- Cisco Community
- Technology and Support
- Networking
- Switching
- Spanning-tree terminology question(s)
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-16-2011 07:04 AM - edited 03-06-2019 03:01 PM
Hi all,
I have some confusion of the spanning tree terminologies I came across while studying. Can someone explain me clearly on what they and how different they are from others?
Sorry for posting so many questions in one thread but I just do not what to run multiple threads on this.
1. PVST - I know that this is the legacy STP protocol (cisco proprietary) and will run on ISL trunk links. But in my router I see only 3 modes for STP namely PVST, MST and RAPID-PVST. So if I choose to run pvst mode over dot1q trunk links do I essentially run PVST+ or still I run only PVST?
2. PVST+ - Continuation to above question how to run PVST+ mode on my routers as I see only the above mentioned 3 modes available.
3. Spanning tree enabled protocol ieee - When I see this when I execute "show spanning-tree vlan x" which mode do I assume PVST or PVST+?
4. CST - What is a common spanning tree and why it is needed? I read in some document mentioning that is will run on STP instance for all VLANs to reduce switch load but does it essentially mean a flavor of MST mode?
5. IST - Why do we need an IST instance inside an MST regions? It says that it will only generate the BPDUs inside a region but how will it differentiate different instances inside MST? Any useful document link or video link here would be very useful to me.
6. rapid-pvst - When I choose to run this mode do I essentially run r-pvst or r-pvst+ mode?
7. Root bridge selection - I know the process of a root bridge selection but my doubt is why when a switch with a lowest bridge is added to the network again an election happens? I am comparing this to DR/BDR election in OSPF network where the re-election will happen only when the already elected routers fail.
8. BPDUGUARD Vs BPDUFILTER - What is the difference between these two features? Both of them are anyways filtering the bpdu then why two separate features?
9. Aging Time 300 - I see this under "Bridge ID" section of "show spanning-tree vlan x" output. What does this signify and how this is helpful? The mac-address table aging time?
10. show spanning-tree bridge id - The output of this command is as follows.
nPE1#show spanning-tree bridge id
VLAN0001 8001.0021.d8ca.c340
VLAN0002 8002.0021.d8ca.c340
What does the 8001 and 8002 signify? I was thinking of bridge priority (with vlan number) and mac-address as BID of a switch. But this command yields some different output.
11. RLQ request/response - I know that these messages are used in backbonefast feature but are they a different type of BPDUs or it is embedded in conf BPDUs? To my knowledge I know that only 2 types of BPDUs exists. Configuration and TCN BPDUs. Are these are different kind? I tried to captures after enabling the backbonefast feature but I could not find in my wireshark. I turned on the debugs where it says that it received rlq messages but I couldnt see in packet capture
12. STP/R-STP Timers - In legacy stp, all switches send the BPDUs to the root and the root inturn propagates to all other switches. So why the timer configured on root bridge will take effect on all swithces. But in RSTP all switches all the capability to send BPDUs then if there is a mismatch in STP timers between itself and the root, which one will be agreed upon?
Hopefully I have listed down all the doubts I had in my mind. I will be glad enough if someone clarifies all these points.
Thanks,
Madhu
Solved! Go to Solution.
- Labels:
-
Other Switching
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-16-2011 07:39 AM
Hello Madhu,
Lots of questions yield lots of answers
1. PVST - I know that this is the legacy STP protocol (cisco proprietary) and will run on ISL trunk links. But in my router I see only 3 modes for STP namely PVST, MST and RAPID-PVST. So if I choose to run pvst mode over dot1q trunk links do I essentially run PVST+ or still I run only PVST?
If you are running spanning-tree mode pvst then the PVST or PVST+ will be automatically run on trunks according to their encapsulation. ISL trunks will run PVST while IEEE 802.1Q trunks will run PVST+. There is no special command to activate only PVST or only PVST+.
2. PVST+ - Continuation to above question how to run PVST+ mode on my routers as I see only the above mentioned 3 modes available.
Simply make all trunks do 802.1Q encapsulation and if the spanning-tree mode pvst is configured, the PVST+ will be running automatically on the trunks.
3. Spanning tree enabled protocol ieee - When I see this when I execute "show spanning-tree vlan x" which mode do I assume PVST or PVST+?
Assume both, as the exact type is decided on a per-trunk basis depending on its encapsulation.
4. CST - What is a common spanning tree and why it is needed? I read in some document mentioning that is will run on STP instance for all VLANs to reduce switch load but does it essentially mean a flavor of MST mode?
Originally, the 802.1D and 802.1w STP/RSTP as specified by IEEE were not VLAN-aware. What they created when run in a network was a spanning-tree whose topology was identically shared by all VLANs, hence the term 'Common Spanning Tree' - common for all VLANs. Agreed, it is in effect quite similar to running MST using a single instance. Cisco switches use the CST when talking to non-PVST world.
Without going into lengthy explanations, let me reference a document that may clarify this better than I can at the moment:
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00801d11a0.shtml#topic1
5. IST - Why do we need an IST instance inside an MST regions? It says that it will only generate the BPDUs inside a region but how will it differentiate different instances inside MST? Any useful document link or video link here would be very useful to me.
By far the best explanation of the entire MST was given by Petr Lapukhov on his INE blog - enjoy here:
http://blog.ine.com/2008/07/27/mstp-tutorial-part-i-inside-a-region/
http://blog.ine.com/2008/09/24/mstp-tutorial-part-ii-outside-a-region/
While not an easy reading (the MSTP is not an easy topic!), I suggest very much reading these two articles first, and then please come back with any additional questions about the MSTP. These articles will very certainly answer lots of your questions here.
6. rapid-pvst - When I choose to run this mode do I essentially run r-pvst or r-pvst+ mode?
Both on a per-trunk basis, depending on the encapsulation used.
7. Root bridge selection - I know the process of a root bridge selection but my doubt is why when a switch with a lowest bridge is added to the network again an election happens? I am comparing this to DR/BDR election in OSPF network where the re-election will happen only when the already elected routers fail.
Indeed, when a new switch is added to a network whose BID is lower than that of the current root, new elections will take place and the added switch will become the new root switch. If the added switch has a higher BID, no election occurs. Your question has a very good merit - is it actually appropriate for the STP and all its incarnations to preemptively change the root switch? That is a question that will probably go unanswered as there are good arguments both for and against a preemptive election. The DR/BDR elections are non-preemptive in OSPF, and the DIS election is preemptive in IS-IS (both DR and DIS have very similar functions), so this is a nice example that it can be done both ways. For now, I can only say that the STP was designed that way, and no one challenged that so far.
8. BPDUGUARD Vs BPDUFILTER - What is the difference between these two features? Both of them are anyways filtering the bpdu then why two separate features?
They are quite dissimilar, actually. The BPDUGuard puts a port into an err-disabled state when a BPDU is received. It is usually put on edge ports as an additional protection technique against possible loops or unauthorized extensions of a network. Should a BPDU be received (no normal workstation ever sends BPDUs!), it is clear that there is something inappropriate connected to that port, and it will be shutdown.
The BPDUFilter prevents BPDUs from being sent and received on an interface. The BPDUFilter is essentially a way how to "turn off" STP on a particular port. A port with BPDUFilter activated directly in the interface configuration won't send any BPDUs, and will ignore all received BPDUs as if they never came. The BPDUFilter can be also activated globally using the command spanning-tree portfast bpdufilter default in which case it applies only to PortFast-enabled ports, and it behaves differently in that case: when a port comes up, it sends 10-11 BPDUs and then it stops sending BPDUs. If it ever receives a BPDU, the BPDUFilter (and the PortFast as well) is deactivated on that port and the port becomes a normal non-edge STP-participating port that receives and sends BPDUs just like any other port - until the port is disconnected.
While these two features may seem similar, they are quite unlike. As a single example, a BPDUFilter by itself will never cause a port to become blocking or shutdown while the BPDUGuard will make just that.
9. Aging Time 300 - I see this under "Bridge ID" section of "show spanning-tree vlan x" output. What does this signify and how this is helpful? The mac-address table aging time?
Basically, this output tells whether the aging time for MAC entries of a particular VLAN are aging according to the global configuration of the switch, or whether the switch is currently receiving the TC BPDUs (Topology Change), in which case the MAC address aging time is reduced to the forward_delay value advertised by the current root switch.
10. show spanning-tree bridge id - The output of this command is as follows.
nPE1#show spanning-tree bridge id
VLAN0001 8001.0021.d8ca.c340
VLAN0002 8002.0021.d8ca.c340What does the 8001 and 8002 signify? I was thinking of bridge priority (with vlan number) and mac-address as BID of a switch. But this command yields some different output.
The 8001 and 8002 is the bridge priority. With all recent switches, the bridge priority has a configurable value (in steps of 4096) and a fixed value into which the VLAN number is copied (this functionality is called the extended system ID). The 0x8001 = 32769 and 0x8002 = 32770, signifying that the priority of the switch for both VLANs is 32768 (the default value) and the VLAN IDs are 1 (32768+1) and 2 (32768+2).
11. RLQ request/response - I know that these messages are used in backbonefast feature but are they a different type of BPDUs or it is embedded in conf BPDUs? To my knowledge I know that only 2 types of BPDUs exists. Configuration and TCN BPDUs. Are these are different kind? I tried to captures after enabling the backbonefast feature but I could not find in my wireshark. I turned on the debugs where it says that it received rlq messages but I couldnt see in packet capture
See the following URL for more information:
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800c2548.shtml#root_link
12. STP/R-STP Timers - In legacy stp, all switches send the BPDUs to the root and the root inturn propagates to all other switches. So why the timer configured on root bridge will take effect on all swithces. But in RSTP all switches all the capability to send BPDUs then if there is a mismatch in STP timers between itself and the root, which one will be agreed upon?
If I am not mistaken, even in RSTP, the frequency of sending BPDUs is dictated by the timers of the current root switch.
Best regards,
Peter
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-16-2011 07:39 AM
Hello Madhu,
Lots of questions yield lots of answers
1. PVST - I know that this is the legacy STP protocol (cisco proprietary) and will run on ISL trunk links. But in my router I see only 3 modes for STP namely PVST, MST and RAPID-PVST. So if I choose to run pvst mode over dot1q trunk links do I essentially run PVST+ or still I run only PVST?
If you are running spanning-tree mode pvst then the PVST or PVST+ will be automatically run on trunks according to their encapsulation. ISL trunks will run PVST while IEEE 802.1Q trunks will run PVST+. There is no special command to activate only PVST or only PVST+.
2. PVST+ - Continuation to above question how to run PVST+ mode on my routers as I see only the above mentioned 3 modes available.
Simply make all trunks do 802.1Q encapsulation and if the spanning-tree mode pvst is configured, the PVST+ will be running automatically on the trunks.
3. Spanning tree enabled protocol ieee - When I see this when I execute "show spanning-tree vlan x" which mode do I assume PVST or PVST+?
Assume both, as the exact type is decided on a per-trunk basis depending on its encapsulation.
4. CST - What is a common spanning tree and why it is needed? I read in some document mentioning that is will run on STP instance for all VLANs to reduce switch load but does it essentially mean a flavor of MST mode?
Originally, the 802.1D and 802.1w STP/RSTP as specified by IEEE were not VLAN-aware. What they created when run in a network was a spanning-tree whose topology was identically shared by all VLANs, hence the term 'Common Spanning Tree' - common for all VLANs. Agreed, it is in effect quite similar to running MST using a single instance. Cisco switches use the CST when talking to non-PVST world.
Without going into lengthy explanations, let me reference a document that may clarify this better than I can at the moment:
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00801d11a0.shtml#topic1
5. IST - Why do we need an IST instance inside an MST regions? It says that it will only generate the BPDUs inside a region but how will it differentiate different instances inside MST? Any useful document link or video link here would be very useful to me.
By far the best explanation of the entire MST was given by Petr Lapukhov on his INE blog - enjoy here:
http://blog.ine.com/2008/07/27/mstp-tutorial-part-i-inside-a-region/
http://blog.ine.com/2008/09/24/mstp-tutorial-part-ii-outside-a-region/
While not an easy reading (the MSTP is not an easy topic!), I suggest very much reading these two articles first, and then please come back with any additional questions about the MSTP. These articles will very certainly answer lots of your questions here.
6. rapid-pvst - When I choose to run this mode do I essentially run r-pvst or r-pvst+ mode?
Both on a per-trunk basis, depending on the encapsulation used.
7. Root bridge selection - I know the process of a root bridge selection but my doubt is why when a switch with a lowest bridge is added to the network again an election happens? I am comparing this to DR/BDR election in OSPF network where the re-election will happen only when the already elected routers fail.
Indeed, when a new switch is added to a network whose BID is lower than that of the current root, new elections will take place and the added switch will become the new root switch. If the added switch has a higher BID, no election occurs. Your question has a very good merit - is it actually appropriate for the STP and all its incarnations to preemptively change the root switch? That is a question that will probably go unanswered as there are good arguments both for and against a preemptive election. The DR/BDR elections are non-preemptive in OSPF, and the DIS election is preemptive in IS-IS (both DR and DIS have very similar functions), so this is a nice example that it can be done both ways. For now, I can only say that the STP was designed that way, and no one challenged that so far.
8. BPDUGUARD Vs BPDUFILTER - What is the difference between these two features? Both of them are anyways filtering the bpdu then why two separate features?
They are quite dissimilar, actually. The BPDUGuard puts a port into an err-disabled state when a BPDU is received. It is usually put on edge ports as an additional protection technique against possible loops or unauthorized extensions of a network. Should a BPDU be received (no normal workstation ever sends BPDUs!), it is clear that there is something inappropriate connected to that port, and it will be shutdown.
The BPDUFilter prevents BPDUs from being sent and received on an interface. The BPDUFilter is essentially a way how to "turn off" STP on a particular port. A port with BPDUFilter activated directly in the interface configuration won't send any BPDUs, and will ignore all received BPDUs as if they never came. The BPDUFilter can be also activated globally using the command spanning-tree portfast bpdufilter default in which case it applies only to PortFast-enabled ports, and it behaves differently in that case: when a port comes up, it sends 10-11 BPDUs and then it stops sending BPDUs. If it ever receives a BPDU, the BPDUFilter (and the PortFast as well) is deactivated on that port and the port becomes a normal non-edge STP-participating port that receives and sends BPDUs just like any other port - until the port is disconnected.
While these two features may seem similar, they are quite unlike. As a single example, a BPDUFilter by itself will never cause a port to become blocking or shutdown while the BPDUGuard will make just that.
9. Aging Time 300 - I see this under "Bridge ID" section of "show spanning-tree vlan x" output. What does this signify and how this is helpful? The mac-address table aging time?
Basically, this output tells whether the aging time for MAC entries of a particular VLAN are aging according to the global configuration of the switch, or whether the switch is currently receiving the TC BPDUs (Topology Change), in which case the MAC address aging time is reduced to the forward_delay value advertised by the current root switch.
10. show spanning-tree bridge id - The output of this command is as follows.
nPE1#show spanning-tree bridge id
VLAN0001 8001.0021.d8ca.c340
VLAN0002 8002.0021.d8ca.c340What does the 8001 and 8002 signify? I was thinking of bridge priority (with vlan number) and mac-address as BID of a switch. But this command yields some different output.
The 8001 and 8002 is the bridge priority. With all recent switches, the bridge priority has a configurable value (in steps of 4096) and a fixed value into which the VLAN number is copied (this functionality is called the extended system ID). The 0x8001 = 32769 and 0x8002 = 32770, signifying that the priority of the switch for both VLANs is 32768 (the default value) and the VLAN IDs are 1 (32768+1) and 2 (32768+2).
11. RLQ request/response - I know that these messages are used in backbonefast feature but are they a different type of BPDUs or it is embedded in conf BPDUs? To my knowledge I know that only 2 types of BPDUs exists. Configuration and TCN BPDUs. Are these are different kind? I tried to captures after enabling the backbonefast feature but I could not find in my wireshark. I turned on the debugs where it says that it received rlq messages but I couldnt see in packet capture
See the following URL for more information:
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800c2548.shtml#root_link
12. STP/R-STP Timers - In legacy stp, all switches send the BPDUs to the root and the root inturn propagates to all other switches. So why the timer configured on root bridge will take effect on all swithces. But in RSTP all switches all the capability to send BPDUs then if there is a mismatch in STP timers between itself and the root, which one will be agreed upon?
If I am not mistaken, even in RSTP, the frequency of sending BPDUs is dictated by the timers of the current root switch.
Best regards,
Peter
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-17-2011 02:03 AM
Hi Peter,
Thanks a lot for answering my questions. 5 star rating to you. It was really helpful as always. So here are results of my experiments based on the facts you gave.
1. I verified this by enabling the "debug spanning bpdu" for a single dot1q and isl trunk links and confirmed it via the 'linktype" value in the bpdu sent/received.
On ISL Link...
Jan 17 12:50:16.983 IST: SP: STP: VLAN0002 rx BPDU: config protocol = ieee, packet from GigabitEthernet6/1 ,
linktype IEEE_SPANNING , enctype 2, encsize 17
!
interface GigabitEthernet6/1
switchport
switchport trunk encapsulation isl
switchport mode trunk
speed nonegotiate
end
On .1Q Link
Jan 17 12:51:30.195 IST: SP: STP: VLAN0002 rx BPDU: config protocol = ieee, packet from GigabitEthernet1/13 , linktype SSTP , enctype 3, encsize 22
!
interface GigabitEthernet1/13
switchport
switchport mode trunk
spanning-tree vlan 2 port-priority 160
So the highlighed field exposed whether it is pvst or pvst+ mode of operation. So technically we cannot generalize the stp mode running is only 'pvst' as we have configured "spann mode pvst". It can also be a pvst+. Unfortunately there is no show command to figure it out rightaway:(
Got the same discussion here as well..
http://www.groupstudy.com/archives/ccielab/200706/msg01924.html
2. Yes. The above explanation holds good for this question.
3. Same as above and the exact current mode will be evident from the 'linktype' value in the bpdu. But I don't see this field in the BPDU packets I captured. It just shows the "Protocol Identifier : Spanning Tree protocol (0x0000), Protocol Version Identifier : Spanning Tree (0) and BPDU Type: Configuration (0x00).
4. I think I have to read the link you referenced few more times to nail down the concept of CST
5. Yeah as you said MST is a little difficult protocol to soak into my brain. Will have to read more on this but first let me get comfortable with other simpler variants.
6. From your explanation I will have to assume that I am running RPVST+ if I choose to run rstp on .1q trunks and RPVST if I choose to run rstp on isl trunks. The same debug as in point 1 "debug spanning bpdu" yielded only the message as below. It did not detail on fields in bpdu.
Jan 17 13:00:33.111 IST: SP: RSTP(1): sending BPDU out Gi1/13
Again in packet capture I just see " BPDU Type: Rapid/Multiple Spanning Tree (0x02) which generalized the mode. Not sure on this one.
7. Hmm. Thanks for that detailed explanation. So I will have to go by 'definition' that an election will happen. But one more doubt when I choose Primary and Secondary root. If a newly added switch has next best BID than the root will it become the potential secondary root? I will experiment on this one as well anyways.
8. I have tried and confirmed the BPDUGUARD functionality and enabling per interface level BDPUFilter functionality. But that weird second part I will try when I go to my lab.
9. Yeah I see that this value mentioned here is a direct copy from "mac-address-table aging-time" command. But when you say when there is TCN it will be reduced to forward_delay value I dont this field in "show spanning vlan x" command being updated. So where can I confirm if it is going to flush mac entries within that time?
10. Got it now. The priority values are printed in hex rather that decimal. Inconsisten between "show span vlan x" and "show span bridge id" command.
11. Yes I referred to that link already for frame format but still I cannot see RLQs in packet capture.
12. Yes 100% true. I tested this and confirmed in rstp mode of operation.
Again thanks a lot for answering my question with lot of patience.
Regards,
Madhu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-24-2017 04:16 PM
i was so confused about this but now i came to this conclusion
I think "PVST" and "PVST+" are the same thing, dont confuse yourself with it.
"PVST+" additional feature of Cisco, added to IEEE Standard 802.1d STP.
which means there will be separate INSTANCE per VLAN.
Nowadays PVST+ is oftently use as PVST. So PVST = PVST+
"PVST" is Cisco default STP Mode.
To enable "PVST+" this command is use " spanning-tree mode pvst "
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
