Thursday, July 18, 2013

RSTP: Rapid Spanning Tree Protocol


  • 3 port types 
    • P2P-full duplex
    • Non Edge port(equal to PortFast enabled port in PVSTP)
  •  To allow backward compatability that port must be enable the PortFast
  • PortFast enabled ports in PVST become automatically edge ports in RPVST
at No comments:

STP LOOP GUARD / UniDirectional Link Detection


  • Loop guard is enabled on L-2 interfaces only
  • Unidirectional link:
    • due to stp unable to receive bpdu packets, but send the packets
      • cause, 
        • max-age expired
        • 2 switches bothe elected disignated port at same time
  • Example: In case of optical channels send channel not works but receive channel is working
    •  Due to layer-1 issue send channel is not working 
    • then BPDUs from SW2 to SW3 not reached
    • Blocked port on SW3 automatically Designated port after max-age timer expired
  • solution is create L-1 keep alive, that can we send both incoming & outgoing on the same link




FunctionalityLoop GuardUDLD
ConfigurationPer-portPer-port
Action granularityPer-VLANPer-port
AutorecoverYesYes, with err-disable timeout feature
Protection against STP failures caused by unidirectional linksYes, when enabled on all root and alternate ports in redundant topologyYes, when enabled on all links in redundant topology
Protection against STP failures caused by problems in the software (designated switch does not send BPDU)YesNo
Protection against miswiring.NoYes
Source: cisco documentation
  • Commonly run both loop guard & UDLD run at same time
  • spanning-tree loopguard default / spanning-tee guard loop
  • UDLD
    • udld port 
    • udld port aggressive

at No comments:

STP ROOT GAURD


  • check the incoming BPDU, 
    • if supirior BPDU comes, disable that link or close that STP instance(root inconsistant state)
    • untill stop receving superior bpdu
    • spanning-tree guard root
at No comments:

STP BPDU GUARD


  • If BPDU received from end host, immediately shut down the port
  • Instead of blocking BPDU(as in BPDU filter)  make the port into error disable state(traffic blocked).
  • After port going into error disable state, port can up
    • if error disable recovery timer expires
    • or, manually shutdown the port then bringsup.
  •  It is the more secured implementation of filtering STP.
  • Also config with PortFast on global mode
  • interface level will over ride global config
  • to check error disable recover timer enable or not use show cmd
    • show errdisable recvoery
  • Enable error disable recovery timer
    • errdisable recovery interval 30 on global mode (some times not enabled, verify by above cmd, then use below cmd)
    • errdisable recovery cause bpdugaurd because there are so many causes the port goto errdisable state
  • spanning-tree portfast bpdugaurd default
  • spanning-tree bpdugaurd default
at No comments:
Subscribe to: Posts (Atom)