Establishing a single switched network

Presentation of a switch:
 The switch operates within the scope of the data link layer
 The switch uses a MAC address table (MAC address – port) for making forwarding
decisions
0
Problem of redundancy in a switching network
By adding more switch, the network became redundant but this does not necessarily translate into
reliability. Redundancy in a switching network minimizes connection failure but generates
potential switching loops. We face 2 problems:
1. Switching loops allow for broadcast storms to occur and duplication of frames to be
received by end stations.
2. Receiving previously forwarded frames generates false MAC entries and instability within
the MAC address table; we can find different port with the same MAC address.
Spanning Tree Protocol - STP
In order to prevent these problems, we use STP protocol.
1. First step – elect the root bridge:
The election process is based on special data called Bridge Identifier (BID).
The rule is simple: the switch with the lowest BID becomes the root bridge.
The BID is either a priority number (multiple of 4096 from 0 to 65535) or sometimes the MAC
address if the priority number of the switch are equals.
2. Second step – determine ports:
- Place root interface into forwarding state; designated port
- Each non-root switch selects its root port
- Remaining links choose a designated port
- All other ports are put in blocking state; alternative port
The root sends BPDU message each period of time (Hello Time) to all the other switches.
0
BPDU Message frame
Pid Contains the value of the protocol used
Pvi Version of the protocol
BPDU type Configuration or TCN BPDU
Flags The Topology Change (TC) bit signals a topology change. The Topology Change
Acknowledgment (TCA) bit is set to acknowledge receipt of a configuration message.
Root id Identifies the root bridge by listing its 2-byte priority number followed by its 6-byte MAC
address.
Rpc Contains the cost of the path from the bridge sending the configuration message to
the Root Bridge (Root Switch) .
Bridge id Identifies the Sender bridge by listing its 2-byte priority number followed by its 6-
byte MAC address.
Port id Identifies the port from which the configuration message was sent.
Message age Specifies the amount of time elapsed since the Root Bridge (Root Switch) sent the
configuration message on which the current configuration message is based.
Max age Indicates when the current configuration message should be deleted.
Hello time Provides the time period between Root Bridge (Root Switch) configuration messages.
Fwd delay Provides the length of time that bridges should wait before transitioning to a new state
after a topology change.
Path cost
Path Cost value can be defined as the accumulated port costs from a Switch (other than the Root
Bridge (Switch)) to reach the Root Switch. When a switch receives a Bridge Protocol Data Unit
(BPDU) in its port, it increments the path cost with the cost of the incoming port. Path costs are
incremented when a Bridge Protocol Data Unit (BPDU) reaches a port.
 Port speed 802.1D 802.1t Path cost legacy
10Mbps 99 1999999 1999
100Mbps 18 199999 199
1Gbps 4 20000 20
10Gbps 2 2000 2
The 802.1t protocol is the default standard used by Huawei switches
0
Port roles
Root bridge: There is only one root bridge on the entire STP network. The root bridge is the logical
center, but not necessarily the physical center, of the network. Typically, the root bridge should
have high performance and be located at a higher layer of the network. When the network
topology changes, the root bridge will be re-elected accordingly. It is recommended that you
manually configure the root bridge and secondary root bridge. Configure an optimal core switch as
the root bridge to ensure stability of the STP Layer 2 network. Otherwise, new access devices may
trigger STP root bridge switching, causing short service interruptions.
- Root port: The root port on an STP device has the smallest path cost to the root bridge and is
responsible for forwarding data to the root bridge. Among all STP-capable ports on a device, the
port with the smallest root path cost is a root port. An STP device has only one root port, and there
is no root port on the root bridge.
- Designated port: The designated port is located on a designated bridge and forwards
configuration BPDUs to the device or LAN
- Alternate Port: is a blocking port that receives better BPDU from another switch. It is the backup
of Root Port.
Rules:
N° of Root port = n° switches – 1
N° of designated port = n° of links
N° of alternate port = n° of links – n° switches + 1
R always faces D
D faces A, because D has more priority than A
0
Port ID
Where the RPC is equal a port identifier is used to determine the active and the alternate paths to
the root. The port with minimum port id is active.
Timers
The Message age is incremented each time the BPDU message attends a new switch.
The Max age represents the aging timer of a BPDU message.
The BPDU message is discarded when Message age exceeds Max age.
Port state transitions
The ports on a switch with enabled Spanning Tree Protocol (STP) are in one of the following five
port states:
Blocking State
The Switch Ports will go into a blocking state at the time of election process, when a switch
receives a BPDU on a port that indicates a better path to the Root Switch (Root Bridge), and if a
port is not a Root Port or a Designated Port.
A port in the blocking state does not participate in frame forwarding and also discards frames
received from the attached network segment. During blocking state, the port is only listening to
and processing BPDUs on its interfaces. After 20 seconds, the switch port changes from the
blocking state to the listening state.
Listening State
After blocking state, a Root Port or a Designated Port will move to a listening state. All other ports
will remain in a blocked state. During the listening state the port discards frames received from the
attached network segment and it also discards frames switched from another port for forwarding.
At this state, the port receives BPDUs from the network segment and directs them to the switch
system module for processing. After 15 seconds, the switch port moves from the listening state to
the learning state.
Learning State
A port changes to learning state after listening state. During the learning state, the port is listening
for and processing BPDUs . In the listening state, the port begins to process user frames and start
updating the MAC address table. But the user frames are not forwarded to the destination. After
15 seconds, the switch port moves from the learning state to the forwarding state.
Forwarding State
A port in the forwarding state forwards frames across the attached network segment. In a
forwarding state, the port will process BPDUs , update its MAC Address table with frames that it
receives, and forward user traffic through the port. Forwarding State is the normal state. Data and
configuration messages are passed through the port, when it is in forwarding state.
Disabled State
A port in the disabled state does not participate in frame forwarding or the operation
of STP because a port in the disabled state is considered non-operational.

Topology changes in STP

The network topology can happen in a network due to different reasons like a link failure, a Switch
(Bridge) failure, or a port transitioning to forwarding state.
The topology change must be notified to all Switches (Bridges) in the network and the process
involves two steps:
• The Switch (Bridge) notifies the topology change to Root Bridge
• The Root Switch (Bridge) bridge broadcasts the topology change information into the whole
network.
When a Switch (Bridge) discovers topology change, it generates a TCN (Topology Change
Notification) and sends the TCN BPDU on its root port. The upstream Switch (Bridge) responds
back the sender with TCA (Topology Change Acknowledgment) BPDU (Bridge Protocol Data Unit).
The upstream Switch (Bridge) generates another TCN BPDU and sends out via its Root Port. The
process continues until the Root Switch (Root Bridge) receives the TCN BPDU.
When the Root Switch (Root Bridge) is aware that there is a topology change in the network, it
starts to send out its Configuration BPDUs with the topology change (TC) bit set. Configuration
BPDUs are received by every Switch (Bridge) in the network and all bridges become aware of the
network topology change.
Switches (Bridges) keep its MAC address table entries for 300 seconds (5 minutes, known as aging
time), by default. When a network topology change happens, the Switch (Bridge) temporarily
lowers the aging time to the same as the forward delay time (15 seconds) to relearn the MAC
address changes happened because of topology change.
This is important because normally only after five minutes an entry is aged out from the MAC
address table of the switch and the network devices could be unreachable for up to 5 minutes.
This is known as a black hole because frames can be forwarded to a device, which is no longer
available.
CLI Commands

Display the mac address table of a switch: Basic configuration:

 display mac-address  undo negotiation auto
 duplex full
 speed ****
Assigning Path cost:
 stp path cost-standartd ?
 Go to the interface port
 stp cost ****
Root protection:
 stp root-protection
0
Rapid spanning tree control - RSTP
The convergence time for legacy  STP is 30 to 50 seconds. When the network is converging on a
topology change, no traffic is forwarded to or from any of the network bridges and switches. In
modern networks this Spanning Tree Protocol (STP) convergence time gap is not acceptable.
The Rapid Spanning Tree Protocol (RSTP) is available to address the  Spanning Tree Protocol (STP)
convergence time  gap issue. Rapid Spanning Tree Protocol (RSTP) enables STP Root Ports and STP
Designated Ports to change from the blocking to forwarding port state in a few seconds.

RTSP Port roles

STP includes two port types; STP Root Port  and  Designated Port. RSTP includes two additional port
types called as alternate ports and backup ports.
An alternate port is a port that has an alternative path or paths to the Root Switch (Root
Bridge) but is currently in a discarding state (can be considered as an additional unused Root Port).
A backup port is a port on a network segment that could be used to reach the root switch, but
there is already an active STP Designated Port for the segment (can be considered as an additional
unused designated port).
RSTP edge ports
In RSTP, a designated port on the network edge is called an edge port. An edge port directly
connects to a terminal and does not connect to any other routers.
An edge port does not receive configuration BPDUs, and therefore does not participate in the RSTP
calculation. It can directly change from the Disabled state to the Forwarding state without any
delay, just like an STP-incapable port. If an edge port receives bogus BPDUs from attackers, it is
deprived of the edge port attributes and becomes a common STP port. The STP calculation is
implemented again, causing network flapping.
Port state of RSTP
STP Port State RSTP Port State Port Role

Forwarding Forwarding Root port or designated port

Learning Learning Root port or designated port

Listening Discarding Root port or designated port

Blocking Discarding Alternate port or backup port

Disabled Discarding Disabled port

RSTP BPDU

RSTP Convergence
The convergence of RSTP in a network is the process that takes all switches from a state of
independence (each thinks it must be the RSTP root) to one of uniformity, in which each switch
has a place in a loop-free tree topology. You can think of convergence as a two-stage process:
1. One common Root Bridge must be "elected," and all switches must know about it.
2. The state of every switch port in the STP domain must be brought from a Blocking state to the
appropriate state to prevent loops.

RSTP BPDU Proposal

To participate in RSTP convergence, a switch must decide the state of each of its ports. Nonedge
ports begin in the Discarding state. After BPDUs are exchanged between the switch and its
neighbor, the Root Bridge can be identified. If a port receives a superior BPDU from a neighbor,
that port becomes the root port.
For each nonedge port, the switch exchanges a proposal-agreement handshake to decide the state
of each end of the link. Each switch assumes that its port should become the designated port for
the segment, and a proposal message (a configuration BPDU) is sent to the neighbor suggesting
this.
When a switch receives a proposal message on a port, the following sequence of events occurs:
- If the proposal's sender has a superior BPDU, the local switch realizes that the sender
should be the designated switch (having the designated port) and that its own port must
become the new root port.
- Before the switch agrees to anything, it must synchronize itself with the topology.
- All nonedge ports immediately are moved into the Discarding (blocking) state so that no
bridging loops can form.
- An agreement message (a configuration BPDU) is sent back to the sender, indicating that
the switch is in agreement with the new designated port choice. This also tells the sender
that the switch is in the process of synchronizing itself.
- The root port immediately is moved to the Forwarding state. The sender's port also
immediately can begin forwarding.
- For each nonedge port that is currently in the Discarding state, a proposal message is sent
to the respective neighbor.
- An agreement message is expected and received from a neighbor on a nonedge port.
- The nonedge port immediately is moved to the Forwarding state.

STP inter-operation
RSTP switch ports will revert to STP when connected to a LAN segment containing an STP enabled
device
Loop protection
If the BDPU message fail to be received by downstream switch the root port is blocked to prevent
switching loops from occurring
CLI Commands
Setting the mode: stp mode rstp
Setting the edge port : stp edged-port default