Skip to main content

Spanning Tree Basics

Spanning Tree is one of the topics that most people a really scared as it is almost fully automatic feature People don’t bother to dig into it; my idea here is to give you a simple way to understand the protocol basics And also get a glance on its complex. First thing when I learn a new protocol I would like to look how it is working on the low level, so here I have drown you the BPDU structure, you can see that all implementations have a common ground and thus there is full backward support: Filed Description: PID = Protocol ID Always 0x0000 VID = Version ID 1) STP 0x00 2) R-PVST 0x02 BT = BPDU Type 1) STP 0x00 2) R-PVST / MST 0x02

TCN / TCN Ack is used only with IEEE 802.1D or with interoperation with RSTP. Proposal and agreement handshake are bits used to prevent loops, proposal sent from a designated port And agreement is sent from the root port. Unlike IEEE 802.1D in which any transition between the blocking and the forwarding state causes a topology change, Only transitions from the blocking to the forwarding state cause a topology change with RSTP. Root ID Show the Root Bridge Priority and the MAC address Root Cost Show your distance from the Root Bridge BID = Bridge ID Here the switch advertise his own Bridge MAC and Priority Port ID A 2 byte number, the first octet build from a configurable priority, the second octet is a number set by the Bridge for the port BPDU was sent from usually in newer Bridge model the port id is the Port number but in Older models it was a random number assigned to the port. Newer models: Show spanning-tree vlan 1 detail Older models: Show spanning-tree MAge = Message Age Indicate an estimated time required for a BPDU to be sent and received by any other bridge, although specified in time it is actually increasing The value by hop count. MA = Max Age This filed is given from the root bridge and by default set to 20 sec indicate the max age of a BPDU. Hello Indicate the time between each BPDU sent from the root bridge. Default 2 sec FWDD = Forward Delay Indicate the amount of time the bridge should stay in each state when transiting from blocking to forwarding. V1_L = Version 1 Length V3_L = Version 3 Length MST EXTENTION MST Config ID MST Config Name = configuration name MST Config Revision Number = configuration revision number MST Config digest = configuration digest CIST Bridge Identifier = CIST Internal Root Path Cost = cost to the root bridge CIST Remaining hops = default (20) state the max number of hops from the root bridge if packet received a packet with remaining hops set to 0 then he will Ignore the spanning tree BPDU and will be able to declare himself as Root Understand the debug as it is one of the tools you have to troubleshoot in real time, but with that said you need to make sure you do not activate spanning tree debug on production with logging console enable as you will probably end up locked out from your switch. ! Do before debug under global config No logging console logging buffered 200000 end clear logging debug spanning-tree bpdu ! output will be displayed under the “show logging” ! to disable debug un all Example output from the debug: *Apr 14 01:19:56: STP: enc 01 00 0C CC CC CD 00 14 F2 E9 44 16 00 32 AA AA 03 00 00 0C 01 0B ! you can see destination MAC 01 00 0C CC CC CD the Cisco multicast address for PVST+ also LCP show AA AA indicate to look into the next 5 byte of information in the LCP, the last 2 byte indicate the ethertype 010b is for PVST+ *Apr 14 01:19:56: STP: Data 000002023C60670014F2E944000000000060670014F2E9440080160000140002000F00 *Apr 14 01:19:56: STP: VLAN0103 Fa0/22:0000 02 02 3C 60670014F2E94400 00000000 60670014F2E94400 8016 0000 1400 0200 0F00 ! BPDU represented in hex *Apr 14 01:19:56: RSTP(103): Fa0/22 repeated msg *Apr 14 01:19:56: RSTP(103): Fa0/22 rcvd info remaining 6 *Apr 14 01:19:56: STP: VLAN0104 rx BPDU: config protocol = rstp, packet from FastEthernet0/22 , linktype SSTP , enctype 3, encsize 22 Short story on the LCP LLC (Logical Link Control) also called 802.2 header and is between 3 to 8 byte long containing protocol type information of the packet. The 3 first bytes are mandatory: DSAP Destination Service Access Point SSAP Source Service Access Point And one more byte that is important only when using SNA in any other cases it is ignored Now you will probably ask what the additional 5 byte is. Now this is where it gets little complex, when using standard STP IEEE or ISL trunks (Cisco Run ISL with PVST that is much similar to the standard accept for the vlan ID addition) then DSAP and SSAP will be set to 0x42 but when configuring DOT1Q trunks on Cisco then they use PVST+ and they are setting the SSAP and DSAP to 0xAA where it point to the additional 5 byte where we get the SNAP (SubNetwork Access Protocol) that is giving us a description of what protocol we are using in layer 3 (AppleTalk, IP, XNS….) Ok this until now are the basics for STP, once you have the structure in place it will be much easier (warning: it is not easy) to understand how it works. Recommended reading: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094954.shtml
Post a Comment

Popular posts from this blog

Step By Step MPLS – Basic MPLS Setup

Initial configuration , very basic with no MPLS, connectivity only to directly connected interfaces.R1R2R3R4!
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.31.1 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.42.2 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.31.3 255.255.255.0
duplex auto
speed auto
  no clns route-cache
!
interface Serial1/0
ip address 10.0.43.3 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
!
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.42.4 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address 10.0.43.4 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
adding to the following configuration MPLS labels we will start wi…

What is about to change in CISSP from Apr 2018

Change have arrived and like with other professional certification there is almost a standard time before certification gets its update, with most anywhere it is between 3 - 4 years, CISSP is no different and since last update was on 2015 the change is arriving here as well.

For the people that wish to see the official existing and new outline

I have decided to write this post as the new out line is more of a list of Domain and Sections within the domain without hint or indication to what was modified actually and I could not find anyone else that done that comparison, I had to take the task and do the comparison, please be advised that I have done it for my own "pleasure" so apologies if I missed something :-)
Lets start with the obvious change:
CISSP - Before Apr 2018CISSP - from Apr 20181. Security and Risk Management16%15%2. Asset Security10%10%3. Security Engineering12%13%4. Communications and Network Security12%14%5. Identity and Access Management13%13%6. …

VRF Maximum Routes

Maximum routes under customer vrf, if the service provider had unlimited resources he would not have needed that!
however normally resources are limited and expensive, and Service provider would like to make money from his available resources. maximum routes configured under VRF provide a mean of controlling PE local resource and abuse avoidance from the CE side.I have vrf called DC_EXTRANET, you can see that I have 16 routes, I have configured 10 maximum routes under that vrf however I did not want to be aggressive so I have set the warning only option. See that immediately I get a notice that I have more routes then the maximum, however no action is taken other then alerting and sending a syslog. ! PE_ashdod_otherisp.n(config-vrf)# maximum routes 10 warning-only % The current number of routes in the routing table is equal to, or exceeds the configured warning limit PE_ashdod_otherisp.n(config-vrf)# *Nov 26 20:39:41.175: %IPRT-3-ROUTELIMITWARNING: IP routing table limit warning - DC_…