Analysis of Spanning Tree Protocol (stp pvst cst rstp mstp)

The Spanning Tree Protocol (Spanning Tree) is a layer-2 management protocol that selectively blocks redundant network links to eliminate L2 loops. It also supports link backup.

Because the Spanning Tree Protocol itself is relatively small, it is not as widely known as the routing protocol. But it is in charge of the forwarding power of the port-"the branches shake and the upper-layer protocols have to make a living ". The real situation is true, especially when running together with other protocols, the spanning tree may break the packet paths of other protocols, resulting in various strange phenomena.

Like other protocols, the Spanning Tree Protocol is constantly updated with the continuous development of the network. The "Spanning Tree Protocol" in the title of this article is a broad concept, not specifically the STP protocol defined in IEEE 802.1D, it includes STP and various improved Spanning Tree Protocols Based on STP.

During the development of the Spanning Tree Protocol, old defects are constantly overcome, and new features are constantly developed. Based on the improvement of major functions, we can roughly divide the development process of the Spanning Tree Protocol into three generations.

The first generation of Spanning Tree Protocol:

STP/RSTP

In the early stages of network development, transparent bridges were an important role that had to be played. It is much smarter than a hub that only scales up and broadcasts signals. It will quietly record the source MAC address and port number of the data frame sent to it. The next packet that hits this destination MAC address will only be sent from the port number in the record, unless the target MAC address is not recorded or the target MAC address itself is a multicast address, it will be sent to all ports. Using transparent bridges, different LAN networks can be interconnected, and the network's operational range can be expanded. Moreover, transparent bridges can provide MAC address learning functions, without the proliferation of network packets as the Hub does.

However, there is no such thing as gold, and transparent bridges also have their own shortcomings. Its defect lies in its transparent transmission. The transparent bridge does not know how many times the packets can be forwarded as the router does. Once the network has a loop, the packets will continuously circulate and multiply in the loop, and even cause a terrible "broadcast storm ". The reason for the use of the word "Terror" is that in this case, the network will become unavailable and the fault is difficult to locate in a large network, so the broadcast storm is a catastrophic fault in a L2 network.

In this environment, the Spanning TreeProtocol, which plays the savior role, came to the world, with IEEE's 802.1D version being the most popular.

Figure 1 process of generating a tree

The basic idea of STP protocol is very simple. As we all know, the growth of trees in nature will not produce loops. If the network can grow like a tree, there will be no loops. As a result, the STP protocol defines the concepts of RootBridge, RootPort, DesignatedPort, and PathCost, the goal is to crop redundant loops by constructing a natural tree, and at the same time achieve link backup and path optimization. The algorithm used to construct this tree is called the Spanning Tree Algorithm SPA (Spanning TreeAlgorithm ).

To implement these functions, the bridge must exchange some information, which is called the configuration message BPDU (BridgeProtocol Data Unit ). Stp bpdu is a layer-2 packet. The destination MAC address is the multicast address 01-80-C2-00-00-00. All bridges supporting the STP protocol will receive and process the received BPDU packets. The data area contains all the useful information used to generate tree computing.

It is not difficult to understand the process of Spanning Tree Protocol. First, we should conduct root bridge election. The election is based on the Bridge ID (Bridge ID) composed of the Bridge priority and the Bridge MAC address. The Bridge with the smallest Bridge ID will become the root Bridge in the network. In the network shown in figure 1, each bridge is started with the default configuration. When the bridge priority is the same (the default priority is 32768), the bridge with the smallest MAC address becomes the root bridge, in example 1, SW1 has all its port roles become the specified port and enters the forwarding status.

Next, other bridges will select the "Strongest" branches as the path to the root bridge, and the role of the corresponding port will become the root port. Assume that the link between SW2, SW2, and SW3 in Figure 1 is a gigabit GE link, and the link between SW1 and SW3 is a 10-ge FE link, the default overhead of the SW3 path from Port 1 to the root bridge is 19, while the overhead of the path from Port 2 to the root bridge is 4 + 4 = 8, therefore, Port 2 becomes the root port and enters the forwarding status. Similarly, Port 2 of SW2 becomes the root port, and Port 1 becomes the specified port and enters the forwarding status.

After the root bridge and the root port are confirmed, a tree is generated, as shown in the solid state. The following task is to crop redundant loops. This operation is implemented by blocking the corresponding ports on non-root bridges. For example, the role of Port 1 in SW3 becomes the disabled port and enters the blocking status (represented by "X" in the figure ).

After the build tree is stable for a period of time (the default value is about 30 seconds), all ports either enter the forwarding status or enter the blocking status. STPBPDU are still regularly sent from the specified ports of each bridge to maintain the link status. If the network topology changes, the Spanning Tree is re-computed and the port status changes accordingly.

Of course, the Spanning Tree Protocol still has a lot of content, which cannot be described here. The reason why I spent so much ink on introducing the basic principle of the Spanning Tree is that it is too "Basic". Other improved Spanning Tree Protocols are based on this, and their basic ideas and concepts are similar.

The STP protocol brings new life to the transparent bridge. However, with the deepening of applications and the development of network technology, its shortcomings are also exposed in applications. STP protocol defects are mainly manifested in convergence speed.

When the topology changes, the new configuration message must pass through a certain Delay before it can be transmitted to the entire network. This Delay is called Forward Delay. The default Protocol value is 15 seconds. Before all bridges receive the changed message, if the forwarding port in the old topology does not find itself in the new topology to stop forwarding, a temporary loop may exist. To solve the problem of temporary loop, the Spanning Tree uses a timer policy, that is, adding an intermediate state that only learns MAC addresses but does not participate in forwarding between the ports from the blocked status to the forwarding status, the duration of the two State switches is Forward Delay, which ensures that no temporary loop is generated when the topology changes. However, what this seemingly good solution actually brings is at least two times the convergence time of Forward Delay!

In order to solve this defect of STP protocol, IEEE introduced the 802.1w standard at the beginning of the century as a supplement to the 802.1D standard. The RSTP (Rapid Spanning Tree Protocol) Protocol is defined in the IEEE 802.1w standard ). The RSTP protocol has made three important improvements based on the STP protocol, making convergence much faster (less than 1 second ).

The first improvement is that you have set the replace Port (Alternate Port) and Backup Port (Backup Port) roles for the root Port and the specified Port, if the root port or specified port fails, the replacement port or backup port enters the forwarding state without delay. In Figure 2, all bridges run the RSTP protocol. SW1 is the root bridge. Assuming Port 1 of SW2 is the root port, Port 2 will be able to identify this topology and become the replacement port of the root port, enter the blocking status. When the link of Port 1 fails, Port 2 can immediately enter the forwarding status, without waiting for two times of Forward Delay time.

Figure 2 fast switchover of RSTP redundant links

Second, improvement: In a point-to-point link that only connects two exchange ports, a designated port can enter the forwarding state without delay by performing a handshake with the downstream bridge. If it is a shared link connected to more than three bridges, the downstream bridges do not respond to the handshake request sent by the specified upstream port. They can only wait twice for the Forward time to enter the forwarding status.

The third improvement: directly connect to the terminal instead of defining the ports connected by other bridges as Edge ports ). Edge ports can directly enter the forwarding status without any delay. Because the bridge cannot know whether the port is directly connected to the terminal, manual configuration is required.

It can be seen that the RSTP protocol has indeed improved a lot compared with the STP protocol. To support these improvements, the BPDU format has been modified, but the RSTP protocol is still backward compatible with the STP protocol and can be used for hybrid networking. Even so, RSTP and STP are the same as the SingleSpanning Tree, which has many defects, mainly in three aspects.

First defect: because the entire switching network only has one spanning tree, a long convergence time may occur when the network size is large, and the impact of topology changes is also large.

Second defect: in recent years, Q has become a mainstream switch standard protocol. In the case of symmetric network structure, the single-generation tree does not matter. However, when the network structure is asymmetrical, a single spanning tree will affect the network connectivity.

Figure 3 Asymmetric Network

Figure 3 assumes that SW1 is the root bridge, the solid-line link is VLAN 10, the dotted link is the 802.1Q Trunk link, and the Trunk is VLAN 10 and VLAN 20. when the Trunk port of SW2 is blocked, it is clear that the VLAN 20 path between SW1 and sw2.

Third defect: when the link is blocked, it will not carry any traffic, resulting in a great waste of bandwidth, which is obvious in the case of loose man.

Figure 4 low SST bandwidth utilization

Figure 4 assumes that SW1 is the root bridge, and a port of SW4 is blocked. In this case, the optical fiber laid between SW2 and SW4 will not carry any traffic, and all the traffic between SW2 and SW4 will be forwarded through SW1 and SW3, added the burden on several other links.

These defects are insurmountable by the single Spanning Tree SST, so the multi-Spanning Tree Protocol Supporting VLAN emerged.

Clever second generation Spanning Tree Protocol:

PVST/PVST +

Generating a tree for each VLAN is a direct and simple solution. It ensures that no loop exists in each VLAN. However, for various reasons, the Spanning Tree Protocol working in this way does not form a standard, but each vendor has a set, especially the VLAN Spanning Tree PVST (Per VLAN Spanning Tree) of Cisco).

In order to carry more information, PVSTBPDU format and STP/RSTPBPDU format has been different, the destination address sent also changed to the Cisco reserved address 01-00-0C-CC-CC-CD, in addition, pvst bpdu is tagged with 802.1Q VLAN when VLAN Trunk is used. Therefore, the PVST protocol is not compatible with the STP/RSTP protocol.

Cisco soon introduced the improved PVST + protocol and became the default Spanning Tree Protocol for switch products. The improved PVST + protocol runs the common STP protocol on VLAN 1 and runs the PVST protocol on other VLANs. The PVST + protocol can communicate with STP/RSTP. The Spanning Tree status on VLAN 1 is calculated according to the STP protocol. On other VLANs, common switches only forward pvst bpdu as multicast packets according to VLAN numbers. However, this does not affect the elimination of loops, but it is possible that VLAN 1 and the root state of other VLANs may be different.

Figure 5 connection between PVST + and SST

In Figure 5, all links use VLAN 1 by default, and VLAN 10 and VLAN 20. SW1 and SW3 are used to run the SSSP protocol, while SW2 runs the PVST + protocol. On VLAN 1, SW1 may be the root bridge, and Port 1 of SW2 may be blocked. On VLAN 10 and 20, SW2 can only see its own PVSTBPDU, so it considers itself a root bridge on these two VLANs. Pvst bpdu of VLAN 10 and 20 are forwarded by SW1 and SW3, so after SW2 detects this loop, it will block VLAN 10 and VLAN 20 on Port 2. this is the STP/RSTP compatibility provided by the PVST + protocol. It can be seen that the L2 loop in the network can be identified and eliminated, and it makes no sense to force the consistency of the root bridge.

Because each VLAN has an independent spanning tree, all the defects of a single spanning tree are overcome. At the same time, PVST brings new benefits, that is, layer-2 load balancing.

Figure 6 PVST + Server Load balancer

Figure 6 all four devices run the PVST + protocol, and all of them Trunk VLAN 10 and VLAN 20. if SW1 is the root bridge of all VLANs, you can configure it to block VLAN 10 on Port 1 of SW4 and VLAN 20 on Port 2, the link where port 1 of SW4 is located can still carry the traffic of VLAN20. The link where port 2 is located can also carry the traffic of VLAN 10 and provide the link backup function. This is not possible in the previous single-generation tree scenario.

The smart PVST/PVST + protocol implements VLAN recognition and Server Load balancer, but new technologies also bring about new problems. PVST/PVST + Protocol also has their "unspeakable ".

First defect: because each VLAN needs to generate a tree, the pvst bpdu traffic is proportional to the number of Trunk VLANs.

Second defect: when the number of VLANs is large, the computing workload and resource usage for maintaining multiple spanning trees will increase dramatically. Especially when the status of many VLAN interfaces of the Trunk changes, the status of all spanning trees must be re-calculated, and the CPU will be overwhelmed. Therefore, the Cisco switch limits the number of VLANs used, and it is not recommended to Trunk many VLANs on a port.

Third defect: Due to the proprietary nature of the Protocol, PVST/PVST + cannot be widely supported like STP/RSTP, and devices of different manufacturers cannot communicate directly in this mode, it can only be implemented in some flexible ways, such as Foundry IronSpan. ironSpan runs the STP protocol by default. When a port receives the PVSTBPDU, the spanning tree mode of the port is automatically switched to the PVST/PVST + compatibility mode.

In general, the network topology will not change frequently, so the disadvantages of PVST/PVST + are not fatal. However, the need for a large number of VLAN Trunk ports still exists. As a result, Cisco has made new improvements to PVST/PVST + and launched a multi-instance MISTP protocol.

Multi-instantiation third-generation Spanning Tree Protocol: MISTP/MSTP

Multi-Instance Spanning TreeProtocol defines the concept of "Instance. In short, STP/RSTP is port-based, PVST/PVST + is VLAN-based, and MISTP is instance-based. An instance is a collection of multiple VLANs. You can bind multiple VLANs to an instance to save communication overhead and resource usage.

When used, you can map multiple VLANs with the same topology to an instance. The forwarding status of these VLANs on the port depends on the status of the corresponding instance in the MISTP. It is worth noting that the VLAN and instance ing relationships of all switches in the network must be consistent, otherwise network connectivity will be affected. To detect such errors, in addition to carrying the instance id, The MISTPBPDU also carries information such as the VLAN relationship of the instance. The MISTP protocol does not process STPS, RSTP, and pvst bpdu. Therefore, it is not compatible with STPS, RSTP, or even PVST or PVST +. A loop may occur when a network is established. In order to allow the network to smoothly migrate from the PVST + mode to the MISTP mode, Cisco made a hybrid MISTP-PVST + in the switch product that can process pvst bpdu. When upgrading the network, you need to first set the devices to MISTP-PVST + mode, and then all set to MISTP mode.

The benefits of MISTP are obvious. It provides both pvst vlan recognition and load balancing capabilities, as well as a low CPU usage comparable to SST. However, poor downward compatibility and Protocol private nature block a wide range of MISTP applications.

Multiple Spanning Tree Protocol (MSTP) is a new type of multi-instantiation Spanning Tree Protocol defined in IEEE 802.1s. This Protocol is still being optimized, and only the Draft (Draft) version is available. However, Cisco has added MSTP support in CatOS 7.1. The Quidway series switches of Huawei's three-tier switch are about to launch a new version that supports MSTP.

The most subtle part of the MSTP protocol is to divide the vswitches that support MSTP and those that do not support MSTP into different regions, called MST domain and SST domain respectively. Run the multi-instantiated Spanning Tree in the MST domain, and run the RSTP-compatible built-in Spanning Tree IST (Internal Spanning Tree) on the edge of the MST domain ).

Figure 7 MSTP Working Principle

Figure 7 switches in the MST domain use mstp bpdu to exchange topology information, while switches in the SST domain use STP/RSTP/PVST + BPDU to exchange topology information. On the edge between the MST domain and the SST domain, the SST device considers that the connected device is also an RSTP device. The status of the MST device on the edge port depends on the status of the internal spanning tree, that is, the status of all VLANs on the port will be consistent.

The spanning tree to be maintained inside the MSTP device includes several built-in Spanning Tree lists. The number of spanning trees is related to the number of SST domains connected. In addition, there are several MSTP Spanning trees identified by MSTI (Multiple Spanning Tree Instance), which are determined by the number of instances configured.

Compared with the previous Spanning Tree Protocols, MSTP has obvious advantages. MSTP provides VLAN recognition capabilities to achieve load balancing and fast switchover of port statuses similar to RSTP. It can bind multiple VLANs to an instance to reduce resource usage. MSTP is highly compatible with STPS and rstps. Moreover, MSTP is a standard IEEE protocol, and the Promotion resistance is much lower.

It can be seen that all-around MSTP protocols can become the consistent direction for the development of spanning trees today.

The future of Spanning Tree Protocol

The development of any technology will not be stuck because of the emergence of an "ideal" technology. The development process of Spanning Tree Protocol itself illustrates this point. With the development of applications, a variety of new L2 tunneling technologies are emerging, such as Cisco's 802.1 QTunneling, Huawei's QuidwayS8016 QinQ, and MPLS-based L2 VPN technologies. In this new situation, users and service providers have new requirements for the Spanning Tree Protocol. Where should the Spanning Tree Protocol go? Although there is no uniform answer to this question, various vendors have begun to actively explore this issue. In the near future, the Spanning Tree Protocol Supporting the L2 tunnel technology will become the standard protocol of the switch.

Blog: http://blog.163.com/hlz_2599/blog/static/14237847420113261083105/