Embed Size (px)
Citation preview
1© 2001, The Technology Firm WWW.THETECHFIRM.COM
Switching and Bridging
The Technology [email protected]
2© 2001, The Technology Firm WWW.THETECHFIRM.COM
Is Spanning Tree Turned On?
Let’s turn on our protocol analyzer and capture a BPDU packet.
This can be done from any switch port in your environment. No port spanning or mirroring required.
3© 2001, The Technology Firm WWW.THETECHFIRM.COM
Information Now that we found a BPDU packet, what do we know? Since the Priority is set to 8000 (HEX), one can safely assume that this network was
designed using the vendor’s default. The problem with this is that you should need all your switches’ MAC address to
determine where your root bridge is. Of course very few people have this information available.
The location of your root bridge is critical since the stability of this device, or the path to the root bridge can cause a 30 to 50 second outage. Every time the root Bridge disappears you get a outage.
Some devices do not get along with the spanning tree algorithm when booting up due to the initial Blocking Mode of the port.
You can determine which vendors’ equipment is the root bridge by visiting the IEEE OUI and Company_Id Assignments and search for the first 6 characters of the Root Mac Address.
http://standards.ieee.org/regauth/oui/index.html
4© 2001, The Technology Firm WWW.THETECHFIRM.COM
Search for MAC Address
00-50-2A (hex) CISCO SYSTEMS, INC. 00502A (base 16) CISCO SYSTEMS, INC. M/S SJA-2 170 W. TASMAN DRIVE SAN JOSE CA 95134-1706
After our search, we found that the root bridge is a CISCO. So hopefully we expect a CISCO switch. Hopefully this CISCO is located on a stable switch somewhere on our Core Network that does not experience much change.
5© 2001, The Technology Firm WWW.THETECHFIRM.COM
Configuration Nightmare Very few people understand that by having spanning tree set to default values, one
of two situations may occur; Another switch with the same priority, but lower MAC may be introduced, causing an
outage. Another switch with a lower priority, may be introduced, causing an outage. I have
seen this situation with a ‘demo’ switch in a customer lab or wireless Ethernet Bridges.
If you have found that you have Spanning Tree enabled, you may investigate different spanning tree commands (I.e. BackboneFast, PortFast, UplinkFast, or FastLearn).
When your root bridge disappears, the network is basically down for a certain amount of time. This is regardless of how many redundant power supplies and paths you have in your network.
6© 2001, The Technology Firm WWW.THETECHFIRM.COM
TIPS The most effective method to control the location of your root bridge is to configure
your desired root bridge’s Priority to a value lower than 8000. Some vendor’s will actually have commands like ‘set root bridge’ that will basically set the priority to low values.
When setting a root bridge, select a backup bridge. That is one with a value greater than the root, but lower than the default [8000, in this case].
Take the time to design your spanning tree, or the defaults will design it for you. Some devices expect to immediately transmit data as soon as the link is physically
up which presents challenges if Spanning Tree is enabled. Be careful with applications that utilize keep alive or other unacknowledged protocols
since you may experience Unicast storms. You should periodically review your Spanning Tree Topology.
7© 2001, The Technology Firm WWW.THETECHFIRM.COM
Reality Check As yourself, ‘What does spanning tree do for me?’ Spanning Tree’s main purpose is to prevent loops. I have spoken to many people
who did not know they had spanning tree enabled, did not know why they needed it and the most scariest part, ‘thought it was OK to keep it enabled, just in case’.
In case of what??
If you do not have multiple paths, most likely you do not need spanning tree enabled. If you have nodes connected to switches, these ports do not need spanning tree
enabled.
8© 2001, The Technology Firm WWW.THETECHFIRM.COM
What are we doing ?? We are going around an implementation merry go round controlled by confusion and
lack of network understanding...
Workstation
HUB
100 clients
Workstation
HUB
100 clients
• 200 node Broadcast domain• Physical level error propagated• IMPLEMENT A BRIDGE
Workstation
HUB
100 clients
Workstation
HUB
100 clients
BRIDGE
• 200 node Broadcast domain• Too many broadcasts• IMPLEMENT A ROUTER
9© 2001, The Technology Firm WWW.THETECHFIRM.COM
What are we doing ??
Workstation
SWITCH
100 clients
Workstation
SWITCH
100 clients
• 200 node Broadcast domain• Too many broadcasts• IMPLEMENT VLANS
Workstation
HUB
100 clients
Workstation
HUB
100 clients
ROUTER
• 100 node Broadcast domain• Too SLOW• Implement a collapsed switch
10© 2001, The Technology Firm WWW.THETECHFIRM.COM
What are we doing ??
Workstation
SWITCH - VLAN A
100 clients
Workstation
SWITCH - VLAN B
100 clients
ROUTER
• 100 node Broadcast domain• Too SLOW• Implement Reporting Tools
Workstation
SWITCH - VLAN A
100 clients
Workstation
SWITCH - VLAN B
100 clients
ROUTER
• Buy Rmon probes• Enable SNMP/Rmon on Devices• Install Reporting Software with
Database backends
