● Building a network that is fault tolerant and redundant causes other problems ● Redundant links cause loops in the network
○ Ethernet has no TTL field like IP, frames loop forever causing processing and sometimes bandwidth to overload
○ Can also cause broadcast storms, quickly taking down a network ○ Can also receive duplicate unicast frames at a device
● Spanning Tree Protocol and other protocols have been developed to combat this issue ● Spanning Tree works by negotiating a port to “disable” (blocking) if a loop is detected
○ This disability is temporary and can be lifted if the primary link fails ● There are actually multiple versions of STP such as MSTP, RSTP, etc. ● Root and backup root bridges are elected upon initial boot of the network
○ STP enabled switches exchange STP BPDU’s
○ Root bridge has the lowest Bridge ID, backup root is second lowest Bridge ID ○ Bridge ID is determined by priority value, lowest MAC, and extended system ID of
switch
● Then Spanning Tree Algorithm on each non-root switch calculates shortest path to the root
○ All roads lead to root
○ STA considers both path and port costs (speed) ○ Lowest calculated path cost wins
Andrew Crouthamel Cisco CCNA Training Notes 68
■ Root - Closest to the root bridge
■ Designated - All non-root ports. The root bridge has all designated ports ■ Alternate and backup - Ports that are put in blocking mode to prevent a
loop. Only one end of a link is blocked ■ Disabled - Port is shut down
● Port costs
○ 10 Gbps = 2 ○ 1 Gbps = 4 ○ 100 Mbps = 19 ○ 10 Mbps = 100
○ Can override port costs with spanning-tree cost # on an interface ● Path cost
○ Sum of all port costs from switch to root bridge ○ Lowest path is preferred and becomes root port ● Re-election
○ All switches assume they are root bridge upon boot ○ Switches continually send BPDU’s every 2 seconds
○ If a switch with a lower MAC is inserted into a network it can cause a reconfiguration and may cause some dropped frames as links are changed ● Forcing a root bridge
○ Default is Bridge Priority is 32768 ○ Set Bridge Priority to 0
● Extended System ID
○ Used for VLAN information
○ Can have a different root bridge for each VLAN ● Spanning Tree Flavors
○ STP
■ Original version, does not support VLAN instances ■ Replaced with RSTP
■ Very slow response to an failure, 30-50 seconds ○ PVST+
■ Cisco proprietary, adds VLAN instance capabilities to STP
■ Supports PortFast, UplinkFast, BackboneFast, BPDU Guard, BPDU Filter, Root Guard, Loop Guard
○ 802.1D-2004
■ Update of STP, includes 802.1w
○ Rapid Spanning Tree Protocol (RSTP) (IEEE 802.1w)
■ Improvement over STP to provide faster convergence ■ Replaced STP
■ Preferred standard protocol
■ Uses Edge Ports to designate ports that will never be connected to other switches (access ports)
Andrew Crouthamel Cisco CCNA Training Notes 69
● Immediately transition to forwarding state ■ Link Types
● Point-to-Point
○ Direct connection to another switch, full duplex ● Shared
○ Connection to a hub, half duplex ○ Rapid PVST+
■ Cisco proprietary, adds VLAN instance capabilities to RSTP
■ Supports PortFast, BPDU Guard, BPDU Filter, Root Guard, Loop Guard ■ Preferred Cisco proprietary protocol
○ Multiple Spanning Tree Protocol (MSTP)
■ IEEE standard based on Cisco proprietary MISTP ■ Multiple VLANs on one STP instance
■ Supports PortFast, BPDU Guard, BPDU Filter, Root Guard, Loop Guard ○ Common port states
■ Blocking - Starts out blocked
■ Listening - Listens for the path to root
■ Learning - Learns MAC addresses to start frame forwarding ■ Forwarding - Normal operation
■ Disabled - Administratively disabled, shut down
Spanning Tree Configuration
● spanning-tree vlan 1 ● Changing Bridge ID
○ spanning-tree vlan 1 root primary ○ spanning-tree vlan 1 root secondary ○ spanning-tree vlan 1 priority 24576 ○ spanning-tree vlan 1 priority 24576 ● PortFast
○ Transitions port to forwarding immediately, same as an RSTP Edge Port ○ Used for access ports that do not connect to switches
○ spanning-tree portfast - Interface config option
○ spanning-tree portfast default - Global config option, enables on all ports that are not trunks
● BPDU Guard
○ spanning-tree bpduguard enable - Interface config option
○ spanning-tree bpduguard default - Global config option, enables on all ports that are not trunks
● Show commands
○ show spanning-tree active ○ show spanning-tree
Andrew Crouthamel Cisco CCNA Training Notes 70
● Rapid PVST+
○ spanning-tree mode rapid-pvst ● Show commands
○ show cdp neighbors ○ show spanning-tree
○ show spanning-tree vlan 1
Redundancy Protocols
● End devices cannot be configured with more than one default gateway ● When that gateway fails, connectivity is lost
● STP helps deal with switching failures, but if the router handling IP traffic for a subnet fails, connectivity still is lost
● Solution is to have hot standby devices that automatically take over for a failed device ● Variety of hardware redundancy protocols
○ Hot Standby Router Protocol (HSRP)
■ Cisco proprietary, allows for an active/backup designation ○ HSRP for IPv6
■ Cisco proprietary for IPv6, allows for an active/backup designation ○ Virtual Router Redundancy Protocol version 2 (VRRPv2)
■ Standard protocol that offers similar functionality to HSRP ○ VRRPv3
■ Same as VRRPv2 but provides IPV6 as well as IPv4, supported by multiple vendors and is more scalable than VRRPv2
○ Gateway Load Balancing Protocol (GLBP)
■ Cisco proprietary, allows for active/backup and load balancing ○ GLBP for IPv6
■ Cisco proprietary for IPv6, allows for an active/backup designation and load balancing
○ ICMP Router Discovery Protocol (IRDP) ■ RFC 1256, legacy protocol ● show standby - Show HSRP state ● show glbp - Show GLBP state
Link Aggregation Basics
● Faster speed requirements traditionally were met with increased port speed and cable specifications
● While still true, costs may be reduced by using link aggregation
● Link aggregation provides the ability to “bundle” ports together into groups (Link Aggregation Group, LAG) and add their bandwidth together essentially
Andrew Crouthamel Cisco CCNA Training Notes 71
○ Also provides failover capability within the bundled link ■ If one link in a group fails, the rest will still work
○ Overrides STP blocking the duplicate links but still ensure compatibility ● Link aggregation options
○ Link Aggregation Control Protocol (LACP)
■ IEEE standard 802.1ax, previous version 802.1ad ○ EtherChannel (Port Aggregation Protocol, PAgP)
■ Cisco proprietary
● Can use between switches, or from switch to server
○ Many server NIC drivers allow for “NIC teaming” if there are multiple ports, which allows for LAG configuration to communicate with a defined LAG on a switch ● EtherChannel details
○ Provides full-duplex connectivity with up to 8 ports in a group ■ 800 Mbps with Fast Ethernet, 8 Gbps with Gigabit ○ Up to six EtherChannel groups
○ Packets are sent between EtherChannel ports to negotiate ■ Sent every 30 seconds
○ Ports must be configured with same speed, duplex, and VLAN settings ○ Modes
■ Similar to trunking modes (trunk, desirable, auto) ■ On - Forces channel, no PAgP packets used
■ PAgP desirable - Active sending of PAgP packets to negotiate a channel ■ PAgP auto - Passive receiving of PAgP packets to negotiate a channel ● LACP details
○ Modes
■ Similar to trunking modes (trunk, desirable, auto) ■ On - Forces channel, no LACP packets used
■ LACP active - Active sending of LACP packets to negotiate a channel ■ LACP passive - Passive receiving of LACP packets to negotiate a channel ● EtherChannel Configuration
○ interface range fa0/1-2 ○ channel-group 1 mode on ● LACP Configuration
○ interface range fa0/1-2
○ channel-group 1 mode active ● show etherchannel