lab – spanning tree

experiences with the spanning tree protocol

the two types of Bridge PDUs• the configuration BPDU contains all the information needed by the

spanning tree algorithm, and in particular the following:

1. root-bridge-identifier (the current root of the spanning tree)2. root-path-cost (the cost of the path to the root bridge)3. bridge-identifier (the identifier of the bridge sending the BPDU)4. port-identifier (the port through which the BPDU is sent)

example:

• the topology change BPDU does not contain any data in addition to that necessary to identify the packet as a topology change BPDU (we will see in the following its use)

root-bridge-idroot-path-cost

bridge-idport-id

80-00-23-ef-…10080-00-2d-12-…6

the four operations of the spanning tree algorithm

1) root bridge election• a single bridge is choosen to be the root of the spanning tree

2) identification of the root port on each bridge• each bridge that is not the root bridge selects one of its ports as

the nearest to the root bridge3) determination of designated bridges

• for each lan a bridge is chosen as the one which connects the lan to the spanning tree (the port used by the designated bridge is called designated port)

4) blocking of redundant ports• unused ports (non root ports and non designated ports) are

placed in blocking state

1) root bridge election

1. each bridge produces a configuration BPDU in which its own bridge-id is used as root-identifier• the bridge-id is composed by catenating the priority (local to the

bridge and adminstratively set, default value is 80-00) and the bridge mac (that is, the mac of the "first" port of the bridge, usually the lowest mac)

2. when a bridge receives a configuration BPDU with lower bridge-id• it stops from producing configuration BPDUs with its own

bridge-id used as root-identifier• it forwards the new configuration BPDU through all ports

3. the root bridge is the one that carries on producing configuration BPDUs with its own bridge-id in the root-identifier field

configuration bpdu forwarding1. when a configuration BPDU is produced by a bridge its root-path-

cost field is set to zero2. when a configuration BPDU is forwarded by a bridge that is not the

root bridge, its fields are updated as follows:• the root-path-cost is incremented of the cost of the port of the

bridge that received the configuration BPDU• the bridge-identifier is set to the bridge-id of the current bridge• the port-identifier is set to the port number through which the

configuration BPDU is sent

root-bridge-idroot-path-cost

bridge-idport-id

00-00-23-ef-…10010-00-2d-12-…6

root-bridge-idroot-path-cost

bridge-idport-id

00-00-23-ef-…20010-00-43-2f-…5

2) root port identification

each bridge that is not the root bridge identifies the port through which the root bridge is best reachable

the root port is chosen to be the one that receives configuration BPDUs with:

1. lowest root-path-cost (once the port cost is added to it)2. lowest bridge-identifier3. lowest port-identifier

3) determination of designated bridges

for each lan a bridge port is chosen to be the designated port based on the configuration BPDUs which are forwarded by that port (the bridge which has the designated port is called designated bridge)

the designated port is chosen to be the one that sends configuration BPDUs with:

1) lowest root-path-cost2) lowest bridge-identifier3) lowest port-identifier

4) blocking

• all ports that are not root-ports or designated-ports are placed in blocking state

• all root-ports and designated-ports are placed in forwarding state

timers• hello time

– time interval between generation of BPDUs by any bridge(default = 2 seconds)

• max age– length of time a bridge will wait to receive a BPDU

(default = 20 seconds)– once this timer expires, a topology change notification

BPDU will be transmitted• forward delay

– length of time the bridge will remain in the listening and learning port state(default = 15 seconds)

lab1: root bridge election

sniffer

bridge1 bridge2

lab2: topology change

sniffer

bridge1 bridge2

execute:brctl addif br0 eth1on bridge2 in orderto force a topologychange

topology change notification strategy• when a bridge perceives a topology change it sends topology

change notification PBPUs through its root port• it carries on sending notifications until the designated bridge on the

lan attached to the root port acknowledges it• the designated bridge, in its turn, will send the topology change

notification BPDU through its root port, until it it received by the root bridge

• the root bridge starts setting the topology change flag on its configuration BPDUs

• all bridges, on apprehending that a topology change is in place, will use the forward delay time (usually 15 seconds) instead of the filtering database ageing time (usually five minutes) in order to age out the entries of the source address tables

bridge2 notifies a topology changeIEEE 802.3 Ethernet

Destination: 01:80:c2:00:00:00 (01:80:c2:00:00:00)Source: 00:00:00:00:02:01 (XEROX_00:02:01)Length: 7Trailer: A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5...

Logical-Link ControlDSAP: Spanning Tree BPDU (0x42)IG Bit: IndividualSSAP: Spanning Tree BPDU (0x42)CR Bit: CommandControl field: U, func = UI (0x03)

000. 00.. = Unnumbered Information.... ..11 = Unnumbered frame

Spanning Tree ProtocolProtocol Identifier: 0x0000 (Spanning Tree)Protocol Version Identifier: 0BPDU Type: 0x80 (Topology Change Notification)

frame 34

bridge1 acknowledges and propagatesIEEE 802.3 Ethernet Logical-Link ControlSpanning Tree Protocol

Protocol Identifier: 0x0000 (Spanning Tree)Protocol Version Identifier: 0BPDU Type: 0x00 (Configuration)BPDU flags: 0x81

1... .... Topology Change Acknowledgment.... ...1 Topology Change

Root Identifier: 32768 / 00:00:00:00:01:01Root Path Cost: 0Bridge Identifier: 32768 / 00:00:00:00:01:01Port identifier: 0x8001Message Age: 0Max Age: 20Hello Time: 2Forward Delay: 15

frame 35

lab3: remote topology change

snifferA

bridge1 bridge2 bridge3

snifferB

execute:brctl addif br0 eth1on bridge3 in orderto force a topologychange

bridge3 notifies a topology change to bridge2

IEEE 802.3 Ethernet Logical-Link ControlSpanning Tree Protocol

Protocol Identifier: 0x0000 (Spanning Tree)Protocol Version Identifier: 0BPDU Type: 0x80 (Topology Change Notification)

frame 151

bridge2 acknowledges

IEEE 802.3 Ethernet Logical-Link ControlSpanning Tree Protocol

Protocol Identifier: 0x0000 (Spanning Tree)Protocol Version Identifier: 0BPDU Type: 0x00 (Configuration)BPDU flags: 0x80

1... .... Topology Change AcknowledgmentRoot Identifier: 32768 / 00:00:00:00:01:01Root Path Cost: 100Bridge Identifier: 32768 / 00:00:00:00:02:01Port identifier: 0x8002Message Age: 1.44922Max Age: 20Hello Time: 2Forward Delay: 15

frame 152

bridge2 propagates a BPDU to bridge3

IEEE 802.3 Ethernet Logical-Link ControlSpanning Tree Protocol

Protocol Identifier: 0x0000 (Spanning Tree)Protocol Version Identifier: 0BPDU Type: 0x00 (Configuration)BPDU flags: 0x01

.... ...1 Topology ChangeRoot Identifier: 32768 / 00:00:00:00:01:01Root Path Cost: 100Bridge Identifier: 32768 / 00:00:00:00:02:01Port identifier: 0x8002Message Age: 1.04688Max Age: 20Hello Time: 2Forward Delay: 15

frame 153

lab4: a more complex scenario

A B

C D E F

G H

root bridge electionroot bridge

root ports identificationroot bridge

rp

rp

rp

rp

rp

designated bridges identificationroot bridge

rp

rp

rp

rp

rp

blockingroot bridge

rp

rp

rp

rp

rp

spanning tree protocol on bridge6bridge6:~# brctl showstp br0br0bridge id 8000.000000000601designated root 8000.000000000102root port 2 path cost 300max age 4.00 bridge max age 4.00hello time 0.40 bridge hello time 0.40forward delay 3.00 bridge forward delay 3.00ageing time 60.00 gc interval 0.80hello timer 0.00 tcn timer 0.00topology change timer 0.00 gc timer 0.23flags

...NOTE: each unit of time represents five seconds

spanning tree protocol on bridge6...eth0 (1)port id 8001 state blockingdesignated root 8000.000000000102 path cost 100designated bridge 8000.000000000501 message age timer 0.20designated port 8004 forward delay timer 0.00designated cost 200 hold timer 0.00flags

eth1 (2)port id 8002 state forwardingdesignated root 8000.000000000102 path cost 100designated bridge 8000.000000000301 message age timer 0.20designated port 8002 forward delay timer 0.00designated cost 200 hold timer 0.00flagsbridge6:~#

spanning tree protocol on bridge1bridge1:~# brctl showstp br0br0bridge id 8000.000000000102designated root 8000.000000000102root port 0 path cost 0max age 4.00 bridge max age 4.00hello time 0.40 bridge hello time 0.40forward delay 3.00 bridge forward delay 3.00ageing time 60.00 gc interval 0.80hello timer 0.18 tcn timer 0.00topology change timer 0.00 gc timer 0.18flags

...

spanning tree protocol on bridge1...eth0 (1)port id 8001 state forwardingdesignated root 8000.000000000102 path cost 100designated bridge 8000.000000000102 message age timer 0.00designated port 8001 forward delay timer 0.00designated cost 0 hold timer 0.18flags

eth1 (2)port id 8002 state forwardingdesignated root 8000.000000000102 path cost 100designated bridge 8000.000000000102 message age timer 0.00designated port 8002 forward delay timer 0.00designated cost 0 hold timer 0.18flagsbridge1:~#

further experiments

• try changing the root bridge by setting the bridge priorities

• try using both ports of a specified link by using port priority– why this is difficult?