9 Enhanced Switched Technologies Flashcards
Spanning Tree Protocol (STP)
Spanning Tree Protocol (STP) achieves its primary objective of preventing network loops on layer 2 network bridges or switches by monitoring the network to track all links and shut down the redundant ones. STP uses the spanning-tree algorithm (STA) to create a topology database and then search out and disable redundant links. With STP running, frames will be forwarded on only premium, STP-chosen links.
Root bridge
The root bridge is the bridge with the lowest and, therefore, the best bridge ID. The switches within the STP network elect a root bridge, which becomes the focal point in the network. All other decisions in the network, like which ports on the non-root bridges should be blocked or put in forwarding mode, are made from the perspective of the root bridge. Once it has been elected, all other bridges must create a single path to it. The port with the best path to the root bridge is called the root port.
Non-root bridges
These are all bridges that aren’t the root bridge. Non-root bridges exchange BPDUs with all the other bridges and update the STP topology database on all switches. This prevents loops and helps prevent link failures.
BPDU
All switches exchange information to use for the subsequent configuration of the network. Each switch compares the parameters in the Bridge Protocol Data Unit (BPDU)
that it sends to a neighbor with the parameters in the BPDU that it receives from other neighbors. Inside the BPDU is the bridge ID.
Bridge ID
The bridge ID is how STP keeps track of all the switches in the network. It’s determined by a combination of the bridge priority, 32,768 by default on all Cisco switches, and the base MAC address. The bridge with the lowest bridge ID becomes the root bridge in the network. Once the root bridge is established, every other switch must make a single path to it. Most networks benefit by forcing a specific bridge or switch to be the Root Bridge by setting its bridge priority lower than the default value.
Port cost
Port cost determines the best path when multiple links are used between two switches. The cost of a link is determined by the bandwidth of a link, and this path cost is the deciding factor used by every bridge to find the most efficient path to the root bridge.
Path cost
A switch may encounter one or more switches on its path to the root bridge, and there may be more than one possible path to it. All unique paths are analyzed individually
and a path cost is calculated for each by adding the individual port costs encountered on the way to the root bridge.
Root port
The root port is the link with the lowest path cost to the root bridge. If more than one link connects to the root bridge, then a port cost is found by checking the bandwidth of each link. The higher the link speed, the lower the related cost of the link, and then the lowest cost port becomes the root port. When multiple links connect to the same device, the port connected to the lowest port number on the upstream switch will be the one that’s used. The root bridge can never have a root port designation, while every other switch in a network must have only one root port.
Designated port
A designated port is one that’s been determined to have the best (lowest) cost to get to on a given network segment compared to other ports on that segment. A designated port will be marked as a forwarding port, and you can have only one forwarding port per network segment.
Non-designated port
A non-designated port is one with a higher cost than the designated port. These are basically the ones left over after the root ports and designated ports have been determined. Non-designated ports are put in blocking or discarding mode—they are not forwarding ports!
Forwarding port
A forwarding port forwards frames and will be either a root port or a designated port.
Blocked port
A blocked port won’t forward frames in order to prevent loops. A blocked port will still always listen to BPDU frames from neighbor switches, but it will drop any and all other frames received and will never transmit a frame.
Alternate port
This corresponds to the blocking state of 802.1d and is a term used with the newer 802.1w (Cisco Rapid Spanning Tree Protocol). An alternative port is located on a switch connected to a LAN segment with two or more switches connected, and one of the other switches holds the designated port.
Backup port
This corresponds to the blocking state of 802.1d and is a term now used with 802.1w. A backup port is connected to a LAN segment wherein another port on that switch is acting as the designated port.
The ports on a bridge or switch running IEEE 802.1d STP can transition through five different states:
Disabled
(technically, not a transition state) A port in the administratively disabled state doesn’t participate in frame forwarding or STP. A port in the disabled state is virtually nonoperational.
Blocking
As I mentioned, a blocked port won’t forward frames—it just listens to BPDUs. The purpose of the blocking state is to prevent the use of looped paths. All ports are in blocking state by default when the switch is powered up.
Listening
This port listens to BPDUs to make sure no loops occur on the network before passing data frames. A port in listening state prepares to forward data frames without populating the MAC address table.
Learning
The switch port listens to BPDUs and learns all the paths in the switched network. A port in learning state populates the MAC address table but still doesn’t forward data frames. Forward delay refers to the time it takes to transition a port from listening to learning mode, or from learning to forwarding mode, which is set to 15 seconds by default and can be seen in the show spanning-tree output.
Forwarding
This port sends and receives all data frames on the bridged port. If the port is still a designated or root port at the end of the learning state, it will enter the forwarding state.
Convergence
Convergence occurs when all ports on bridges and switches have transitioned to either forwarding or blocking modes. No data will be forwarded until convergence is complete. When STP is converging, all host data stops transmitting through the switches! Convergence is vital because it ensures that all devices have a coherent database. Making sure this happens efficiently definitely requires your time and attention. The original STP (802.1d) takes 50 seconds to go from blocking to forwarding mode by default. You can adjust those timers for a large network, but the better solution is simply to opt out of using 802.1d completely.
Link Costs
Port cost is based on the speed of the link. Port cost is the cost of a single link, whereas path cost is the sum of the various port costs to the root bridge.
Speed Cost
10 Mb/s 100
100 Mb/s 19
1000 Mb/s 4
10,000 Mb/s 2
Spanning-Tree Operations
Basically, STP’s job is to find all the links in the network and shut down any redundant ones, thereby preventing network loops from occurring. It achieves this by first electing a root bridge that will have all ports forwarding and will also act as a point of reference for all other devices within the STP domain. Once all switches agree on the root bridge, they must then determine their one and only root port—the single path to the root bridge. It’s really important to remember that a bridge can go through many other bridges to get to the root, so it’s not always the shortest path that’ll be chosen. That role will be given to the port that offers the highest, fastest bandwidth. Every port on the root bridge is a designated, or forwarding, port for a segment. After the dust settles on all other non-root bridges, any port connection between switches that isn’t either a root port or a designated port will predictably become a non-designated port. These will again be put into the blocking state to prevent switching loops.
Selecting the Root Bridge
The bridge ID is used to elect the root bridge in the STP domain and to determine the root port for each of the remaining devices when there’s more than one potential root port available because they have equal-cost paths. This key bridge ID is 8 bytes long and includes both the priority and the MAC address of the device. The default priority on all devices running the IEEE STP version is 32,768. If two switches or bridges happen to have the same priority value, the MAC address becomes the tiebreaker for figuring out which one has the lowest and, therefore, best ID.
Types of Spanning-Tree Protocols
IEEE 802.1d
The original standard for bridging and STP, which is really slow but requires very little bridge resources. It’s also referred to as Common Spanning Tree (CST).
PVST+
(Cisco default version) The Cisco proprietary enhancement for STP that provides a separate 802.1d spanning-tree instance for each VLAN. Know that this is just as slow as the CST protocol, but with it, we get to have multiple root bridges. This creates more efficiency of the links in the network, but it does use more bridge resources than CST does.
IEEE 802.1w
Also called Rapid Spanning Tree Protocol (RSTP), this iteration enhanced the BPDU exchange and paved the way for much faster network convergence. But it still only allows for one root bridge per network like CST. The bridge resources used with RSTP are higher than CST’s but less than PVST+.
802.1s (MSTP)
This is the IEEE standard that started out as Cisco propriety MISTP. It maps multiple VLANs into the same spanning-tree instance to save processing on the switch. It’s basically a spanning-tree protocol that rides on top of another spanning-tree protocol.
Rapid PVST+
This is Cisco’s version of RSTP that also uses PVST+ and provides a separate instance of 802.1w per VLAN. It offers up really fast convergence times and optimal traffic flow but predictably requires the most CPU and memory of all.
Common Spanning Tree
If you’re running Common Spanning Tree (CST) in your switched network with redundant links, there will be an election to choose what STP considers to be the best root bridge for your network. That switch will also become the root for all VLANs in your network, and all bridges in your network will create a single path to it. You can manually override this selection and pick whichever bridge you want if it makes sense for your particular network.
Per-VLAN Spanning Tree+
PVST+ is a Cisco proprietary extension to 801.2d STP that provides a separate 802.1 spanning-tree instance for each VLAN configured on your switches. All of Cisco proprietary extensions were created to improve convergence times, which is 50 seconds by default. Cisco IOS switches run 802.1d PVST+ by default, which means you’ll have optimal path selection, but the convergence time will still be slow. Creating a per-VLAN STP instance for each VLAN is worth the increased CPU and memory requirements because it allows for per-VLAN root bridges. This feature allows the STP tree to be optimized for the traffic of each VLAN by allowing you to configure the root bridge in the center of each of them.
Rapid Spanning Tree Protocol 802.1w
Cisco created proprietary extensions to “fix” all the potholes and liabilities with the IEEE 802.1d standard, the main drawback to them being they require extra configuration because they’re Cisco proprietary. But RSTP, the new 802.1w standard, brings us most of the patches needed in one concise solution. RSTP, or IEEE 802.1w, is essentially an evolution of STP that allows for much faster convergence. But even though it does address all the convergence issues, it still only permits a single STP instance, so it doesn’t help to take the edge off suboptimal traffic flow issues. The good news is that Cisco IOS can run the Rapid PVST+ protocol—a Cisco enhancement of RSTP that provides a separate 802.1w spanning-tree instance for each VLAN configured within the network. But all that power needs fuel, and although this version addresses both convergence and traffic flow issues, it also demands the most CPU and memory of all solutions.
RSTP summary
■ RSTP speeds the recalculation of the spanning tree when the layer 2 network topology changes.
■ It’s an IEEE standard that redefines STP port roles, states, and BPDUs.
■ RSTP is extremely proactive and very quick, so it doesn’t need the 802.1d delay timers.
■ RSTP (802.1w) supersedes 802.1d while remaining backward compatible.
■ Much of the 802.1d terminology and most parameters remain unchanged.
■ 802.1w is capable of reverting to 802.1d to interoperate with traditional switches on a per-port basis.