Multiple Spanning Tree

From csn
Revision as of 02:10, 14 March 2020 by Koziniec (talk | contribs) (Created page with "=Topology= File:layer2-redundant-switch-topology.png =Objectives= * Observe that conventional Spanning Tree is very slow to converge * Implement Multiple Spanning Tree *...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Topology

Layer2-redundant-switch-topology.png

Objectives

  • Observe that conventional Spanning Tree is very slow to converge
  • Implement Multiple Spanning Tree
  • Observe that when implementing MST, RSTP (Rapid) is also included and convergence is faster.

Download the EVE topology

Download the following EVE topology file to your local computer. Media:EVE-layer-2-redundant-switch-topology.zip

Background

Cisco’s Per VLAN Spanning Tree (PVST) provides a significant step up from standard spanning tree in terms of flexibility, allowing each VLAN to have its own independent spanning tree, thereby make better use of available links in the network. A drawback to PVST is that there is an instance of PVST running for EVERY VLAN in the network, regardless of whether there are actually different spanning-tree topologies required. This presents the potential for overwhelming the switch CPU and memory. Additionally, some Cisco switches allow only a limited number of PVST instances – usually 128. If more than 128 VLANs are created, some of them will not have any STP running, and therefore not have any switching loop protection. PVST and Rapid PVST are simply unusable in that kind of environment. Lastly, PVST and Rapid PVST are Cisco-proprietary protocols which adds complexity in mixed vendor environments.

MST is an open protocol and builds on Rapid Spanning Tree (RSTP), sharing all its rapid convergence properties, and in fact, the only standardized spanning-tree protocol for VLAN-based networks supported by multiple vendors. It is important to note that when you select MST (multiple) you always get RSTP (Rapid) as well.

MST is a compromise between common spanning-tree (one tree serving all VLANs) and per-VLAN spanning tree. An MST instance represents a unique spanning-tree topology that can support any VLANs the adminsistrator chooses.. Multiple MST instances can be created to account for each of the required spanning-tree topologies in a network, and an arbitrary number of VLANs can be mapped to a single MST instance.

In this lab you will set up two instances of MST, one for each DL Switch you need to map appropriate VLANs to the MST instance to ensure that traffic takes the most efficient path from the host to its default gateway. IE one MST instance should have the root bridge set as DLS1 and the other instance should be set as DLS2. A VLAN whose hosts use DLS1 as a gateway should be mapped to the first instance. While a VLAN whose hosts use DLS2 as a gateway should be mapped to the second instance.

Observe that 802.1D and Cisco PVST are slow

  • As best practice, it is recommended that you configure a host name on each of your switches.
  • Observe the spanning tree port states on Distribution2 using the show spanning-tree command.
Distribution2#show spanning-tree 

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     5000.0001.0000
             Cost        4
             Port        3 (GigabitEthernet0/2)
              Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec    

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     5000.0006.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec 

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Desg FWD 4         128.1    P2p 
Gi0/1               Desg FWD 4         128.2    P2p 
Gi0/2               Root FWD 4         128.3    P2p 
Gi0/3               Altn BLK 4         128.4    P2p 
Gi1/0               Desg FWD 4         128.5    P2p 
Gi1/1               Desg FWD 4         128.6    P2p 
Gi1/2               Desg FWD 4         128.7    P2p 
Gi1/3               Desg FWD 4         128.8    P2p

Notice that the spanning-tree type is ieee which means legacy 802.1D STP. Notice that the root port for this switch is Gig0/2. This is the lowest cost path to Access1 which is the STP root bridge. Also notice that Gig0/3 forms a loop and STP is blocking that port.

Let's simulate the failure of the Root port and see how long STP takes to recover from the fault.

You need to do this sequence quickly and the first time you may be too slow. So repeat the exercise and seek assistance from your instructor if you have trouble seeing what is happening.

  • Shutdown Gig 0/2 and then immediately perform a show spanning-tree and keep repeating (use up-arrow) the command to watch Spanning Tree cycle through the STP states.
Distribution2(config)#interface gig 0/2
Distribution2(config-if)#shutdown
Distribution2#show spanning-tree 

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     5000.0001.0000
             Cost        8
             Port        4 (GigabitEthernet0/3)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address     5000.0006.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Desg FWD 4         128.1    P2p 
Gi0/1               Desg FWD 4         128.2    P2p 
Gi0/3               Root LIS 4         128.4    P2p 
Gi1/0               Desg FWD 4         128.5    P2p
Gi1/1               Desg FWD 4         128.6    P2p 
Gi1/2               Desg FWD 4         128.7    P2p 
Gi1/3               Desg FWD 4         128.8    P2p 

In the output above you can see that Gig0/3 has changed to the LISten state in preparation for taking over as the root port.

  • If you keep executing show spanning-tree you will see the port transition to LRN (learn) and ultimately forwarding (FWD). Until the port moves to the FWD state, Distribution2 is isolated from the root switch and connectivity is not complete.

You should find that the above process takes around 30 seconds.

  • Restore the operation of gig 0/2
Distribution2(config)#interface gig 0/2
Distribution2(config-if)#no shutdown

Implement Multiple Spanning Tree (MST)

We will now implement MST. Keep in mind that this will give us more than one spanning-tree (MST) and also activate Rapid Spanning Tree (RSTP) so the network should recover from failure more quickly.

  • Issue the global configuration command spanning-tree mode mst on all of your switches.

An example from Distribution1:

DLS1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
DLS1(config)# spanning-tree mode mst
DLS1(config)#exit
  • Now perform a show spanning-tree on Distribution2.
Distribution2#show spanning-tree 

MST0
  Spanning tree enabled protocol mstp
  Root ID    Priority    32768
             Address     5000.0001.0000
             Cost        0
             Port        4 (GigabitEthernet0/3)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768  (priority 32768 sys-id-ext 0)
             Address     5000.0006.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/0               Desg FWD 20000     128.1    P2p 
Gi0/1               Desg FWD 20000     128.2    P2p 
Gi0/2               Root FWD 20000     128.3    P2p 
Gi0/3               Altn BLK 20000     128.4    P2p 
Gi1/0               Desg FWD 20000     128.5    P2p 
Gi1/1               Desg FWD 20000     128.6    P2p 
Gi1/2               Desg FWD 20000     128.7    P2p 
Gi1/3               Desg FWD 20000     128.8    P2p 


  • Notice that the spanning-tree protocol is now mstp
  • repeat the earlier exercise where you shutdown the root port and repeatedly show spanning-tree.

You should find that the a new root port is almost immediately brought to forwarding FWD. You should also see that RSTP doesn't go through a listening state but rather goes directly to LRN (learning) which improves the convergence time.

Observe default MST configuration

At this point, MST is running with default parameters. On any switch, issue the command show spanning-tree mst configuration to see the configuration information:

Distribution2#show spanning-tree mst configuration 
 Name      []
Revision  0     Instances configured 1 
 
Instance  Vlans mapped
--------  ---------------------------------------------------------------------
0         1-4094
-------------------------------------------------------------------------------
Distribution2#


The output tells us:

  • The region is un-named
  • The revision number is 0
  • There is one instance of MST, number 0, and all VLANS 1-4094 are mapped to that instance.

For MST to work, the region must be named and given a revision number (it is just an administrator-assigned value). All the switches in the same region must have the same region name and revision number, and have the same VLAN-to-instance mapping.

Create VLANs and trunks

We have multiple spanning trees so that different VLANs can have their own tree that is optimised for their purpose and configuration.

We need VLANs and we need trunks between switches to carry VLAN traffic. To save time the commands below can be copied and pasted onto each of your switches. This will turn trunking on all interfaces and creat four VLANs. The "vtp mode transparent' is necessary so that EVE can capture VLAN configuration if you export it. Always include this commend in EVE when configuring switches.

  • Copy the commands below to each of your switches:
enable
conf t
vlan 10 
name Accounts Level 1
vlan 20 
name Accounts Level 2
vlan 30
name Sales Level 1
vlan 40
name Sales Level 2
vtp mode transparent
interface range gigabitEthernet 0/0-3
switchport trunk encapsulation dot1q 
switchport mode trunk 
exit

Manually Configure MST

Now configure MST on all switches with the following information (you must configure each switch manually):

  • Region Name: CCNP
  • Revision Number: 1
  • VLAN Mappings: Instance 1: Accounts, Instance 2: Sales.


MST region configuration is performed in a special mode under the global configuration that is entered using the spanning-tree mst configuration command. You have to make the changes and exit from configuration mode to have the changes applied; the changes are not applied until you exit. While in MST configuration mode, you can use the show current and show pending commands to see how the configuration stands.

It is strongly recommended that you copy the relevant commands into an editor and then paste them into each switch.

Distribution1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Distribution1(config)#spanning-tree mst configuration
Distribution1(config-mst)#name CCNP
Distribution1(config-mst)#revision 1
Distribution1(config-mst)#instance 1 vlan 10, 20
Distribution1(config-mst)#instance 2 vlan 30, 40
Distribution1(config-mst)#exit

Distribution1#show spanning-tree mst configuration
Name      [CCNP]
Revision  1     Instances configured 3

Instance  Vlans mapped
--------  ---------------------------------------------------------------------
0         1-9,11-19,21-29,31-39,41-4094
1         10,20
2         30,40
-------------------------------------------------------------------------------
Distribution1#

Notice that we have three spanning-trees, the default (instance 0) that all VLANs automatically use and the two we manually mapped (instance 1 and 2). We have assigned Accounts VLANs to instance 1 and Sales VLANs to instance 2.

  • Issue the show spanning-tree mst command:
Distribution2#show spanning-tree mst

Use the space-bar to list all the information in the output screen.

  • Notice that STP now reports the three instances and the state of the ports will be identical* for each instance. At this stage all three spanning-trees are the same so there isn't much point having them.
  • Instance 0 will have more ports active because there are some interfaces in VLAN1 that do not carry the other VLANs (they are not trunks).

Manipulate the spanning tree

To this point we have left election of the root bridge up to the protocol defaults, which are the same as PVST with one exception – port cost values, still based on the physical interface’s bandwidth, use much larger numbers.

An example of the show spanning-tree root command at Distribution2 provides proof that the root bridge is elsewhere:

Distribution2#show spanning-tree root 

                                        Root    Hello Max Fwd
MST Instance           Root ID          Cost    Time  Age Dly  Root Port
---------------- -------------------- --------- ----- --- ---  ------------
MST0             32768 5000.0001.0000         0    2   20  15  Gi0/3           
MST1             32769 5000.0001.0000     40000    2   20  15  Gi0/3           
MST2             32770 5000.0001.0000     40000    2   20  15  Gi0/3           
Distribution2#
         
DLS1#

Port costs, which are summed to find a path cost in the quest for a root bridge, are different in MST:

  • 10 Mbps—2,000,000
  • 100 Mbps—200,000
  • 1 Gigabit Ethernet—20,000
  • 10 Gigabit Ethernet—2,000

MST uses the same basic commands and values to manipulate it’s operation.

To manually configure a bridge to be the primary MST root, use the command spanning-tree mst instance-list root {primary | secondary} global configuration command. You can also manually set the bridge priority using the spanning-tree mst instance-list priority priority global configuration command. In the example below, Distribution1 is configured as the primary root for instance 0 and 1, and the secondary root for instance 2:

Distribution1# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Distribution1(config)# spanning-tree mst 1 root primary
Distribution1(config)# spanning-tree mst 2 root secondary
Distribution1(config)# end
Distribution1#

Distribution2 is configured with a complementary set of instructions; root primary for instance 1 and root secondary for instance 0:

Distribution2# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Distribution2(config)# spanning-tree mst 1 root secondary
Distribution2(config)# spanning-tree mst 2 root primary
Distribution2(config)# end
Distribution2#

The results of these configuration changes are evident using the show spanning-tree root command. From Access1, you can see that the root ID now corresponds to Distribution1 and Distribution2 for instances 1 and 2. In other words we have two independent trees and you will find that some ports will block for one VLAN and forward for another. This helps to make use of the available bandwidth.

Access1#show spanning-tree root

                                        Root    Hello Max Fwd
MST Instance           Root ID          Cost    Time  Age Dly  Root Port
---------------- -------------------- --------- ----- --- ---  ------------
MST0             32768 5000.0001.0000         0    2   20  15                  
MST1             28673 5000.0006.0000     20000    2   20  15  Gi0/2           
MST2             24578 5000.0006.0000     20000    2   20  15  Gi0/2