In the early days of computer networking, there was a big problem when developing network topologies. This problem was known as switching loops. Essentially, this is when there is more than 1 layer two device connected to two endpoints. This is a big problem and leads to broadcast storms, which in turn, can bring down an entire network. Also, since there is no TTL (Time to Live) in a Layer 2 Frame, the loop can continue forever.
To solve this problem, a new protocol was invented, and it was called the Spanning Tree Protocol. Before we dive into how STP works, let's take a look at an illustration of a basic network topology.
In this illustration, we have three layer 2 devices, specifically switches. These are SW1, SW2, and SW3. Also, we have two PCs in this network as well. These are PC-A and PC-B. We also see where this switching loop would come from. It is SW3, SW2, and SW1. We see that each switch has more than 1 endpoint that it is connected to SW1 is connected to SW2 and SW3. SW2 is connected to SW1 and SW3. Finally, SW3 is connected to SW1 and SW2. Because of this configuration, the network would be brought down fairly quickly via a broadcast storm.
So, how does STP solve this issue? That is a loaded question, but let's dive right into it!
Nowadays, modern switches have STP enabled by default, and this allows for the switch to detect any potential loops before they actually happen.
Switches use a special STP frame known as BPDU (Bridge Protocol Data Unit). BPDU stores all important information about the PC, such as the Switch Port ID and the MAC Address.
There are 2 types of BPDU's:
- Configuration BPDU
- TCN (Topology Change Notification) BPDU
Configuration BPDU's establish the network topology, and one switch is elected as the root bridge. This Root Bridge acts as the reference and center of the topology. Essentially, this switch is the one making the calls. Nothing happens without him. By having the Root Bridge as a reference, this establishes a loop-free topology.
Of course, when your network expands to hundreds or even thousands of nodes, you will have redundant links for fault tolerance. Without STP, this would cause a switching loop. However, now, certain ports will be placed in a "blocking" state. This means that it will not send or receive any frames. It is on standby.
Now, it is important to remember that a port in the blocking state will still hear Configuration BPDU's, which are sourced by the Root Bridge and forwarded downstream to the other switches every 2 seconds.
If a link or device goes down, STP steps in with another BPDU. This is called the TCP (Topology Change Notification) BPDU. The TCN BPDU will enable the switches to rework themselves. So, the ports in the blocked state are now changed into the forwarding state.
Now, it is important to remember, and I am emphasizing this, a switch port connected directly to a PC should NEVER participate in STP. However, it can and should be configured with a setting called PortFast. This enables the interface to come up right away without normal latency introduced by STP. Also, PortFast prevents TCN BPDU's from being sent out every time a PC is turned on or off. This has severe consequences such as making the switches flush their address table and relearning the MAC Address Table.
There is another important feature of STP known as BPDU Guards. A BPDU Guard will move a port configured with PortFast into a shutdown state known as ERR-DISABLED state (error occurred, disabled) if a BPDU is received on that port. So, in a simpler term, if a BPDU is received on that port, that port will be shut down.
There is another feature of STP known as Root Guards. Essentially, this is a security feature that prevents a non-root port from becoming the root port or the root bridge. This is helpful because it prevents an STP Topology Attack of replacing the root bridge with a rogue root bridge. If a non-root port tries to become the root port, the Root Guard will move the non-root port into a root-inconsistent (blocked) state.
No comments:
Post a Comment