137 IPExpert Advance Spanning Tree Features PortFast

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] spanning-tree portfast is yet another Cisco's enhancement to the traditional spanning tree protocol if this is a feature designed for ports that are facing clients that are facing computers the servers maybe even routers or in some rare circumstances switches if we are sure that you're not going to create a loop by doing what this feature does and what this feature does is when the port transitions from the disabled to a non disabled State in other words only doing no shutdown on the port or when we plug something into the port which causes the port to come up this feature is going to bypass the initial listening and learning phases of the spanning tree and immediately transition into the forwarding State this feature can be configured using two different methods one is the global configuration using the spanning-tree portfast default command this is going to cause the port va's to be enabled on all the ports that are currently in operational access mode that means all the ports that are configured manually to be access ports or the dynamic ports that he'll that have failed to negotiate the trunk another way to configure this feature is when we configure it purport simply using the spanning-tree portfast command these two configuration methods are very similar in their nature the only difference is that when configured per port this feature can be actually enabled for trunks as well by default when we do spanning-tree portfast this command will apply only if this port is an access port if the portal question is not an access port in other words if it's a trunk the port fast will not be enabled on the port but we can force it to be enabled on the port using the spanning tree port fast trunk command but what happens if we do spanning tree port fast trunk on the port and the port is not a trunk well in that case the port will still report first I will show you this in an example in the terminal in just a minute in either case either when it's configured globally or purport this feature is not unconditional what do I mean by that this feature is conditional on the incoming VP use if there are no incoming be produced which means that we are not connected to the switch that runs the spanning tree the feature will be active if that's the case we say that on this port port fast is in operational port fast state but it's not an operational port fast state if it's either disabled on the port by not being enabled or if you receive an incoming bpdu the incoming BPD on the port will reset turn off the port fast feature causing this port to behave like a normal port there are some features that are dependent on the operational port fast state of the port these two features are the bpdu guard and the big video filter now as we will see when I talk about these two features these two features can also be unconditional non dependent independent from the port fast but they can also be configured in such a way that they depend on the port vast state of the port and when I say the port fast state of the port I really mean the operational port fast State on the port I'm just going to throw one more thing out there and that is that the port fast state is maintained for access ports on per port basis and for trunks on per villain basis now this is a lot to digest so as usual let's see it in action as usual in these demonstrations I'm going to use a very simple network to demonstrate port fast I'm going to have two switches cat one and can't two that are going to be interconnected like this this is going to be fast at 24 and fast internet 24 on cat - I'm going to have several interfaces on cat one connected in VLAN 1 so I'm going to have fastly 0 1 through Fast Ethernet 0 5 connected to some hosts most of these hosts are actually going to be routers one of them is going to be my Linux PC but it doesn't matter all I need from these hosts is to make sure that interface is up so the only configuration on these hosts here is that the interfaces are enabled I'm not going to look into IP addresses or anything of the sort just that the interfaces are up so let's go to our terminal and confirm that this is indeed configured as such if I go to my cat 1 and issue show spanning tree command I will see that I have only one interface that is operational at the moment and that's the interface facing my cat - let's bring those five host facing interfaces up I'm going to go into configure terminal I'm going to say interface range faster than zero one two five and I'm going to say no shutdown when these interfaces go up and as you can see that right here behind me and if I do show spanning tree again I will see that these five interfaces now are undergoing the regular spanning tree operations I can see that these ports are now listening if I repeat my command now I will see that these ports have now transitioned into a learning State if I wait just a little bit and I repeat my show spanning tree command I will say that some if not all of them just like now have actually transitioned into forwarding State this transition from listening to learning and then finally to forwarding state will take 30 seconds sometimes this is an undesirable operation so let's see how port fast can actually help us solve this problem to do that I'm going to go into the config terminal and I'm going to start by shutting all these ports down and then I'm going to say in the global configuration I'm going to say spanning tree portfast default and as the warning message here says this will enable poor trust on all of my port but not really on all of my ports because one part is not going to be an access port in my configuration if I repeat show spanning tree I will see that fast hitting at 0 24 is actually a trunk port and s trunk it is not eligible to become to become port fast as the result of the global configuration let's confirm that I'm going to run the command show spanning tree interface fasting at 0 24 port fast this command here will show me the operational port fast state of the port and I can see here that for VLAN number one which is the only configure VLAN that I have in my switch the port fast is disabled so let's bring those five ports up so I'm going to say again interface range fastener 0 1 2 5 and I'm going to say no shutdown let's see what the result is when the ports change state to up if I do show spanning tree now I will see that all of these ports on fire five of them are now in forwarding state but what about the poorest state on these ports if I do show spanning tree interface fast when 0 1 port first I will see that the poorest state is actually enabled so this is how port fast works when it's connected when it's configured globally but as I said this is a conditional state it's conditional on not receiving any BP dues from the other side let's try what happens when we actually have the videos from the other side to test that I'm going to go to my interface fastener 24 and I'm going to shut it down I do not want this interface to be trunk anymore I wanted to actually be the access port if I do show interface faster 24 I'm going to see here that this port is now in dynamic desirable mode I'm going to change this to dynamic auto and if the same configuration is on the other side so this is cat - and we can see that there is no configuration on the port which means it will be dynamic out of let's now bring the interface up if I dunno shut down when the interface comes up if I do show spanning tree I can see that this port is now forwarding does this mean that my port fast is actually enabled on this port let's take a look I'm simply going to do show spanning tree interface fast in a 24 part fast and it says here that the port rest is enabled but am I not connected to the switch on the other side or I am but which switch is the route cat one is the route switch so that means that there are really no BP dues coming from the other side well depends which interface comes up first so let's go to cat to now and let's say that that cat 2 will be the root for VLAN 1 so I'm going to say spanning tree V 1 1 root primary if I go to cat 1 and I repeat the exact same command here I'm going to see that the port fast or villain 1 is disabled so now that cat 2 is the root 3/3 let's repeat the same exercise I'm going to shut the port down facing cat 2 and then I'm going to do no shutdown immediately followed by do show spanning tree now the reason why I'm typing it here is because I want to have it in my copy paste buffer so I'm going to do no shutdown and I'm going to say do show spanning tree and I want to see what happens here take a look the port is immediately in the forwarding state if I do show spanning-tree interface faster than 24 port fast the poor trust is disabled so how comes that the port is now forwarding when the the port fast is disabled well here's why the port fast was enabled when the port initially came up and it immediately transitioned into a forwarding state when it received the BPD from the other side the port actually lost the port fast state however what didn't happen is that this port went back to the blocking state because there was no reason for this port to go to blocking because the calculated spanning tree topology from cat ones perspective was that this part needs to be forwarding because it's the root port if I take a look at do show spanning tree actually before I do that this is an interesting situation this is a transient state that was actually quick enough to catch it you can see here that cat 1 now thinks that this is a designated port the port came up it moved into the forwarding state wild cat one thought it was the route but if I repeat the show spanning tree now this same port here will be showing up as the root port so the calculated topology is still correct here that this is going to be the forwarding port now I talked a lot between these two show commands I actually spoke enough long enough for the timers 2 times 15 seconds to elapse so let's repeat this and this time I'm going to try to be a little bit slower with my show spanning tree so I'm going to do the shutdown again on the port and I'm going to do no shutdown I'm going to wait for the port to come up and let's wait for a couple of seconds so now if I repeat this command here I'm going to see that all this was much shorter than 30 seconds the the port is actually the root port and is forwarding this is because forwarding state is the stable spanning tree State it's not one of those two trains States the e-learning or listening phase but this was simple enough because we had only one link between cat 1 and cat to what if we had two links and let's say that this is fast it in at 23 on both sides here let's bring this interface up make sure that it is actually an access port so I'm going to go to interface faster 23 I'm going to say actually default interface faster 23 and if I take a look at the configuration of this interface I will see that there is really nothing there now what I'm going to do is I'm going to make surely it is shut down on at least one of the sides so here it is on cat - I'm going to say no shutdown on cat - side and again I want to do no shutdown on cat 1 and immediately following that I wanted to do the show spanning tree and I can see here very quickly that spanning tree converged now I was a bit too slow now because I wasn't able to show you actually one of the transient states but I'm going to try to repeat the exercise in a second to try to do that we can see here that even though pastilla 23 didn't go through its motions didn't go to the listening and learning phase it moved immediately to forwarding state before in it before it received the beep video from the other side it converged to be the forwarding and but we can also see that fasting at 24 moved very quickly into the blocking state which means that even with the portfast enabled spanning tree actually worked fine one of the big misconceptions about the port fast is that for some reason it turns off spanning tree it doesn't turn off spanning tree it's the port will still send VP news if it needs to send videos it will still be able to converge into idle forwarding or the blocking snake the only thing that happens is that it is going to bypass the listening and learning phases of the spanning tree the next thing that I'm going to try to do is I'm going to try to catch fastly 23 and 24 on my cat one when they are both forwarding now this is a transient state which is going to be there for a very very brief period so you will forgive me if I have to try multiple times I will show you only the successful attempter so let's give it a try I'm going to start by preparing my show spanning tree command but this one is not going to be the full show spanning tree I actually just want to show the information about two of my interfaces fastly 23 and 24 and this command here in the combination with the regular expression will actually show me the output that I'm interested in so next thing that I'm going to do is I'm going to go to interface range firstly 23 to 24 and I'm going to shut these interfaces down if I run my command that I have in my copy paste buffer I'm going to have no output because these interfaces are down so let's bring them up and I'm going to start running this command very quickly multiple times so now this is what I wanted to show you you can see here that both of these interfaces are now thinking that they are designated and they're both forwarding at this point in time portfast was active on both of these ports now this would be rather tricky to catch but we can we can try to do that as well but I will leave that as an exercise to you now immediately when these interfaces came up as soon as we receive the first BPD from the other side we can see that my two interfaces fastly 23 and 24 actually converged to the proper spanning tree topology this means that spanning tree did its job but during that brief period when both of these interfaces were actually forwarding we did have a loop in our network which disappeared as soon as panel tree converged but a very very brief loop depending on your environment and your applications could still be a very very dangerous thing to have that was an example how spanning tree behaved when it's configured globally let's now undo that configuration so I'm going to say no spanning-tree portfast default so now spanning tree is actually turned off on all of my ports let's see what happens when I configure spanning tree on a per interface basis again I'm going to consult my fast in the 24 interface and at this moment I don't care about fast 323 so I'm going to shut it down I'm going to go to interface fastener 24 I'm going to start by shutting this interface down and I'm going to say spanning-tree portfast on the interface itself again I'm going to get a warning message here that tells me that the spend turning of turning on the spanning tree can be very dangerous etc etc etc but much more important thing is this error message here the warning here that tells me that this interface will be port fast only when it's not a trunk so right now if I do show interface Fastnet 24 switch port I can see that this port is actually in operational mode down because I didn't do no shutdown on it so I'm going to do the no shutdown on this port and if I do show interface switch port I will see that this port now operates as the access port if I do show spanning tree interface first 24 part first I will see that spanning tree is disabled why is it disabled remember cat 2 is sending the video frames so let's try to see if spanning tree if port fast I'm sorry will be active at any point in time between the no shutdown and the BPD being received I'm simply going to start by shutting the interface down and I'm going to say show spanning-tree interface fast in a 24 port fast and now I'm going to have this in my copy paste buffer I'm going to say no shutdown and I'm going to start running this command here to see if port fast was actually enabled at any point in time and I can say that it actually was and then I'm receiving the BPD from the other side and it turns off the port fast so I can see here that on this interface the port fast operates just in the same way as it was operating when it was configured globally but let's make this interface a trunk now so I'm going to start by shutting it down I'm going to say switch port mode dynamic desirable I'm going to say no shutdown here and I'm going to run my command here to wait for the interface to come up and I can see here that port fast is disabled at all times the reason for that is that the port last command configuring this interface does not apply when the interface itself is actually operating as a trunk when it's an operational trunk node let's now make this interface port fast when it's in a drunken mode to do that I'm going to again start by shutting it down and I'm going to say spanning-tree portfast and I have here option to enable it as trunk now I should explain this disabled option here it is unrelated to the trunking option but when we have an interface that doesn't have a per interface port fast configuration but it instead relies on a global configuration and on that interface we do not want to run the port fast this is where this command comes into play because we can then it screw this interface from the globally configured poor trust it can be very useful so now this is the configuration that we have on our fast internet 24 I have spanning-tree portfast drunk I have my show command ready I'm going to say no shutdown then I'm going to immediately start running this confer command so to catch what happens with my interface and I can see here that for a very brief period of time the portfast was actually enabled on the interface now as soon as the BPD was received the portfast was disabled you will recall that I mentioned that spanning-tree portfast when configured on trunks operates on prevalent basis and not on purport basis let's give that a test so to do that I'm going to create a new villain belong to and on both kept one and cat tomb I'm going to create the violent and also I'm going to make sure that cat two is the root for belong to as well as villain one so this is what I'm doing now if I go to cat one and if I run show spanning tree I will see now that I have two instances of spanning tree one for villain one and it's active on fast in a 24 and another one for villain two which is also active on fast net 0 24 if I do sure spanning tree interface fast 324 port fast I will see now that I have a separate status for villain 1 and belong to and I can see that spanning-tree portfast is disabled in both cases let me go ahead and shut the port down between cat 1 and get to then on cat 2 I'm going to turn off spanning tree for villa number two then on cat one I'm going to say no shut down and I'm going to say show spanning tree like sir I can see here that when I first run this command fast in the 24 for villain one moves into designated forwarding and fasting at 24 for villain two is also designated forwarding but very quickly after that for v1 one fasting at 24 is going to become a root port and for v1 2 it remains designated why does it remain designated because there are no BP news coming from cat to the BP dues are now being transmitted by cat 1 if I do show spanning tree interface fastly 24-port fast I will see now that for villain one port fast is disabled and for villain number two the port fast is enabled clearly it's obvious that port fast operates on prevalent basis another thing that I mentioned when I introduced port fast was that it bypasses the listening in learning phases only when the port goes from disable state to a listening state or when it comes up when it's supposed to go into the listening but instead moves directly into forwarding state but what happens with the blocking port let's give that a try so what I'm going to do next is I'm going to remove villain too because I don't really need it for this exercise but I'm going to bring back into the mix my fast at unit 23 interface but I'm just going to be working with access ports now there is no special reason it's just simpler to see what's going on so I'm going to say interface range fastly 23 to 24 and I'm going to say switch port about dynamic auto to make sure that these interfaces are actually not negotiating the trunk with the other sided or that they are not going to successfully negotiate the trunk with the other side and here I'm going to say spell three portfast so if I do show run interface fastener 23 and 24 this is the configuration I'm going to have so what I'm going to do now is I'm going to say no shutdown on both of these interfaces and let's see on cat - if both of them actually come up they are coming up and if I to show spanning tree here I will see that fastener 23 ended up being the root port and fastly 24 ended up being the blocking port let's now shutdown fastener 23 if I go to interface past May 23 and I say shut down if I do show spanning tree when the interface goes down I can see that fast if net 24 is now moving into a listening face it is not forwarding and if I keep on waiting it is eventually going to move into the learning phase and if I keep on waiting it is going to continue to the forwarding phase so even though the port first was enabled on this port it is actually not transitioning into the forwarding state immediately now what would be the reason for that well the reason for that would be the incoming bit videos from cat 2 because remember what is configured this highlighted line is what we can call the administrative port for state how the port was configured but what actually matters for the operation is how the port operates as far as port fast goes and this is what I've been showing you all along show spanning tree interface firstly 24-port fast the port fast is actually in operational disabled State when the port fast is in operational disabled state the port cannot transition directly into the forwarding state and instead needs to go through listening and learning phases of the spanning tree the last thing about the portfast is its relationship with BPD guard and the BPD of filter I will talk about the special relationship when I talk about these two different features

Info

Channel: CCIEORDIE.COM

Views: 794

Rating: undefined out of 5

Keywords:

Id: 6rYF2sdmZvM

Channel Id: undefined

Length: 28min 45sec (1725 seconds)

Published: Thu Feb 08 2018