Cis187 4 PVST RSTP

Enhancements to 802.
1D, PVST+, RSTP and MST

CIS 187 Multilayer Switched Networks CCNP SWITCH Rick Graziani Spring 2010
Additional Notes
See Notes section for additional detailed information.
Rick Graziani graziani@cabrillo.edu
Download this file
Download: PT-Topology-STP2.pkt
Ciscos RSTP is Rapid PVST+
IEEE Documents
IEEE 802.1D IEEE 802.1Q IEEE 802.1w
- Media Access Control (MAC) bridges - Virtual Bridged Local Area Networks - Rapid Reconfiguration (Supp. To - Multiple Spanning Tree (Supp. To
802.1D) IEEE 802.1s 802.1Q)
Enhancements to STP
STP PortFast BPDU Guard Root Guard UplinkFast BackboneFast Per VLAN Spanning Tree (PVST+) Rapid Spanning Tree Protocol (RSTP) Multiple Spanning Tree Protocol (MST) MST is also known as Multiple Instance Spanning Tree Protocol (MISTP) on Cisco Catalyst 6500 switches and above
6
Helping STP protect your LAN from Problems

PortFast BPDU Guard Root Guard UplinkFast BackboneFast
Powercycle a host and watch link lights
How long until switch link light turns green?
PortFast
Forwarding Learning Listening Blocking State State State
Powered On
Im adding any addresses on this port to my MAC Address Table.
Host powered on. Port moves from blocking state immediately to listening state (15
seconds). Determines where switch fits into spanning tree topology. After 15 seconds port moves to learning state (15 seconds). Switch learns MAC addresses on this port. After 15 seconds port moves to forwarding state (30 seconds total).
PortFast Problem DHCP

Forwarding Learning Listening Blocking State State State
Powered On
DHCP Discovery Timeout IP Address = 169.x.x.x
Host sends DHCP Discovery Host never gets IP addressing information Also: Insignificant Topology Change A users PC causes the link to go up or down (normal booting or shutdown process). No significant impact but given enough hosts switches could be in a constant state of flushing MAC address tables. Causes unknown unicast floods.
10
PortFast
Forwarding Portfast enabled State
Powered On
DHCP Discovery DHCP Offer
The purpose of PortFast is to minimize the time that access ports wait

for STP to converge. When a port comes up, the port immediately moves into Forwarding state. The advantage of enabling PortFast is to prevent DHCP timeouts. Host sends DHCP Discovery Host can now can IP addressing information.
11
Configuring Portfast
Access2(config)#interface range fa 0/10 - 24 Access2(config-if-range)#switchport mode access <Previously configured> Access2(config-if-range)#spanning-tree portfast OR Access2(config)#spanning-tree portfast default
Warning: PortFast should only be enabled on ports that are connected

to a single host. If hubs or switches are connected to the interface when PortFast is enabled, temporary bridging loops can occur. If a loop is detected on the port, it will move into Blocking state.
12
Powercycle the host again (portfast enabled)
How long until switch link light turns green?
13
Configuring Portfast
Switch(config)#interface range fa 0/10 - 24 Switch(config-if-range)#switchport mode access <Previously configured> Switch(config-if-range)#spanning-tree portfast
Configure Portfast on all Distribution and Access switches
14
Verifying Portfast
Switch(config)# show spanning-tree inteface type mod/num portfast
15
UplinkFast
Uplinkfast allows access layer switches that have redundant links to multiple distribution switches the ability to converge quickly when a link has failed. For Leafs (end nodes) of the spanning tree. Not for use within backbone or distribution switches (BackboneFast).
16
UplinkFast
Root
Unblock G 1/1 skips listening and learning and goes directly to forwarding
UplinkFast must have direct knowledge of the link failure in order to move a blocked port into a forwarding state. Single Root Port but multiple potential root ports. If Root Port fails, next-lowest path cost is unblocked and used without delay (almost). This switchover occurs within 1 second.
17
UplinkFast
Not supported with Packet Tracer
Access1(config)#spanning-tree uplinkfast
Uplinkfast is enabled for the entire switch and all VLANs. Not supported on a per-VLAN basis. Uplinkfast keeps track of all possible paths to the Root Bridge. So, not allowed on the Root Bridge Switches BID: Raised to 49,152 to make it unlikely it will be the Root Bridge.
18
BackboneFast
Root
Switch(config)#spanning-tree backbonefast
Backbone fast is a Cisco proprietary feature that, once enabled on all switches can save a switch up to 20 seconds (Max Age) when it recovers from an indirect link failure. Configured in global configuration mode and should be enabled on all switches in the network. Requires the use of RLQ (Root Link Query) requests and replies. Disabled by default.
19
My link to the Root has gone down. I have Thanks for no alternate telling me Core path to it. So, is the Root. I Im the new will change my root and RP to Fasend 0/5. out my BPDUs on all ports.
Root
RP RP
X
Inferior BPDU
Forwarding Blocking Listening
I just This heard newfrom BPDU Core is that inferior they toare the still one the it Root. had stored I will: Send for this BPDU portto so D1 I Transition will ignore portit. immediately Let me send to my listening current state Root a After 20 seconds saving query 20 seconds (RLQ). this port will now go (Max Age) into Forwarding state.
BackboneFast is initiated when a root port or blocked port on a switch receives inferior BPDUs from a designated bridge. Inferior BPDUs are sent from a designated bridge that has lost its connection to the root bridge. Normally, a switch must wait for Max Age (20 seconds) to expire before responding to an inferior BPDU. With Backbonefast, switch determines alternate paths to Root.
20
BackboneFast
Normal BPDU
= Core
= Dist1
Inferior BPDU
= Dist1 = Dist1
Same Switch
FYI More Information An inferior BPDU identifies one switch as both the root bridge and the designate bridge. Distribution 1 is the Designated Bridge. Normally, sends BPDUs with Root Bridge as the Core BID. Inferior BPDU A received BPDU that identifies the root bridge and the designated bridge as the same switch. (I was only just the Designated Bridge, but now that I cant get to the Root Bridge, so now I am also the Root Bridge.) 21
Protecting against unexpected BPDUs

Root Guard BPDU Guard Loop Guard Coast Guard
22
Problem: Unexpected BPDUs

Blocking and now listening to BPDUs
BPDU
X
Portfast
Forwards BPDUs to other switches. STP Reconvergence?
A port configured with PortFast will go into blocking state if it receives
a Bridge Protocol Data Unit (BPDU). This could lead to false STP information that enters the switched network and causes unexpected STP behavior. Newly connected switch could advertise itself as the root. BPDU Guard: Developed to protect integrity of switch ports with PortFast enabled but also keeps maintains STP integrity by disallowing unauthorized switches. Rick Graziani graziani@cabrillo.edu 23
Solution: BPDU Guard

Err-Disable, Shutdown
BPDU
|
Portfast & BPDU Guard
No BPDUs sent
Not supported with Packet Tracer Distribution1(config)#interface range fa 0/10 - 24 Distribution1(config-if-range)#spanning-tree bpduguard enable
When the BPDU guard feature is enabled on the switch, STP shuts down PortFast enabled interfaces that receive BPDUs instead of putting them into a blocking state. Errdisable: Port must be manually re-enabled or automatically recovered via timers. BPDU guard will also keep switches added outside the wiring closet by users from impacting and possibly violating Spanning Tree Protocol.
24
Root Guard
Protect Protect
Potential Root Potential Root
Root Guard prevents a switch from becoming the root bridge.

Typically access switches Configured on switches that connect to this switch.
25
Root Guard
UplinkFast must
be disabled because it cannot be used with root guard.
Distribution1(config)#interface fa 0/3 Distribution1(config-if-range)#spanning-tree Distribution1(config)#interface gig 0/2 Distribution1(config-if-range)#spanning-tree Distribution2(config)#interface fa 0/3 Distribution2(config-if-range)#spanning-tree Distribution2(config)#interface gig 0/1 Distribution2(config-if-range)#spanning-tree Access2(config)#no spanning-tree uplinkfast
guard root guard root
guard root
guard root
26
Root Guard
Root Guard
I STP will now Inconsistent transition to listening State no sate, traffic then is learning state, passed. then forwarding sate.
Superior BPDU
I no longer want to be root. I have I want to been reconfigured be root to be a nonbridge! root bridge.
This message appears after root guard blocks a port:

%SPANTREE-2-ROOTGUARDBLOCK: Port 0/3 tried to become non-designated in VLAN 1. Moved to root-inconsistent state
27
Unidirectional Link Detection Protocol (ULDP)
Designated Port
Blocked Port
Spanning-Tree Protocol (STP) resolves redundant physical topology into a loop-free, tree-like forwarding topology. This is done by blocking one or more ports.
28
ULDP
BPDU BPDU
BPDU
Loop!
BPDU BPDU No BPDUs Received Change to Forwarding State
BPDU
STP uses Bridge Protocol Data Units (BPDUs). If a switchs port in blocking port stops receiving BPDUs: STP eventually ages out the STP information for the port (up to 50 secs) Moves port to forwarding state. This creates a forwarding loop or STP loop. How is it possible for the switch to stop receiving BPDUs while the port is up? The reason is unidirectional link.
29
ULDP
BPDU No BPDUs Received Change to Forwarding State

RFC 5171: Issues arise when, due to mis-wirings or to hardware faults, the communication path behaves abnormally and generates forwarding anomalies. Link fails in the direction of SwitchC. SwitchC stops receiving traffic from SwitchB. However, SwitchB still receives traffic from C. UDLD is a Layer 2 (L2) protocol that works with the Layer 1 (L1) mechanisms to determine the physical status of a link.
30
ULDP
My device/port ID & your device port ID My device/port ID & your device port ID
Layer 1: Autonegotiation configured (speed/duplex) Layer 2: UDLD configured
Enable both auto-negotiation and UDLD to prevent unidirectional
connection. With UDLD switches share Device/Port ID information.
31
ULDP
My device/port ID & your device port ID My device/port ID & your device port ID
Unidirectional link failure
UDLD-3-DISABLE: Unidirectional link detected on port 1/2. Port disabled
Port disabled
Port shutdown by UDLD remains disabled until:

Manually reenabled or errdisable timeout expires (if configured)
Rick Graziani graziani@cabrillo.edu 32
Configuring ULDL
Switch(config)# udld {enable | aggressive} or Switch(config)# interface fa 1/2 Switch(config-if)# udld {enable | aggressive}
Normal mode (enable) Port is allowed to continue its operation merely marks the port as being in undetermined state and generates a syslog message. Aggressive mode Port is place in Errdisable state and cannot be used.
33
Loopguard
Loop!
BPDU
No Loopguard Configured
No BPDUs Received Change to Forwarding State
Loopguard also protects against ports erroneously transitioning to

forwarding mode. Loopguard will also protect against STP failures, designated switch not sending BPDUs due to software problems.
34
Loopguard
BPDU BPDU
Unidirectional link failure
Loopguard Configured
%SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port FastEthernet1/0 on VLAN0010
Inconsistent Blocking State
If the switch begins to receive BPDUs again, it will transition through

normal STP states. Loopguard does NOT protect against problems due to wiring issues. Highest level of protection is to enable both Loopguard and UDLD.
35
Configuring Loopguard
Switch(config)# spanning-tree loopguard default or Switch(config)# interface fa 1/2 Switch(config-if)# spanning-tree guard loop
36
RSTP IEEE 802.1w (Rapid Spanning Tree Protocol)
38
Rapid Spanning Tree Protocol
39
Rapid Spanning Tree Protocol
The immediate hindrance of STP is convergence. Depending on the type of failure, it takes anywhere from 30 to 50
seconds, to converge the network. RSTP helps with convergence issues that plague legacy STP.
40
STP vs RSTP
802.1D
802.1w
vs
RSTP is based on IEEE 802.1w standard. IEEE 802.1w took 802.1Ds principle concepts and made convergence faster. STP topology change takes 30 seconds (two intervals of Forward Delay timer). RSTP is proactive and therefore negates the need for the 802.1D delay timers. RSTP (802.1w) supersedes 802.1D, while still remaining backward compatible. RSTP BPDU format is the same as the IEEE 802.1D BPDU format, except that the Version field is set to 2 to indicate RSTP. The RSTP spanning tree algorithm (STA) elects a root bridge in exactly the same way as 802.1D elects a root.
41
RSTP
RSTP can be applied on Cisco switches as:
A single instance per VLAN Rapid PVST+ (RPVST+) Multiple instances IEEE 802.1s Multiple Spanning Tree (MST)
42
STP Port Behavior and States

802.1D
Ports Root Port Designated Port Blocking Port Not Designated Port and Not Root Port Ciscos proprietary UplinkFast has a hidden Alternative Port offering parallel paths, but in Blocking state. States Disabled (Not 802.1D state) Blocking Listening Learning Forwarding Only state that sends/receives data.
RSTP
Root Bridge: Same election process as 802.1D (lowest BID) Ports Root Port (802.1D Root Port) The one switch port on each switch that has the best root path cost to the root. Designated Port (802.1D Designated Port) The switch port on a network segment that has the best root path cost to the root. Alternate Port (802.1D Blocking Port) A port with an alternate path the root. An alternate port receives more useful BPDUs from another switch and is a port blocked. Similar to how Cisco UplinkFast works. Backup Port (802.1D Blocking Port) A port that provides a redundant (but less desirable) connection to a segment where another switch port already connects. A backup port receives more useful BPDUs from the same switch it is on and is a port blocked.
RSTP Port States

Operational Port State Disabled Enabled Enabled Enabled Enabled STP Port State Disabled Blocking Listening Learning Forwarding RSTP Port State Discarding Discarding Discarding Learning Forwarding
RSTP defines port states based on what it does with incoming data frames. Discarding Incoming frames are dropped No MAC Addresses learned Combination of 802.1D (Disabled), Blocking and Listening Learning Incoming frames are dropped MAC Addresses learned Forwarding Incoming frames are forward.
45
RSTP BPDUs
STP Port State STP BPDUs RSTP Port State RSTP BPDUs
Disabled Blocking Listening Learning Forwarding
Not Sent/Received Receive only Sent/Received Sent/Received Sent/Received
Discarding Discarding Discarding Learning Forwarding
Not Sent/Received Sent/Received Sent/Received Sent/Received Sent/Received
RSTP uses same 802.1D BPDU format for backward compatibility. 802.1D and 802.1w switches can coexist. BPDUs sent out every switch port at Hello Time intervals regardless if BPDUs are sent on the port. When three BPDUs in a row (6 seconds) are missed: the neighbor switch is presumed down All MAC address information pointing to that switch (out that port) is immediately aged out (flushed) Switch can detect a neighbor down in 6 seconds instead of MaxAge of 20 seconds.
46
RSTP Convergence

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/ 12.1_9_ea1/configuration/guide/swmstp.html#wp1048403 Convergence is a two step process: 1. Elect a Root Bridge 2. Examine all switch ports which by default are in Blocking state and advance to the appropriate state to prevent loops. STP requires the expiration of several timers before switch ports can be moved to Forwarding state. RSTP takes a different approach: When a switch joins the topology (powered-up) or detects a failure in the existing topology Determines its forwarding decisions based on the type of port. Edge Port Root Port Point-to-Point Port
47
Edge Ports
Edge port will never have a switch connected to it so cannot form bridging loops. Immediately transitions to forwarding state. Traditional identified with STP PortFast feature. For familiarity the command is the same: spanning-tree portfast Never generates topology changes notifications (TCNs) when the port transitions to a disabled or enabled status. If an edge port receives a BPDU, it loses its Edge Port status becomes a normal spanning-tree port.
Non-Edge Ports
Root Port The one switch port on each switch that has the best root path cost to the root. Point-to-Point Port (Link Type) Port operating in full-duplex mode. Connects to another switch and becomes a Designated Port. Uses a quick handshake with neighboring switch rather than timers to decide port state. Shared Medium Port (Link Type) Port operating in half-duplex mode. It is assumed that the port is connected to shared media where multiple switches might exist.
Point-to-Point: The Quick Handshake

Proposal
Root
DP
RP
Agreement
Switch A is connected to Switch B through a point-to-point link, All ports are in the Discarding (Blocking) state. Switch A has a lower BID than Switch B. Switch A sends a proposal message (Configuration BPDU) to Switch B, proposing itself as the Root Bridge and the designated switch on the segment. Switch B: Selects its new root port the port from which the proposal message was received and immediately goes into Forwarding State Forces all nonedge ports to the Discarding (Blocking) state, Sends an agreement message. Switch A: Immediately transitions its designated port to the forwarding state. No loops in the network are formed because Switch B blocked all of its nonedge ports and because there is a point-to-point link between Switches A and B.
50
Proposal
Root
DP
RP
B
Proposal
Agreement
Root
DP
DP
DP
RP
C
Proposal
Agreement
Root A
DP
RP
DP
RP
DP
RP
Agreement
Switch C is connected to Switch B: a similar set of handshaking messages are exchanged. Switch C selects the port connected to Switch B as its root port, and both ends immediately transition to the forwarding state. Handshaking process continues throughout topology.
51
RSTP Topology Change Notifications

802.1D 802.1D
802.1D Switch detects a state change (up or down), it sends the Root Bridge a TCN BPDU. The Root Bridge sends out a Configuration BPDU (TCN bit set) to all switches to tell them about the change. (30 seconds before Forwarding) RSTP Detects a topology change only when a nonedge port transitions to the Forwarding State. RSTP uses its convergence mechanisms (Edge Ports, Point-to-Point ports, handshaking, etc.) to prevent bridging loops. Therefore, topology changes are detected only so MAC address tables can be updated and corrected. This means that a loss of connectivity is not considered as a topology change any more, contrary to 802.1D (that is, a port that moves to blocking no longer generates a TC).
52
RSTP Topology Change Notifications

RSTP
When a topology change occurs: Switch flushes the MAC addresses associated RSTP no longer uses the specific with all nonedge ports. TCN BPDU, unless a legacy bridge Switch sends BPDU with TCN bit set to all needs to be notified neighbors so they can update their MAC Address tables too. When a bridge receives a BPDU with the TCN bit set from a neighbor: It clears the MAC addresses learned on all its ports, except the one the port that it receives the topology change. It sends BPDUs with TCN set on all its designated ports and root port (RSTP no longer uses the specific TCN BPDU, unless a legacy bridge needs to be notified). This way, the TCN floods very quickly across the whole network - now a one step process. The initiator of the topology change floods this information throughout the network, as opposed to 802.1D where only the root did. Much faster than the 802.1D equivalent < wait for the root bridge to be notified, and then max age plus forward delays>. In just a few seconds, or a small multiple of hello-times, most of the entries in the CAM tables of the entire network (VLAN) flush. This approach results in potentially more temporary flooding, but on the other hand it clears potential stale information and allows rapid convergence.
53
Rapid PVST Implementation Commands

Cisco implements RSTP with Rapid PVST+
Switch(config)# spanning-tree mode rapid-pvst
To revert back to the default PVST+ using traditional 802.1D:
Switch(config)# spanning-tree mode pvst
54

Cisco implements RSTP with Rapid PVST+
To configure an RSTP edge port:

Switch(config-if)# spanning-tree portfast
RSTP automatically decides if a port is point-to-point link operating in full duplex or half-duplex. If you need to set it manually, other switch is in Half-Duplex but still point-topoint (by the way, both ends must then be Half-Duplex):
Switch(config-if)# spanning-tree link-type point-to-point

Access1# show spanning-tree VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 24577 Address 0001.C945.A573 Cost 4 Port 26(GigabitEthernet1/2) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority Address Hello Time Aging Time 32769 (priority 32768 sys-id-ext 1) 0003.E461.46EC 2 sec Max Age 20 sec Forward Delay 15 sec 20
56
802.1D creates a single instance of STP for all VLANs.
PVST+ and RPVST create a single instance of STP for each VLAN. If there are 500 VLANs in the network that would be 500 instances of STP running! PVST+ does allow different VLANs to have different Root Bridges which can allow for the use of redundant links.
57
Multiple Spanning Tree Protocol 802.1s
MSTP is also known as Multiple Instance Spanning Tree Protocol (MISTP) on Cisco Catalyst 6500 switches and above
58
Multiple Spanning Tree Protocol 802.1s

Instance 1 maps to VLANs 1500 Instance 2 maps to VLANs 5011000
Multiple Spanning Tree (MST) extends the IEEE 802.1w RST algorithm to multiple spanning trees. The main purpose of MST is to: Reduce the total number of spanning-tree instances to match the physical topology of the network Thus reduce the CPU cycles of a switch. Allows the network administrator to configure the exact number of instances. PVST+ runs a single instance of STP for each VLAN and does not take into consideration the physical topology. May have 1,000 VLANs but only 2 different topologies (2 different Root Bridges). PVST+ will still create 1,000 instances of STP MST, on the other hand, uses a minimum number of STP instances to match the number of physical topologies present. May have 1,000 VLANs but only 2 different topologies (2 different Root Bridges). MST will let you specify only 2 instances of STP.
59
MST Regions
802.1D
802.1D
MST Region
MST Region is a group of switches placed under a common administration (like an AS). In most networks a single MST region is sufficient. A single MST Region can handle 15 STP instances (topologies). Within a region, all switches must run the instance of MST as defined by: MST configuration name (32 characters) MST configuration revision number ( 0 to 65,535) MST instance-to-VLAN mapping table (4,096 entries) MST was designed to work with all forms of STP. IST (Internal Spanning Tree) instance runs to work out a loop-free topology inside the MST Region. IST presents the entire MST region as a single virtual switch (bridge) to the CST (802.1D) outside.
60
MST
Remember, the whole idea of MST is to map multiple VLANs to a smaller number of STP instances. Cisco supports a maximum of 16 MST Instances (MSTIs) in a region. The IST uses MST 0 leaving 1 through 15 available for use. The Distribution1 switch is the primary root bridge for the data VLANs 10, 30, and 100 Secondary root bridge for the voice VLANs 20, 40, and 200. The Distribution2 switch the primary root bridge for the voice VLANs 20, 40, and 200 Secondary root bridge for the data VLANs 10, 30, and 100. Distribution1 is chosen as CIST regional root. It means that Distribution1 is the root for IST0.
61
MST
Enables MST Distribution1(config)# spanning-tree mode mst Distribution1(config)# spanning-tree mst configuration Configure Region Distribution1(config-mst)# name region1 and MST instances Distribution1(config-mst)# revision 10 Distribution1(config-mst)# instance 1 vlan 10, 30, 100 Distribution1(config-mst)# instance 2 vlan 20, 40, 200 Distribution1(config-mst)# exit Configure Root Bridge Distribution1(config)# spanning-tree mst 0-1 root primary Distribution1(config)# spanning-tree mst 2 root secondary
MST
Enables MST Distribution2(config)# spanning-tree mode mst Distribution2(config)# spanning-tree mst configuration Configure Region Distribution2(config-mst)# name region1 and MST instances Distribution2(config-mst)# revision 10 Distribution2(config-mst)# instance 1 vlan 10, 30, 100 Distribution2(config-mst)# instance 2 vlan 20, 40, 200 Distribution2(config-mst)# exit Configure Root Bridge Distribution2(config)# spanning-tree mst 2 root primary Distribution2(config)# spanning-tree mst 0-1 root secondary
MST
For complete configurations go to: Configuration example to migrate Spanning Tree from PVST+ to
MST http://www.cisco.com/en/US/products/hw/switches/ps708/products_con figuration_example09186a00807b075f.shtml
64
MST
Switch# show spanning-tree MST00 Spanning tree enabled protocol mstp Root ID Priority 24577 Address 0001.C945.A573 Cost 4 Port 26(GigabitEthernet1/2) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority Address Hello Time Aging Time 32769 (priority 32768 sys-id-ext 1) 0003.E461.46EC 2 sec Max Age 20 sec Forward Delay 15 sec 20
65
Enhancements to 802.1D, PVST+, EtherChannel, RSTP and MST

CIS 187 Multilayer Switched Networks CCNP SWITCH Rick Graziani

Cis187 4 PVST RSTP

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Cis187 4 PVST RSTP

Hochgeladen von

Copyright:

Verfügbare Formate

Enhancements to 802.

1D, PVST+, RSTP and MST

See Notes section for additional detailed information.

Rick Graziani graziani@cabrillo.edu

Download this file

Rick Graziani graziani@cabrillo.edu

Ciscos RSTP is Rapid PVST+

Rick Graziani graziani@cabrillo.edu

802.1D) IEEE 802.1s 802.1Q)

Rick Graziani graziani@cabrillo.edu

Rick Graziani graziani@cabrillo.edu

Helping STP protect your LAN from Problems

Powercycle a host and watch link lights

How long until switch link light turns green?

Rick Graziani graziani@cabrillo.edu

Im adding any addresses on this port to my MAC Address Table.

Rick Graziani graziani@cabrillo.edu

PortFast Problem DHCP

Rick Graziani graziani@cabrillo.edu

Rick Graziani graziani@cabrillo.edu

Warning: PortFast should only be enabled on ports that are connected

Rick Graziani graziani@cabrillo.edu

Powercycle the host again (portfast enabled)

How long until switch link light turns green?

Rick Graziani graziani@cabrillo.edu

Configure Portfast on all Distribution and Access switches

Rick Graziani graziani@cabrillo.edu

Rick Graziani graziani@cabrillo.edu

Rick Graziani graziani@cabrillo.edu

Rick Graziani graziani@cabrillo.edu

Not supported with Packet Tracer

Rick Graziani graziani@cabrillo.edu

Rick Graziani graziani@cabrillo.edu

Forwarding Blocking Listening

Rick Graziani graziani@cabrillo.edu

Rick Graziani graziani@cabrillo.edu

Protecting against unexpected BPDUs

Rick Graziani graziani@cabrillo.edu

Problem: Unexpected BPDUs

A port configured with PortFast will go into blocking state if it receives

Solution: BPDU Guard

Rick Graziani graziani@cabrillo.edu

Potential Root Potential Root

Root Guard prevents a switch from becoming the root bridge.

Rick Graziani graziani@cabrillo.edu

guard root guard root

This message appears after root guard blocks a port:

Rick Graziani graziani@cabrillo.edu

Unidirectional Link Detection Protocol (ULDP)

Rick Graziani graziani@cabrillo.edu

BPDU BPDU No BPDUs Received Change to Forwarding State

Rick Graziani graziani@cabrillo.edu

BPDU No BPDUs Received Change to Forwarding State

Rick Graziani graziani@cabrillo.edu

Layer 1: Autonegotiation configured (speed/duplex) Layer 2: UDLD configured

Enable both auto-negotiation and UDLD to prevent unidirectional

connection. With UDLD switches share Device/Port ID information.

Rick Graziani graziani@cabrillo.edu

Unidirectional link failure

UDLD-3-DISABLE: Unidirectional link detected on port 1/2. Port disabled

Port shutdown by UDLD remains disabled until:

Rick Graziani graziani@cabrillo.edu

No BPDUs Received Change to Forwarding State