Friday, September 23, 2016

CCNAv3 Chapter 2 Notes - Spanning Tree Protocol

Greetings, and welcome to Seeseenayy.
You are visiting one of our many posts about a chapter within CCNA3!

This post contains notes for
CCNA3 Chapter 2 Notes

Image result for spanning tree protocol cisco
This post is divided into two segments.
1. A link to the notes (google docs) for easier reading / printouts.
2. Copied and pasted notes from the google docs link mentioned above.

If you have not done so already, click the following link to open this post and read all notes.

NOTE: It is NOT recommended to use the notes within this post, as formatting and images may be misplaced.
Seeseenayy strongly suggests viewing the document itself. You may find the link to it below.

Spanning Tree Concepts
 Multiple cabled paths between switches:
  • Provide physical redundancy in a switched network.
  • Improves the reliability and availability of the network.
  • Enable users to access network resources, despite path disruption.

Issues With Layer 1 Redundancy: MAC Database Instability
 Ethernet frames do not have a time to live (TTL) attribute.
  • Frames continue to propagate between switches endlessly, or until a link is disrupted and breaks the loop.
    • Results in MAC database instability.
    • Can occur due to broadcast frames forwarding.

 If there is more than one path for the frame to be forwarded out, an endless loop can happen.
  • When a loop occurs, it is possible for the MAC address on a switch to constantly change with the updates from the broadcast frames, resulting in MAC Address table instability.

Issues With Layer 1 Redundancy: Broadcast Storms
  • A broadcast storm occurs when there are so many broadcast frames in a Layer 2 loop that all available bandwidth is consumed.
    • It is classified as a denial of service attack, intentional or not.

  • Broadcast storms are inevitable on a looped network.
    • As more devices send broadcasts over the network, more traffic is caught within the loop; thus consuming more resources.
    • This eventually creates a broadcast storm, gradually declining network performance until total failure occurs.

Issues With Layer 1 Redundancy: Duplicate Unicast Frames
  • Unicast frames sent onto a looped network can result in duplicate frames arriving at the destination device.
  • Most upper layer protocols are not designed to recognize, or cope with, duplicate transmissions.
  • Layer 2 LAN protocols, such as Ethernet, lacks appropriate mechanisms to recognize and terminate endlessly looping frames.

Spanning Tree Algorithm: Introduction
  • STP ensures that there is only one logical path between all destinations on the network by intentionally blocking redundant paths that could cause a loop.

  • A port is considered blocked when user data is prevented from entering or leaving the port. This does NOT include Bridge Protocol Data Unit (BPDU) frames that are used by STP to prevent loops.

  • The physical paths still exist to provide redundancy (or possibly as a failover contingency plan), but these paths are disabled to prevent the loops from occurring.

  • If the path is ever needed to compensate for a network cable or switch failure, STP recalculates the paths and unblocks the necessary ports to allow the redundant path to become active.

  • BPDU
    • Bridge Protocol Data Unit
      • Used to stop loops by turning off ports.

    • Has several components…
      • Extended System ID
        • The extended system ID is the VLAN ID.
      • Bridge Priority
        • Default value of ‘32768’, values increase/decrease by multiple of 4096. The last possible value is ‘61440’, making that device never a root.
      • MAC Address

    • The components above is used to establish a “Bridge ID”.

Spanning Tree Algorithm: Port Roles (Above)diag1.JPG
  • Ports that connect to the root bridge are root ports.
    • Ports with the lowest cost to the root bridge.
  • All other ports are designated ports, EXCEPT for a port that is blocked.
    • A port that is blocked is the non-designated port, as shown in the diagram.
  • F0/2, a non-designated port, is blocked as it is:
    • Not efficient, as other shorter routes are available.
    • Can create loops, which is not optimal for a network.
(Above: Diagram B, Below: Diagram C)diag2.JPG
Both S2 and S3 compare the information obtained by the other switches, they figure out who has the lower root ID, and updates who is the root bridge. That said, it is possible to force a switch to become a root bridge by giving it a specific route ID. diag3.JPG
In the diagram, all of the priorities are the same. Why is S2 picked as the root bridge?
Why, in an alternative setting, is one switch picked if all switches have the same priority?diag4.JPG
  • Simple. The lowest MAC Address is the next determining factor in picking the root. NOT the VLAN ID!

All The Spanning Tree Protocols
  • STP or IEEE 802.1D-1998
  • PVST+
  • IEEE 802.1D-2004
  • Rapid Spanning Tree Protocol (RSTP) or IEEE.802.1w
  • Rapid PVST+
  • Multiple Spanning Tree Protocol (MSTP) or IEEE 802.11.1w

Characteristics of the Spanning Tree Protocols

Protocol

Standard
Resources Needed

Convergence
Tree Calculation
STP
802.1D
Low
Slow
All VLANs
PVST+
Cisco
High
Slow
Per VLAN
RSTP
802.1w
Medium
Fast
All VLANs
Rapid PVST+
Cisco
Very High
Fast
Per VLAN
MSTP
802.1s Cisco
Medium or High
Fast
Per Instance

Protocol Overview
Overview of PVST+
  • PVST+ is the default for all Cisco devices.
  • Networks running PVST+ have these characteristics:
    • A network can run an independent IEEE 802.1D STP instance for each VLAN in the network.
    • Optimum load balancing can result.
    • One spanning-tree instance for each VLAN maintained can mean a considerable waste of CPU cycles for all the switches in the network. In addition to the bandwidth that is used for each instance to send its own BDPU.


diag6.JPG
The following diagram is a PVST+ diagram.
VLAN 10 is the dotted green line, and VLAN 20 is the dotted purple.

Port States and PVST+ Operation
  • STP introduces the five port states:
    • Blocking -> Listening -> Learning -> Forwarding -> Disabled (*may vary with protocol usage)
  • Below are the functions (or processes) of these port states:

Process
Blocking
Listening
Learning
Forwarding
Disabled
Processes Received BPDUs

YES

YES

YES

NO

NO
Forward Data Frames Received on Interface

NO

NO

NO

YES

NO
Forward Data Frames Switched From Another Interface

NO

NO

NO

YES

NO
Learn MAC Addresses

NO

NO

YES

YES

NO

Description of Port States
  • A summation of what the STP protocol ports use.
Blocking
Alternate port that does not participate in forwarding.
Listening
Listen for the path to the root. It may change what it wants to do depending on what it gets; transmits BPDU frames and says declares it’s availability.
Learning
Learning MAC addresses.
Forwarding
Part of the active topology.
Disabled
Not apart of the STP; meaning the switch-port has either not be configured or is administratively down (“shutdown” on interface in CLI).

The process, or steps, of STP from a fresh startup of the topology:
STEP 1
Elects a root bridge.
STEP 2
On non-root bridges, selects root ports.
STEP 3
Selects a designated port for each link.
STEP 4
Sets alternative ports (all others) / blocking.

PortFast and BPDU Guard
  • When a switch port is configured with ‘PortFast’, that port transitions from blocking to forwarding immediately.
  • BPDU guard puts the port in an error-disabled state on receipt of a BPDU.
  • Both PortFast and BPDU Guard is usually configured on edge ports.

diag7.JPG
Analyzing STP Topology
  • You can diagnose or view a STP configuration by using the following commands:
Command
Usage
Show cdp neighbors
Discover the Layer 2 topology (ex: switches).
Use stp knowledge (NOT A COMMAND)
Prepare expected Layer 2 path.
show spanning-tree vlan
Verify root bridge.
show spanning-tree vlan
Confirm Layer 2 path.

  • The easiest way to fix an improper STP configuration…
    • Simply deleting the entire STP configuration! Odd, right?
      • This is possible by many ways, one example being removing the cable between devices and reconnecting it.
    • Note: You should try to determine the potential issues in STP prior to nuking your configuration.

Below is the TCP/IP model in comparison to the OSI model. Even though this is old, many students forgot what the chart is, so this is refresher.

TCP/IP OSI Model
<none> -> User
Application -> Application; Presentation; Session
Transport -> Transport
Internet -> Network
Network Access -> Data Link & Physical

Default Gateway Limitations
  • If the default gateway cannot be reached, the local device is unable to send packets off the local network segment.

  • Even if a redundant router exists that could serve as a default gateway for that segment, there is no dynamic method by which these devices can determine the address of a new default gateway.

Router Redundancy
  • Multiple routers are configured to work together to present the illusion of a single router to the hosts on the LAN.
  • The ability of a network to dynamically recover from the failure of a device acting as a default gateway is known as first-hop redundancy.

First-Hop Redundancy Protocols (FHRP)
  • Hot Standby Router Protocol (HSRP)
  • Hot Standby Router Protocol Version 3 (HSRPv3) (Version 3 is IPv6)
  • Virtual Router Redundancy Protocol Version 2 (VRRPv2)
  • Virtual Router Redundancy Protocol Version 3 (VRRPv3) (Version 3 is IPv6)
  • Gateway Load Balancing Protocol (GLBP)
  • Gateway Load Balancing Protocol (GLBP) for IPv6
  • ICMP Router Discovery Protocol (IRDP)

First-Hop Router Redundancy Options
  • HSRP defines a group of routers - one active, one standby.
  • Virtual IP and MAC are shared between the two routers.
  • To verify HSRP state, use the ‘show standby’ command.
  • This protocol is cisco proprietary.

HSRP Verification
(Written the highlighted points from diagram)
  • State is Active
  • Virtual IP address is 10.1.0.20
  • Standby router is 10.1.0.6, priority is 75 (expires in 9.184 sec)
  • Group name is “HSRP 1” (cfgd)

  • Based off this “diagram”, the default gateway is what?
    • The dialog says the virtual IP address is 10.1.0.20, and indicates that it is the default gateway’s address.

  • Edge Ports
    • What is an edge port?
      • Edge ports are ports where an end device is connected to (such as SWITCH -> PC connection; edge port).
    • What do we configure on edge ports?
      • PortFast
      • BPDU Guard

  • FHDP - Continued
    • Like previously stated, it defines a group of routers; one active, one standby.
    • Virtual IP and MAC addresses are shared between the two routers.
    • The default gateway is given to the virtual router-- it is the first hop (assuming inbound traffic comes to the standby/active router, then to the virtual one).

REVIEW OF CHAPTER 2 NOTES
What is used for root bridge election?
  • Primary:
    • (Lowest) Priority Value
  • Secondary:
    • MAC Address

What setting will guarantee a switch is the root bridge?
  • Setting priority value to 0.

PVST Is:
  • Per-VLAN Spanning Tree
  • Cisco’s version of IEEE 802.1D
  • Default for cisco devices
  • Proprietary

RSTP is:
  • Rapid STP
  • A spanning-tree protocol that prevents loop in the network.
  • Fast version of IEEE 802.1D

MSTP is:
  • Multiple Spanning-Tree Protocol
  • IEEE version for fewer instances.

Rapid PVST+ is:
  • Faster version of PVST+
  • Proprietary (Since it’s a rapid version of PVST)
  • Cisco’s version of IEEE 802.1W
  • Uses Per-VLAN Instances

What causes layer 2 loops?
  • Layer 2 loops are caused because broadcast traffic gets back to the origin point on multiple links.

What happens if a unicast packet arrives at the destination from multiple links?
  • The application protocol that handles these packets will malfunction. It most likely will drop the packets, but probably some sort of malfunction or event would occur beforehand.

Why do we prefer PVST+?
  • Optimizes by using load balancing (or shares the load).

What does the command “show spanning-tree” do, and why is it important?
  • Verifies the root bridge.
  • Shows what role the ports play in VLANs.

END OF CHAPTER 2 NOTES
NOTE THE FOOTER’S TEXT FOR ANY IMAGE SOURCING AND/OR CREDIBILITY.





No comments:

Post a Comment

Feel free to comment if you have a question, commendation, or concern. We love to hear your feedback!

Please do not share links to external websites if it not relevant to discussion. We reserve our right to remove any content we deem advertising.