How to Prevent loops through Spanning Tree Protocol STP in vswitch configuration tutorial

An article once mentioned that if an enterprise only uses one vswitch for networking, there will be a single point of failure. If the switch is broken, then several modules cannot work normally at this time, A client cannot access the server, connect to the internet, or access the printer. In other words, if a fault occurs, the entire network cannot work normally. Therefore, in a general switched network, we all need to perform redundancy on the switch, but introducing redundancy will cause another problem. A very serious problem is the network loop. Then, the network loop will bring about factors such as broadcast storms, multi-repeat data frames, and unstable MAC address tables. We can see that the network loop problem is indeed not small. The solution is to use the Spanning Tree Protocol STP.
Spanning-Tree Protocol: STP for short. This Protocol can be applied to loop networks. path redundancy is achieved through certain algorithms, and the loop is trimmed into a non-loop Tree network, this prevents the message from being "inactive" in the Loop Network ". The Rapid Spanning Tree Protocol RSTP (Rapid Spanning Tree Procotol) implemented by www.2cto.com Ethernet Exchange is an optimized version of the Spanning Tree Protocol, its "fast" is reflected in the delay between the root port and the specified port entering the forwarding state, which is greatly shortened under certain conditions, thus reducing the time required for stable network topology.
MSTP (Multiple Spanning Tree Procotol) is the abbreviation of the Multi-Spanning Tree Protocol, which is compatible with STP and RSTP.
Let's introduce STP in detail: STP was created to overcome the problem of transparent bridging in redundant networks, the purpose is to negotiate a non-circular path to the root bridge to avoid and eliminate loops in the network. It identifies the loops in the network and dynamically blocks redundant links. In this way, it ensures that there is only one path to each destination, so there will never be a loop.
Set a sub-optimal interface in the loop in the Block state to break the loop. Note: This interface is only set to Block state, but is only a state, rather than actually closing this interface. Once other links in the network have problems, the blocked interface can be restored to the forwarding status. :

Basic Idea: Every switch is called a bridge here. So when we talk about the bridge, we will know that it refers to a switch. When each switch is started, it considers itself as a root bridge, so we will discuss who is the root of the competition and define a game rule, transmit a special message BPDU (Bridge Procotol Data Unit) between bridges. The Bridge protocol Data Unit contains enough information to do the following: select a root Bridge from all the bridges in the network, then calculate the shortest path from the local bridge to the root bridge. In addition, the root bridge sends BPDU every 2 seconds. BPDU data frame contains a lot of content ,:

Here we only care about the bridge ID (including the priority of two bytes and the MAC address of six bytes ).

The root Bridge method is to compare the Bridge ID of each vswitch, that is, the Bridge ID. The format of this Bridge ID is:

There are two components: one is the bridge priority, and the other is the MAC address, but the Cisco switch priority is 32768 by default. If the priority is the same and the MAC address is compared later, the MAC address is definitely different, so the small one is the root bridge. In a network, there can only be one root bridge. Other bridges are called non-root bridges. Each port on the root bridge is called an assigned port, it can also be said that each port on the root bridge is the root port, but the port name on the non-root bridge is different. A non-root bridge has a port called the root port, and other ports are called non-assigned ports. Www.2cto.com

As we said just now, if there are multiple switches and the root bridge uses bridgeID, how can I know which is the root port and which is the non-assigned port on the non-root bridge, there is also a rule that compares the cost, priority, MAC address, and port number of each port to the root bridge in sequence (from left to right, it is relatively soft ), it can be divided into multiple ports of a vswitch and multiple ports of a vswitch if selected. If the same vswitch is used, the minimum cost of reaching the root bridge is the root port. The key is how to know which port has the lowest cost, which is defined according to the bandwidth:

The lower the overhead, the higher the connection rate and the faster the speed. Let's look at the figure above. There are two links, one is 100 BASET, the other is 10BASE-T, the other is 100, and the other is 19. The above port is selected as the root port. The following port is a non-assigned port, which will be specified as a BLOCK and unavailable until the root port is unavailable ". However, it should be noted that the port is blocked and user data cannot be sent, but BPDU can be received. If multiple non-root bridges want to select a root port, compare the cost first. If the cost is the same, compare the priority. If the priority is the same, then compare the MAC address, this must be different.

For this figure, the port used to process the Block status should be Port 1 of switch Y. Because the link prices on both sides are the same and the priority is the same by default, the MAC address is compared, however, because the MAC address of vswitch X is small, its ports are in the forwarding status. However, Port 1 of vswitch y is blocked.

The above are the root bridges, root ports, assigned ports, and non-assigned ports we have analyzed. Then, a port is in four statuses, namely block, listening, learning, and forward, from starting to running normally. Let's analyze them as follows:
Block ------ In order to prevent the bridge from loop, all ports start to be in the Block state. If the switch receives the same BPDU on other ports, the switch considers that there is another link to reach the root bridge. If the spanning tree determines that the other links are in a better path to the root bridge, this port continues to be block. If this port is considered by the switch as the best port, it enters the following state. This time is 20 seconds, which is called the maximum life cycle. Www.2cto.com listening ----- the port is changed from block to listening. During this time, it uses listening to check whether there are other paths to the root bridge. In this status, the port can listen to the configuration message, but cannot forward or receive user data. The port is not allowed to put any information it has heard into the address table, which takes 15 seconds. The listening status during this period is actually used to indicate that the port is ready for transmission, but it is willing to listen again to confirm that it will not generate a loop. learning ------- the learning status is very similar to the listening status. Apart from the port, you can add the information it has learned to the address table, but it still cannot send or receive user data. This process is also 15 seconds. Forward ----- this status indicates that user data can be sent and received. If a non-root switch does not receive any configuration information within 20 seconds, that is, if it does not receive the BPDU, it will think that the link connecting to the port is faulty, so it re-calculates the STP. Select the root bridge, root port, assigned port, and unassigned port again. The above is a detailed introduction of the Spanning Tree Protocol, but note that STP only works for L2 loops and does not work for physical layer loops, A loop layer can be said to be purely artificial. Of course, we have talked so much about it, and there are not many commands we need to configure, because Cisco has enabled the Spanning Tree Protocol by default, at the end of this section, I will attach relevant experiments to verify the role of stp. Note that STP only works for L2 loops and does not work for physical layer loops. A L2 loop can be said to be purely artificial !!! Lab1: spanning-tree experiment objective: to understand the role of the spanning tree Protocol and the dangers of not enabling the spanning tree Protocol when redundant loops exist in the network. Experimental Equipment: Two Cisco system switches, one PC, two ethernet cables, and one Ethernet direct connection. Www.2cto.com topology:

Disable the Spanning tree Protocol on both switches: Switch (config) # nospanning-tree verification method: after the Spanning Tree Protocol is disabled on both switches, the interface lights connected to the two switches will soon flash. This is a broadcast storm, at this time, you can turn on the Performance Monitor on the PC and find that the CPU usage is also very high. You can use show spanning-tree to view information about the spanning tree Protocol ,:

You can see that the vswitch is the root bridge, and you can also view the port information by running the command showspanning-treeinterface port number! We will introduce the STPS content here. It's easy! This article is from the fat shark network.