Monday, 6 November 2017

Spanning Tree Protocol

Switching Loops


By default, a switch will forward a broadcast or multicast out all ports, excluding the port the broadcast/multicast was sent from.
When a loop is introduced into the network, a highly destructive broadcast storm can develop within seconds. Broadcast storms occur when road casts are endlessly switched through the loop, choking off all other traffic.

Consider the following looped environment:




In the above structure If the computer connected to Switch 4 sends out a broadcast, the switch will forward the broadcast out all ports, including the ports connecting to Switch 2 and Switch 5. Those switches, likewise, will forward that broadcast out all ports, including to their neighboring switches.

The broadcast will loop around the switches infinitely. In fact, there will be two separate broadcast storms cycling in opposite directions through the switching loop. Only powering off the switch or physically removing the loop will stop the storm.

So in this situation we will use Spanning Tree Protocol (STP)


Switches (and bridges) needed a mechanism to prevent loops from forming,and thus Spanning Tree Protocol (STP, or IEEE 802.1D) was developed. 
STP is enabled by default on all VLANs on Catalyst switches.
STP-enabled switches communicate to form a topology of the entire switching network, and then shutting down (or blocking) a port if a loop exists. The blocked port can be reactivated if another link on the switching network goes down, thus preserving fault-tolerance. Once all switches agree on the topology database, the switches are considered converged.
STP switches send Bridge Protocol Data Units  to each other to form their topology databases. BPDU’s are sent out all ports every two  seconds, are forwarded to a specific MAC multicast address: 0180.c202.0100

 STP Types

Various flavors of 802.1D STP exist, including:
Common Spanning Tree (CST) –A single STP process is used for all VLANs.
Per-VLAN Spanning Tree (PVST) – Cisco proprietary version of STP, which employs a separate STP process for each VLAN.
Per-VLAN Spanning Tree Plus (PVST+) – Enhanced version of PVST that allows CST-enabled switches and PVST-enabled switches to interoperate. This is default on newer Catalyst switches.

The STP Process

To maintain a loop-free environment, STP performs the following functions:
Ø  A Root Bridge is elected
Ø  Root Ports are identified
Ø  Designated Ports are identified
Ø  If a loop exists, a port is placed in Blocking state. If the loop is removed the blocked port is activated again.
If multiple loops exist in the switching environment, multiple ports will be placed in a blocking state.

Electing an STP Root Bridge

The first step in the STP process is electing a Root Bridge, which serves as the centralized point of the STP topology. Good design practice dictates that the Root Bridge be placed closest to the center of the STP topology.
The Root Bridge is determined by a switch’s priority. The default priority is 32,768, and the lowest priority wins. In case of a tie in priority, the switch with the lowest MAC address will be elected root bridge. The combination of a switch’s priority and MAC address make up that switch’s Bridge ID.
Consider the following example:


Remember that the lowest priority determines the Root Bridge. Switches 2,3, and 5 have the default priority set. Switches 1 and 4 each have a priority of 100 configured. However, Switch 1 will become the root bridge, as it has the lowest MAC address.

Switches exchange BPDU’s to perform the election process. By default, all switches “believe” they are the Root Bridge, until a switch with a lower Bridge ID is discovered.

Root Bridge elections are a continuous process. If a new switch with a lower Bridge ID is added to the topology, it will be elected as the new Root Bridge.


Switch# show spanning-tree interface Ge0/10

Interface Fa0/10 in Spanning tree 5 is Forwarding

Port path cost 150, Port priority 140

<snip>

Some useful and imp Basic STP Configuration

 

To disable STP for a specific VLAN:

Switch(config)# no spanning-tree vlan 10

To adjust the Bridge Priority of a switch from its default of 32,768, to

increase its chances of being elected Root Bridge of a VLAN:

Switch(config)# spanning-tree vlan 10 priority 150

To change an interface’s Path Cost from its defaults:

Switch(config)# int fa0/24

Switch(config-if)# spanning-tree cost 42

To force a switch to become the Root Bridge:

Switch(config)# spanning-tree vlan 10 root primary

The root primary parameter in the above command automatically lowers the

switch’s priority to 24,576. If another switch on the network has a lower

priority than 24,576, the above command will lower the priority by 4096 less

than the priority of the other switch.

It is possible to assign a Secondary Root Bridge for redundancy. To force a

switch to become a Secondary Root Bridge:



Switch(config)# spanning-tree vlan 10 root secondary

The root secondary parameter in the above command automatically lowers

the switch’s priority to 28,672.



To specify the diameter of the switching topology:

Switch(config)# spanning-tree vlan 10 root primary diameter 7

The diameter parameter in the preceding command indicates the length of

the STP topology (number of switches). The maximum (and default) value

for the diameter is 7. Note that the switching topology can contain more than

seven switches; however, each branch of the switching tree can only extend

seven switches deep, from the Root Bridge.

The diameter command will also adjust the Hello, Forward Delay, and Max

Age timers. This is the recommended way to adjust timers, as the hello

timers are tuned specifically to the diameter of the switching network.