1)
2)
w/o Loop Guard
3)
with Loop Guard
© 2003, Cisco Systems, Inc. All rights reserved.
20
Comparing UDLD and Loop Guard
•
On an EtherChannel bundle, UDLD will disable individual failed links.
–
•
•
The channel itself remains functional if there are other links available.
Loop guard will put the entire channel in loop-inconsistent state if any
physical link in the bundle fails.
Enabling both UDLD and loop guard provides the highest level of
protection.
© 2003, Cisco Systems, Inc. All rights reserved.
21
Configuring UDLD
| aggressive
port enable | aggressive
port enable | aggressive
© 2003, Cisco Systems, Inc. All rights reserved.
22
Verifying UDLD
© 2003, Cisco Systems, Inc. All rights reserved.
23
Loop Guard Config Example
© 2003, Cisco Systems, Inc. All rights reserved.
24
Rapid Spanning Tree
•
•
•
RSTP is designed to significantly speed the
recalculation of the Spanning Tree when a
Layer 2 network topology changes.
RSTP is proactive instead of passive and has
negated the need for the 802.1D delay timers.
–
RSTP (802.1w) supersedes 802.1D, while still
remaining backward compatible.
–
In addition, 802.1w is capable of reverting back to
802.1D to interoperate with legacy switches on a
per-port basis.
Cisco’s RSTP implementation also runs on a
per-VLAN basis but instances can be grouped
using MST.
–
When MST is enabled, RSTP is also enabled.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml
© 2003, Cisco Systems, Inc. All rights reserved.
25
Rapid Spanning Tree
© 2003, Cisco Systems, Inc. All rights reserved.
26
RSTP Port Roles
© 2003, Cisco Systems, Inc. All rights reserved.
27
RSTP Port Roles (cont)
•
Root port is the switch port on every non-root bridge that is the chosen
path to the root bridge.
–
•
•
Designated port receive frames on the segment that are destined for the
root bridge.
–
–
There is one designated port per segment.
The designated port is the port that sends the best BPDUs on a segment.
–
The designated port assumes the forwarding state.
Alternate port is a switch port that offers an alternate path toward the
root bridge.
–
–
•
An alternate port will be present on nondesignated switches and will make a
transition to a designated port if the current designated path fails.
An alternate port assumes the discarding state
Backup port is an additional switch port on the designated switch with a
redundant link to the segment for which the switch is designated.
–
•
There can only be one root port on every switch.
A backup port has a higher port ID than the designated port on the
designated switch.
Disabled port has no role within the operation of spanning tree.
© 2003, Cisco Systems, Inc. All rights reserved.
28
RSTP Port Behavior
•
One benefit of RSTP is that all switches
interact with their neighbors to
determine different roles in the topology.
•
After all switches agree on the identity of
the Root, the port roles are determined.
© 2003, Cisco Systems, Inc. All rights reserved.
29
RSTP Edge Ports
•
An RSTP edge port is a switch port that is never intended to be
connected to another switch device.
•
It immediately transitioned to the forwarding state when enabled.
–
•
Similar to PortFast
Unlike PortFast, an edge port that receives a BPDU immediately
loses its edge port status and becomes a normal STP port.
© 2003, Cisco Systems, Inc. All rights reserved.
30
RSTP Link Types
Link type provides a categorization for each port participating in RSTP.
Edge ports and non edge ports have different forwarding parameters.
© 2003, Cisco Systems, Inc. All rights reserved.
31
Edge Ports and Non Edge Ports
•
Non-edge ports are categorized into two link
types:
1. Shared ports
2. Point-to-point
•
Rapid transition to the forwarding state for the
designated port occurs only if the link type
parameter indicates a point-to-point link.
–
Root ports do not use the link type parameter.
–
Alternate and backup ports do not use the link type
parameter in most cases.
© 2003, Cisco Systems, Inc. All rights reserved.
32
The RSTP BPDU
•
An RSTP bridge sends a BPDU with its current information
every hello time period (2 seconds by default), even if it
does not receive any BPDUs from the root bridge.
•
Protocol information can be immediately aged on a port if
hellos are not received for three consecutive hello times or
if the max_age timer expires.
BPDUs are used as a "keepalive" mechanism.
– Three consecutively missed BPDUs indicate lost
connectivity between a bridge and its neighboring root
or designated bridge.
Port role information is also sent in every RSTP BPDU.
•
•
© 2003, Cisco Systems, Inc. All rights reserved.
33
The RSTP BPDU
© 2003, Cisco Systems, Inc. All rights reserved.
34
RSTP Proposal and Agreement Process
•
In 802.1D, when a port has been selected by
spanning tree to become a designated port, it
must wait twice the Forward Delay before
transitioning the port to a forwarding state.
•
RSTP does not rely on timers expiring before
ports can transition.
•
Instead, RSTP relies on a proposal-agreement
process.
© 2003, Cisco Systems, Inc. All rights reserved.
35
RSTP Proposal and Agreement Process
•
For each nonedge port, the switches exchange a proposalagreement handshake to determine the port state at each end of
the link.
–
–
•
An agreement message is sent back to the sender, indicating
that the superior BPDU sender should be the designated port.
–
•
•
Each switch sends a proposal message to its neighbor suggesting
that its local port become the designated port.
If a port receives a superior BPDU from a neighbor, that port
becomes a root port and the neighbor’s port becomes the
designated port.
During this time, all nonedge ports are moved to the discarding
state to prevent bridging loops – this is known as synchoniztion.
Each port immediately moves to the forwarding state.
This process continues downstream out of all designated,
nonedge ports.
© 2003, Cisco Systems, Inc. All rights reserved.
36
Proposal-Agreement Example
© 2003, Cisco Systems, Inc. All rights reserved.
37
Downstream RSTP Proposal-Agreement
© 2003, Cisco Systems, Inc. All rights reserved.
38
RSTP Topology Change Notification Process
•
In 802.1D, any port state change generates a
Topology Change Notification (TCN).
•
When an 802.1D bridge detects a topology
change (TC), it sends TCNs toward the root
bridge.
•
The root bridge sets the TC flag on the
outbound BPDUs that are relayed to switches
down from the root.
•
When a bridge receives a BPDU with the TC
flag bit set, the bridge reduces its bridge-table
aging time to forward delay seconds.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094797.shtml
© 2003, Cisco Systems, Inc. All rights reserved.
39
RSTP Topology Change Notification Process
•
For RSTP, the TCN is flooded across the entire
network one switch at a time from the switch
that is the source of the change rather than
from the root bridge.
–
The topology change propagation is now a onestep process.
–
There is no need for each switch port to wait for the
root bridge to be notified
–
Switches that receive a TCN also flush their MAC
address tables immediately
© 2003, Cisco Systems, Inc. All rights reserved.
40
RSTP Topology Change Notification Process
© 2003, Cisco Systems, Inc. All rights reserved.
41
RSTP Implementation Commands
© 2003, Cisco Systems, Inc. All rights reserved.
42
Per VLAN RSTP
•
RSTP can also be enabled on a per VLAN
basis:
Switch(config)#spanning-tree vlan vlan_ID
•
Or Globally:
Switch(config)#spanning-tree mode rapid-pvst
© 2003, Cisco Systems, Inc. All rights reserved.
43
Multiple Spanning Tree
•
The main purpose of MST is to reduce the total
number of spanning tree instances.
–
•
•
This helps to reduce the CPU loading of a switch
MST allows the spanning tree topology to
converge faster because there are fewer
instances to converge.
Interconnected bridges that have the same
MST configuration are referred to as an "MST
region."
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfc.shtml
© 2003, Cisco Systems, Inc. All rights reserved.
44
Benefits of MST
•
MST allows you to build multiple spanning
trees over trunks by grouping and associating
VLANs to spanning tree instances.
–
•
Each instance can have a topology independent of
other spanning tree instances.
MST enables you to load balance instances
across different root bridges similar to PVST
but with fewer instances.
© 2003, Cisco Systems, Inc. All rights reserved.
45
MST Regions
•
In the PVST+ implementation, different VLANs carry the
BPDUs for their respective instance (one BPDU per VLAN)
based on the VLAN tagging information.
•
Each switch running MST in the network has a single MST
configuration that consists of three attributes:
•
1.
An alphanumeric configuration name (32 bytes)
2.
A configuration revision number (two bytes)
3.
A 4096-element table that associates each of the
potential 4096 VLANs supported on the chassis to a
given instance - digest
To be part of a common MST region, a group of switches
must share the same configuration attributes.
© 2003, Cisco Systems, Inc. All rights reserved.
46
MST Regions Example
© 2003, Cisco Systems, Inc. All rights reserved.
47
MST Region Boundaries
•
Characteristics of the region are included in BPDUs.
•
The exact VLANs-to-instance mapping is not propagated
in the BPDU, instead only a digest is sent along with the
revision number and a name.
–
The digest is a numerical value derived from the VLANto-instance mapping table through a mathematical
function.
•
Once a switch receives a BPDU, it extracts the digest and
compares it with its own.
•
If the digests differ, the VLAN mapping must be different,
so the port on which the BPDU was received must be at
the boundary of a region.
© 2003, Cisco Systems, Inc. All rights reserved.
48
MST Extended System ID
As with PVST, the 12-bit Extended System ID field is used in MST.
In MST this field carries the MST instance number.
© 2003, Cisco Systems, Inc. All rights reserved.
49
Interaction of MST and 802.1Q Regions
© 2003, Cisco Systems, Inc. All rights reserved.
50
MST Internal Spanning Tree Instance
•
MST uses an Internal Spanning Tree (IST) or instance 0  zero.
•
The IST (instance 0) runs on all bridges within an MST region.
•
The IST instance provides interaction at the boundary of the
MST region with other MST regions and compatibility with other
Spanning Tree networks.
–
The IST is capable of representing the entire MST region as a
CST virtual bridge to switched networks outside the MST
region.
© 2003, Cisco Systems, Inc. All rights reserved.
51
MST Configuration
© 2003, Cisco Systems, Inc. All rights reserved.
52
MST Configuration
DLSwitch1(config)#spanning-tree mst configuration
DLSwitch1(config-mst)#instance 1 vlan 1-50
DLSwitch1(config-mst)#name REGION1
DLSwtch1(config)#spanning-tree mode mst
DLSwitch1#show spanning-tree
MST00
Spanning tree enabled protocol MST
Root ID Priority 32768
Address 000a.b701.f700
This bridge is the root…
© 2003, Cisco Systems, Inc. All rights reserved.
53
Displaying MST Information
© 2003, Cisco Systems, Inc. All rights reserved.
54
Download
Related flashcards
Create Flashcards