Technicalprinciple
ThebasicprincipleofSTPistopassaspecialprotocolmessagebetweenswitches,theBridgeProtocolDataUnit(BPDU),Todeterminethetopologyofthenetwork.TherearetwotypesofBPDUs,configurationBPDU(ConfigurationBPDU)andTCNBPDU.Theformerisusedtocalculateanacyclicspanningtree,andthelatterisusedtoshortentherefreshtimeofMACentrieswhentheLayer2networktopologychanges(shortenedfromthedefault300sto15s).
SpanningTreeProtocol(STP)isdefinedintheIEEE802.1Ddocument.Theprincipleoftheprotocolistoconstructthenetworktopologyaccordingtothetreestructure,eliminateloopsinthenetwork,andavoidtheexistenceofloops.Causeabroadcaststormproblem.
ThebasicideaofSpanningTreeProtocol(STP)istoconstructthetopologyofthenetworkaccordingtothe"tree"structure.Therootofthetreeisabridgedevicecalledtherootbridge.TheestablishmentoftherootbridgeisdonebyswitchesorDeterminedbythebridgeID(BridgeID),thedevicewiththesmallestBIDbecomestherootbridgeintheLayer2network.BIDiscomposedofbridgepriorityandMACaddress,andthenumberofbytesofbridgeprioritymaybedifferentfordevicesofdifferentmanufacturers.Startingfromtherootbridge,atreeisformedlevelbylevel.TherootbridgeregularlysendsconfigurationBPDUs,andnon-rootbridgesreceiveconfigurationBPDUs,refreshthebestBPDUsandforwardthem.ThebestBPDUherereferstotheBPDUsentbythecurrentrootbridge.Ifalower-levelBPDUisreceived(thenewlyconnecteddevicewillsendaBPDU,buttheBIDofthedeviceislargerthanthecurrentrootbridge),thedevicethatreceivesthelower-levelBPDUwillsendthebestBPDUstoredbyitselftothenewlyconnecteddevice.Toinformtherootbridgeinthecurrentnetwork;ifthereceivedBPDUisbetter,thespanningtreetopologywillberecalculated.Whenthenon-rootbridgehasnotreceivedthebestBPDUsincethelasttimeitreceivedthebestBPDU(MaxAge,default20s),theportwillenterthelisteningstate,andthedevicewillgenerateTCNBPDUs,andTherootportisforwarded,andtheupper-leveldevicethatreceivestheTCNBPDUfromthedesignatedportwillsendanacknowledgment,andthensendtheTCNBPDUtotheupper-leveldevice.Thisprocesscontinuesuntiltherootbridge,andthentherootbridgewillcarryamarkintheconfigurationBPDUsentthereafterItindicatesthatthetopologyhaschanged.Afteralldevicesinthenetworkreceiveit,therefreshtimeoftheMACtableentryisshortenedfrom300sto15s.Theentireconvergencetimeisabout50s.
Functionintroduction
SpanningTreeProtocolisthedatalinklayerprotocolagreedinIEEE802.1D,whichisusedtosolvethenetworkgeneratedinthecorelayerofthenetworktobuildredundantlinks.Intheloopproblem,thebridgeprotocoldataunit(BPDU)ispassedbetweenswitches,andtherootbridge,rootport,anddesignatedportareselectedbytheSTAspanningtreealgorithm,andthenetworkisfinallyformedintoatreeshapeStructurednetwork,wheretherootportanddesignatedportsareintheforwardingstate,andotherportsareinthedisabledstate.Ifthenetworktopologychanges,thespanningtreetopologywillberecalculated.Theexistenceofthespanningtreeprotocolnotonlysolvesthenetworkrobustnessrequirementsofredundantlinksinthecorenetwork,butalsosolvestheproblemof"broadcaststorm"causedbyphysicalloopsformedbyredundantlinks.
However,duetothelimitationoftheprotocolmechanism,theSTPprotectionspeedisslow(eventheconvergencespeedof1scannotmeetthecarrier-classrequirements).IftheSTPtechnologyisusedinsidethemetropolitanareanetwork,theusernetworkwillbeturbulent.Willcauseturbulenceintheoperator'snetwork.IntheMSTPringnetwork,sincetheSDHprotectionswitchingtimeismuchfasterthantheconvergencetimeoftheSTPprotocol,thesystemstillusesSDHMS-SPRINGorSNCP,andthegeneralswitchingtimeiswithin50ms.However,duringthetest,theswitchingtimeofsomeEthernetserviceswas0orlessthanafewmillisecondsbecauseofthelargeinternalbuffer.TheSDHprotectionswitchingactionisinvisibletotheMAClayer.Thesetwolevelsofprotectioncanworkincoordination,setacertain"hold-off"(hold-off),andgenerallywillnothavemultipleswitchingproblems.
VLANimpact
L2,L3switchinghasbeenverymature.IntheInternet,switchingtechnologyismoreandmorewidelyused,andfull-switchingnetworkshavebecomeverycommon.Inthesenetworks,theuseofVLANisessential.
VLANisaswitchednetworklogicallydividedaccordingtoroles,plangroups,applications,etc.Ithasnothingtodowiththephysicallocationoftheuser.Forexample,severalterminalsmaybecomposedofonepart,whichmayincludeengineersorfinancialpersonnel.Whentheactualphysicallocationsoftheterminalsarerelativelyclose,theycanformalocalareanetwork(LAN).Iftheyareindifferentbuildings,theycanbeaggregatedtogetherthroughVLAN.PortsinthesameVLANcanreceivebroadcastpacketsintheVLAN.ButtheportsinotherVLANscannotacceptit.
1.Networkfaulttoleranceisnotstrong;
2.Messagesarepronetoproliferationandinfiniteloopintheloopnetwork;
3.ItisnotgoodinVLANRealizetrafficloadbalancing
Thespanningtreeprotocolrunsthespanningtreealgorithm(STA).Thespanningtreealgorithmisverycomplicated,butitsprocesscanbesummarizedintothefollowing3steps:
(1)ChoiceRootbridge
(2)Selecttherootport
(3)Selectthedesignatedport
Aboutselectingtherootbridge:ThebasisforselectingtherootbridgeisthenetworkBridgeID,thebridgeIDiscomposedofthebridgepriorityandthebridgeMACaddress.Thedefaultpriorityofthebridgeis32768.Whenusingshowmac-address-table,theMACaddressdisplayedatthetopistheMACaddressusedinthecalculation.TherootbridgewiththesmallestbridgeIDvalueistherootbridge.Whenthepriorityisthesame,therootbridgewiththesmallestMACaddressistherootbridge.
Aboutselectingrootport:Eachnon-rootswitchselectsarootport.Theorderofselectionis:thelowestrootpathcosttotherootbridge→thebridgeIDthatsendstheBPDUissmaller→theportIDissmaller.TheportIDiscomposedofportpriorityandportnumber.Thedefaultportpriorityis128.
Aboutselectingdesignatedports:Chooseadesignatedportoneachnetworksegment.Theorderofselectionis:therootpathcostislower→thebridgeIDvalueoftheswitchthatsendstheBPDUissmaller→theIDvalueoftheportissmaller.Inaddition,theinterfacesoftherootbridgearealldesignatedports,becausetherootpathcostoftheportsontherootbridgeis0.
Insufficientprotocol
1.Thetopologyconvergenceisslow.Whenthenetworktopologychanges,thespanningtreeprotocoltakes50-52secondstocompletethetopologyconvergence.
2,cannotprovideloadbalancingfunction.Whenaloopoccursinthenetwork,thespanningtreeprotocolsimplyblockstheloop,sothatthelinkcannotforwarddatapackets,whichwastesnetworkresources.
Runningprocess
TheSpanningTreeProtocolrunstheSpanningTreeAlgorithm(STP).Thespanningtreealgorithmisverycomplicated,butitsprocesscanbesummarizedintothefollowingthreeparts.
(1)Selecttherootbridge
(2)Selecttherootport
(3)Selectthedesignatedport(alsocalledforwardingportinbooks)
p>Thebasisforselectingtherootbridgeisthebridgepriorityoftheswitch.Thebridgepriorityisadecimalnumberusedtomeasurethepriorityofthebridgeinthespanningtreealgorithm.Thevaluerangeis0~65535.DefaultvalueItis32768,bridgeID=bridgepriority+bridgeMACaddress,atotalof8bytes.Sincethebridgepriorityoftheswitchisthedefault,intheelectionoftherootbridge,thesizeoftheMACaddressofthenetworkcardisgenerallycompared,andthesmallestMACaddressisselectedastherootbridge.
Therootportisbasedon
(1)Thepathcosttotherootbridgeisthelowest.
Therootpathcostisthesumofthecostsofallthelinksonthepathbetweentwobridges,thatis,thesumofthepathcostsofallthelinksbetweenacertainbridgenetworkandtherootbridge.
TheIEEEstandardpathcosttableisattached:
Linkspeed | Overhead(latestrevision) | Overhead(previously) |
10Gbps | 2 | 1 |
1Gbps | 4 | 1 |
100Mbps | 19 | 10 |
10Mbps | 100 | 100 |
(2)ThelowestsenderbridgeID.
(3)ThelowestportID.
BecausetheportIDiscomposedofpriorityandportnumber,theuniquenessoftherootportisguaranteed.
Designatedportbasis
(1)Therootpathcostislower
(2)TheswitchbridgeIDvalueisthesmallest
(3)Theportnumberisthesmallest
Note:Allportsontherootbridgearedesignatedports
Portstatus
Blocking(blockingstate):Atthistime,theLayer2portisanon-designatedportandwillnotparticipateintheforwardingofdataframes.TheportdeterminesthelocationandrootIDoftherootswitchbyreceivingBPDUs,aswellaswhatstateeachswitchportshouldbeinaftertheSTPtopologyconvergenceends.Bydefault,theportwillstayinthisstatefor20seconds.
Listening(listeningstate):ThespanningtreehasdeterminedthatthisportshouldparticipateintheforwardingofdataframesbasedontheBPDUreceivedbytheswitch.Therefore,theswitchportwillnolongerbesatisfiedwithreceivingBPDUs,andatthesametimeitwillstarttosenditsownBPDUs,informingtheneighboringswitchesthattheportwillparticipateinforwardingdataframesintheactivetopology.Bydefault,theportwillstayinthisstatefor15seconds.
Learning(learningstatus):ThisLayer2portisreadytoparticipateintheforwardingofdataframesandstartstofillintheMACtable.Bydefault,theportwillstayinthisstatefor15seconds.
Forwarding(forwardingstate):ThisLayer2porthasbecomeanintegralpartoftheactivetopology.ItwillforwarddataframesandsendandreceiveBPDUsatthesametime.
Disabled(disabledstate):ThisLayer2portwillnotparticipateinthespanningtree,norwillitforwarddataframes.
STPpotentialfailure
1.Thespanningtreealgorithmisunstable
TheSTPprotocolworksonthesecondlayer,anditisbetweentheswitchports.Theindirectnetworkprotocolunitobtainsthenetworktopology,andblockstheloopthroughtheSTAalgorithmtoformatree-shapedlogicalnetworktopology.However,ifthenetworktopologyistoocomplex,theSTAalgorithmsometimesfails.Atthistime,theelectionoftherootbridge,rootport,anddesignatedportfails,causingloopsandparalyzingthenetwork.Therootcauseofthisproblemisstillinconclusiveintheory.MostpeoplethinkthatitistheinstabilityoftheSTPprotocolitself.Forexample,theSTPspanningtreeconvergestooslowly,resultinginexcessivelossofnetworkprotocolunitdatapackets.STAmistakenlybelievesthatthereisasinglenetwork.Pointfailure,sothattheportintheblockedstatebecomestheforwardingstate,andaloopinthenetworkcausesthenetworktobeparalyzed.Theprobabilityofthiskindoffailureisverylow,butitisdifficulttoruleout.
2.Portworkingmodecausesportworkingmodemismatch
Theswitchportworkingmodeincludessimplex(Simplex),half-duplex(half-Thethreemodesofduplexandfull-duplexgenerallyadoptauto-negotiationduringconfiguration.Duringconfiguration,ifoneendoftheswitchismanuallysettofull-duplex,theotherendstillusesauto-negotiation.Insomebrandsofswitches,thecommunicationlinkwillworkinhalf-duplexmode;thereisanextremeway,Theportworkingmodeoftheswitchatoneendissettofull-duplexmode,andtheportofthelink-to-endswitchissettohalf-duplexmode,whichwillcausetheproblemofduplexmismatch.Theresultisthattheportworkinginfull-duplexmodedoesnotsenddatadirectlywithoutcarriersensingbeforesendingdata,whiletheportworkinginhalf-duplexmodeperformscarriersensingbeforesendingdata.Andwhenthelinkisintheidlestate,dataissent.Atthistime,ifthefull-duplexportcontinuouslyhasalargeamountofdatatobesent,thenthehalf-duplexportwillnothavedatatotransmittotheoppositeend.WhentheSTAcalculates,becausethehalf-duplexportcannotsendthenetworkprotocolunit,theSTAwillopentheblockedport,thusformingaloop.
3.One-waylinkfailure
Inanetworkthatusesopticalfiberasthecommunicationmedium,twosetsofopticalfibertransceiverlinksareoftenusedtoensurenetworkReliabilityandstability(agroupofcommunication,agroupofredundancy),duetothefailureofthefiberoptictransceiver,thefailureofalinkinanygroupoftransceiverpairs,orthecrossconnectionofalinkinthetwogroupsoflinks,Willcausethelocaltransceivertoreceivethemessagesentbytheoppositetransceiver,buttheoppositetransceivercannotreceivethemessagesentbythelocaltransceiver.Thisfaultiscalledasinglelinkphenomenonandhashighconcealment.Noteasytotroubleshoot.BecausethesinglelinkfailureaffectsthetransmissionoftheSTPbridgeprotocolunit,theSTAcalculatesanerrorcodeandconvertstheportthatshouldbeintheblockingstatetotheforwardingstate,whichleadstothegenerationofloops.
4.Thedataframeisdamaged
Theswitchisatwo-layercommunication,ifthecommunicationqualityofthephysicallinkisnothigh(communicationmediumqualityproblemorinterferenceproblemEtc.),willcausethedataframetobedamagedduringtransmissionandthusbediscarded.Whenthebridgeprotocolunitisdamagedbyacertainamountduetopoorchannelqualityduringtransmission,itwillmaketheSTAmistakenlybelievethatthereisasinglepointoffailureandopentheblockedportforcommunication.GenerallyspeakingfortheSTPprotocol,iftheblockedportlosesthestateofthebridgeprotocolunitformorethan50seconds,afailurewilloccur.
5.Failurescausedbyinsufficientnetworkequipmentresources
TheexecutionoftheSTPprotocolandtheprocessingofthebridgeprotocolunitareallhandledbythenetworkequipment(mainlyswitches)IftheCPUoftheswitchisnotstrongorisexcessivelyoccupiedbyotherproblems,theswitchcannotsendorreceivebridgeprotocolunitsintime,causingthefailureofSTPtoworknormally.
6.FailurecausedbyconfiguringPortFastfastport
InanetworkrunningSTP,iftheportdirectlyconnectedtothehostontheswitchisconfiguredasPortFast,canmaketheportdirectlychangefromtheblockingstatetotheforwardingstate,sothattheSTPnetworkconvergesquickly.IfthenetworkadministratorconfigurestheswitchandsetsaportusedtoconnecttootherswitchestoPortFast,thenwhentheportisenabled,itwilldirectlyentertheforwardingstate,resultinginashort-termloopinthenetwork.Whenthedatatrafficontheroadisquitelarge,thenetworkwillbeparalyzed.