[All About Switches] Example for Configuring RSTP

Latest reply: Aug 10, 2015 17:23:28 6315 3 0 0

1         RSTP Overview

The Rapid Spanning Tree Protocol (RSTP), defined in IEEE 802.1W, is developed based on the Spanning Tree Protocol (STP) defined in IEEE802.1D. Compared with STP, RSTP shortens the link switching time from the second-level to millisecond-level.

2         Improvements Made in RSTP

2.1         Optimizing Port States

RSTP optimizes port states and retains only three port states. A port in Listening, Blocking, or Disabled state does not forward packets, so RSTP optimizes them into Discarding state.

STP Port State

RSTP Port State

Forwarding

Forwarding

Learning

Learning

Listening

Discarding

Blocking

Discarding

Disabled

Discarding

2.2         More Port Roles

RSTP adds three port roles: alternate port, backup port, and edge port.

[All About Switches] Example for Configuring RSTP-1338283-1

As shown in the preceding figure:

?  An alternate port acts as a backup of the root port. When the root port fails, the alternate port becomes the new root port immediately and enters the forwarding state.

[All About Switches] Example for Configuring RSTP-1338283-2

?  A backup port acts as a backup of the designated port, and provides a path from the local device to the root bridge. The backup port that learns its sent configuration BPDUs is blocked.

[All About Switches] Example for Configuring RSTP-1338283-3

?  An edge port is a designated port configured by an administrator as required and used to connect to a PC or a downstream switch that does not need to run STP. The administrator must ensure that there is no loop on the downstream network connected to the edge port and the edge port is able to directly enter the Forwarding state. BPDU protection needs to be enabled on the edge port to prevent malicious attacks. When the edge port receives BPDUs, the edge port is automatically shut down and needs to be manually resumed.

On a Huawei switch, the display stp brief command also displays the edge port as the designated port.

[All About Switches] Example for Configuring RSTP-1338283-4

2.3         Four Protection Functions

     To ensure normal traffic forwarding on an unstable network, RSTP adds four protection functions.

Function

Description

BPDU protection

Enabled on an edge port.

When an edge port enabled with BPDU protection receives BPDUs, the edge port is shut down automatically.

Root protection

Enabled on a designed port.

The role of a designated port that with root protection enabled cannot be changed. When a port enabled with root protection receives an RST BPDU with a higher priority, the port enters the Discarding state and does not forward packets. If the port does not receive RST BPDU with a higher priority within a certain period (usually twice the Forward Delay), the port enters the Forwarding state.

Loop protection

Enabled on the root or alternate port.

If the root port or alternate port enabled with loop protection does not receive BPDUs from the upstream device for a long time, the root port enters the Discarding state and becomes the designated port or the alternate port keeps blocked and becomes the designated port. In this case, the root or alternate port does not forward packets, so no loop occurs.

After the link is recovered, the port receives BPDUs for negotiation and restores its original role and status.

TC BPDU attack defense

Used globally.

Within a given period of time, a switch processes TC BPDUs only for the specified number of times. By default, TC BPDUs are processed once every two seconds.

If the number of TC BPDUs that a switch receives within a given period of time exceeds the specified threshold, the switch processes TC BPDUs only for the specified number of times. Excess TC BPDUs are processed by the switch as a whole after the specified period expires. This function prevents the switching device from frequently deleting its MAC address entries and ARP entries.

2.4         BPDU Format Change

?  Protocol Version and BPDU Type change

Field

RSTP

STP

Protocol Version

02

00

BPDU Type

02

0x00:配置BPDU

0x80TCN BPDU

?  Field change

[All About Switches] Example for Configuring RSTP-1338283-5

2.5         BPDU Processing

2.5.1        BPDU Classification

In the RSTP BPDU, the value of PDU Type is 0x02.

?  RST configuration BPDU: The value of the TC bit in the Flags field is 0.

?  RST TC BPDU: The value of the TC bit in the Flags field is 1.

2.5.2        BPDU Processing Flowchart

[All About Switches] Example for Configuring RSTP-1338283-6

Note: In RSTP, the upstream device does not respond to packets with the TCA bit of 1. After the timer is reached, the downstream device stops sending TC BPDUs.

2.5.3        BPDU Format

?  RST configuration BPDU: The value of the TC bit in the Flags field is 0.

The RST configuration BPDU is used for negotiating and maintaining the RSTP status.

[All About Switches] Example for Configuring RSTP-1338283-7

?  RST TC BPDU: The value of the TC bit in the Flags field is 1.

The RST TC BPDU is used to notify the upstream device that the network topology changes and request the upstream device to delete its MAC address entry.

[All About Switches] Example for Configuring RSTP-1338283-8

 

2.6         Proposal/Agreement Mechanism

In STP, the designated port can be rapidly selected. To prevent loops, a device must wait for at least one Forward Delay until all ports become stable. Then all ports can forward traffic. RSTP is used to eliminate the bottleneck, and blocks its non-root-port to prevent loops.

The P/A mechanism allows one designed port to enter the Forwarding state as soon as possible  to implement fast convergence.

Currently, Huawei switches support the following two P/A modes.

?  Enhanced mode: Huawei switches use the enhanced mode by default.

1.       An upstream device sends a Proposal message to a downstream device, requesting fast transition. After receiving the Proposal message, the downstream device configures the port connected to the upstream device as a root port and blocks all non-edge ports.

2.       The upstream device then sends an Agreement message to the downstream device. After the downstream device receives the message, the status of the root port changes to Forwarding.

3.       The downstream device sends an Agreement message to the upstream device. After receiving the Agreement message, the upstream device configures the port connected to the downstream device as a designated port. The status of the designated port then changes to Forwarding.

?  Common mode

1.       An upstream device sends a Proposal message to a downstream device, requesting fast transition. After receiving the Proposal message, the downstream device configures the port connected to the upstream device as a root port and blocks all non-edge ports. The root port then transitions to the Forwarding state.

2.       The downstream device sends an Agreement message to the upstream device. After receiving the Agreement message, the upstream device configures the port connected to the downstream device as a designated port. The status of the designated port then changes to Forwarding.

3         Configuration Notes

?  The display stp brief command displays only information about all STP-enabled ports in Up state.

?  There are no differences between configuration and display commands for STP and RSTP.

?  When a Huawei switch connects to a non-Huawei switch, run the stp no-agreement-check command on the Huawei switch to configure the common fast transition mechanism. Otherwise, the link switching time will become long.

?  When a port is configured as an edge port, you are advised to run the stp bpdu-filter enable command to disable the edge port from sending BPDUs.

?  On fixed switches, ports send STP BPDUs to the CPU after the bpdu enable command is configured globally or on ports. Without this configuration, the ports cannot send BPDUs to the CPU after receiving the BPDUs. STP then cannot converge.

For S2700 switches in V100R005 and earlier versions, check whether the bpdu enable command has been configured globally. For other fixed switches in V100R005 and earlier versions, check whether the bpdu enable command has been configured on physical ports and the Eth-Trunk.

For fixed switches in V100R006 and later versions, the bpdu enable command is configured globally or on ports by default on corresponding models.

?  After STP is enabled on an Eth-Trunk, change the cost of the Eth-Trunk to a value smaller than the cost of physical ports so that the Eth-Trunk will be not negotiated as the backup port. The cost of the Eth-Trunk is the cost of a member port divided by the number of member ports. Therefore, the Eth-Trunk cost changes after the status of member ports changes. A smaller cost indicates better link quality.

4         Configuration Example

4.1         Networking Requirements

[All About Switches] Example for Configuring RSTP-1338283-9

As shown in the figure, SwitchA, SwitchB, SwitchC, and SwitchD constitute a ring network to back up links. A spanning tree protocol is required to block a port and prune the network into a loop-free tree network.

?  When the active link fails, services can be rapidly switched to the standby link.

?  SwitchA with higher performance needs to act as the root bridge, and SwitchB is used as the secondary root bridge.

?  SwitchC and SwitchD connect to users, and the link between SwitchC and SwitchD needs to be blocked.

?  On SwitchC and SwitchD, GE0/0/3 ports connected to users cannot participate in STP calculation. To prevent user attacks, GE0/0/3 on SwitchC and SwitchD need to be shut down automatically when receiving BPDUs.

4.2         Configuration Roadmap

The configuration roadmap is as follows:

1.         Configure switches to work in RSTP mode.

2.         Configure SwitchA as the root bridge and SwitchB as the secondary root bridge.

3.         Configure switches to use the default path cost. Huawei switches use IEEE 802.1T standard to calculate path costs by default. By default, the cost of a GE port is 20000, and the cost of an Ethernet port is 200000. In eNSP, the default STP path cost is 1.

4.         Configure GE0/0/3 of SwitchC and SwitchD as edge ports and disable GE0/0/3 from sending BPDUs.

5.         Enable RSTP on SwitchA, SwitchB, SwitchC, and SwitchD.

4.3         Procedure

Step 1: Configure switches to work in RSTP mode.

<HUAWEI> system-view

[HUAWEI] sysname SwitchA

[SwitchA] stp mode rstp

 

<HUAWEI> system-view

[HUAWEI] sysname SwitchB

[SwitchB] stp mode rstp

 

<HUAWEI> system-view

[HUAWEI] sysname SwitchC

[SwitchC] stp mode rstp

 

<HUAWEI> system-view

[HUAWEI] sysname SwitchD

[SwitchD] stp mode rstp

 

Step 2: Configure SwitchA as the root bridge and SwitchB as the secondary root bridge.

[SwitchA] stp root primary   //You can also use the stp priority 0 command to set the STP priority to 0. Running the stp priority 0 command is equivalent to running the stp root primary command.

 

[SwitchB] stp root secondary  //You can also use the stp priority 4096 command to set the STP priority to 4096. The stp priority 4096 command is equivalent to the stp root secondary command.

 

Step 3: Configure GE0/0/3 on SwitchC and SwitchD as edge ports and disable them sending BPDUs.

[SwitchC] interface gigabitethernet0/0/3

[SwitchC-GigabitEthernet0/0/3] stp edged-port enable  //Configure GE0/0/3 as an edge port.

[SwitchC-GigabitEthernet0/0/3] stp bpdu-filter enable  //Disable GE0/0/3 from sending BPDUs.

[SwitchC-GigabitEthernet0/0/3] quit

 

[SwitchD] interface gigabitethernet0/0/3

[SwitchD-GigabitEthernet0/0/3] stp edged-port enable

[SwitchD-GigabitEthernet0/0/3] stp bpdu-filter enable

[SwitchD-GigabitEthernet0/0/3] quit

 

Step 4: Enable STP globally.

On Huawei X7 series switches, STP is enabled by default, so you can skip this step.

[SwitchA] stp enable

 

[SwitchB] stp enable

 

[SwitchC] stp enable

 

[SwitchD] stp enable

 

Step 5: Verify the configuration.

Check brief information about RSTP. You can view the port roles and states.

[All About Switches] Example for Configuring RSTP-1338283-10

4.4         Configuration Files

Configuration file of SwitchA

#

sysname SwitchA

#

stp mode rstp

stp instance 0 root primary

stp enable

#

return

Configuration file of SwitchB

#

sysname SwitchB

#

stp mode rstp

stp instance 0 root secondary

stp enable

# 

return 

Configuration file of SwitchC

#

sysname SwitchC 

# 

stp mode rstp

stp enable

# 

interface GigabitEthernet0/0/3

 stp edged-port enable

stp bpdu-filter enable

# 

return 

Configuration file of SwitchD

#

sysname SwitchD

# 

stp mode rstp

stp enable

# 

interface GigabitEthernet0/0/3

 stp edged-port enable

 stp bpdu-filter enable

# 

return

 

★★★Summary★★★ All About Huawei Switch Features and Configurations

This article contains more resources

You need to log in to download or view. No account?Register

x
  • x
  • convention:

Created Aug 10, 2015 17:23:28 Helpful(0) Helpful(0)

good,studying
  • x
  • convention:

Created Jul 6, 2015 15:07:21 Helpful(0) Helpful(0)

MSTP is more often, and enabled by default
  • x
  • convention:

Created Jul 6, 2015 16:18:02 Helpful(0) Helpful(0)

I recommend you try Ahsay Software (http://www.ahsay.com). Ahsay邃「 Backup Software is an advanced disk-to-disk-to-disk (D2D2D) backup solution for Businesses and MSPs / VARs. It comes with the most comprehensive features that can fulfill all the on-premises backup, online backup, offsite backup, and cloud backup needs of nowadays businesses. At the same time, it is the most affordable backup solution available in the market.

  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!

Login and enjoy all the member benefits

Login
Fast reply Scroll to top