网络设备安装与调试chp17STP和RSTP课件

1、生成树协议Spanning Tree Protocol教学目标（ Objectives ）1.冗余拓扑（Redundant Topologies）2. STP术语（STP Terms） 3.生成树操作（Spanning-Tree Operation）4.生成树操作规则（Spanning-Tree Operation Rules） 5.生成树端口状态（Spanning-Tree Port States）冗余（Redundancy）冗余网络拓扑确保网络持续工作，避免单点故障Redundant networking topologies are designed to ensure that net

2、works continue to function in the presence of single points of failure. 冗余拓扑（Redundant Topologies）冗余拓扑（Redundant Topologies）冗余拓扑（Redundant Topologies）冗余拓扑（Redundant Topologies）1.冗余拓扑的目标是为了避免网络出现单点故障A goal of redundant topologies is to eliminate network outages caused by a single point of failure. 2.

3、所有的网络需要冗余来提高可靠性All networks need redundancy for enhanced reliability.简单的冗余交换拓扑（Simple Redundant Switched Topology）简单的冗余交换拓扑（Simple Redundant Switched Topology）1.冗余拓扑消除了单点故障Redundant topologies eliminate single points of failure. 2. 交换机对不知道地址的帧进行泛洪Switches will flood frames for unknown destinations.

4、3.交换机对广播和组播也进行泛洪。 Broadcasts and multicasts are also flooded. 4.冗余交换拓扑或许会带来广播风暴、多帧拷贝以及MAC地址表不稳定的问题A redundant switched topology may cause broadcast storms, multiple frame copies, and MAC address table instability problems.广播风暴（Broadcast Storm）多帧传输（Multiple Frame Transmissions）在冗余交换网络中，对终端设备来讲，收到多帧相同

5、数据是可能的。In a redundant switched network it is possible for an end device to receive multiple frames. MAC地址表不稳定（MAC Database Instability）交换机从错误的接口学到MAC地址。A switch can learn that a MAC address is on a port when it is not.创建逻辑无环路拓扑（Creating a logical loop free topology）1.冗余增加了可靠性，但是同时将物理环路带进网络。Reliabili

6、ty is increased by redundancy. redundancy connections introduce physical loops into the network. 2. 解决办法就是创建逻辑无环路拓扑，同时保留物理环存在The solution is to allow physical loops, but create a loop free logical topology. 3.无环路拓扑称为树，并且是可扩展的树。The loop free logical topology created is called a tree. It is a spanning

7、 tree because all devices in the network are reachable or spanned. 4.创建无环路拓扑的算法称为生成树算法。The algorithm used to create this loop free logical topology is the spanning-tree algorithm. STP术语（STP Terms）桥ID (Bridge ID)2. 开销（Cost）3. 桥协议数据单元（BPDU）桥ID (Bridge ID)1.BID用来识别每一个交换机/网桥。2.BID用来确定网络的中心，在STP中称为根桥。3.优

8、先级默认为32768The BID consists of a bridge priority that defaults to 32768开销（Cost）最短路径是cost累加，而cost是基于链路的速率的。Shortest path is based on cumulative link costs. Link costs are based on the speed of the link. 桥协议数据单元（BPDU）1.交换机发送的创建逻辑无环路的数据包称为BPDUThe message that a switch sends, allowing the formation of a

9、loop free logical topology, is called a Bridge Protocol Data Unit (BPDU). 2.BPDU在阻塞的接口上也可以接收，这确保如果链路或设备出现问题，新的生成树会被计算 BPDUs continue to be received on blocked ports. This ensures that if an active path or device fails, a new spanning tree can be calculated. 3.默认，BPDU 2秒发送一次By default BPDUs are sent

10、every two seconds. 生成树协议(Spanning-Tree Protocol)生成树操作（Spanning-Tree Operation）生成树操作（Spanning-Tree Operation）1.选举根桥，BID最小即是Select a single switch that will act as the root of the spanning tree 2.计算自己到根桥距离Calculate the shortest path from itself to the root switch 3.选择根端口，距离根桥最近的接口Choose one of its por

11、ts as its root port, for each non-root switch. This is the interface that gives the best path to the root switch. 4.选指定端口和非指定端口，非指定端口被阻塞。Select ports that are part of the spanning tree, the designated ports. Non-designated ports are blocked. 生成树操作规则（Spanning-Tree Operation Rules）1.每个网络只有一个根桥One root

12、 bridge per network. 2.每个非根桥只有一个根端口One root port per nonroot bridge.3.每个段只有一个指定端口One designated port per segment.4.非指定端口不被使用Nondesignated ports are unused.STP实例（STP Example）生成树端口状态（Spanning-Tree Port States）生成树端口状态（Spanning-Tree Port States）1.在阻塞状态，端口仅能接收BPDU,需要20秒改变这种状态In the blocking state, ports

13、can only receive BPDUs. It may take up to 20 seconds to change from this state. 2.在侦听状态，交换机确定是否有到根桥的其它路径。该状态持续15秒。在该状态，用户的数据不能转发，也不能学习MAC地址。In listening state, switches determine if there are any other paths to the root bridge. the forward delay and lasts for 15 seconds. In the listening state, user

14、 data is not being forwarded and MAC addresses are not being learned. 生成树端口状态（Spanning-Tree Port States）3.在学习状态，用户的数据不能转发，但是可以学习MAC地址，该状态持续15秒。In learning state user data is not forwarded, but MAC addresses are learned from any traffic that is seen. The learning state lasts for 15 seconds and is als

15、o called the forward delay. 4.在转发状态，用户数据被转发，MAC地址继续学习，BPDU仍然工作。In forwarding state user data is forwarded and MAC addresses continue to be learned. BPDUs are still processed. Case Study交换机保持默认的STP配置，哪个接口将被置为 block状态?思考题（Questions）1.环路的存在，会导致 、 和 问题。2.交换机的ID由 和 组成。3.选举根桥时，具有较 值的桥ID的交换机会成为根桥。4.100M链路的

16、新STP Cost为 。5.STP收敛后 口和 口是处于转发状态的。6.决定指定口时，会按顺序考虑 、 、 和 因素。7.缺省时，转发延时为 秒，Hello时间为 秒，BPDU的存活时间为 秒。8.STP中，交换机的端口有 、 、 和 状态。快速生成树协议Rapid Spanning Tree Protocol教学目标（ Objectives ）RSTP的端口状态RSTP的端口角色RSTP的收敛过程RSTP的配置Rapid Spanning Tree ProtocolRSTP中的端口状态Port State端口状态Description描述Discarding 丢弃丢弃数据帧，不学习MAC地址

17、Learning 学习丢弃数据帧，学习MAC地址Forwarding 转发转发数据帧，学习MAC地址STP 端口状态RSTP端口状态端口是否在活动拓扑中BlockingDiscardingNoListeningDiscardingNoLearningLearningYesForwardingForwardingYesDisabledDiscardingNoRSTP端口角色STP 端口角色RSTP端口角色STP端口状态RSTP端口状态根口根口转发转发指定口指定口转发转发非指定口替代备份阻断丢弃关闭关闭-丢弃过渡过渡监听学习学习RSTP 链路类型链路类型DescriptionPoint-to-po

18、int 点对点全双工，用来连接另一交换机Shared 共享半双工，连接到共享介质网络RSTP 边缘接口不会有交换机连接到该接口和PortFast功能类似通过spanning-tree portfast 命令配置(TCN).一旦收到BPDU，接口立即失去边缘接口状态，成为普通STP接口，并产生TCN（拓扑变化）通知。RSTP BPDU 标志位RSTP-新的BPDU处理机制BPDU在每个Hello-time发送：BPDU在每个Hello-time时间间隔都会发送，而不再仅仅传播（relay）。在STP中，非根网桥只有在其Root端口收到BPDU时，才产生BPDU。事实上，网桥只是传播（relay）

19、BPDU，而不是生成BPUD。在RSTP中不再是这样，网桥在每一个（默认2秒）都会发送包含自己当前信息的BPDU，即便自己没有收到根网桥的BPDU。信息的快速老化：一个端口如果连续三次没有收到hello，协议信息就会立即老化（或者如果max_age过期）。由于上面提到的协议修改，BPUD可以用作网桥之间的keep-alive机制。如果一个网桥连续没有收到三个BPDU，它就会认为自己已经和其直连的Root或Designated网桥失去连接。信息的快速老化可以快速的检测链路故障，如果一个网桥不能从其相邻的设备收到BPDU，它们之间的连接无疑已经断开了。这和STP是不同的，这种问题在STP中可能发生

20、在通往根网桥的路径中的任何地方。RSTP Proposal and Agreement建议与同意RSTP Topology Change (TC) Mechanism拓扑变化机制只有非边缘接口进入转发状态才产生TC（拓扑变化）；接口接入到阻断状态不会产生TC BPDU。RSTP实验拓扑RSTP配置S1(config)#spanning-tree mode rapid-pvstS2(config)#spanning-tree mode rapid-pvstS3(config)#spanning-tree mode rapid-pvstS1(config)#int range fastEthern

21、et0/23 -24S1(config-if-range)#duplex full S1(config-if-range)#spanning-tree link-type point-to-pointS2(config)#int range fastEthernet0/23 -24S2(config-if-range)#duplex full S2(config-if-range)#spanning-tree link-type point-to-pointS3(config)#int range f0/3 -24S3(config-if)#switch mode accessS3(confi

22、g-if)# spanning-tree portfast 思考题（Questions）RSTP有什么优点？RSTP的端口状态有哪些？RSTP的端口角色有哪些？如何配置RSTP？多生成树协议Multi Spanning Tree教学目标（ Objectives ）1. MSTP的目的2. MST区域和实例3. MST的配置MST Motivation：MST的动机1000VLAN，2个MST实例每个交换机只需要维护两个STP树，减少了所需的交换机资源 。Each switch maintains only two spanning trees, reducing the need for sw

23、itch resources. MST InstancesMST实例 2个不同STP树只要求2个MST实例（每500个VLAN 1个MST实例）。2 distinct STP topologies require 2 MST instances (500 per instance here).通过控制2个MST实例，可以实现负载均衡。Load-balancing works because half of the VLANs follow each separate instance.交换机CPU负载低，因为只有2个MST实例。Switch utilization is low because

24、 it only has to handle two instances.MST RegionsMST区域所谓“域”，由域名(Configuration Name)、修订级别(Revision Level)、格式选择器(Configuration Identifier Format Selector)、VLAN与实例的映射关系(Mapping of VIDs to Spanning Trees)。其中域名、格式选择器和修订级别在BPDU报文中都有相关字段，而VLAN与实例的映射关系在BPDU报文中表现摘要信息(Configuration Digest)，该摘要是根据映射关系计算得到的一个16字

25、节签名。只有上述四者都一样且相互连接的交换机才认为在同一个域内。MST RegionsMST区域整个MST域对外只呈现出一台交换机/MST Use of Extended System IDMST使用扩展系统IDMST carries the instance number in the 12-bit Extended System ID field of the Bridge ID.MST在12位的扩展系统ID中承载了实例号MSTP的BPDU抓包MSTP的BPDU抓包MST ConfigurationMST配置Enable MST on switch. 启用MSTSwitch(config)

26、# spanning-tree mode mst Enter MST configuration submode. 进入MST子模式Switch(config)# spanning-tree mst configurationDisplay current MST configuration. 显示当前MST配置Switch(config-mst)# show currentName MST instance. 命名MST实例Switch(config-mst)# name nameSet the 16-bit MST revision number. 设置16位的MST修订号 Switch(

27、config-mst)# revision revision_numberMST Configuration (cont)MST配置（续）Map VLANs to MST instance. 映射VLAN到MST实例Switch(config-mst)# instance instance_number vlan vlan_rangeApply configuration and exit MST configuration submode.退出MST配置子模式Switch(config-mst)# exitAssign root bridge for MST instance. 指定MST实

28、例的根桥Switch(config)# spanning-tree mst instance_number root primary | secondaryMST Configuration ExampleSwitchA(config)# spanning-tree mode mstSwitchA(config)# spanning-tree mst configurationSwitchA(config-mst)# name XYZSwitchA(config-mst)# revision 1SwitchA(config-mst)# instance 1 vlan 11, 21, 31Swi

29、tchA(config-mst)# instance 2 vlan 12, 22, 32SwitchA(config)# spanning-tree mst 1 root primarySwitchB(config)# spanning-tree mode mstSwitchB(config)# spanning-tree mst configurationSwitchB(config-mst)# name XYZSwitchB(config-mst)# revision 1SwitchB(config-mst)# instance 1 vlan 11, 21, 31SwitchB(confi

30、g-mst)# instance 2 vlan 12, 22, 32SwitchB(config)# spanning-tree mst 2 root primaryVerifying MST Configuration Example (1)检查MST配置（1）Switch# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Switch(config)# spanning-tree mode mstSwitch(config)# spanning-tree mst configurat

31、ionSwitch(config-mst)# show currentCurrent MST configurationName Revision 0Instance Vlans mapped- -Switch(config-mst)# name ciscoSwitch(config-mst)# revision 1Switch(config-mst)# instance 1 vlan 1-10Switch(config-mst)# show pendingPending MST configurationName ciscoRevision 1Instance Vlans mapped- -

32、0 11-40941 1-10Switch(config-mst)# end or abort0 1-4094Verifying MST Configuration Example (2)检查MST配置（2）Switch# show spanning-tree mst# MST00 vlans mapped: 5-4094Bridge address 0009.e845.6480 priority 32768 (32768 sysid 0)Root this switch for CST and ISTConfigured hello time 2, forward delay 15, max

33、 age 20, max hops 20Interface Role Sts Cost Prio.Nbr Type- - - - - -Fa3/24 Desg FWD 2000000 128.152 ShrFa3/32 Desg FWD 200000 128.160 P2pFa3/42 BackBLK 200000 128.170 P2p# MST01 vlans mapped: 1-2Bridge address 0009.e845.6480 priority 32769 (32768 sysid 1)Root this switch for MST01Interface Role Sts

34、Cost Prio.Nbr Type- - - - - -Fa3/24 Desg FWD 2000000 128.152 ShrFa3/32 Desg FWD 200000 128.160 P2pFa3/42 Back BLK 200000 128.170 P2p# MST02 vlans mapped: 3-4Bridge address 0009.e845.6480 priority 32770 (32768 sysid 2)Root this switch for MST02Interface Role Sts Cost Prio.Nbr Type- - - - - -Fa3/24 De

35、sg FWD 2000000 128.152 ShrVerifying MST Configuration Example (3)检查MST配置（3）Switch# show spanning-tree mst 1# MST01 vlans mapped: 1-2Bridge address 0009.e845.6480 priority 32769 (32768 sysid 1)Root this switch for MST01Interface Role Sts Cost Prio.Nbr Type- - - - - -Fa3/24 Desg FWD 2000000 128.152 Sh

36、rFa3/32 Desg FWD 200000 128.160 P2pFa3/42 Back BLK 200000 128.170 P2pVerifying MST Configuration Example (4)检查MST配置（4）Switch# show spanning-tree mst interface FastEthernet 3/24FastEthernet3/24 of MST00 is designated forwardingEdge port: no (default) port guard : none (default)Link type: shared (auto

37、) bpdu filter: disable (default)Boundary : internal bpdu guard : disable (default)Bpdus sent 81, received 81Instance Role Sts Cost Prio.Nbr Vlans mapped- - - - - -0 Desg FWD 2000000 128.152 5-40941 Desg FWD 2000000 128.152 1-22 Desg FWD 2000000 128.152 3-4Verifying MST Configuration Example (5)检查MST

38、配置（5）Switch# show spanning-tree mst 1 detail# MST01 vlans mapped: 1-2Bridge address 0009.e845.6480 priority 32769 (32768 sysid 1)Root this switch for MST01FastEthernet3/24 of MST01 is designated forwardingPort info port id 128.152 priority 128 cost 2000000Designated root address 0009.e845.6480 prior

39、ity 32769 cost 0Designated bridge address 0009.e845.6480 priority 32769 port id 128.152Timers: message expires in 0 sec, forward delay 0, forward transitions 1Bpdus (MRecords) sent755, received 0FastEthernet3/32 of MST01 is designated forwardingPort info port id 128.160 priority 128 cost 200000Designated root address 0009.e845.6480 priority 32769 cost 0Designated bridge address 0009.e845.6480 priority 32769 port id 128.160Timers: message expires in 0 sec, forward delay 0, forward transitions 1Bpdus (MRecords) sent 769, received 1FastEther