Embed Size (px)
Citation preview
5/17/2006
1
© 2003 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice
DECUS IT-Symposium 2006
Spanning Tree ProtocolInteroperability Cisco/HP ProCurve
Juergen BrunsNetwork Competency Center EMEA
HP Services
page 2May 17, 2006
Agenda
• Protocol refresh• IEEE802.1D• PVST+• IEEE802.1w• IEEE802.1s• Cisco STP• ProCurve STP• Configuration Example
5/17/2006
2
page 3May 17, 2006
Requirements for a Layer 2 redundancy protocol
• Provide a loopfree topology, meaning a packet should never be seen twice in a network
• Only ONE active path between two hosts• Should activate redundant links in case of a failure• Convergence time should be as quick as possible• Nice to have: Utilize redundant links
page 4May 17, 2006
Preventing Bridging Loops
Station A
Station B
2/2
2/11/1
1/2
Segment A
Segment B
Neither Switch A or Brunning STP
2
4
7
1
3
6
5
2
5/17/2006
3
page 5May 17, 2006
Preventing Bridging Loops
Bridging loops can be prevented by disabling theredundant path
Station A
Station B
2/2
2/11/1
1/2
Segment A
Segment B
page 6May 17, 2006
STP and IEEE Standards
• The First IEEE standard implementation of STP is IEEE 802.1D. (since 1998)
• RSTP is Rapid Spanning-Tree Protocol defined by the IEEE 802.1w. (since 2001)
• MSTP is Multiple Spanning-Tree Protocol defined by the IEEE 802.1s. (since 2002/2003, Standard Compliance on Cisco since 2006)
Cisco proprietär• PVST is Per VLAN Spanning-tree proprietary implementation of STP
on Cisco equipment using a ISL trunk.• (Rapid) - PVST+ is the implementation of PVST on 802.1q links. • IEEE 802.1s Vlan MST based on a pre-standards draft.
5/17/2006
4
page 7May 17, 2006
STP – Calculating a loop free network
1. Select the Root bridge=> lowest Bridge ID (Bridge Prio + Bridge Mac)
2. Select Root ports, 1 per Bridge=> shortest path to root
3. Select Designated port, 1 per Segment => shortest path to root=> Lowest Sender Bridge ID used as tie-breaker
4. Use Port ID as tie-breaker=> lowest Port ID (Port Prio + System #)
page 8May 17, 2006
Which port is blocking ?
Gbit/s
Switch C
Switch A
Switch B
• Brigde MAC (A=x1, B=x2, C=x3)• Bridge Prio (default: 32768)• Port cost (default: Gbit/s=4, 100Mbit/s=19)• Path cost (sum of all port costs to root)• Port priority (default = 32)
Gbit/s
100 Mbit/s
5/17/2006
5
page 9May 17, 2006
802.1D root bridge election
The Bridge/Switch having the lowest Bridge ID is the Root BridgeThe Bridge Priority, default to 32768, is configurable.
Bridge ID
Priority MAC Address
00010800ABCD012100010800ABCD0121
6 bytes6 bytesBPDUs
Root Bridge
2 bytes2 bytes
80000800102031DE80000800102031DE
80000800102032AC80000800102032AC
80000800102034238000080010203423
8000080010203EF888000080010203EF88
page 10May 17, 2006
802.1D root port election
Each bridge retains the lowest cost to reach the Root bridge, on each port.The best port (Root Port) is then elected:
1010 1010
10101010
1010
2020
2020
3030
30301010Link Cost
Root Port
2020
3030
5/17/2006
6
page 11May 17, 2006
802.1D designated port
For each segment, only the best path is used towards the Root Bridge.The corresponding port is called the Designated Port (DP) .Redundant Bridges are blocked.
1010 1010
10101010
1010 2020
2020
3030
30301010
Hub
DPDP DPDP
DPDP DPDP
DPDPDPDP
DPDP
DPDP
DPDP
DPDP
Cost=0
DPDPDPDP
AA
BB
page 12May 17, 2006
802.1D logical topology
Topology becomes loopfree
Hub
AA
BB
5/17/2006
7
page 13May 17, 2006
802.1D and 802.1t
802.1D port costs (16 Bit)
1 to 65535 4 1 Gbps
1 to 65535 19 100 Mbps
1 to 65535 100 10 Mbps
Default Range Default Cost Value Port Speed
1 to 200000000 200 to 20000 2000 10 Gbps
1 to 200000000 2000 to 200000 20000 1 Gbps
1 to 200000000 20000 to 2000000 200000 100 Mbps
1 to 200000000 200000 to 20000000 2000000 10 Mbps
1 to 200000000 2000000 to 200000000 20000000 1 Mbps
1 to 200000000 20000000 to 200000000 200000000 > 100 kbps
Available Range Recommended Range Recommended Value Port Speed
802.1t port costs (32 Bit) used for IEEE 802.1w and IEEE 802.1s
page 14May 17, 2006
Per VLAN Spanning Tree (PVST+)
• Cisco‘s implementation of STP• Cisco switches run per-VLAN Spanning tree • Each VLAN builds its own STP instance (<128)• Provides loadbalancing
• No standard, but compatible with 802.1D• CST BPDUs are send untagged in VLAN1, even ifthe native VLAN is not = VLAN 1
• Shared Spanning Tree BPDUs are sent tagged foreach VLAN (exept for the native VLAN) to MAC: 0100.0ccc.cccd
5/17/2006
8
page 15May 17, 2006
PVST+ Loadbalancing
Sample Topology for VLAN 10:
Hub
AA
BB
page 16May 17, 2006
PVST+ Loadbalancing
Sample Topology for VLAN 20:
Hub
AA
BB
5/17/2006
9
page 17May 17, 2006
802.1D protocol states
Time
Blocking
20 SecListening
Learning15 Sec
Forwarding
15 Sec
Forward Delay
Forward Delay
Max-Age
page 18May 17, 2006
Rapid Spanning Tree 802.1w Overview
• Extension to 802.1D => higher convergence speed.• Includes features similar to UplinkFast, Backbone Fast and
PortFast.• New Port Role• Modified BPDU• Rapid port state transition.• New topology change mechanism.• 802.1D Compatibility• IEEE 802.1w - a standard since June 2001.• Rapid PVST+ has the same architecture as PVST+ except that it uses 802.1W rapid STP protocol instead of 802.1D
5/17/2006
10
page 19May 17, 2006
802.1w port roles
4 port roles
• Root port: shortest path to the root bridge in terms of pathcosts (Forwarding)
• Designated port: the port which is sending the best PBDUfor a segment (Forwarding)
• Alternate Port: an port which has an alternative path to the root bridge (Blocking = Discarding)
• Backup Port: Port which has link to the same segment on the same switch (Blocking = Discarding)
page 20May 17, 2006
802.1w port roles
Hub
AA
BB
RPRP
DPDP
RPRP
BPBP
DPDP
Port rolesRP = Root portDP = Designated PortAP = Alternate PortBP = Backup Port
APAP
APAP
HUB
5/17/2006
11
page 21May 17, 2006
Multi Instance Spanning Tree IEEE 802.1s Features
The latest Spannng Tree standard
• Fast convergence
• Can make use of all links in network
• Makes STP scalable
page 22May 17, 2006
802.1s
Before (802.1D or 802.1w)
VLANs 1VLANs 2
VLANs 1VLANs 2
RootVLANs 3
VLANs 3
VLANs 1VLANs 2
VLANs 3
Before (with PVST)
Root of 1
VLANs 1VLANs 2
VLANs 3
VLANs 1VLANs 2
VLANs 3Root of 2
Root of 3
VLANs 1VLANs 2
VLANs 3
Now with 802.1s
MSTI-1 Root MSTI-2 Root
VLANs 1,2…VLAN 3,4…
VLANs 1,2…VLAN 3,4…
VLANs 1,2…VLAN 3,4…
5/17/2006
12
page 23May 17, 2006
802.1s Terms
• MST Region: a group of switches running 802.1s undercommen set of configuration attributes
• MST instance: an entity which will calculate his owntopology. Each instance can be used for one or moreVLANs
• Common Spanning Tree (CST): An STP or RSTP spanningtree instance to interconnect differrent regions
• Internal Spanning Tree (IST): RSTP instance interconnectingCST to the region. All ohter VLANs that are not configured
manualy to an instance are mapped automatically to the IST = MST Instance 0.
page 24May 17, 2006
802.1s Terms
MSTRegion IST
CST
5/17/2006
13
page 25May 17, 2006
MSTP - Configuring Regions - ProCurve
MSTP - Configuring Regions for ProCurve
To create multiple spanning tree instances, an MST "region" is
defined, with 3 parameters that must be identical for each switch
in the region:
• region name ("spanning-tree config-name")
• revision number ("spanning-tree config-revision")
• VLAN-to-instance mapping ("span instance <1-16> vlan <VID>")
Each VLAN can be a member of only 1 MST instance.
Any VLANs not claimed by (not configured in) an MST instance
automatically exist in instance 0 (the Internal Spanning Tree, or
IST), which always exists when MSTP is enabled.
page 26May 17, 2006
Summary and Guide-line
5/17/2006
14
page 27May 17, 2006
Cisco vs ProCurve STP Protocols
Cisco IOS switch can run the following protocols:
• Common Spanning Tree (IEEE 802.1D)
• PVST+
• Rapid PVST+ (default)
• MSTP IEEE 802.1s draft
• MSTP IEEE 802.1s Standard Compliance
ProCurve Switch can enable the following protocols:
• Common Spanning Tree (IEEE 802.1D)
• PVST+ (only 9300 Series)
• Rapid STP (IEEE 802.1w) per box (default)
• MSTP IEEE 802.1s Standard Compliance
page 28May 17, 2006
Interoperability Cisco & ProCurve
• Try to use the MSTP IEEE802.1s Standard Compliance Version on Cisco and enable MSTP on ProCurve
• Try to build at least one region. It will act as a virtual bridge.
• Between the regions or to other STP Bidges the "Common Spanning Tree" (CST) is the active tree.
• In IEEE802.1s the CST can use Rapid STP or the older version .1D
• When connection a MST Region to (rapid) - PVST+ device be awarethat the CST is running untagged on VLAN1 regardless of the native vlan.
• Check the STP cost setting when connecting a IEEE802.1s or. 1w configuration to a Cisco Rapid PVST+ or .1D bridge. You can revertthe cost on ProCurve to the legacy settings.
5/17/2006
15
page 29May 17, 2006
Cisco MSTP IEEE 802.1s Standard Compliance
Device Required IOSCisco Catalyst2950, 3550, IOS 12.2(25)SEC3560, 3750
Cisco Catalyst IOS 12.2(25)SG4000 No CatOS version
Cisco Catalyst IOS 12.2(18)SXF6000 or CatOS 8.3
Please refer to Cisco Website and select the Software Advisor Tool
http://www.cisco.com/public/support/tac/tools.shtml
page 30May 17, 2006
Example Configuring MSTP on ProCurve/Cisco
Sample topology
Parameters for the MSTP are as follows:
Config Name: hp-ciscoConfig Revision #: 1Instance 1 VLAN 1,10,20Instance 2 VLAN 30,40
Cisco-1 is Root for instances 0 (IST) and 1
Cisco-2 is Root for instance 2
HP ProCurve switches, ProCurve-Edge-1 and 2, are defined as edge switches
5/17/2006
16
page 31May 17, 2006
Configuring MSTP on Cisco
The Cisco Switch 1 is defined as Root for instances 0 (IST) and 1, and secondary Root for instance 2.
Conf t
hostname Cisco-1Spanning-Tree mode mstSpanning-Tree extend system-id!Spanning-Tree mst configurationname hp-ciscorevision 1instance 1 vlan 1, 10, 20instance 2 vlan 30, 40
Spanning-Tree mst 0-1 priority 0Spanning-Tree mst 2 priority 4096end
The Cisco Switch 2 is defined as Root for instances 2 and secondary Root for instance 0 and 1.
Conf thostname Cisco-2Spanning-Tree mode mstSpanning-Tree extend system-id!Spanning-Tree mst configurationname hp-ciscorevision 1instance 1 vlan 1, 10, 20instance 2 vlan 30, 40
!Spanning-Tree mst 0-1 priority 4096Spanning-Tree mst 2 priority 0
page 32May 17, 2006
Configuring MSTP on ProCurve
ProCurve-Edge-1 and 2 are defined as edge switches.
hostname "ProCurve-Edge-1/2" Spanning-TreeSpanning-Tree protocol-version MSTP
Spanning-Tree config-name "hp-cisco"Spanning-Tree config-revision 1Spanning-Tree instance 1 vlan 1 10 20Spanning-Tree instance 2 vlan 30 40
Cisco-1#sh span mst configuration Name [hp-cisco]Revision 1Instance Vlans mapped-------- -------------------------------------------------------------0 2-9,11-19,21-29,31-39,41-40941 1,10,202 30,40-----------------------------------------------------------------------
Result
5/17/2006
17
page 33May 17, 2006
Useful Cisco Troubleshooting Commands
CatOS IOSsh spant summary sh spann summary (summary of features / ports)
sh spant <vlan> active sh spann vlan <vlan> detail(STP state for a vlan)
sh spant mst [inst] sh spann mst [inst] (STP state for MST instance)
sh spant <mod/port> sh spann int <int> detail (STP state for port)
sh spant stat <mod/port> <vlan> sh span int <int> detail
page 34May 17, 2006
Summary
• Create a STP Design, Test and Implementation Plan
• Try to use the IEEE 802.1s Standard Compliance Version
• Check the lastest FW or IOS versions
• Check the Common Spanning Tree settings
• When using PVST+ take care for VLAN1
• If the STP is stable, secure it using BPDU Guard, Root Guard…
5/17/2006
18
HP logoTHE END
Vielen Dank !!!
