Networking Week: Understanding and Implementing Spanning-Tree Protocol

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

all right so my name is Roberto sunny and I am a full-time instructor with I me I have five CC is CC i Rob switch security voice collaboration and service provider if you want to reach out to me after the webinar you can always email me at my email address which is our patusani at highly calm or maybe on Twitter or even LinkedIn so without wasting much time let's quickly get started with spanning tree now spanning tree is something that that's basically going to help you with with at CCNA or even CCNP the in core or even your CCI Enterprise so it's again a small topic but it's still relevant to the new blueprint now the first thing that actually comes to mind is what exactly is spanning tree why do we need spanning tree I mean technically we don't really need it now it's kind of old technology but it's still relevant so why do we actually need spanning tree the whole reason for spanning tree to exist is to prevent loops when you have redundant links between switches now obviously if you look at any kind of environment whether you have a small enterprise or a large-scale enterprise you would definitely have two or five or hundreds of switches and obviously you would have redundant links between them so without spanning tree what's going to happen the minute you start creating VLANs and traffic is flowing between switches if the redundant links are not blocked in using some kind of mechanism they would definitely be a loop so spanning tree basically blocks or prevents loops by blocking one or more of the links so how does spanning tree actually do that so the first thing spanning-tree does is it it kind of Alexa some something called a servo bridge let me in fact draw it out for you go back here and let's try it out so the first thing what spanning-tree does is he lets a hoop bridge so what exactly is a root bridge let's say if I have three switches I have switch 1 switch 2 and maybe switch 3 they all are interconnected now this kind of an environment there would definitely be a loop right because imagine if I have a PC here who wants to communicate maybe with a PC here and how does a switch normally behave when he gets a frame or an app request from a PC asking who is 10.0.0.0 says 10.0.0.0 any sent an app requests the switch to does not really know that where is that device because he's not really heard about that device ever so switch to is going to send a broadcast and he would send the broadcast to all the ports in that v land except the port on which he received the packet so he would send the broadcast and then switch one learns about the broadcast he would probably send the broadcast ahead so he forwards it here this guy would probably forward here switch 3 may probably reply back here he would reply back here and eventually what's going to happen is that there would be a loop because the cam table would constantly be updated now what spanning-tree does it basically prevents this loop when you have redundant links by maybe blocking one of the link the question comes how does spanning-tree block that link how does he actually choose which link to block i can't just randomly select any one link right there has to be some kind of mechanism so as you know all switches exchange B videos which is Britt's protocol data unit so every switch is actually exchanging that your routers and PC is or n host good news only switches senti beliefs so as soon as the link comes up every switch by default assumes that I am the root bridge though what exactly is the root bridge think of the root bridge like like maybe a king so root bridge is the device that basically decides which port is going to go into blocking state and which port would be in forwarding state it is the root bridge who basically decides that so think of the root bridge like the king and think of a VLAN as mediate Kingdom so I have root bridge which is equal to a king I have VLANs which is equal to Kingdom so think of it that way can I have two kings for one Kingdom no they can only be one king I could be a king for multiple kingdoms so I could be the root bridge for multiple VLANs but for one VLAN they can only be one root bridge so what what's going to happen here how spanning tree blocks or prevents loops is that the first thing he does he elects the root bridge now all switches by default they would say I am the root bridge because they all want to be the root bridge who doesn't want to be the king so every switch is going to say that that I am the root bridge but there can be only one root bridge so election process starts spanning tree starts the election we still talk about the spanning tree modes a bit later but just the working of spanning trees what we're talking about so spanning tree starts the election process which basically says okay there are three people who are wanting to be the king there can only be one king or one root bridge so let's start the election process so election process starts now the selection criteria for root bridge selection is based on two things the first one is lowest system priority so system try that's the first criteria if that is the same it goes to the next criteria which is lowest MAC address so two criterias or two selection rules first he would always compare the system priority now all Cisco switches they have the default priority as 3 2 7 6 8 and our priorities it has to be in multiples of 4 0 9 6 if you look at 3 - 7 6 8 even that is a multiple of 4 0 9 6 4 0 9 6 times 8 is 3 2 7 6 8 so all switches will exchange in the bpdu they will basically compare the system priority let's say I have not changed or made or manipulated any of my priorities of my system priority I haven't changed that let's assume that so if the priority is saying he would compare the MAC address obviously the MAC address is going to be different so since the map is going to be different one switch its elected as the root bridge let's say switch 1 was maybe having a MAC address of a maybe switch to was BBB B and switch 3 was cccc maybe this was my MAC address in that case because the priority is the same he would then compare the MAC address switch one has a lower MAC address because of that switch 1 wins and he becomes the root bridge so switch 1 would be called as the root bridge switch 2 & 3 would be called as the Nandu bridges so non road bridges now it is the root bridge which basically sends the configuration that house should by port states B which 4 should be forwarding state which port should be blocked now your port state really depends on what kind of mod of spanning-tree you're running so if you look at the spanning tree has three modes in fact cisco supports three modes we have P vs T which is the default one on Cisco devices on Cisco switches we have rapid p vs t which is an enhancement of p vs T and then we have MST multiple spanning tree so three different modes available at this point of time we will purify us t we will then move to rapid p vs t and we will then move to MST so let's say we were running the default spanning tree more which also just by default run so let's say if you do it right there is to a switch the switch boots up and you do a show spanning tree summary you would see that the default mode is P vs T now p vs t has different port states and patrols so once the root bridge gets elected the root bridge will now decide okay how should i should not be in a founding state or should not be in a blocking state it's the root bridge who decides that so what are the states of previously let's see that so let's write it down here so I have again I have disabled in p.m. est which is basically means it's shut down so we have disabled we have law okay we have listening we have learning and then we have forwarding so disabled menu of media port is administratively shutdown blocking is where he's not sending me videos but he can receive the videos he's not processing any frames at this point of time listening alias where he is sending me videos he's receiving be videos he's not learning any MAC addresses or processing frames learning is where he is sending me videos he is learning me videos and he is even learning MAC addresses but he's still not processing the frames so theta traffic cannot be forwarded forwarding is where everything is converged life is good we're folding you're you're still receiving B videos they're sending me videos you are still learning MAC addresses if there's something need to be learned and you're processing or forwarding data frames so these are the ports tales of pdsd now as far as forwarding is concerned in forwarding I have two portals I have root port and I have designated so two port rules available in forwarding state now if you look at these forwarding states we have disable blocking listening learning vomiting disabled if we can we can set that aside but if you look at the blocking listening learning folding at any given point of time your port would either be in block state or it would be in forwarding state listening and learning is just a passing phase you would never see a switch board being stuck at listening or being stuck at learning listening and learning is just a passing phase again that how much time it spends on listening and learning that really depends on your spanning tree timers default is 15 seconds for PBS D and learning is also 15 seconds that's default so max age is by default 20 seconds in P VST so the maximum time a port can take to get you forwarding state would probably be about 50 seconds but that's that's because of the max age but if you look at from an actual if you actually count the amount of time it takes for the switch port to go to forwarding state it would probably be about 32 - 234 seconds because your hellos are sent every two seconds so 15 seconds for listening 15 seconds for learning and then maybe two seconds for hellos and your port would come up but theoretically yes it's about 50 seconds max age 20 and listening learning 15 and 15 with just 30 so talking 50 seconds now the root bridge is going to decide what port is going to what state so they're obviously rules for that there are rules for that in fact wiped us out so the first rule states that all ports of the root bridge are going to be in forwarding state as designated that's that's that's like a mandatory requirement all ports of the root bridge are going to be in forwarding state as designated what is designated what's the difference between root port versus designated so root port is the port that goes towards the root bridge it's basically the best path to reach the root bridge designated port is the port that goes away from the root bridge so since which one himself is the root bridge he doesn't need a root port because what states what it's the port to go to the root bridge he himself is the root bridge so the first rule states that all ports of the root bridge are going to be in forwarding state as designated which means going away from the root bridge this becomes designated let's write it down and designate it both the ports are in forwarding state now why is that because all traffic from an on root bridge it transits the root bridge so let's say if switch two wants to communicate with switch 3 it has to transit the root bridge that's why the port of the root bridge has to be in forwarding state so that's the first or the second rule states that elect one report per Nandu bridge bah VLAN the PDS tis one per VLAN spanning tree right the minute I create the instance spanning tree gets activated spanning tree is directly dependent on your VLAN creation so if I have five VLANs I would have five spanning tree instances and obviously there would be a separate election process for root bridge selection port selection all that would be separately done for every VLAN so let's say we are talking about a specific VLAN may be VLAN 10 and switch 1 is the root bridge for VLAN 10 assumingly so what's which one is going to do after he makes his fork in the forming state as designated he will now elect a root port on every non root bridge for that VLAN now they can only be one root port Pavillon only one report I could have multiple root pots if I want to achieve load balancing but not for the same meal and it's going to be for different VLANs but let's assume they are talking about just VLAN 10 so switch one is going to now elect a root port now what's the criteria for root port selection for bridge it was lowest system priority if that's the same then lowest MAC address but for root port selection the criteria is different so the first thing that let's in fact clear this out so the first thing that my switch 1 is going to do is he will compare the cost so the first criteria for root port selection is lowest STP cost to root bridge remember it's not interface cost it's not like bandwidth or interface cost like OS EF or e IG RP it's STP cost spanning tree has its own cost depending on the interface type for example if you have an Internet the default cost is hundred if you have a fast ethernet the default cost is nineteen versus get ten equals so then there is a fixed cost you can change that but default is maybe hundred for Ethernet and maybe nineteen for fast ethernet let's assume all my links are fast ethernet let's assume that though you would not find that anymore but maybe I am like an old switch so the first thing he would do is compare cost STP cost so cost is based on local interface spanning-tree cost plus advertised cost so it's not just your cost it's an accumulated cost your interface spanning-tree cost plus advertised cost so let's look at switch two so switch to assumingly all these links are fast ethernet what's the cost going to be on this link it's going to be 19 what is switch 1 going to advertise to switch to a cost he himself is the road bridge right so he would advertise a cost of zero which means total cost for switch to two reed switch 1 on the direct link is 19 plus 0 which is 19 now he will look at the cost of this link what's the local cost on this link 19 what's the advertised caused by switch 3 now for switch 3 his local cost is 19 advertise from here is zero which means for him total cost is 19 so he would advertise 19 to which two so switch to to go to switch 1 through switch 3 my total cost becomes 38 the cost is different since the cost is not the same lowest cost wins so this part goes into forwarding state or in fact in foreign state as robot so this becomes the report based on cost same thing here this port becomes the root port based on cost again so now I have this link left which is between switch 2 and switch 3 which port becomes designated which port becomes blocked so rule number 2 was like the root port the criteria was lowest cost to the root bridge now what if that was the same if that was the same in 10 compares lowest bridge ID now bridge ID consists of two parts so in bridge ID he would first compare the system priority so system priority if that is the same then he compares MAC address Louis wins so bridge ID consists of the priority plus the MAC address but he always gives preference to the system priority versus the MAC address so if let's say my cost was the same then go to the bridge ID and if that is the same he then goes to the third criteria which is lowest hot priority is what he would look at the lowest priority the port priority is based on again two things is actually consists of two things one is the port priority value and one is the port instance or ID so default is 128 dot the port number again the port number actually depends on the port instance ID depends on the type of switch so let's say if I had a switch which has 24 fast ethernet ports no gig ports so port number 22 would be 120 8.22 but let's say if I had a switch which had 24 fast and maybe do get balls in that case the first report would be one second get bored would be two and the Fast Ethernet 0 by one would be 3 which means port number 22 Fast Ethernet 0 by 22 would be 24 again this is something that you can achieve verify by doing a show spanning tree interface detail and you get the port instance ID number you cannot change this but you can change this value you can modify that for selection so anyway coming back to who port selection it's based on three things lowest cost to the root bridge if same Louis bridge ID in bridge ID he compares the system priority first and then the MAC address if that's the same then he goes to the lowest priority where in the port priority the 128 or the port priority value that gives preference over the ID the in the interface idea so once my root port is selected it now needs to elect on this link which port goes into designated and which what goes into forwarding or as blocking now there's a third rule which says that every link must have one and only one designated port so you cannot have both these spots cannot go into blocking State there must be one designated port for everything both these ports cannot go into designated because there must be only one you cannot have two designated you cannot have 0 designated there must be one and only one designated port for links which basically means that either switched to becomes designated and switch 3 goes into blocking State or switch 3 becomes designated and switch 2 goes into blocking State so which one again for designated and blocking state selection the criteria isn't the same it will compare the lowest cost first not cost of the link but the lowest cost the root bridge what is switch to spas - root bridge the best podcast it is 19 wanna switch three scars - root bridge it is 19th cost the same it now compares bridge ID what is switch to system priority 3 - 7 6 8 what is switch 3 system priority 3 to 7 succeed it's the same what is switch twos MAC address bbbb would a switch threes MAC address see see see see switch to his lower so based on bridge ID switch 2 wins and he becomes designated and switch 3 goes into blocking state so this is basically how it works whether it's in fact let's PBS team or rapid PBS T or even MST the selection criteria is still the same obviously the port states would be different but the way it decides the root bridge or the way it decides which port goes into forwarding state and which part goes into blocking state that's still the same so I'll quickly repeat that root bridge lower sister priority if st. Louis MAC address that's it for root port or designated port selection first as lowest cost to the root bridge STP cost to the root bridge if same low as bridge ID if same lowest for priority let's in fact look at some examples to quickly understand what I just discussed we look at some configuration examples before we go to the switch configure STP and then verify if what I say is true so let's look at some examples maybe I had this time I'll take 4 switches let's take four switches ok so switch one maybe you have switch one here I have switch to switch three switch for let's say I have one link between them one loop here one day care and one liquor let's assume that all switches have the default system priority which is three two seven six eight that's my default priority and let's assume that all the links are let's assume Ethernet which means my STP cost for every link is going to be hundred correct and let's assume that the MAC address of switch 1 is a a a a this is B P P P and this is si si si si this is gg gg okay so obviously there's going to be a loop right so STP kicks in when does s typically when does it come in or gets activated the minute I create the VLAN let me in fact would you show you that I'm going to go back to before I show you this example just quickly go back to my switch and if I look at my show spanning tree let's say VLAN 35 it says there's no spanning tree instance for VLAN 30 fire why is that because the VLAN doesn't exist right if you remember I told you it's P vs t / VLAN spanning tree the minute I go and create VLAN 35 and exit out and if I do a show spanning tree VLAN 35 now the instance exists so that's why it's well as p vs d its Bovina and spanning tree the minute i create the meal and the instance gets activated let's go back to our a slide to my example so here based on this diagram the first thing what spanning tree is going to do for a specific Neyland it's going to do the same thing for all VLANs but individually and separately because P vs T so the first thing spidery does is elect a root bridge now based on this diagram who is going to be the root bridge let's think about it so system priority same of all the switches now it compares MAC address switch one has a lower MAC address right so switch one wins and switch one becomes the root bridge and switch 3 would be the non root bridge switch four would be the non root bridge switch two would be the non-root British now port states what's the first rule all ports of the root bridge they're basically in forwarding state as designated so this goes into designated designated the second thing that we need is a root port for every non-road bridge next start with switch to switch to will first look at okay I have two ways to get to the bridge I could go directly to switch one or I could transit switch four switch three and then reads switch one so now he first the best cost what's my local cost since it's an Ethernet local cost is hundred advertised cost is zero so total cost on the direct link STP cost is 100 if I go through switch for local cost is hundred advertised cost is 200 because switch 4 has a cost of 100 plus 100 so total cost becomes 300 so obviously this port becomes the root port based on cost sees very it's it's it's very important for you to know how to calculate that bits which will become the bridge because if you could get from a CC and B perspective you may have questions about this maybe they give you a diagram and ask you what port states orbits which is in what state so it's really important for you to know how to get that and you should know the correct reason why so the reasons which to selects the directly is because of cost let's look at switch 3 switch 3 also selects this port as the root port based on cost now let's compare switch for switch 4 has two paths it could transit switch - oh it could transit switch 3 it first compares cost what's the cost on the left side towards switch 3 200 what's the cost if he goes to switch to 200 cost the same it now compares bridge ID bridge ID of who never it compares the neighbors bridge ID so switch tools what switch to system priority 3 - 7 6 8 what is switch trees system priority 3 - 7 6 8 system priority is the same it now compares MAC address want to switch to smack address cccc what is switch threes MAC address bbbb so based on the bridge ID mac potion this fort becomes the root port which is the root port not based on cost this was based on bridge ID and in the bridge ID the mac portion not the system priority because mister priority was the same so beef from MAC address switch 3 had a lower MAC address then switch - that's why that code became the root port so now I have all the reports all I need now is to make designated ports and define which port is going to be blocked King what was the third rule after we select the report every link must have a designated port so if you see here on this link I have designated on this link I have designated on this link he's a reporter so this has to be a designated port it has to be because there must be one designated port now I have this link left this link again which port both cannot be designated both cannot be blocked one has to be designated one has to be blocked so which one so again here switch to would say my cost to the root bridge is hundred switch four says my cost to the root bridge is 200 remember the cost it's a common misconception that people always look at the cost of this link it's not the cost of this link it's the lowest cost to the root bridge so whichever is your best path cost that would be compared so switch 4 says my best spot cost is 200 100 plus hundred and switch 2 says my best our cost is hundred so switch 2 wins and based on cost switch 2 wins and he becomes designated and switch 4 goes into blocking state ok let's see one more example this time I'll make a bigger topology with multiple redundant links just to get this right so let's make switch 1 so I have switch one hand switch to let's say it's three switch for and let's same switch five let's make one more ham Swit six and Swit seven let's take one link m1 only cap one link here one link here maybe one name cap what do you care two links here one link here one here and two links here okay let's also change some system priority let's assume that we have changed the default system priority of switch 1 to be 4 0 9 6 and the MAC address is a a a a that this switch 2 is let's keep this as 8 1 9 2 the MAC address is b b b b switch 3 is default 3 2 7 6 8 switch 4 is default 3 - 7 6 8 and the mac address of switch 3 is 0 0 0 3 dot something and this is 0 0 0 4 and this is going to be again three two seven six eight zero zero zero seven and let's put this as three two seven six eight zero zero one six or infact zero six and let's keep this as three two seven six eight as zero zero one five okay and all my links are fast ethernet and that's also do one day just to make it a bit more interesting I will write down the port number so let's say this was fast or maybe Ethernet 0 by 0 on both sides this was 0 by 1 this was 0 by 2 this is 0 by 3 this is U by 4 it is 0 by 5 0 by 6 0 by 5 0 by 6 0 by 7 so by 8 0 by 8 0 by 7 really say this was 0 1 0 0 1 1 and assuming the old our Ethernet segment so fast as hundred let's keep this as 0 1 2 okay so let's do this so with switch is going to be the root bridge that's the first thing we always elect the root bridge based on this diagram based on system priority switch 1 wins because he has the lowest priority 4 0 9 6 so switch 1 is clearly the winner based on priority not the MAC address because he would not compare the MAC address if the priority is not the same so switch 1 would be the root bridge all ports become designated now let's start electing root ports next up would switch to so switch to has 3 different paths to reach the root bridge it could go direct or it would go through switch 3 oh it could transit switch for direct link as a total cost of hundred true switch 3 total cost is 200 through switch for total cost is 200 so obviously he would selected but based on cost so based on cost this becomes route on switch three direct path based on cost becomes root port on switch for direct path based on cost becomes root port now we have switch five always elect all your reports first first select root bridge then make all the ports into designated and then elect your reports so on switch five I have three rates again two direct links and one through switch six if he goes through these two links total cost is 100 plus 100 200 so if it goes from 5 the the link 5 the total cost is 200 if he goes from 6 total cost is 200 if he goes from 6 it's 100 plus maybe 100 200 300 400 so obviously this link is eliminated based on cost these two links would be selected now obviously they cannot be to route watts so these two links they both have the same cost so now he would compare bridge ID so on port number 5 who is the neighbor switch 3 what's his priority 3 2 7 6 8 on port number 6 who's the neighbor switch 3 what's his priority 3 to 6 in my already is same now compares the Mac portion in the bridge ID on port number 5 who's the neighbor switch 3 what's his MAC address zero zero zero three on port six who's the neighbor switch 3 what's his MAC address 0 0 0 3 so bridge ID is the same now he compares the port priority so the port priority of this link of 5 would be let's assume we haven't changed anything default is 1 28.5 vs. 1 28.6 which is lower this is lower right so this port becomes row what okay obviously this has to be designated on this link it's a pretty clear obvious reason why switch three would be the winner because of costs what what is switch three is cost to her bridge hundred what is switch fives costs the root bridge from the reporter link 100 plus hundred two hundred so obviously he has to go into blocking and he would go into designated a quick way to remember this is all your upstream switches will always be designated for switch five the upstream switch in switch three so all the ports of the upstream switch will always be designated now the question comes is okay so this was selected based on port priority correct let's move on here and we'll see a big difference let's talk about switch six first so which one is going to be the root port if he goes from the left side it's 100 plus 100 plus hundred two hundred three hundred if he goes from the right side it's 100 plus 100 plus hundred which is three hundred so cost the same let's compare bridge ID left side bridge ID priority is the same with the right side let's compare MAC address left side MAC address is zero zero one five was his right side MAC address is zero zero zero seven so right side wins because cost was saying so this becomes the road port and this goes into designated we talk about this later let's select the route port on switch seven now now again if you remember I told you upstream switches they are always designated so this automatically becomes designated designated upstream switches will always be designated the blocking would be on the downstream switch so on switch seven I have two lanes to click on both the links 100 plus hundred 100 plus hundred two hundred cost the same now from best bridge ID on what the links the neighbor is switch for so bridge ID priority and the MAC address is going to be the same now it compares port priority so when it compares the for priority you would see that port number eight whose local port priority value is one 28.8 and on zero by seven local port priority value is one 28.7 but still this port would become the root port and this would go into blocking state there's a reason for that port priority is never compared with the local settings so basically switch seven would not look at the local port priority port priority is advertised by the upstream switch so switch 4 is advertising of port priority on the Left link as one 28.7 and on the right link one 28.8 so that's why the left link becomes the based on port priority lowest value wins so cost is always local cost plus advertised cost and bridge ID always compare the neighbors vijaya t and same thing with poor priority it's the upstream switch advertises a put priority to you okay so this is we have our route ports now now we need to define the block ports so let's start with switch 3 so let's talk about this link between switch 2 & 3 what's the cost of switch 3 to the root bridge direct link cost hundred what is switch those cost 100 same what is switch two's bridge ID 8 1 9 2 versus 3-dose a physics a switch to wins based on bridge ID priority portion so he becomes designated this guy goes into bluffing let's now compare switch 2 & 4 what if switch to Scots to Woodbridge hundred what is switch force costume abridge hundred cost the same let's compare bridge ID switch to has a lower bridge ID than switch for because this is 8 1 9 2 versus 3 to 6 8 so switch to wins designated and blocking ok and the next thing that we will look at is between switch 3 & 4 between 3 & 4 again the cost is the same and if you look at the bridge ID system priority is the same between both the switches so 3 has a lower MAC address this becomes designated this goes in to blocking what else do we have left I think it is between 5 & 6 5 has a cost of 206 has a cost of 300 so based on cost switched 5 wins and this goes into blocking now T vs T is significantly different all the selection criterias it's pretty much the same with US v vs T on rapid PBS T or even a mystery the difference is from perspective of the topology changes notifications so PBS D are basically sending the policy change notification towards the root bridge and in rapid PBSC you actually sending it everywhere that's why the convergence is much faster in rapid p vs t ok so this was getting to know about the basic of spanning tree let's quickly lap the south we quickly lap this up with p vs t first and we quickly look at the enhancements then move on to rapid PBS t then we want to MST okay let's go back to our switches now this is my diagram I have 4 switches at this point of time and these links the cross links are basically shot so the only links that I have between switches which is free configured with trunking is the link between switch 1 and switch two toolings they're two links here two links here and rulings yeah I kept the crossed it's a basically shut now let's do one thing let's make switch one into the room village like I said you could change the default behavior or or influence a switch to be the room fridge there are two ways to do that I could go and give the command priority so I could go and change the priority statically what I could use the route tram recommend to to change my priority automatically based on probes so so two ways of doing that lets in fact mix which one the root bridge so we will make him the root bridge and we'll make switch to as the backup Road bridge so in case of switch one fails switch to becomes the root bridge so to achieve that I could go and I could go and change the priority by setting this to maybe 4 0 9 6 and maybe setting this to 8 1 9 2 I could do this by setting an absolute value with the priority command or by giving the route primary command let's look at both of them so I'm going to go back to my switch and on switch 1 at this point of time if I look at switch 1 and do a show spanning tree let's go back run sessions spanning tree I mean if I don't a happy BST running and if I do a show as to a show spanning tree summary first just to quickly show you that P DST is the default mode just running and PST does not have any enhancements by default so Appling fast backbone fast or port fast they all are going to be disabled by default unlike rapid PST where we have some enhancements which are built-in in rapid P VST so if you want to make switch one the root bridge I could go and give the command spanning tree VLAN I could mix which one the root bridge for all the V LANs or if I do want to achieve maybe some kind of load balancing I could make switch one the road bridge for maybe VLAN 1 to 10 and maybe switch to the root bridge for VLAN 11 to 4 0 9 4 and maybe backup for each other so I could do that so maybe I say a spanning tree VLAN 1 - 10 and I could say priority and set the priority to an absolute value again like I said earlier that you cannot give any number I can't just say 45 or 3 4 5 it has to be in multiples of 4 0 9 6 so priority I could go and say a 4 0 9 6 and then say a spanning tree VLAN 11 - 4 0 9 4 priority 8 1 9 2 and same thing I could do on switch to where I could go and say spanning tree VLAN 1 - 10 priority 8 1 9 - and spanning tree VLAN 11 - 4 0 9 4 priority 4 0 96 so what effectively happens I'm kind of doing load balancing now I'm actually using all my switches so traffic for VLAN 1 to 10 with transit switch 1 because which one is the root bridge and traffic for 11 through for 0 9 for wood transit switch 2 because switch 2 is the root bridge so kind of doing a load balancing of my VLANs across my switches using spanning tree so one way is setting an absolute value for a switch being the rubric or I could give the route primary command and the route secondary command that also would do the only difference is that if I give the command group primary then the switch is going to check the priorities of all the switches to the bpdu and if all the switches are default which is three to seven six eight in that case he would reduce his priority by eight one ninety two to a value of I believe it is twenty four five seven six so he skips one because you can have a secondary root bridge so if everybody is default and if you give the route primary command he would put his priority automatically to twenty four five seven six and when you give the commands spanning tree VLAN X through secondary this would go here to this value okay so based on this what I have done is I have made switch one the root bridge so he is the root bridge for VLAN 1 to 10 and so basically this would be designated designated and here nineteen would be the root port this would be blocked you know 23 would be the root port this would be blocked and then this one would be report this would be blocked designated designated here this would be designated designated locked and blocked so this would this should be my configuration if I actually go and verify my settings so let's in fact go and check that if I go back to switch one into a show spanning tree VLAN let say 10 all ports are doing a VLAN 10 7 and 10 so if I do a show spanning tree VLAN 10 I should see that all my ports are designated which is asked for this diagram if I look at switch 3 and show spanning-tree VLAN 10 I should see that 19 is the report 20 is blocked and the remaining 2 ports are designated which you can see here 19 is good for 20th block and the remaining 2 are designated and then if I look at switch to VLAN 10 spanning tree VLAN 10 you would see that all my ports except for 24 these two ports are designated this one is report so let's go and check that show spanning tree VLAN 10 again I have two designated ports 24th block this is report and lastly switch for shows spanning tree VLAN 10 that I would see all courses blocked except for one port which is the report so that matches what we have configured on as per PVS t1 pdsd like I said it is for VLAN okay so yeah just one thing that you should know is anytime a port goes down or as if I change something maybe I change the default settings maybe I change my priority or I changed my cost obviously a topology change notification is sent and there's a recalculation happening because of maybe some other port would become the report based on your new cost settings so who bridge selection is based on your system priority and the MAC address MAC address you cannot change but the system priority you can change with priority command or the route primary command what about port slash or selection if I look at switch - I just wanna quickly show you a few short commands that that should be helpful so if I look at switch 2 which is my report right now 23 right what's my cost it's a fast internet good 19 now what you see here that's your local interface cost what you see here that's your total accumulated cost so never look at this cost always look at this cost okay in fact you can see that your bridge is advertising a cost of zero let's verify that with the command show spanning tree interface fastethernet 0.3 detail and let's do include cost or maybe not that's still detail I should be able to see cost in fact it's lower it cost us in lower case let's try cost okay so I see cost here and then what you see on top the first line if you see here I see this cost here this is local cost this line here this is what your upstream neighbor is advertising so who's my upstream neighbor switch one the root bridge what is the advertising a cost 0 so 0 plus 19 total cost 19 now if I look at switch for show spanning tree let's say VLAN 10 so spanning tree VLAN if I look here what's my local cost 19 report cost 19 what's my total cost 38 how did this 30 had come because the upstream switch must be advertising a cost we can verify that with show spanning tree interfere 0 by 19 detail you would see that the upstream switches ad word in nineteen so this line is your upstream switch this line is your local settings of your local switch or capture upstream switch is advertising nineteen and if you remember I told you something about that cost can be that we can actually use cost command in spanning tree to to to change the port selection for example right now on switch to my report is 23 if I 134 to be the report all I would do is change my cost let's in fact do a debug first debug spanning tree maybe we can do be videos and we can probably do let's say updates it's gonna be a lot of people use this in fact not to be videos because you would see a lot of information and there's not enough time to actually analyze this let's do a debug spanning tree and see what we can use maybe we'll do events okay and I will go now to my switch number 24 or I could put number 23 and increase the cost or a go to 24 and decrease the cost so I'll say a spanning tree I could do it for a VLAN by saying VLAN 10 cost this will only affect that VLAN or I could do it for all the VLANs by saying spanning tree cost 10 or change my class this affects all VLANs versus doing it for just one VLAN that's a VLAN 10 and cost I want to change my costume 18 d4 was the ID I'm changing it to 18 the minute I do that if you see there's a topology change notification being sent that hey my port cost has changed and if I do I show spanning-tree VLAN 10 you will see that my local cost is now 18 and on this link it's 19 so obviously this port becomes the root port and 23 which was the route boat earlier goes into blocking state the only problem with PTSD is that there is no uplink fast built-in so if any deposit chain notification happens the problem is that that the port which was a root port goes into blocking immediately but your port which was blocking has not come up here it still has to go through STP process of going from blocking to listening to learning and then forwarding which means you would have kind of for that a down time so obviously happening fast is something that you should do you don't have to configure uplink fast for peer for rapid be BSD but for PBS T you would need up in fast if you want the effect of oh if you want down time to be less okay support fast was just 4-inch ports or ports which connect to routers and not for drop links uplink fast is like port fast for trunks bo drops okay so I can do cost changes to to change my route port and any time I make any changes what's going to happen is that topology change notification is basically sent and then the changes take place and let's talk about the priority rule so quickly before we move on to rapid dvst so if I look at priority let's look at switch for let's do a show spanning tree in VLAN 10 and right now which port is 19 let's say I want board number 20 to be the report I could go and change the cost locally that would make switch for a select port number 20 as the report based on cost but I pretend the upstream switch to influence the downstream switch using port priority so what I could do is go to switch to and go to port number 20 and stay a spanning tree again I could do this bowl VLAN or I could do it for all VLANs this is for all the lands let's do it for our specific villain so VLAN 1 port priority and define a port priority value it's an increments of 16 again this depends on the switch model so if it's a physical switch you may see it as 16 or 32 virtual switches sometimes show as 64 so always do a question mark and check this one shows 16 let's say I'll give increments of 16 maybe and make it as 48 and that's it I configured switch to the effect you would see on switch for just source show spanning tree VLAN 10 you would see that that port number 20 is becoming the root port why is that even though locally my local boot priority is higher than this one if you see this is 128 dot 22 and this is 128 21 why is it 22 because this which has two big balls so gig port is given preference so first if port becomes one second big port becomes two first fastethernet becomes three so 20 becomes 22 so even though this is higher than this one he still selects this one why because port priority is not local it's advertised by the upstream neighbor let's verify that show spanning tree interface fastethernet 0/1 II feel you would see that my local I already is 120 8.22 but advertised by the upstream neighbor is 48 so 40 8.22 so obviously a lower put priority wins and that's why switch for selects goat number 20 as the report okay so this was P vs T there are no enhancements built in so portfast is not built-in you have to configure it portfast takes the port straight to forwarding state it does not go through blocking listening learning and founding and go spread to forwarding state the minute the port comes up so it jumps to forwarding state in fact you can see that in many do a debug spanning tree offense you would be able to see that and as far as uplink fast is concerned uplink fast is like code fast for the trunk in fact let's let's in fact look at happening fast just one thing that I am going to do is something about putting fast a bring fast only works for direct failure it does not work for indirect failure so for example let's say if I have three switches switch one two and three and let's say switch one is the root bridge designated designated route port and report and may be designated and blocked so if I configure uplink fast it's a global command spanning tree happening fast it only works for direct failure so let's say if switch trees link to the root bridge goes down what's going to happen behind the scenes so I mean even without a breakfast eventually this link which was blocked would come up as the root port eventually but what's going to happen behind the scenes is switch three who's lost his connection to the root bridge we now assume that I am the ruthless because default behavior of a switch is they always want to be the root prince they always want to be the king so as soon as he loses his connection to the root bridge he would be like I've lost connection that witch is dead I am the root bridge and he starts sending subpoena we can use a switch to is going to check his connection to the root bridge and then the spawn back wait an inferior bpdu saying came in not the root bridge maybe this link can be opened up so in fact this what happened in the opposite way if this link was maybe down and this link was blocked so so with uplink fast what's going to happen let's say if this link goes down because it's the direct failure for switch 3 it's a direct failure right so this port would go straight to forwarding state as report immediately there's no delay in going through blocking listening learning for me it's like poor fast going to jump straight to for mixtape as report now did any other switch like for example switch 1 ah switch to do they need to change any mode states no only switch 3 had to change a sport state right it was a direct failure for switch 3 upping fast works but if this link does not fail but this link fails in that case again default behavior would be watch switch 2 is going to send superior B video so 3 will check his connection then he will send him infinity video and then this port becomes the report well let's say I have uplink fast because of awfully fast this port transitions to report right but can he transmit data because this link is still in block state now two switches need to make changes switch to means to change designated to and switch trainings to change block to designated now for switch to this was a direct failure so this happens immediately okay but for switch 3 for a switch 3 it's an indirect failure for switch 3 it's not a direct failure its indirect so switch 3 is not going to change this to designated immediately this would not happen immediately so up in fasten this case would not work because for switch 3 it's an Internet failure it has to go through normal STP process it has to go and finally this would become designated okay that's one thing that about a blink fast there's one more thing that you should know about applying fast is that uplink fast adds a cost of 3,000 it adds a cost of 3,000 to downstream switches let me in fact show you that so I'm gonna go to all my switches what's my priority right now switch one has the priority of 4 0 9 6 switch to has 8 1 9 2 so it's three and switch for a default three two suns I see it right let's go and configure me fast so spanning-tree happening fast the switch to on III uplink fast let's go to switched free entry happening fast and switch for spanning-tree ugly fast okay look at switch one who's the root bridge show spanning tree VLAN 10 what's my priority for 0 9 6 ask for what I had said what's my cost 19 let's look at switch to a spanning tree VLAN 10 what's my priority 8 1 9 2 which I had configured and my cost is 1819 as for what I had configured let's look at switch 3 so spanning tree VLAN 10 what's my cost 3000 19 originally the cost was 19 local cost was 19 now the local cost is 3019 because uplink fast adds the cost of 3000 and also changes your priority it also increases your priority from the default value 3 to 7 6 8 2 4 9 1 5 2 it increases your priority the only reason it does that is so that distribution layer does not use access layer as a transit in case of any failures ok and also on switch for if I do a show spanning tree VLAN 10 you would see that the cost is 3000 19 and the priority has changed now if you noticed that the priority and the cost it only changed on switch 3 & 4 it did not change on switch 1 & 2 because switch 3 & 4 they are basically access layer switches the hottest spanning tree know that that switch 3 & 4 is basically access layer so any switch which has the default priority is considered as an access layer switch because if you look at from a production perspective you would never have a distribution layer switch which may have the default priority you probably have it lower as a root print or something is that access layer switches you've never changed system priority you keep it as default so any switch that has a default priority those switches for those switches the cost will increase and the priority would increase now this only happens in T vs T it does not happen in rapid PSA because rapid PBS he has Appling fast built-in and it I don't have to activate it its built-in since its built-in my cost does not increase my priority does not change everything is happens automatically so in case if I have a failure of a link-up Ling fast would directly change my port and forwarding state for example if I go to switch to and do a debug spanning tree events and go and shut down my poor 24 which is the report right now if I shut this down you would see that 23 go straight to forwarding state so let's do a show spanning tree VLAN 10 so 23 is the report and in fact it's going through listening and learning obviously because this is not it's not an access layer switch let me go ahead and do the same thing on an access layer switch which is good for and switch 3 so 20 let's bring this back up when I go back to switch 4 and they will show spanning tree VLAN 10 here I have port number 20 years the root port I will shut this and you would see that 19 goes to forwarding state immediately store debug spanning tree popping fast and who interface trainee and shut this you should see that due to uplink fast the port 19 when to route forwarding state immediately so if I do a show spanning tree VLAN 10 you would not see it going to listening learning forwarding is straight in foreign state and when my port comes back up it automatically changes back once the port is ready to move to forwarding state that is happening fast I don't have to do that for for rapid PVS T now if you look at rapid P VSD it's pretty similar still P VST it's still pervy and spanning tree still the who grid selection is the same still the report selection is the same still your blackboard or designated port selection is the same the only difference is that the port states have changed so we had blocking listening learning forwarding what they've done is you're disabled and blocking and listening they have combine that into discarding learning and forwarding so only three states available it still has the concept of root port and designated but we still have an alternate to the report and gives the hood fails we have an alternate port and in case of the Deseret port fails we have a backup port so it's much faster in convergence because the topology notification is sent to all the switches not just to the root bridge that's the basic difference if still cisco proprietary and in fact if you go to my switch the pins that go and show you that quickie to be kind of funny shorten time go back quickly and change the moon spanning three more to rapid pv st same thing on switch 3 in 3d mode through rapid PBS to and it is backward compatible you could still use rapid p vs t and p vs t so it is still backward compatible so spanning tree moon rapid p vs t and on switch 1 spanning tree more rapid p vs t if i do a show spanning tree in summary now you would see that i have enabled uplink fast but in active in rapid p vs team or the reason I get this message is because I had happening fast you should not enable uplink fast when you have rapid PBS t because that's built-in I don't have to enable ugly fast so no spanning free uplink fast I should not enable it it's a built-in feature and lastly switch for so now if I do a show spanning tree is summary you would see that uplink fast disable but don't worry about that because it's a built-in feature it's not going to show up in show spanning tree summary but if I shut down my link you would notice that the backup link comes up immediately it goes straight to founding state without you actually configuring upping fast that's the advantage of using rapid p vs t it's much faster if you look at your show spanning tree it's a VLAN 10 the the basic difference is that even though here I actually see that the max age is 20 seconds the forward delay is 15 seconds we still see that but it's not going to use that because convergence time if you look at of rapid p vs g vs p BS t-- p vs T 13 to 50 seconds max age was 20 seconds versus in rapid PBS stage much faster it's about 6 seconds and my favorite delay there's no 15 seconds as such so convergence can be as fast as maybe 6 seconds so less than 10 seconds you can have convergence or even one second we can tune that to you in one second okay but lastly what we're going to look at is quickly MST MST is something that is an I Triple E standard let's if you were having Cisco and non Cisco devices then you would you would basically use MST MST is is basically instance based or group based it's not Pavillon by default there is the default instance which is instance number 0 m st 0 that's the t for all v lands belong to one instance only which is something like the common spanning tree over CST so by default it's that but with MST you have lots of advantages of MST because it supports faster links like pdsd had an issue of supporting hundred gig links but MST can support faster links also at the same time it's it's cisco non cisco it supports multi different vendors at the same time if you look at MST a reduces the amount of cpu that would be required in pv st or rapid previously the reason being in previous gen rapid pbht i have to process for every VLAN so every time there's a change the change happens the stop on G notification being sent for every VLAN separately so so let's say if I have hundred VLANs which is quite a lot then I would have hundred instances of spanning tree and that's something what caused your CPU to spike up with MST I can group all the VLANs into a single instance or maybe make two instances I don't really I don't need 100 since 400 VLANs I could just group them into him maybe three instances maybe I have VLAN 1 to VLAN 50 in instance one wheel and 51 to 100 in instance 2 and all remaining VLANs in the default instance instance 0 which means that only 3 instances of spanning tree would be running so let me quickly show you that what I'm going to do is go and change this through spanning tree more to MST and also change on switch 3 spanning tree more to MST and let's go to switch to spanning tree mode to MST and switch one I need three more or two MST so now I have all my four switches running MST and if I go back to switch one and do a show spanning tree and do MST you would see that I have only one instance running instance zero and all the VLANs are basically mapped to that instance who is the root bridge is switch one the root bridge he's not he's no more the root bridge if you remember we did configure switch 1 to be the root bridge right if I do a show spanning tree section spanning tree I did configure switch 1 to be the root bridge but this command is irrelevant for MST because MST is instance-based it's not VLAN based it's not pervy lon so what you need to do is create VLANs map the VLANs to an instance and make changes for the instance so for example if I want switch 1 to be the root bridge I would first need to go to a spanning tree MST configuration and create instances right now there's only one instance running which is instance number 0 there's only one instance running so I'm going to create one instance instance one VLAN 1 to 50 instance to VLAN 51 200 and all remaining instances would be in the default one if I do a show run section MST you would see that instance 1 has 1 250 instance 2 has 51 200 and the default instance 0 would have all remaining VLANs so now if I go into a show spanning tree MST you would see three instances so I have instance number 0 which has VLAN 1 1 2 4 0 9 for instance 1 which is 1 250 I don't see instance - the reason I don't see instance - is because there is no VLAN for that instance at least one VLAN must be active so maybe if I go to switch 1 and say VLAN 51 if I create VLAN 51 then instance number two would get activated which you should be able to see now instance number two for VLAN 51 200 the best part about MST is that now if I go and create a new VLAN let's say 52 in BB Sdn rapid pbht a new instance gets created and people use start flowing election process starts my CPU spikes up with MST if I go and create now VLAN 52 no changes MST is already there which which basically maps all the VLANs together into one instance which is instance number 2 so the only difference is that with MST the command is different the concept of route selection is still the same that's still the same but only the command is different I don't give commands like spanning tree VLAN 10 priority I instead gives three MST instance one priority zero and spanning-tree MST instance two priority 4 0 96 this is how I would do it so I do it for of for an instance not for a VLAN ok I hope this webinar was informative to you we could do a lot more things but again because of time constraint I hope you guys enjoyed this I will now look at some questions that you guys must have put up let me have a look at that alright so I see a question which says will STP get recalculated whenever I introduce a neutron to the environment yes because they could be a topology change notification ok then I have another question is how to avoid spanning tree loops caused by plugging 2 ports to the same phone so you there are many different ways you could probably have VPD of God or people you filter may be configured where you could restrict the amount of B videos being sent or received on a specific port so maybe I'm not supposed to be receiving me produced from a port which is going to be an access port or maybe a moist one so I could use beep you got for that okay then I have another question I'll be videos of different villains unique as the system ID for different STP instances would will be different yes so I mean the BPD was still the same is just that the information about the system ID and the bridge ID consists all of that information if you actually take a logic capture you'd be able to see that the video is still the same is just that one extra information is available in the BPD instructing the remote switch about the VLAN or instance number okay then I have a question when growing HS RP between switch 1 and switch 2 and switch one is set on priority how would the load balance based on [Music] priority so I just thought this would be mainly at the first hop we're done in C right so so depending on on your first hop switch whichever is the root port it's going to go towards that so which one is your root bridge that switch which is configure for just a bit towards the or in host it's going to send the traffic towards upstream towards your root bridge it's not going to affect traffic the one's the end horse is gonna affect traffic towards the upstream switch I see another question which is I see a cost of two hundred thousand in MST so that's the default cost in MST so in previous tea and rapid previous to the default cost for a fast ethernet was 19 in MST the default cost for fast ethernet is two hundred thousand okay I see another question which is what is boundary port in MST so boundary port is something that let's say if you had a mixed maybe let's say if you were doing like a migration or something maybe you had rapid PVAc on some switches and you wanted to migrate to MST or maybe there was a merger between two companies and one company a was running rapid PBS in Company B was running maybe MST instead of you having a down time where you're slowly converting each switch into MST you could run PBS dissimulation where the two switches which interconnect the border switches one running rapid previously and one running MST there on that link you would see boundary ports that it connects towards a PBS T domain okay and I see a more take one last question which is going to be does it mean that uplink fast enabled we can't run rapid previous you know of course you can still run rapid PST it's just that that command of uplink fast is irrelevant you don't have to do uplink fast you could still let it be it's not going to harm you in any way because a blink fast is built-in but the only problem with you giving the command of uplink fast when you're doing rapid pdsd the problem is that because of that command you're accessing switches their priority would increase their cost would increase and so it's better to remove the uplink fast and use the built-in feature alright so I hope you guys enjoyed and I would see you in the next upcoming webinar I believe we have one more today and maybe a few tomorrow and day after and hopefully you guys can make most use of that thank you for attending

Info

Channel: INEtraining

Views: 8,303

Rating: 4.9248824 out of 5

Keywords:

Id: FwgVbhW2fr8

Channel Id: undefined

Length: 95min 17sec (5717 seconds)

Published: Tue Jun 09 2020