--- id: 1778913634-WEMK aliases: - Protocole Spanning Tree (part2) tags: [] --- # Protocole Spanning Tree (part2) ## Spanning Tree Port State | STP Port State | Stable/Transitional | | -------------- | --------------- | | Blocking | Statble | | Listening | Transitional | | Learning | Transitional | | Forwarding | Stable | | Disabled | Stable | - Root/Designated ports remain stab;e in Forwarding state. - Non-designated ports remain stabl in a Blocking state. - Listening and Learning are transitional states which are passed through when an interface is activated, or when a *Blocking* port must transition to a Forwarding state due to a change in the network topology ### Blocking state - Non designated ports are in a Blocking state - Interfaces in a Blocking state are effectively disabed to prevent loops. - Interfaces in a Blocking stae do not send/receive regular naetwork traffic. - Interfaces in a Blocking state receive STP BPDUs. - Interfaces in a Blocing state do NOT forward STP BPDUs. - Interfaces in a Blocking state do NOT learn [[MAC]] addresses. ### Listening state - After the Blocking state interfaces with the Designated or Root role enter Listening state. - Only Designated or Root ports enter the Listening state (Non-designated ports are always Blocking) - The Listening state is 15 seconds long by default. This is determined by the *orward delay* timer. - An interface in the listening state ONLY forwards/receives STP BPDUs. - An interface in the Listening state does NOT send/receive regular traffic - An interface in the Listening state does NOT Learn MAC addresses from regular traffic that arrives on the interface ### Learning state - After the Listeing state, a Designated or ROOT port will enter Learning state. - The Learning state is 15 seconds long by default. This is determined by the Forward delay timer ( the same timer is used for both the Listening and Learning states). - An interface in the Learning state ONLY sends/receives STP BPDUs. - An interface in the Learning state learns MAC addresses from regular traffic that arrives on the interface. ### Forwarding state - Root and designated ports are in a Forwarding state. - A port in the Forwarding state operate as normal - A port in the Forwarding state sends/receives BPDUs. - A port in the Forwarding state sends/receives normal traffic. - A port in the Forwarding state learns MAC addresses. ### summary | STP Port State |Send/Receive BPDUs | Frame forwarding | Mac address learning| Stable/Transitional | | -------------- |----|----|----| --------------- | | Blocking | No/Yes| NO | NO | Statble | | Listening | Yes/Yes| NO | NO | Transitional | | Learning | Yes/Yes| NO | Yes | Transitional | | Forwarding | Yes/Yes| Yes | Yes | Stable | | Disabled | NO/NO| NO | NO | Stable | note: Switches do not forward the BPDUs out of their root ports and non-designated ports, only their designated ports ## STP timers ### Hello How often the root bridge sends hello BPDUs duration: 2 sec ### Forward delay How long the switch will stay in the Listening and Learning states (each stae is 15 seconds = total 30 seconds) duration: 15sec ### Max Age How long an interface will wait after ceasing to receive Hello BDPUs to change the STP topology duration: 20 sec (10*hello) - If another BPDU i received before the max age timer counts down to 0, the time will reset to 20 seconds and no changes will ocur. - If another BPDU is not received the max age timer counts down to 0 and the switch will reevaluate its STP choices, including root bridge, and local root, designated, and non-designated ports - if a non-designated port is selected to become a designated or root port, it will transition from the blocking state to the listening state (15 seconds), learning state (15 seconds), and then finally the forwarding state. So it can take a total of 50 seconds for a blocking interface to transition to forwarding - These timers and transitional states are to make sure that loops aren't accidentally created by interface moving to forwarding state too soon. note: A forwarding interface can move directly to a blocking state (there is no worry about creating a loop by blocking an interface). A blocking interface cannot move directly to forwarding state, it must go through the listening and learning states. ```Wireshark Dst: PVST+ (01:00:0c:cc:cc:cd) ``` PVST = Only ISL trunk enquapsulation PVST+ = Supports [[802.1Q]] Regular STP (not Cisco's PVST+) uses a destination MAC address of 0180.c200.0000 The STP timers on the root bridge determine the STP timers for th entire network. ## Spanning Tree Optional Features (STP Toolkit) ### Portfast Portfast allows a port to move imediately to the Forwarding state, bypassing *Listening* and *Learning*. If used, it must be enabled *only on ports connected to end hosts,* if enabled on a port connected to another switch it could cause a Layer 2 loop. ```Cisco SW1(config)#interface g0/2 SW1(config-if)#spanning-tree portfast ``` You can also enable portfast with the command: ```Cisco SW1(config)#spanning-tree portfast default ``` This enables portfast on all access ports (not trunk ports). ### BPDU Guard if an interface with BPDU Guard enabled receives a BPDU from another switch, the interface will be shut down to prevent a loop from forming. ```Cisco SW1(config)#interface g0/2 SW1(config-if)#spanning-tree bpduguard enable ``` You can also enable portfast with the command: ```Cisco SW1(config)#spanning-tree portfast bpduguard default ``` ### Root Guard If you enable root guard on an interface, even if it receives a superior BPDU (lower bridge ID) on that interface , the switch will not accept the new switch as the root bridge. the interface will be disabled. ### Loop Guard If you enable loop guard on an interface, even if the interface stops receiving BPDUs, it`will not start forwarding. The interface will be disabled. ## Spanning Tree Configuration ### Spanning Tree mode ```Cisco SW1(config)#spanning-tree mode ? mst multiple spanning tree mode pvst Per-Vlan spanning tree mode rapid-pvst Per-Vlan rapid spanning tree mode //default SW1(config)#spanning-tree mode pvst ``` ### Primary Root Bridge ```Cisco SW1(config)#spanning-tree vlan 1 root primary SW1(config)#do show spanning-tree ``` The *spanning-tree vlan (vlan-number) root primary* command sets the STP priority to 24576. if another switch already has a priority lower than 24576, it sets this switch's priority to 4096 less than the other switch's priority. ### Secondary Root Bridge ```Cisco SW1(config)#spanning-tree vlan 1 root secondary SW1(config)#do show spanning-tree ``` The *spanning-tree vlan (vlan-number) root secondary* command sets the STP priority to 28672. ### STP Port Setting ```Cisco SW1(config)#spanning-tree vlan 1 cost 200 SW1(config)#spanning-tree vlan 1 port-priority 32 ``` ## Review - STP state/timers - STP BPDU - STP optional features - STP configuration