{"id":77,"date":"2014-06-25T09:14:01","date_gmt":"2014-06-25T09:14:01","guid":{"rendered":"http:\/\/feralpacket.org\/?p=77"},"modified":"2015-01-03T11:17:58","modified_gmt":"2015-01-03T11:17:58","slug":"v5-written-and-lab-spanning-tree-protocol-notes","status":"publish","type":"post","link":"https:\/\/feralpacket.org\/?p=77","title":{"rendered":"v5 Written and Lab: Spanning-Tree Protocol Notes"},"content":{"rendered":"

v5 Written:
\n2.1.f Implement and troubleshoot spanning-tree
\n2.1.f [i] PVST+ \/ RPVST+ \/ MST
\n2.1.f [ii] Switch priority, port priority, path cost, STP timers
\n2.1.f [iii] port fast, BPDUguard, BPDUfilter
\n2.1.f [iv] loopguard, rootguard<\/code><\/p>\n

v5 Lab:
\n1.1.f Implement and troubleshoot spanning-tree
\n1.1.f [i] PVST+ \/ RPVST+ \/ MST
\n1.1.f [ii] switch priority, port priority, path cost, STP timers
\n1.1.f [iii] port fast, BPDUguard, BPDUfilter
\n1.1.f [iv] loopguard, rootguard<\/p>\n

Documentation:<\/p>\n

Catalyst 3750-X and 3560-X Software Configuration Guide, Release 15.0(1)SE,
\nChapter 20 COnfiguing STP, pgs. 21-1 to 20-24<\/p>\n

Books:<\/p>\n

CCIE Routing and Switching Exam Certification Guide 4th Ed; Chapter 3: Spanning Tree<\/p>\n

Protocol, pgs. 63 – 103<\/p>\n

Cisco LAN Switching; Chapter 6: Understanding Spanning Tree, pgs. 153 – 200<\/p>\n

Cisco LAN Switching; Chapter 7: Advanced Spanning Tree, pgs. 201 – 290<\/p>\n

INE:<\/p>\n

Spanning-Tree Protocol (STP
\n– per-VLAN spanning-tree plus (PVST+), IEEE 802.1D
\n– rapid per-VLAN spanning-tree plus (rapid-PVST+), IEEE 802.1w
\n– Multiple Spanning Tree Protocol (MSTP)
\n– Layer 2 link management protocol that provides path redundancy while preventing loops in<\/p>\n

the network
\n– for a Layer 2 Ethernet network to function, only one active path can exist between any<\/p>\n

two stations
\n– multiple active paths cause loops in the network
\n– uses the spanning-tree algorithm to select one switch as the root of the spanning-tree<\/p>\n

Port roles
\n– root
\n– designated
\n– alternate
\n– backup<\/p>\n

Root port
\n– forwarding port<\/p>\n

Designated port
\n– forwarding port elected for every switched LAN segment
\n– the switch that has all ports as designated ports is the root switch<\/p>\n

Alternate port
\n– blocked port providing an alternate path to the root bridge<\/p>\n

Backup port
\n– blocked port in a loopback configuration<\/p>\n

STP forces redundant data paths into a standby (blocked) state
\n– if a network segment fails and a redundant path exists, the spanning-tree algorithm<\/p>\n

recalculates the spanning-tree topology and activates the standby path<\/p>\n

Bridge Protocol Data Units (BPDU)
\n– unique bridge ID of the root switch
\n– spanning-tree path cost to the root
\n– bridge ID of the sending switch
\n– message age
\n– identifier of the sending interface
\n– values for the hello, forward delay, and max-age protocol timers<\/p>\n

When two ports on a switch are part of a loop, the spanning-tree port priority and path<\/p>\n

cost settings control which port is put in forwarding state and which port is put in the<\/p>\n

blocking state
\n– the path cost value represents the media speed<\/p>\n

By default, the switch sends keepalive messages (to detect loopback conditions) only on<\/p>\n

interfaces that do not have SFP modules<\/p>\n

The spanning-tree topology is controlled by:
\n– unique bridge ID (switch priority and MAC address) associated with each VLAN
\n– spanning-tree path cost to the root switch
\n– the port identifier (port priority and MAC address) associated with each Layer 2<\/p>\n

interface<\/p>\n

If a switch receives a configuration BPDU that contains superior information (lower bridge<\/p>\n

ID, lower path cost, etc) it stores the information for that port
\n– if the BPDU was received on the root port, it is forwarded to every designated port<\/p>\n

If a switch receives a configuration BPDU that contains inferior information, the BPDU is<\/p>\n

discarded<\/p>\n

A BPDU exchange results in:
\n– one switch elected as the root switch (the logical center of the spanning-tree topology)
\n– a root port is selected for each switch (except the root switch)
\n– the shortest distance to the root switch is calculated for each switch
\n– a designated switch for each LAN segment is selected<\/p>\n

Each switch has a unique bridge ID
\n– 2 most-significant bytes are used for the switch priority
\n– the remaining 6 bytes are derived from the switch MAC address<\/p>\n

Cisco switches support the IEEE 802.1t spanning-tree extensions<\/p>\n

Spanning-tree interface states:
\n– blocking: the interface does not participate in frame forwarding
\n– listening: the first transition state after blocking
\n– learning: the interface prepares to participate in frame forwarding
\n– forwarding: the interface forwards frames
\n– disabled: the interface does not participate in spanning-tree<\/p>\n

The default switch priority is 32768<\/p>\n

When the spanning-tree topology is calculated based on default parameters, the path between<\/p>\n

source and destination end stations in a switched network might not be ideal<\/p>\n

IEEE 802.1D specifies 17 multicast addresses to be used by different dridbe protcols
\n– 0x00180C2000000 trhough 0x00180C2000010
\n– these are static addresses that cannot be removed
\n– regardless of the spanning-tree state, each switch in the stack receives but does not<\/p>\n

forward packets destined for the addresses between 0x180C2000000 and 0x00180C200000F<\/p>\n

– if spanning-tree is disabled, the switch forwards these packets as unknown multicast<\/p>\n

addresses<\/p>\n

PVST+
\n– IEEE 802.1D
\n– runs an spanning-tree instance for each VLAN
\n– uses an aging-timer
\n– limited to 128 spanning-tree instances<\/p>\n

rapid-PVST+
\n– IEEE 802.1w
\n– to provide rapid convergence, all dynamically learned MAC address entries are deleted<\/p>\n

when a topology change is received
\n– limited to 128 spanning-tree instances<\/p>\n

MSTP
\n– IEEE 802.1s
\n– can map multiple VLANs to the same spanning-tree instance
\n– runs on top of rapid-PVST+
\n– limited to 65 MST instances
\n– the number of VLANs that can be mapped to an MST instance is unlimited<\/p>\n

Cisco VLAN-bridge spanning-tree is used with the fallback bridging feature (bridge groups),<\/p>\n

which forwards non-IP protocols such as DECnet between two or more VLAN bridge domains or<\/p>\n

routed ports
\n– See Chp 51, Configuring Fallback Bridging<\/p>\n

Default Spanning-Tree configuration:
\n– enable state: enabled on VLAN 1
\n– spanning-tree mode: PVST+
\n– switch priority: 32768
\n– spanning-tree port priority: 128
\n– spanning-tree path cost: 1000Mb\/s – 4, 100Mb\/s – 19, 10 Mb\/s – 100
\n– spanning-tree VLAN port priority: 128
\n– spanning-tree VLAN path cost: 1000Mb\/s – 4, 100Mb\/s – 19, 10 Mb\/s – 100
\n– spanning-tree timers:
\n– hello time: 2 seconds
\n– forward-delay: 15 seconds
\n– maximum-aging time: 20 seconds
\n– transmit hold count: 6 BPDUs<\/p>\n

Switches that are not running spanning-tree still forward BPDUs that they receive so that<\/p>\n

the other switches on the VLAN that have a running spanning-tree instance can break loops
\n– spanning-tree must be running on enough switches to break all of the loops in the<\/p>\n

network<\/p>\n

conf t
\nspanning-tree mode { pvst | mst | rapid-pvst }
\nint fa0\/1
\nspanning-tree link-type point-to-point<\/p>\n

clear spanning-tree detected-protocols
\nshow spanning-tree summary
\nshow spanning-tree interface fa0\/1
\nshow spanning-tree vlan 1
\nshow spanning-tree detail<\/p>\n

spanning-tree vlan root primary
\n– sets the switch priority to 24576<\/p>\n

If the network contains switches that both support and do not support the extended system<\/p>\n

ID, it is unlikely that a switch with the extended system ID will become the root switch<\/p>\n

The root switch should be a backbone or distribution switch
\n– do not configure an access switch as the spanning-tree primary root<\/p>\n

Use the diameter keyword to specify the Layer 2 network diameter
\n– the maximum number of switch hops between any two end stations
\n– the switch changes the hello time, forward-delay time, and maximum-age timer
\n– can significantly reduce convergence time<\/p>\n

conf t
\nspanning-tree vlan root primary [ diameter < 2 – 7 > [ hello-time 1 – 10 ] ]<\/p>\n

show spanning-tree detail<\/p>\n

A switch configured as a secondary root sets the switch priority to 28672<\/p>\n

conf t
\nspanning-tree vlan root secondary [ diameter < 2 – 7 > [ hello-time 1 – 10 ] ]<\/p>\n

show spanning-tree detail<\/p>\n

If a loop occurs, spanning tree uses the port priority when selecting an interface to put<\/p>\n

into forwarding state
\n– higher priority values (lower numerical values)
\n– if all interfaces have the same priority, spanning tree puts the interface with the<\/p>\n

lowest interface number in the forwarding state and blocks all other interfaces
\n– range from 0 to 240, in increments of 16
\n– default priority is 128
\n– 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, 240<\/p>\n

conf t
\nint fa0\/1
\nspanning-tree port-priority<\/p>\n

conf t
\nint fa0\/1
\nspanning-tree vlan port-priority<\/p>\n

show spanning-tree interface fa0\/1
\nshow spanning-tree vlan<\/p>\n

The spanning-tree cost default value is derived from the media speed of an interface
\n– a lower path cost represents higher-speed transmission<\/p>\n

conf t
\nint fa0\/1
\nspanning-tree cost<\/p>\n

conf t
\nint fa0\/1
\nspanning-tree vlan cost<\/p>\n

show spanning-tree interface fa0\/1
\nshow spanning-tree vlan<\/p>\n

When configuring switch priority, it is recommended that the following commands are used
\n– spanning-tree vlan root primary
\n– spanning-tree vlan root secondary
\n– priority range is 0 to 61440, in increments of 4096
\n– 4096, 8297, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248,<\/p>\n

57344, 61440<\/p>\n

conf t
\nint fa0\/1
\nspanning-tree vlan priority<\/p>\n

show spanning-tree vlan<\/p>\n

Hello timer
\n– controls how often the switch broadcasts hello messages
\n– range is 1 to 10 seconds
\n– default is 2 seconds<\/p>\n

Forward-delay timer
\n– controls how long each of the listening and learning states last before the interface<\/p>\n

begins forwarding
\n– range is 4 to 30 seconds
\n– default is 15 seconds<\/p>\n

Maximum-age timer
\n– controls the amount of time the switch stores protocol information received on an<\/p>\n

interface
\n– range is 6 to 40 seconds
\n– default is 20 seconds<\/p>\n

conf t
\nspanning-tree vlan hello-time<\/p>\n

conf t
\nspanning-tree vlan forward-delay<\/p>\n

conf t
\nspanning-tree vlan max-age<\/p>\n

show spanning-tree vlan<\/p>\n

Changing transmit to a higher value can have a significant impact on CPU utilization
\n– especially in rapid-PVST+
\n– lowering the value can slow down convergence in certain scenarios
\n– range is 1 to 20
\n– default is 6<\/p>\n

conf t
\nspanning-tree transmit hold-count<\/p>\n

show spanning-tree detail<\/p>\n

show spanning-tree active
\nshow spanning-tree detail
\nshow spanning-tree interface fa0\/1
\nshow spanning-tree summary
\nshow spanning-tree summary totals<\/p>\n","protected":false},"excerpt":{"rendered":"

v5 Written: 2.1.f Implement and troubleshoot spanning-tree 2.1.f [i] PVST+ \/ RPVST+ \/ MST 2.1.f [ii] Switch priority, port priority, path cost, STP timers 2.1.f [iii] port fast, BPDUguard, BPDUfilter 2.1.f [iv] loopguard, rootguard v5 Lab: 1.1.f Implement and troubleshoot spanning-tree 1.1.f [i] PVST+ \/ RPVST+ \/ MST 1.1.f [ii] switch priority, port priority, path […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[30,11,15],"class_list":["post-77","post","type-post","status-publish","format-standard","hentry","category-ccie","tag-ccie","tag-route-switch","tag-stp"],"_links":{"self":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/77","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=77"}],"version-history":[{"count":2,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/77\/revisions"}],"predecessor-version":[{"id":228,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/77\/revisions\/228"}],"wp:attachment":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=77"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=77"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=77"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}