Spanning Tree Protocol (STP) | Cisco CCNA 200-301

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

and welcome everybody hey um you know it's interesting in the world of networking how an IP address has changed things can change and so I had OBS studio set up where it was using a fixed IP address to stream from instead of the default address and so my computer had been gone for a few days got a new IP address for my DHCP server and hit a chord in the string alright so anyway it's great to have you thank you very much for joining me today for CCNA Sunday we were gonna focus today on a little thing called spanning tree protocol I happen to really love spanning tree protocol let me tell you why it's one of those things that it's important to understand how it works but it can also save a person's bacon in a production environment if they're aware of why it behaves the way it does and what it does so to start off the word protocol spanning tree protocol a protocol is nothing more than a set of rules you know how something should operate and if two devices agree on those sets of rules they can communicate and work with each other so spanning tree protocol is simply a set of rules that layer 2 switches agree with and work with and participate in and now that I have some basic objectives for our time together and they are this number one why would we have layer two loops in a network I mean what what exactly is that why is it a problem and so let's start there with the challenge of a layer two loop and to do that let me share with you get let's do this let's go to a computer and let's go infect to this PC right here this client PC on this network and then one of my labs let me go grab the client PC alright so this is the client PC and if we bring up a command prompt which I'll do right now and we type in the command ARP space - a that's going to show us the current ARP cache that's the layer 2 addresses that this computer knows about other devices on the same local network so at the moment this device knows that to reach 10 16 0 30 and this is off our local interface 10 16 0.10 that if we wanted to afford a frame - 10 16 0 30 that we would encapsulate or use the layer to address of this bad boy right here before we sent those bits on the wire so if you haven't yet seen our session on layer 2 switching and trunking check that out we'll talk all of the details of how layer 240 works but the cello share is that if we have redundant paths in our network or parallel paths in our network there's the opportunity for like it's like think we're gonna throw something let's imagine we're gonna throw this we throw it into the network if it just kept looping and looping and looping forever right near the speed of light or however fast it didn't it working forward it that's gonna be a waste of energy if it keeps looping endlessly so I want to share with you a protocol analyzer right here and a protocol analyzer is simply a way of looking at network traffic I've got some captures right here in fact you know what let's just not look at one let's capture one let's imagine that we want a penis back to our topology for a moment let's say we're right here where the client PC and we want to ping 1016 0.30 PC 3 right here so that traffic is gonna have to go where these links and and I have a pen and I know how to use it let me get up my not that let me get a pen so I can actually illustrate this and we can be on the same exact page all right right so it these links right here in red represent trunks and from our previous discussion the trunk is a simply and a link between two devices that allows multiple VLANs to go over so if we have VLAN 10 and 20 and 777 across the trunk links we're gonna add a little 802 that 1q tag and so that the receiving switch can other' so all the links here in red are trunk links so let's imagine that Bob is sitting at this computer and Bob types in ping space and he pings the IP address of 1015 0.30 well if Bob does not get another layer to address of this PC he's going to do in our quest and that's what I like to go ahead and generate right now I think it'll be fun to do so we'll go back to our client pc bob's pc and it is right here and let's do an arp that's our space - D space asterisk and that's going to remove everything from Bob's local ARP cache do an arc - egg and he now no longer knows about 1016 0.30 and before we try to reach that device let's go into a capture so a lot Wireshark it's just a fun protocol analyze this is local on Bob's computer and will capture all the traffic going in that of this interface and will minimize that and then was it - a ping so we'll do a ping - PC 3 which is 10.16 dot 0 dot hey I just got to check my diagram again 10 1602 30k same logical IP network same VLAN and let's go back to our lab and we'll do 30 press enter and this first one took a little bit longer 161 milliseconds and that's very likely because they had to do the art first and then the other other three here proceeded well that last them took a long time - but ARP happened so if we do a up arrow key few times ARP - a shows us that we now know the layer 2 address associated with PC threes IP address and that was courtesy of ARP so because we captured that let's go back to our protocol capture we'll click on the little stop icon appear to stop the madness and there's a lot of ARP traffic but when we're looking at is from 10 16 0 10 wow look at all that traffic ok it's gonna be before the pings that's a good clue so here we go right there ok dang it hold on second I got a little bit too crazy with mouse I where is the ARP request 1016 I'm probably looking at it right here in front of me what I'm looking for the ARP unless it somehow Arps before it looks like the response maybe I cut some of it off okay I'll tell you what no problem we're gonna quit without saving I fumbled figure something so let's clear the ARP cache ARP - Dee let's do the head and verify it's not in the art cache we'll start the capture make sure the capture is running first and then we'll go ahead and we'll capture it alright so now that's capturing let's go back to our client PC minimize this and do the pans using the up here up and down arrow keys all right so there's our ping let's go take a look at the cat at the protocol capture this time I won't fungal finger it alright so here right there is our ARP request so I'm gonna highlight that and if we look at the details of that that is our PC at 10:16 0 10 with his source layer to address sending out a message at layer to be sending out a broadcast all else and saying anybody on the network 1016 0 30 if that's you if that's your IP address please respond back and let me know what your layer 2 dress is and then the next packet we had that responds but what I like to focus on is this broadcast right here a broadcast is on a VLAN on 8 today it's like shouting and so we're simply shouting to everybody on that network and let's take a look at what our topology would do with that if we didn't have something to protect us and let's take a look at this topology right here so here's Bob Bob sent this broadcast into the network and this switch received it and the switch is gonna forward it over these links so currently these are trunk links and so let's imagine that the broadcast gets forwarded this way so switch 1 sends it tags it send the switch to switch to season it says oh it's a broadcast for VLAN 10 forwards it to all ports associates VLAN 10 including the trunk so it goes down here switch 3 receives it says oh that's a broadcast from VLAN 10 forward to here switch 1 says oh hey a broadcast for VLAN 10 I better forward that to all devices that need to see it plus then over the trunks and that we just continue looping unless we had something that identified that we had parallel paths we had redundant paths which we do here so what happens without something like spanning tree to stop the parallel redundant paths from all forwarding we would have packets that broadcast that would loop endlessly like this clockwise and also like this counterclockwise as they went over these links and they just keep on going and going and going forever and ever in fact if we take a look at and in fact we can do this right here if we look at the client PC once again and we just look at any one of these packets so this is a ping reply see at layer 3 for the IP information at layer 3 in the protocol stack we have this really cool field which is right here it's called time to live and here's here's how the time to live fields it's this is not how it feels this is all the time to live field works if you and I are a router and we're getting a packet at layer 3 were looking at it and saying oh I need to forward this we're gonna decrement the time to live every time we forward it so get a packet make a routing decision decrement the time to live forward it the benefit of that little field in the layer 3 header is that if that time to live goes down to 0 routers are not gonna forward it anymore they're gonna say well this packets time let's take a look at layer 2 and see what's at layer 2 that might help prevent a loop like for example time to live so here's the layer 2 information right here source layer 2 address destination layer 2 address and you'll notice there's nothing in that layer 2 header this subs they're pulling and they're amazing mmm a lot of work a lot of the dogs every doing a lot of work well there was some vacationers watching and there's a musher and the sled dogs had just stopped cold and the musher went up got a stick not a huge stick but a little stick and just whack whacked one of the dogs right in the back of the neck and then the dog got back in line cuz the two dogs had been fighting and then the team started running off it or running again and the unlocker when they came at the finish line they're doing photos and things and and the onlooker of the vacationers said what's the secret and the mush the driver said you have to know which one to hit now that look that's like spanning tree spanning tree is going to be say these little messages across the network layer two messages and saying hey do we have parallel paths and if we do bunk it has to hit links meaning not tell it tell them not to forward they call it blocking and that way those those ports even though they're presents they're connected from one switch to another if they're redundant and they get chosen to not forward traffic spanning tree is gonna say hey I know you're willing to forward traffic but don't and that's the concept of spanning tree identifying parallel paths and then specifying that we're not going to forward on certain paths so that's what it does spanning tree identifies parallel paths in our network and then it automatically disables the ports pit stops the forwarding of traffic on those ports so if we're looking at this topology right here here's how we could solve this problem we could just get rid of this link right here and get rid of this thing right here and then we wouldn't have redundant paths we just have the path from switch 1 to 2 and the switch 1 to switch 3 and if these links weren't here these segments between the switches if they weren't there there'd be no redundant there'd be no parallel paths we wouldn't need spanning tree now what's the negative side of only having one connection between switch 1 switch 2 and one connection between switch 3 and switch 1 if you're saying well Keith if we lose a link if there's a problem in the network we're gonna lose service and the answer it that is absolutely straight on we're so we want to have the redundancy in place however we can't allow all the traffic to let forward on all the links because there will be loops at layer 2 and unless we use spanning tree so on commercial switches like Cisco Catalyst switches spanning tree is enabled by default and it might be important to understand how the rules are played with spanning tree and here's the basic rule so our objectives for this session is to understand why layer toups are why they are two loops our problem and the answer to that is because there's no time to live function inside the header and one broadcast could go on forever and ever and ever unless we identify that we have parallel paths and train the interfaces to not forward on one or more of the here's how stp spanning tree protocol operates we take a it's a collaborative we take a group of switches and they're gonna talk to each other they're gonna get chatty and the way they get chatty is they send back and forth these little itty-bitty messages and they're called yeah it's kind of a long term it's a bridge protocol data unit bridge protocol there's just these teeny little messages about every two seconds boom here's the information here's the information and these bridge protocol data units are how these switches can identify that there's parallel paths in the network and so spended tree the way it works is it has an election and they choose one for every VLAN there's gonna be one route device one king kong of spanning tree now they call this device a root bridge and I thought to myself in the early days why are they actually in the early days when I learned it we were using bridges and that's why the term comes up a long time ago before height speed switching came up we had bridges which act like two or more switch ports and our switches today with layer two Florida and all the rest the same process but now we have a separate switch port for every device on the network so in the old days when this was written it was called spanning tree protocol and we elected one root bridge so when we think of the word root bridge think of one switch that's going to act as the root bridge if you want to call it a root switch you can no one's gonna laugh at you but technically it's called the root bridge so I've got a question for you imagine we have these three so as I wait maybe I get it's not gonna take a lot of imagining check this out if we have these three switches and they all we need to choose one of them to be the root like the starting point for deciding how we're gonna forward or not forward and decide that root bridge the way they do it is they have something called a bridge ID and a bridge ID is a number it's quite a large number but it's gonna be unique for every switch so switch one will have a bridge ID switch two will have a different bridge ID switch three our bridge ID we can take a look at how that's created and we will in a moment but when I think of bridge IDs I think of golf and you might say Keithley wait what do you mean you think of golf when you think of bridge ID yeah I do almost every time because in golf think about how do you how does a person win at golf the last time I swung a club was about three years ago in a simulator so I'm not good at golf at all but I knew I know the rules I mean well I know how I know who wins is the person with the wet engulf the lowest score so if we have three switches and all of them have a unique bridge ID and the one that's gonna win is like golf it's the lowest one that wins so what they do is when they're powered up they start sending these love messages these British protocol data units to each other to communicate over those links hey here's my bridge ID sort like this I see if I can actually make sure you can see these it sound like a really great idea when I put him together earlier today although once again let me go ahead and bring up this I can verify there we go you got to know when to hold them know when to fold them so basically each switch has a bridge ID they know what their bridge ideas and they're gonna use bridge protocol data units these little BPD's send them across the links to the other devices and basically everybody gets to read every else's card so switch one has one bridge ID switch two has a different bridge ID and switch three has a double bridge ID which one's the lowest I'll let you choose and I'm looking at the cards and the monitor here it's is this one right here so the the switch that has the lowest bridge ID gets to be the King Kong of spanning tree meaning there is they call it the root bridge the the starting point the core of the tree four spanning tree that's how selected so a couple things we've learned so far number one spanning tree is important because it has to identify if we have parallel paths the links in our layer 2 network which are a good idea in case we have a failure then secondly amongst themselves based on the lowest bridge ID that they've communicated with each other using BPD use they're gonna choose one as the root bridge and he wins so basically whoever has the lowest bridge ID is gonna be the root for spanning tree for the entire spanning tree for that for that VLAN fit network alright so that's the first step elect a root now what happens next is quite interesting I think in my mind that everybody wants to be the root I want to be the root I want to be the root that the only one switch is gonna be the root switch so everybody else meaning all the other layer 2 switches are gonna fall in line and they're gonna say okay we agree I mean we can see right your bridge ID is lower than mine we learned um via B DB PDUs that we're being Santa we agree we you know we're over it and then they have to determine okay in this topology which of my many ports says the switch which of my many ports is the most cost-effective to get to the root switch so let's go ahead and annotate this on the screen so let's imagine that and let me pick on this guy right here let's imagine that this switch right here became the root now this is also happening for all of our VLANs and so for this discussion let's play with VLAN 10 although the the output is gonna be very similar to VLAN 1 or VLAN 10 every then 20 or VLAN 7 7 7 until we start tweaking things but let's imagine we're taking a look at just a spanning tree for VLAN 10 and switch 3 is the root bridge and oh I just had it a moment ago but remind me out of these 3 switches how did they determine who is gonna be the route how do they know who is gonna be the root bridge so if somebody would just chat that in or everybody chat that into the the message works just to confirm that we have that that the switch that has the lowest slight golf remember that the lowest bridge ID becomes the root and once he's the root every else agrees they've seen the BP Deus they condescend they say great I understand and you're the root so the second step for those bridge for those switches and this go ahead and let's call these guys loser one and loser too now that's now these are people that be so rude but because their switches will be okay so what does that mean they're a loser that just means they're not the root bridge so we have one root bridge and then everybody else who is not the root bridge in fact don't undo this so the next step for these switches is to say okay great what's the best way or what's the most cost-effective way for me to get to the root so switch one knows that switch three is the root and it's gonna go ahead identify what's called a root port now here's the secret for a root port a root port is on the losers so on the loser switches the switches that didn't become the root bridge themselves each of them are gonna have one and only one report and that's the the best path that they're going to use to forward in the direction of the root that's it now the question is how do they decide that well here's how they decide more carts to choose the report each switch is gonna say okay I've got these BP Jews coming in on multiple interfaces right I know where the route is and it's gonna say what is the least cost for me maybe this is switch one to get to the route and it looks at his cards it says okay the cost on one port is for the cost on another port is 2 the cost on another port of six and again it's a lot like golf so each switch as it determines which port is going to be the one that I'm going to forward towards the route it's going to go ahead and pick the one that has the lowest cost and that port is going to be identified as what's called a route pork it's a port that's forwarding in the direction of the route switch so it would look like this so switch one would say okay um and for this diagram just let me give you a heads up right now these are all gigabit links and the cost of gigabit links in a spanning tree is for a cost of four so what happened is switch 3 these B PDUs would be flowing out from switch 3 and switch one would receive those and then those B PDUs there'd be an advertisement that the cost is zero because this is the route switch and switch one would see on this interface gig - slash zero its cost is 4 so it adds up the the cost on that interface plus the advertised cost from the route and it the total before so out Dysport it would be a cost of 4 and for these other ports it'd be a lot more and then let's talk about that so switch 3 is the route advertising a cost of zero switch two receives that cost of four so now in switch 2 is advertising B PDUs down this way it's also saying that the total cost from switches to switch twos perspective is a cost of four and switch 1 has a costume this local interface of 4 so effectively maybe a cost of 8 on either of these links so when switch 1 is identifying okay how do I which port is the best one and only one I should use 2 forward towards the route it's going to go for like golf the lowest cost and that port in this topology if this was the route is going to be the route port so switch one would show 2/0 as being a route port that's it I mean that's that's how switch one would do it and switch to would do the same thing switch 2 would say ok great what's the cost to get to switch 3 who's the route and in this topology this would be a cost of 4 advertised cost of 0 plus the cost of 4 on the local interface so this would be the root port and that we make its forwarding decisions and this be a forwarding port in the direction of the route so here's the key for the losers and I put that up here again for the loser switches they are going to have one route port which is the port that is their best option if they choose to forward traffic in the direction or towards the root bridge so each switch gets one root port a piece as a forwarding option so also this is also called a role so if you ever see the concept of a root port realize that's the role of that port and root ports are also in a status of forwarding so a lot of times what happens with spanning tree is there's there's a few terms involved and so when people start talking about forwarding poor root port I just want to clear up that the actual role of this port is called a RPO root port and reports by default are always forwarding in the direction of the root bridge so a root port so this so summarized root ports are always forwarding in the direction of the root bridge that's it all right so let's talk about you know what let's talk about one other direction in fact I'd like to ask you and then we'll talk about together if we have two options about forwarding traffic and if we're not the routes which even if we are we have two options regarding forwarding one is towards the root bridge and that's we just described so if we have ports that are forwarding and we have one each purse which that's forwarding towards the root bridge that's referred to as the role of a root port there's also an option to forward away what do you mean a way well if we're if we have a port on a switch that's forwarding away from the roots which it would look like this let me put a different color on here let me go ahead and use change my mind let me use whatever color that is alright so if we have a switch to for example its forwarding and is forwarding on this port or this port in fact let me go to black so it's easier to see if it's forwarding here that would be an example of forwarding in an opposite direction or away from the root so the root port would be forwarding towards the root and the port's that are forwarding away from the root in the opposite direction would be considered forwarding away does also have a role and that role is called a designated port and it's always forwarding by the way so if you have a designated port it means two things it means it's forwarding away from the from the root switch and it's also forwarding two things in the same sentence actually all right so let's take a breath couple basic things number one if we have loops at layer two that don't go unchecked we're gonna have broadcast storms that just loop and loop loop the loop forever at layer two which is a problem so spanning tree steps in and it's on by default on commercial switches including catalyst switches and spanning tree says great we're gonna go ahead if it's running if the service is running the spanning tree protocol it's going to elect a root bridge and it does that based on the lowest bridge ID so whatever switch by advertising the BP to use across the network if whoever has the lowest bridge ID becomes the root then the other switches who are not the root identify their root ports the best path to get to the route and then any ports that are forwarding away from the route those are referred to as designated ports so so far we haven't talked about any type of blocking whatsoever we've talked about identifying a route switch we've identified route ports and also designated ports but we do need to bring in blocking into play so let's go ahead and do that right now and let me clean up the screen just a little bit there we go all right so let's go ahead and imagine let's take it from the top let's say Bob is right here and Bob is going to ping this device he sends an ARP request as part of that ping and we don't want to have a layer two loop forever and ever here so spending three beforehand figured out the topology switch three becomes the root bridge if it has the lowest bridge ID and we have two rolls we've talked about so far we have ports that are designated and designated means this we're forwarding traffic forwarding frames away or in the opposite direction of the root bridge all right and then so on this switch the root switch because it is the root it has the opportunity of being having all designated ports so this had 20 ports they would all be designated because let's think about the definition its forwarding away from the root it is the root so everything leaving it is forwarding away from the root so all of its ports would be designated and then regarding root ports on all the other switches that is in a state of forwarding towards 3 so in this case switch one would calculate that this is the best path based on the BPD's they're being shared so this would be the route port and then switch to would identify it this is the best path it would be shown as the route port and then the tricky part comes in up here now on these segments right here if somebody's gonna I mean let's talk about the reality here somebody's got to block traffic otherwise we're gonna have a loop and so every switch is going to have one report and every segment which is let's say it's like every connection between two switches is going to have one designated port some whose forwarding for that segment and that means if you've got these two switches switch one switch two and they're both guard connected on one side we're gonna have some designated ports that are forwarding away from the switch and on the other side we have to have some blocking going on so let's take a close look at how that happens so we've talked about the route election which is based on cost excuse me I'm ahead of myself the root bridge which is based on low bridge ID right and then we for the other devices they then calculate their route ports this is BA I like the route and then on the non route switches they elect they identify their route ports and then for C then we need to go ahead and calculate the designated ports for everything else the easy ID and a te D ports so these are going towards the route these are going away from the route so on the route switch itself all ports are designated meaning they're all forwarding and they're all forwarding away from this device the root bridge so then here on switch one switch to the question comes in okay who gets to be designated is it gonna be switch one or any switch two and two to ferret that out the one that gets to be designated is going to be the one with the best cost so what happens is there's going to be BPD's that go between switch 1 switch 2 and in those BP dues switch one's gonna say hey Mike us to get to the root is for beat that and switch to is gonna say Mike us to get to the switch the routes which is for beat that and you might see that we have a tie break we have a problem here because both switches have the same cost so what do you do next well if the cost is the same in this scenario the next tiebreaker is the lower bridge ID of the two so neither one of them won the spanning tree root bridge election but between them so which one switch to the one that has the lowest bridge ID in this scenario is the next thing to look at as a tiebreaker so let's imagine that this guy has the best lowest bridge ID and let's imagine that this guy is in second place with the second-best B ID I'll put bridge ID there and this guy is the third as far as the third best bridge ID what happens is as far as who gets to be designated for this these two segments if all the if the cost is equal to get to the root this switch switch number two is gonna say oh I win because I have a lower bridge ID than you do all other things being equal and that would make this port designated this part designated and then then what would happen is you're only gonna have one designated port per segment and as a result switch one's gonna say oh crap that means I lost and and it's true so this these two ports would go into what's called blocking state BLK BLK for blocking because that's there's as parallel paths redundant paths so neither of these two interfaces from switch ones perspective would be used for forwarding traffic and our spanning tree topology would effectively be the link between switch 1 and switch 3 between switch 3 and switch two and then the two links from switch 2 or to switch 1 they would be forwarding but switch 1 would never forward in this direction if never forward out 1/2 and zero zero because it lost the spending process so before I show you that which I'd like to write now let's confirm a couple basics about spending tree we need it because layer two loops are going to devastate our network we want the redundancy in case the thing changes but we don't want to have loops so spanning tree running by default alexa root bridge based on its lowest the lowest bridge ID it does that by sending bridge protocol data it's the one of the lowest bridge ID wins and then once that bridge ideas are that spanning tree root bridge has been identified then the other switches say okay great i need to calculate my report and that report is going to be based on cost so if a switch has a cost of two and a cost of four to get towards the root of forward towards the root it's gonna say i'll choose the one that has the lowest cost it choose that that's gonna be the root port then every segment for forwarding away from the root needs to have a designated port a forwarding port that's going away from the root and you can't have two you can't have two designated ports on the same segment because that would cause that that's an implication of a loop in the network so to battle that out if there's two switches they're both connect to the same network they're gonna battle out and say which one has the lowest cost hey my bridge ID is - Wow if the cost is the same we both have the same cost they'll then go to the bridge ID to battle it out and then the one with the lowest bridge ID is going to win and that's that's how that operates all right so I think we should take a look at this in a lab environment all right so I've got these ports all set up and let me clear off that screen and let me bring up this oh there's our capture from earlier fantastic and I say quit without saving all right and let's go to this login and goes let's cut some consoles so let's go to switch one first so the way we could verify what spanning tree is doing what it's looking at and how its performing is do the commands show spanning tree and then if you just press Enter it's going to show you all the spanning trees for each and every VLAN if you want to focus just on one as I do here just tag in the VLAN identifier and it'll show us the spanning tree for view spanning tree instance reveal intent don't exist wow that's so curious this is switch one I thought of a switch one okay if you then ones there that's that's good that's a good sign and let's add ten so it's got spanning tree what's going on with switch one well let's make sure the VLANs exist okay so VLANs they're show spanning trees spanning trees running for VLAN 1 and there's B Linton what I do what did I do show history what do they I do a show spanning tree for VLAN 10 how come that didn't show up oh I put a show spanning tree 10 yeah I thought the word VLAN just didn't sit ok show spanning tree down in 10 so we get a little extra troubleshooting there all right so there's spanning tree for VLAN 10 and here's what is happening with this output with this output there's two sections the first part is identifying for VLAN 10 who the root is who King Kong is who won and that's all about this top part right here so the bridge ID is made up of basically three components the priority plus the VLAN number there's a bigger story behind that but we can cover that different day plus the base MAC address so those elements are right here here's the priority there's the base MAC address and also we're adding into that the VLAN so for 32 768 plus 10 more for the VLAN ID plus this Mac dress that makes up this bridge ID and the lower is better so what this is saying is this is saying that the roots which is this guy right here and my cost to get to him says switch 1 is a cost of 4 and my root port is gigabit 2/0 get to that that I'm forwarding on to get to that root that root bridge and it also is shown down here as well so if we look here it says to get to the root is gig 2/0 here's gig 2/0 its role is the root port on this non root switch and its status is forwarding and the cost is four and then it has a priority identifier as well and that's its root port and now down below here the second part which will put in a different color right here this is the information about switch 1 itself so this is the root bridge above here and this is I say self only say self I'm talking about switch 1 so switch 1 says ok my this is my priority and this is my address my base MAC address which makes it my my bridge identifier if you'll notice the reason that this switch did not win for VLAN 10 and become the root is because it had something worse than the root so the priority was the same 30 2007 what's showing up here as the priority is showing up is the same for both of them but if you look at the base MAC address hits zero zero six four that's the same 3 4 7 2 this is 3 for FB so that's 7 on the root bridge is lower like golf than the F here in hexadecimal which is decimal 15 which is higher and that's the reason that switch 1 did not win the bridge election because it has a worse or a higher bridge identifier and then it's showing us the status of all the ports here so the key thing I want to focus on here is the concept of designated ports and route ports route ports are forwarding in the direction of the route switch and there's only one report per switch and designated ports are forwarding away from the switch and there might be more than one or two or three or four designated ports because you may have one or two or three or four more ports on that switch that are forwarding away so Bob the client if I look at my apology real quick here Bob the client is off of Giggsy / one in VLAN 10 and so because this switch switch one is forwarding on that port for VLAN 10 which is what that port is assigned to that's why this is the designated port and then the other ports here are in a blocking state and that's where spanning trees stepping in to protect the network boy there we may I may take a second session and talk about some additional details for spanning tree but I wanted to make sure that we have some basic concepts and let's take a look at switch - so this is switch to just benefit from VLAN 10 so switch 2 it says hey the route is this bad boy right here it's I'm not it so the second element here is switch twos information he also lost spanning tree election for VLAN 10 and from switch twos perspective the port that's the most optimal to forward towards the root is gig 2/2 if we take a look at our topology that's this interface right here 2/2 and it is the designated port oh do this let's take a little more time so on port 1/3 in 3/0 its the designated ports for those two segments so it's forwarding on 1/3 and 3/0 and so when switch 1 and switch two are duking it out on who gets to be the designated port meaning who for those segments is going to be forwarding away from the route switch to 1 is probably in fact I'm sure it is because they both have the same cost to get to the route switch - must have a lower bridge ID and we can verify that very easily so let's take so here switch - and if we take a look at the bridge ID for switch - it's right here so I'm gonna just swap back and forth between these two this switch - here switch 1 I'll highlight those as well and because switch 2 1 yeah 30 for AF right here for the based mac address portions of the bridge ID that is lower 3/4 AF is lower than 3 4 FB so a is numerically lower number than f of s by @ 1 so there we have an example of spanning tree at work protecting this network and the blocking is all happening here on switch 1 so if we are to draw out this topology which I think we had to do let me go ahead and bring it up in again we have the roots which aka the root bridge all of the ports on the root bridge are gonna be designated forwarding away from the root because it is the root that's one of the wonderful things about being King you get to do everything and the roots going to be designated ports for all segments that's connected to switch one is going to have the best cost to get to that root off of port 2 0 so that be the report so which 2 has its best cost to get to the root off of its 2/2 so that'd be a root port and then up here because the clients in VLAN 10 that would be a designated port and if this trunk is allowing that VLAN that's also going to be a designated port getting on whether knots allowed there and then for switch 1 switch to they Duke it out they send their BP views back and forth and as they do that and they say ok who gets to be designated for these two segments switch 1 & 2 they both say we're both a cost of 4 in fact let's just verify that real quick are they both really a cost of 4 so switch one says my cost is 4 right there and switch 2 says my cost is 4 so then came down to the bridge identifier between the two so they could Duke it out and battle for who is going to have who's going to be designated for those two segments so each segment each connection between switches is going to have only one designated port per segment and switch one over here lost and so it's going to be blocking on both of its ports there okay so let's take a look at let's take a look at a review and then I've got one additional snafu that I'd like to share with you so the the pecking order in this we start with three switches but the pecking order is this the switches I'll send B PDUs out they share their cards with their rails and the one that has the lowest bridge ID is going to be the root bridge all of its ports all of the root bridges ports are forwarding and they're gonna be forwarding away from the root and so what do you call a port that's forwarding away from the root that is a designated port the other switches who didn't win the election to be the root bridge are going to have to calculate based on the VPD user sing and they're gonna have to calculate based on the cost to the root which is the best path and each switch that's not the root it's gonna choose one Pat one port and it's gonna be the root port that they're gonna be forwarding on in the direction of the root then after that fell decided for forwarding away from the root on the non root switches like switch one switch two they're gonna who gets to be designated who gets to be forwarding on these links that are forwarding away from the roots which if there's more than one switch out there and the answer is the one with the best cost and so switch one and switch two if one of them has a better cost to get to the root it wins I'm forwarding cost cost is king however if the cost is the same then they Duke it out and they say well let's go ahead and handle this like gentlemen or ladies or whatever sex they are and what we'll do is we'll simply allow the person who has the lowest bridge ID between switch 1 and switch 2 between those two to go ahead and be the designated ports and to do forwarding and at that point the one with the lowest bridge ID is forwarding and has designated ports and the other two ports and the other switch this topology say yep you got it I'll be blocking here that's it now there is one other scenario that is worth mentioning that I think a lot of people get wrong and so I want to give you a heads up on it that so you don't get it wrong and it goes like this and clear off the screen and it goes something like this what if what if switch to is the root so it's the root bridge and so we're advertising B PDUs from the root so these ports will be does need ports designated ports designate of course everything is forwarding away from the root is a designated port and the root bridge gets two forward on all of its ports so great those are all designated and so switch one is hearing these BP to use basically on this link and saying hey the cost is zero because the root bridge is the root and the bps and says hey the cost is zero on this link and it knows that it's local cost is four for each of those gigabit interfaces now it's got a problem because switches you can't have more than one root port so switch one says oh my gosh I can I have one report they're both the same cost and check this out switch to and those B PDUs is advertising the bridge ID so effectively think I have a card for this I do let me bring up a card here it is so let's imagine we get AB B PDUs coming from the roots which one sees it and that C the root bridge ID and it's the same so because it's the roots which on both its ports sending out these be PDUs the roots which bridge ID isn't changing it's the same on both so here we have the problem with poor switch one saying oh my gosh ku problem I'm not the root I get that I want to identify my root port the best cost to get to the root but I'm getting these B PDUs and they're both the same cost to get on each either interface and they're both coming from the same bridge ID so I can't use that as a tie breaker because the bridge ID is the same what do I do and this is the part I think that probably if I took a hundred CCA's if we took a hundred CCA's we'd probably give them back at some but if we take 100cc nays and ask them this question they would probably get it wrong but you're not going to here's the tiebreaker let's go back to our topology when these BPD's are coming in and switch ones trying to decide which of these two ports 1/2 or 0 0 is going to be the root port the way it decides is it looks at those B PDUs from each of them and it uses this information right there the senders port number not my port number switch one you go to you go away it's the sender's port number that information is included as part of the BPD use and it's like golf it's like golf so in the BPD use that switch one is receiving the lowest sender the sender's lowest port ID in the BPD use in this case four is lower than six it would go ahead and use that and it would make that that port work out that lowest senders port ID as its root port so that's a tiebreaker again most people get less you'd say most I bet probably more than 50 get that wrong it's not my local port number says which one it's the advertised port numbers in fact I think we have time let's do a quick verification and we'll show you that in action so you can see it so let's go back to our screen real quick and at the moment switch to is not the route so let's fix that and I'm gonna have another session on spanning tree because there's a couple other really good pieces I want to share with you as well but in the basics of spanning tree which we're doing now let's go back to our command line interface and let's go to switch to and I'm gonna make a switch to the King Kong so config T spanning tree VLAN 10 root primary so what what this does is this command simply says hey I I know what's going on the spanning tree I've seen who the root is I know it the priorities of the root this command has one mission here's the commander's intent when what do you win you take whatever that priority is and you go lower go lower and that's what this so this command simply tells switch to win and we'll do it right now so we'll go ahead and press Enter spanning tree doesn't take too long to go ahead and reconverge and as its considering life if we do a show spanning tree for VLAN 10 now check it out so for VLAN 10 is on switch 2 is saying this bridge is the route I just won because I artificially lowered my priority based on that command you told me to I went lower than the winner and that made me the new winner so it's now the winner so is advertising and BPD is that that's the route and it's also advertising its own information and because it's the route this is going to be the same same information and you'll notice now it's forwarding on all ports so if we go back to our topology which will be fun to do let's do that right now here in our topology let's do this so this is the route it 1 because it has the lowest bridge ID I'll say route bridge just to be clear it's not a route port bridge great so these ports are designated ports and if port 3 port 1 slash 0 is in VLAN 10 it'll be a designated port if port 1/1 is in a different VLAN it won't apply for this instance of spanning tree so the root bridge is he one he's the lowest bridge ID all of his ports are forwarding away from himself so designated port means forwarding and away designated means forwarding and away and then as switch 1 receives those BPD's with that information it says oh no they're both the same cost they're both coming from the exact same bridge ID it will then choose the advertised lowest port number which would be 1/3 in this topology and that would mean it would choose 1/2 on its side because that's where it heard that bridge ID are that bpdu with the lower report identifier and that would be the report and then we'd go ahead and block here because it would be a loop if it didn't block all right advertisers bridge ID our average I've advertised the port identifier so you know we had to do let's let's test that I think we should just it let me clear off the screen and let's go verify that that is indeed our results so here on switch to it's forwarding is the route all the ports are in the role of designated it's right here great the the status is forwarding and if we take a look at switch one and do a show spanning tree for VLAN 10 we are expecting there we go there's our report you know I get I gotta be honest is like that's what I should do I hope it does that but that's the result so gig 1/2 is the report and it is forwarding because that's what route ports do they don't block route ports are forwarding towards the route and designated ports are forwarding away from the root so this topology gig 0/1 which is where Bob's computer is connected as an access port is also a designated port and then it's blocking on gig 2/0 which is the connection down to switch 3 and it's also blocking on 0 0 which is that second port in our topology between switch 1 and switch two yeah I was just thinking there's probably a few more things I could oh you know just one more thing let me let me show you what this looks like if we look at trunks because we cover trunking and switching in another session but if we do a show interfaces trunk and that very bottom section says VLANs allowed on trunk and being forwarded by spanning tree any ports here that we have that are blocking for spanning tree will not show as forwarding as that's another way from the show interface trunk command you can see what's going on with spanning tree so let's take a look at that so here on switch one and just to confirm our topology here I this is blocking a set and we just confirm that and so many buttons so many buttons yeah so gig 2/0 is currently is currently blocking great so we go back to our topology here that's blocking so if we do a show interface trunk even though we have a trunk here between switch 1 switch 3 it is not going to show VLAN 10 as being forwarded over that trunk link because spanning tree says no that's blocking by spanning tree so let's verify that so show faces trunk there we go so gig 0 0 then gig what gig 1/2 which is the link between switch 1 and switch 2 is forwarding for VLAN 10 and then gig 2/0 is the forwarding for the other VLANs and that's because we only made switch to the root for VLAN 10 I didn't twist I didn't tweak it for the other these are the 3 VLANs so that's why it's 40 for VLAN 10 on trunk on port 1/2 all right that's a lot of fun let's summarize and then we'll close it off here's what we've learned about spanning tree spanning tree is needed because if we had layer 2 loops we'd have one broadcast that we just loop and loop and loop because that layer 2 in the header there's no time to live there's no expiration of those frames they would just loop and loop forever if they were allowed to so spanning tree comes to the rescue spanning tree jumps in and says okay we need one sheriff in town and the way we identify that sheriff is we share our cards with each other and the way we share cards and spanning tree is with BPD use bridge protocol Didion's that include the bridge IDs that's and the lowest wins so whereas the lowest wins originally in our topology it was switched 3-1 for everything so now switch 3 to the roof now whatever else does it says ok I'm not the root I need to identify the best path to get to the root and we do that by identifying the cost so I have 3 oh so if I have if I'm a switch and I'm identifying my single root port I'm gonna go ahead and I'm gonna identify based on the cheapest way to get there if one interface is the cost of 6 and the other the cost of 2 that's give me my root port I label that as the roll root port and I'm always forwarding on that report that's what reports do and for going away from the root we have designated ports so on the routes which all ports are designated ports meaning we're all forwarding away from the root and each network segment each connection between switches is going to have one designated port so if there's a conflict if you get two switches they're both connected and they're both forwarding on those ports away from the root they're getting a little dual and the dual goes something like this what's your cost to get to the root and if that's the same if it's lower that one wins if they're the same then they go to bridge ID and then the lower bridge ID wins and in the situation that we just looked at if you have a non root switch and it's receiving on multiple links this the same cost the same bridge ID the tiebreaker then becomes the lowest advertised port and I do have I just grabbed some screenshots also I want to share with you and then we'll close this up so this is an example of before we change the spanning tree topology going from switch 3 to switch one and in this spanning tree protocol information it included the choose my color here it included the route identifier which is a combination of the priority and the VLAN and the base MAC address by the way the way you can see the base MAC address is you can either do a show spanning tree that'll work and then the base MAC address shows up or you can also do a show version and show version we'll also show you the base MAC address and because all the MAC addresses are gonna be unique in theory you'll never have two identical bridge identifiers so in the BPD was sending had the root identifier it also had its own identifier and because in this example it was the root so this is coming from switch we'd switch 3 going to switch 1 when it was root the root and its own ID are the same and then it also includes this port identifier right here so that could be a tie breaker if we have multiple links where the bridge ID is the same the cost is the same and we have to go down to the port that's the advertised port literally right there that the receiving switch would go ahead and use make a decision all right one more and that's this is from switch 2 2 switch 1 this is before we made switch to the root and so here in this topology switched to is sending a bpdu that's what this is and saying hey this is the route which was switch 4 I'm sorry switch 3 was the root and cost of 4 and then it also down here also in the British protocol identifier identifies itself so the message said this is the root this is me says switch 2 and here's my port identifier let me clear that off right here so in the event in fact this is switched to 3/2 you're going to switch 1 1/2 if we look at the next frame here which I also captured for us notice that the port identifier is different and so here it's hexadecimal 8 0 0 8 and on the previous one if we look at that it was 8 0 0 D and so 8 the last character there is lower numerically than D and that's what and that was a that was the lower port number quit according to the law report number and that's why switch one shows the report it did so I wanted to just kind of give you a reinforcement that it the tiebreaker the first one is lowest bridge ID first that wins the root the root bridge and then all the other switches based on cost choose the lowest cost to get to the root and then after cost is neutral or even then it's bridge ID and if the bridge ID is the same then it goes down to advertised port ID which is then going to be used to choose the little the lowest advertised port ID is going to be the root bridge the report on that downstream switch all right you know I didn't think it was gonna take that long I only talk about spanning tree there's a few other things I like to chat with you about including including rapid spanning tree and also I think this also ties well into some ether channel so I will build those all up coming up in future sessions so I'm also building a playlist super excited about that the playlist is going to have I'm just gonna collect all these pieces I've done and put them in a playlist for CCNA studies and I'm also starting up on Saturday sub knitting Saturdays and so well do those live as well and then we'll collect those and put them into playlists so that somebody who wants to just on YouTube get a good starting point into a lot of the basics of how networks operate and Cisco CCNA they'll have a place to go where they can get a lot of that information and have a nice organized fashion so if you haven't subscribe yet please do so certainly super glad about you participating and showing up here with me and these live streams it means a lot and let me take a look at my yeah so Saturday is gonna be Saturdays gonna be what day is it oh wait hey back up New Year's Day is Wednesday we're gonna take like OSPF Network types and then going forward on Saturday we're gonna start subnetting Saturday starting off with the basics how it works I'll use my finger techniques which has been very popular for people who don't like the power of zero huh which if you're not a math person that's not always not always straightforward so I'll teach you those parts lines on subbing Saturday and then we'll continue on with more spanning-tree and also some ether channel and then we'll work our way to layer 3 routing and so thank you everybody for joining me and we'll see you in the very next session stay tuned to social and I'll post all that information when it's coming out in the meantime thanks again and happy studies and a happy happy brand new year thanks everybody [Music] [Music] [Applause] [Music] [Applause] [Applause] [Applause] [Applause]

Info

Channel: Keith Barker

Views: 65,708

Rating: 4.9455299 out of 5

Keywords: ccna certification, ccna training, ccna 200-301, CCNA, new ccna, cisco ccna, new ccna certification 2020, cisco certifications, 200-301 ccna, ogit, keith barker, networkchuck, networkchuck ccna, ccna, spanning tree, spanning tree protocol, root switch, designated ports, root ports, spanning tree protocol (protocol), blocking ports, how does spanning tree work

Id: xUeLpAgrVU0

Channel Id: undefined

Length: 64min 52sec (3892 seconds)

Published: Sun Dec 29 2019