Ben Piper - CCNP Enterprise Certification Study Guide - Implementing and Operating Cisco Enterprise Network Core Technologies

Now we come to perhaps the easiest part of Spanning Tree: determining which remaining ports to block. Consider the connections between SW1 and SW4. Both are directly connected to the root, SW3, and have no need of a link to each other. Because SW1 has the higher bridge priority, it will block both its ports, like so:

SW1#show spanning-tree vlan 1 | i Gi2/0|Gi2/1 Gi2/0 Altn BLK 4 128.9 P2p Gi2/1 Altn BLK 4 128.10 P2p

Blocked ports don't forward traffic, but they still receive and process BPDUs. This ensures that every bridge can learn about changes to the Spanning Tree topology. SW4 has a lower bridge priority and has both its ports forwarding:

SW4#show spanning-tree vlan 1 | i Gi2/0|Gi2/1 Gi2/0 Desg FWD 4 128.9 P2p Gi2/1 Desg FWD 4 128.10 P2p

Any non-root ports that aren't blocking are called designated ports. The job of designated ports is to forward BPDUs from the root bridge so that Spanning Tree can reconverge in the event of a topology change.

In RSTP, a port can have one of three states: learning, forwarding, or discarding. A port eventually settles into either a forwarding or discarding state. The learning state is transitory and only occurs when RSTP is in the process of determining which ports to block.

Discarding—The port processes incoming BPDUs but doesn't send them. IOS lists a port in the discarding state as BLK or blocking. This is the initial state for all ports.

Learning—The port sends and receives BPDUs but doesn't forward data traffic. The switch looks at ingressing Ethernet frames and adds the source MAC addresses to its MAC address table.

Forwarding—Sends and receives BPDUs, and it also passes normal user and control plane traffic.

In addition to the root and designated port roles, RSTP has two additional port roles you need to know: alternate and backup.

Alternate—An alternate port provides an alternate path to the root. If a root port fails, the switch will place the best (lowest cost) alternate port into a forwarding state. This lets the topology reconverge in a matter of milliseconds.

Backup—You're unlikely to ever see a backup port role, except on an exam. Imagine that two ports are connected to a hub and hence are on the same segment. The port with the lowest cost—or if the costs are equal, the port with the lowest designated port priority—will be the designated port. The other port connected to the segment will be the backup.

One way that RSTP achieves a fast convergence time is by avoiding putting some ports through the three-step process of discarding, learning, and forwarding. The idea is that by predefining ports that are directly connected to another switch or to an edge device, RSTP can more quickly figure out which ports to block and which to transition to the forwarding state. RSTP defines three link types:

Point-to-point (P2P)

P2P Edge

Shared

The P2P link type indicates that the link is a link between only two switches. Thus, each switch knows that it needs to negotiate with only one switch on the other end of the link. RSTP will automatically set the P2P link type on any full-duplex link. You can manually set the P2P link type using the interface command spanning-tree link-type point-to-point.

This type is reserved for edge devices that don't run Spanning Tree, such as computers, servers, and phones. An edge port skips over the learning state and transitions instantly to a forwarding state. RSTP still sends BPDUs on edge ports just in case there's a switch on the other end. But if it receives a BPDU, it will change the port type to a normal Spanning Tree port. If you're familiar with PortFast, this is essentially the same thing. In fact, IOS uses the portfast keyword to configure an edge port, as follows:

SW2(config)#int gi1/3 SW2(config-if)#spanning-tree portfast edge ? trunk Enable portfast edge on the interface even in trunk mode SW2(config-if)#spanning-tree portfast edge trunk %Warning: portfast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc... to this interface when portfast is enabled, can cause temporary bridging loops. Use with CAUTION

Keep in mind that an edge port can be an access port or a trunk port that's connected to multiple devices. If the port is a single-VLAN access port, you should use the spanning-tree portfast edge interface command. But if it's a trunked interface—such as one connected to a server running virtual machines or a computer plugged in behind an IP phone on a separate voice VLAN—you must use the spanning-tree portfast edge trunk interface command.

The Shared port type is one you shouldn't expect to see very often. It's for a port that may be connected to multiple devices, usually via a hub. RSTP considers any half-duplex link to be shared. In this case, RSTP falls back to timer-based 802.1D behavior and may take up to 50 seconds to converge.

MST is designed as an alternative to PVST+. MST allows you to reduce the number of Spanning Tree instances required when you have a large number of VLANs. In per-VLAN Spanning Tree, you must have one Spanning Tree instance per VLAN. For example, if you have 500 VLANs, you must have 500 instances of Spanning Tree.

MST, on the other hand, lets you map multiple VLANs to a single Spanning Tree instance. To keep track of instances, MST uses instance numbers. Because VLAN-to-instance mappings are arbitrary, all switches in the topology must agree on the mappings. To deal with this, MST uses regions. An MST region is a collection of MST instances that share three common values:

Region name

Revision number

List of VLAN-to-instance mappings

As long as all three parameters match on each switch in the topology, they're considered to be in the same region and will form a stable Spanning Tree topology. When you enable MST, it spawns a default Spanning Tree instance called MST0. By default, MST0 maps to all VLANs (1-4094). MST0 is also known as the Internal Spanning Tree (IST). The following example on SW1 illustrates how you could map VLANs 1, 3, and 5 to instance MST1, and VLANs 2, 4, and 6 to MST2:

! Enable MST SW1(config)#spanning-tree mode mst ! Enter MST configuration mode SW1(config)#spanning-tree mst configuration ! Set the region name to myRegion SW1(config-mst)#name myRegion ! Map VLANs 1, 3, and 5 to instance 1 SW1(config-mst)#instance 1 vlan 1,3,5 ! Map VLANs 2,4 and 6 to instance 2 SW1(config-mst)#instance 2 vlan 2,4,6 ! Configure the revision number SW1(config-mst)#revision 1 ! Display the pending configuration SW1(config-mst)#show Pending MST configuration Name [myRegion] Revision 1 Instances configured 3 Instance Vlans mapped -------- --------------------------------------------------------------------- 0 7-4094 1 1,3,5 2 2,4,6 ------------------------------------------------------------------------------- ! Remember to issue the exit command to save the MST configuration to the running config SW1(config-mst)#exit ! Exit global configuration mode, then save the running configuration SW1(config)#exit SW1#write memory

When you map multiple VLANs to an instance, at least one of those VLANs must be active and allowed on the trunk between the switches in the topology. This implies that at least one of the VLANs mapped to an instance must also be configured in the switch's local VLAN database. In the preceding example, VLAN 2, 4, or 6 must be allowed and active in order for MST2 to be active.

Behind the scenes, each MST instance uses RSTP.