Spanning Tree Protocol
Unit: 3
Lesson: 3
grr avoiding traffic jams across redundant links
The Spanning Tree Protocol and other network protocols like it are classified as 802.1D by the IEEE. Official documentation can be found here.
When a network is configured using a (partial) mesh of switches, redundant links are created. This is good because if a link between two nodes goes down, there are always other paths a packet can take to reach it's destination. However, since an Ethernet-based network has no 'time-to-live' concept, what happens when a packet can't seem to reach it's destination, no matter what path it takes? It roams the network infinitely, resulting in lessened bandwidth.
The solution to this problem is called the Spanning Tree Protocol. STP organizes network switches and bridges in a hierarchy to form block loops. The switch at the top is the root. Each switch then determines what is the shortest path to the root from their place in the network.
Each port on each switch is designated as either designated or root ports. Designated ports connect directly to another node, while root ports forward traffic to the root node. Traffic is either forwarded "up" the network to the root node, or forwarded "down" directly to other nodes. Any port that would create a loop in the network is called a non-designated port, and is forbidden from connecting to other nodes.
Changes in the network update the STP map of the network via Topology Change Notifications, and all STP information is packaged in a packet frame called the bridge protocol data unit (BPDU) multicast frame.
Configuration
If a switch supports STP, it should be enabled by default, without configuration. The network administrator should however, always set the root of the network to the highest-performing switch on the network. Performance will suffer if set otherwise.
- Show the current STP configuration.
show spanning-tree - Assign root and backup switches.
spanning-tree id root primaryandspanning-tree id root secondary
| State | Frame Forwarding | MAC Address Saving | Details |
|---|---|---|---|
| Blocking | nein | nein | Drops all frames except BPDUs |
| Listening | nein | nein | Listening for BPDUs to detect loops in the STP map |
| Learning | nein | ja | STP has mapped out the network and built the MAC address table |
| Forwarding | finally | ja | Normal activity |
| Disabled | nein | nein | Disabled by network admin |
When all ports on the network are either forwarding or blocking, that means the network has converged. No communications can take place on the network until it has converged. Under the original 802.1D standard, this made networks unavailable for extensive periods (10s of seconds) during configuration changes. However, under the 802.1D-2008 (Rapid STP), this downtime has been reduced to a few seconds or less. Also, under RSTP, all states that aren't Forwarding is classified as the Discarding state.
Broadcast Storms
Even though STP is designed to prevent network loops, there is still a chance that it happens. And when it does happen, it might trigger an evolution into a broadcast storm. It starts when a network is flooded with frames that circulate around without a destination. Since switches panic when that happens and broadcast those packets out to all ports, those same packets end up back in the network, and back to that switch. That is a network loop.
Broadcast storms happen when the switches see that some source MAC addresses from these looping packets are associated with multiple ports. This isn't allowed, the switch panics and clears the MAC address table, and the cycle continues. This results in an extreme jump in resource utilization (up to 80% CPU, near max for the network), and the network becomes unusable.
If there is a network loop, STP would shut down the port that creates the loop - isolating the problem to a segment of the network. Network technicians should inspect the physical ports that correspond to the disabled interfaces. Often times, this means that a patch cable connects two ports on the same switch.
If STP is enabled and a broadcast storm still happens, ensure that all network appliances support the same version of STP or Rapid STP. Verify that the physical configuration of legacy applications (e.g. hubs, unmanaged desktop switches, VoIP handsets) is also correct.
#Netplus