Spanning Tree Protocol (STP protocol) is an algorithm to eliminate the broadcast storm or bridging loops in deploying the multiple Switches (bridges) which are interconnected redundantly in a large network infrastructure. In some cases in large environment with multi-switch networks that demand high convergence, the STP must tuned-manually.
The spanning tree algorithm (STA) has two main purposes:
- To establish a loop-free (tree-like) topology in a network containing bridges and switches. The elimination of loops in bridged (switched) networks is essential in order for communications to be reliable and to prevent traffic from endlessly looping around the network. In redundant physical links if the STP protocols are not enabled frames would loop for an indefinite period of time.
- To ensure that there is a path between each pair of network segments in a bridged network. In other words, to ensure that this loop-free tree actually “spans” the entire network.
The way the system works to prevent the looping frames is by blocking the ports from forwarding the frames so that only one active path exists between any pair of LAN segments (collision domains). This way the frames will not loop infinitely so that’s the LAN will be usable. We should remember that redundant links are not designed for load balance, there is only one link is active.
Fig 1. STP Protocol is enabled to prevent the bridging loops for forming
The figure 1 shows an illustration in a redundant links network between the two switches how the bridging loops happened. To prevent the bridging loops to form you must enable the STP protocol in each of the switches.
There are only two states in each of the ports of the switches with STP protocol enabled, the blocking state or forwarding state. Any ports in “blocking state” cannot receive nor forward the frames. On the other hand the ports that are in “forwarding state” can forward and receive the frames. By having a correct subset of the interfaces blocked, a single currently active logical path will exist between each pair of LANs.
You can use the term bridge, the switch and bridging device interchangeably because the STP protocol behaves identically for them. We should understand that the switches forward frames sent to both unknown Unicast MAC addresses and the broadcast address, out all interfaces (except the incoming interface).
The Spanning Tree Protocol (STP) was developed to prevent the occurrence of bridging loops within redundant layer-2 networks. A dominant issue facing switched LANs is the use of redundant links and/or switches which are used to provide fault tolerance in the network. STP protocol is a protocol that should be configured correctly to suit the specific requirements of any complex (multiple switches with redundant connections) switched or bridged LAN.
STP protocol analyses the layer-2 LAN topology and from a reference point (root bridge), locates any redundant pathways (bridge loops) within the network. Bridging loops can cause a number of network problems including broadcast storms, duplicate frame copies and LAN Switch MAC-database instability problems.
In complex multi-switch environments a STP root switch should be manually selected. This is normally the most reliable and powerful switch at the centre of the LAN. This device functions as the reference point and controls much of the STP communications.
Implementation
To collect the network topology information needed to use the STA, bridges and switches periodically send to each other special data-link layer messages called bridge protocol data unit (BPDU) messages, which are based on the IEEE 802.1 specification. These messages allow a bridged/switched network to elect a root bridge for the entire network and designated bridges for each network segment, which form the basis of the spanning tree created by the algorithm. The STA determines which ports are redundant and form loops on the network and issues messages that cause those ports to be shut down (blocked) to eliminate the loops. Ports that are blocked are still active (still receiving BPDU messages), however, so that if the network topology changes (for example, by a bridge going down or being moved) the port can be unblocked if required to ensure that the network is still fully spanned.
Issues
Implementing the STA on Ethernet switches can sometimes prevent Dynamic Host Configuration Protocol (DHCP) clients from renewing their leases with the DHCP server. For example, it could take a few seconds for the STA to check the ports on a switch for loops, and if a DHCP client tried to obtain a DHCP lease during this time, the DHCPREQUEST packet could be lost. Should this problem arise, you can work around it either by disabling the algorithm on switches or by manually releasing and renewing the computer’s Internet Protocol (IP) address using ipconfig.
In large network organizations, they develop such kinds of standards that must be deployed across the business units (the sites). The following guidelines are minimum requirements when you deploy the redundant links with STP protocol enabled:
- All the switches must support the IEEE 802.1d version of STP protocol and must be enabled. Even though the default manufacturer for the STP protocol is enabled, manual review to assure the ‘enabled’ state must be done.
- Make sure that the documentation identifying the LAN topology and all redundant links that may be involved in a STP bridging loop exist and must be well managed.
The two above are minimum requirements, and three below lists the recommended requirements as addition of the minimum requirements:
- All the ports of the switches connecting to the computers, servers, printers and routers must be “port-fast” enabled except those ports to the switches and bridges. Port-fast can also be known as the fast-start or start-forwarding.
- In a complex environment with multiple switches, the “STP root” must be defined. This will also apply to networks with multiple VLANS, and must be done per VLAN basis.
- In complex multiple switch environments, the definition of a STP root is required. If using multiple VLANs, this will also need to be done on a per VLAN basis.
- If the requirements of large data pipes are exist, Ether Channel technologies (FEC\GEC) should be used in excess of standard Fast or Gigabit Ethernet speeds
Fig 2 Links Agregation
STP port-fast (aka fast-start or start-forwarding) can be used to quickly transition host ports without the need to transition slowly via the various STP states. Without STP port-fast enabled, many connections simply timeout when trying to establish a connection for the first time. Some Novell IPX and DHCP connections have been known to fail without STP port-fast support enabled. in case of connecting between switches, the port-fast must not be enabled because this will create spurious bridging loops into the network. STP port-fast is a feature that is available on most modern intelligent switches and is not enabled by default.
Ether Channel technologies allows you aggregate redundant links into a single high speed bundle to minimize the impact of STP protocol. Ether channel technology allows you combine up to four Fast or Gigabit Ethernet connections to produce a 800 Mbps Fast Ether Channel (FEC) or 8 Gbps Gigabit Ether Channel (GEC) full-duplex bundle.
In a large complex environment which consists of large number of switches, all the switches must be STP-enabled and should be manually tuned to reach a fast convergence and LAN stability and to prevent the bridging loops and broadcast storms to occur.
Compiled from CCNA exam materials
You may consider:
- information security management guidelines
- Basic knowledge about vlan – VLAN tutorial and guidelines
- Sample risk security assessment
- types of WAN Technologies – known WAN technologies
- Small business networking security
Great post very interesting blog. I will get back again to this site later on to check some of other blogposts. Appreciate it!
Simply great document for understanding the mandra STP protocol.
Good explanation on STP.