Multiple Spanning-Tree maps the set of VLANs into MST instances (MSTI) which each has an instance-specific STP root switch. In addition, there is a region Internal Spanning Tree (IST) aka MSTI0 that is used for exchanging MSTP BPDUs for all MSTIs. IST BPDUs (capture 1-1) carries all the STP information inside an MSTP Region.
First, MSTP BPDU includes information related to IST such as switch Bridge Id, Root Bridge Id for the Common and Internal Spanning Tree Root (CIST Root) and a timer values (Max Age, Hello Time and Forward Delay). The timer values are used in each MSTP Instances.
Second, The MSTP BPDU carries an MST extension header that includes the name of the MST Region, its Config revision number and a hash value. The hash value is derived from the VLAN to MSTI mapping information, the actual 1:1 VLAN to MSTI information is not carried within BPDU packets. There is also information about the CIST Regional (Internal) Root switch. The difference between the CIST Root and the CIST Regional Root is that the CIST Root is used as an STP Root for all regions when there are multiple MSTP regions connected with each other. The CIST Regional Root in turns is used as an MST Region IST root. MST Extension header carries M-records, which contains the MST Instance specific information such as MSTI Regional Root that is used to create Instance specific loop-free Layer 2 path inside a region. The root election process is based on the Proposal/Agreement messages just like in the Rapid PVST+/RSTP.
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Multiple Spanning Tree (3)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x7c, Agreement, Forwarding, Learning, Port Role: Designated
Root Identifier: 4096 / 0 / 5e:00:00:00:00:00
Root Path Cost: 0
Bridge Identifier: 4096 / 0 / 5e:00:00:00:00:00
Port identifier: 0x8002
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Version 3 Length: 96
MST Extension
MST Config ID format selector: 0
MST Config name: Left-Region
MST Config revision: 0
MST Config digest: 13d150563ae60e9eae93f51c02c72ac0
CIST Internal Root Path Cost: 0
CIST Bridge Identifier: 4096 / 0 / 5e:00:00:00:00:00
CIST Remaining hops: 20
MSTID 1, Regional Root Identifier 4096 / 5e:00:00:01:00:00
MSTI flags: 0x78, Agreement, Forwarding, Learning, Port Role: Root
0001 .... = Priority: 0x1
.... 0000 0000 0001 = MSTID: 1
Regional Root: 5e:00:00:01:00:00 (5e:00:00:01:00:00)
Internal root path cost: 20000
Bridge Identifier Priority: 8
Port identifier priority: 8
Remaining hops: 20
MSTID 2, Regional Root Identifier 4096 / 5e:00:00:02:00:00
MSTI flags: 0x7c, Agreement, Forwarding, Learning, Port Role: Designated
0001 .... = Priority: 0x1
.... 0000 0000 0010 = MSTID: 2
Regional Root: 5e:00:00:02:00:00 (5e:00:00:02:00:00)
Internal root path cost: 20000
Bridge Identifier Priority: 8
Port identifier priority: 8
Remaining hops: 19
|
Capture 1-1: Multiple Spanning Tree BPDU
Figure 1-1 illustrates the example MST region, named as Left-Region, with three switches (Sw1, Sw2, and Sw3). Even VLANs 10, 20, 30 and 40 are mapped into MSTI1 where the STP root switch is Sw2. Odd VLANs 11, 22, 33 and 44 are mapped into MSTI2 where the STP root switch is Sw3. All VLANs that are not mapped into any specific MST Instance belongs to MST0 by default. The STP Root switch of MSTI0 is Sw1.
The MSTP Instance-based root selection process, failure detection and recovery processes are predictable within the MSTP Region. There are some considerations when the MSTP region is connected to another MSTP region or to PVST/Rapid PVST+ domain.
Consideration with MSTP Inter-Region Connection
Figure 1-2 shows two MSTP Region, Left-Region and Right-Region and their respective MSTI0 STP root switches. MSTI0 Root in Left-Region is Sw1 with the STP priority 4096 while MSTI0 STP Root switch in Right-Region is Sw6 with configured STP priority 0.
When the MSTP Regions Left-Region and Right-Region are connected with the redundant inter-switch links as shown in figure 1-3, the switches Sw2, Sw4, Sw3, and Sw5 starts receiving BPDUs from the external region (capture 1-2). Switches then mark these MSTP Regions external ports as Boundary ports. This starts the process where the Common and Internal Spanning Tree (CIST) root switch among all the MSTP region is elected. The election is based on IST Root Bridge Id (IST Priority/MAC) comparison between regions. Since Sw6 in Right-Region has better (lower) STP priority than Sw1 on the Left-region, it wins the CIST Root election process and it is elected as a CIST Root over all regions. Switch Sw2 is elected as CIST Regional Root for the Left-Region because it has the best (lowest) external STP Root Path Cost (RPC) to the CIST Root in Right-Region. Switch Sw2 take the IST (MST0) Root Switch role from Sw1 even though its Bridge Id is worse than Sw1. This is because the CIST Regional Root and IST Root have to be on the same switch.
In a stable network, switch Sw3 sets the STP port role to Alternative and mode to Blocking on ports towards switches Sw1 and Sw5. If there is a failure on the link between Sw3 and Sw2, the link to Sw5 will still be an Alternate port but the STP Root port role moves to port towards Sw1. In the situation where the links on Sw3 towards switches Sw1 and Sw2 are down, the port toward Sw5 is moved to STP Root port and it starts forwarding data.
Capture 1-2 shows the BPDU message sent by the switch Sw4 to switch Sw2 in a stable STP state. Root Identifier 0/0/5e:00:00:05:00:00 refers to Right-Region IST STP Root Sw6.
Spanning Tree Protocol
Protocol Identifier: Spanning Tree Protocol (0x0000)
Protocol Version Identifier: Multiple Spanning Tree (3)
BPDU Type: Rapid/Multiple Spanning Tree (0x02)
BPDU flags: 0x7c, Agreement, Forwarding, Learning, Port Role: Designated
Root Identifier: 0 / 0 / 5e:00:00:05:00:00
Root Path Cost: 0
Bridge Identifier: 0 / 0 / 5e:00:00:05:00:00
Port identifier: 0x8002
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Version 1 Length: 0
Version 3 Length: 96
MST Extension
MST Config ID format selector: 0
MST Config name: Right-Region
MST Config revision: 0
MST Config digest: 13d150563ae60e9eae93f51c02c72ac0
CIST Internal Root Path Cost: 20000
CIST Bridge Identifier: 8192 / 0 / 5e:00:00:03:00:00
CIST Remaining hops: 19
MSTID 1, Regional Root Identifier 4096 / 5e:00:00:03:00:00
MSTID 2, Regional Root Identifier 4096 / 5e:00:00:04:00:00
Capture 1-2: MSTP BPDU from Right-Region to Left-Region sent by Sw4 to Sw2.
Conclusion
Inter-Region MSTP topology does not allow VLAN based load balancing between the different Boundary links since the Layer 2 topology is build based on the MSTI0 information. Also, the CIST region Root and MSTI0 Root has to be on the Boundary switch with the lowest RPC to CIST Root. In some failure event such as what was shown in figure 1-10 might lead to suboptimal path selection.
Consideration with MSTP Region - Rapid PVST+ domain Connection
When connecting MST Region to Rapid PVST+/PVST domain there are two rules concerning the location of a CIST Root:
CIST Root in MST Region: STP Priority for VLAN 2 and above has to be higher/worse in all switches in non-MST than the STP Priority of CIST root in MST Region. Note, the VLAN 1 Priority in the non-MST domain in this situation have to be higher/worse than the CIST Root in MSTP Region, otherwise, it is selected as a CIST Root.
CIST Root in the non-MST domain: STP Priority for VLAN 2 and above has to be lower/better than the STP Priority of VLAN 1 (CIST Root) within the non-MST domain. Note, the CIST Root selection process compares only the STP Root switches for VLAN 1 in the non-MSTP domain and MSTI0 Root Switch in MSTP Region.
The first choice is the preferred model since it allows both Boundary links to be in the forwarding state. In addition, it allows VLAN load balancing between the links based on the STP port cost/priority defined in the non-MSTP domain. Load balancing is possible since the MSTP region uses the PVST Simulation mechanism where Boundary switches send the dedicated BPDUs for each regional VLANs to the non-MST domain. All of these BPDUs has a CIST root set to the VLAN specific STP Root.
CIST Root in MST Region
In figure 1-5 Rapid PVST+ domain is connected with two redundant links to the MSTP Region Right-Region. The link cost for VLAN 10 in the link between the switches Sw2 and Sw4 is manually set to 1000 while the link cost for VLAN 20 in the link between the switches Sw3 and Sw5 is manually set to 1000. This way VLAN 10 is active on lower link and VLAN 20 in upper link.
Figure 1-5: Load Balancing between VLANs with connected MST region and the Rapid PVST+ domain.
If the switch Sw1 or any other switch in the non-MST domain has better STP Root priority for any VLAN compared to CIST Root (MST0) priority in MST Region, MST Boundary switches will put the Boundary ports into PVST simulation inconsistency state.
Figure 1-6: PVST Inconsistency
Now the MST0 priority on Sw6 is raised from 0 to 4096 and the STP Priority for VLAN 10 is changed from 12288 to 0 on Sw3. Both switches Sw2 and Sw3 start proposing the switch Sw3 as a new STP Root for VLAN 10 to their MSTP Region neighbor switch Sw4 and Sw5. When the switches Sw4 and Sw5 receives VLAN 10 specific BPDUs from their Boundary ports with better Root Bridge Id than the current CIST Root within MSTP Region, they move ports from the Forwarding state to Blocking state and generates the syslog message shown in example 1-1. The reason for this is that the STP priority change for VLAN 10 in Sw3 violates the first rule.
%SPANTREE-2-PVSTSIM_FAIL: Blocking designated port Gi0/1: Inconsitent superior PVST BPDU received on VLAN 10, claiming root 10:5e00.4002.0000sh spanning-tree mst 0
Example 1-1: Superior BPDU received from Sw2 to Sw4
CIST Root in Rapid PVST+ domain
Figure 1-7 shows the design where the CIST Root is on Sw1 (VLAN 1 with STP Priority 8192) within the Rapid PVST+ (RPVST) domain. This design works fine when the STP priorities of VLAN 2 and above on Sw2 and Sw3 are lower than the STP priority of VLAN 1 on CIST Root switch Sw1. In this stage, the Rapid PVST+ Boundary switches Sw2 and Sw3 sends a separate BPDU packet over Boundary interfaces for VLAN1 (Root with Pri 8192), for VLAN 10 (Root with Pri 4096) and for VLAN 20 (Root with Pri 4096). MSTP Region Boundary switches Sw4 and Sw5 calculates the best path to the CIST Root based on the information received only from the VLAN 1 BPDUs. In addition, Sw4 and Sw5 check the STP Priorities from BPDUs related to VLAN 10 and VLAN 20. As long as these priorities are lower than priority received in VLAN 1 BPDU, one of the Boundary links is kept on forwarding state.
Figure 1-7: CIST Root in the Rapid PVST domain
When the STP Priority for VLAN 20 is raised from the original 4096 to 16385 on Sw2 (which is the current root for VLAN 20), the following events happen:
The next BPDU that Sw2 sends to Sw4 and Sw3 has the new Root Bridge Id 16384/20/mac of Sw2 (capture 1-3).
<snipped>
Root Identifier: 16384 / 20 / 5e:00:80:01:00:00
Root Path Cost: 0
Bridge Identifier: 16384 / 20 / 5e:00:80:01:00:00
Port identifier: 0x8003
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 20
<snipped>
Capture 1-3: MSTP BPDU from Sw2 to Sw4.
This event violates the rule “the STP Priority of VLANs 2 and above has to be lower than STP Priority of VLAN 1 in CIST Root”. Switch Sw4 generates the syslog message (example 1-2) and put the Boundary Port into PVST Inconsistency state.
%SPANTREE-2-PVSTSIM_FAIL: Blocking root port Gi0/1: Inconsitent inferior PVST BPDU received on VLAN 20, claiming root 16404:5e00.8001.0000
Example 1-2: PVST Simulation Fail on Sw4.
Switch Sw3 still use the STP Priority 4096 for VLAN 20 and as soon as it receives the VLAN 20 BPDU, where the Root Bridge Id is “16384/20/mac of Sw2” from the switch Sw2, it ignores it and replies with BPDU with proposal bit set and introducing itself as an STP Root for VLAN 20. Sw2 replies with BPDU with Agreement bit set. Sw2 then starts to advertise Sw3 as a new STP root for VLAN 20 to Sw4 (capture 1-4).
<snipped>
Root Identifier: 4096 / 20 / 5e:00:80:02:00:00
Root Path Cost: 0
Bridge Identifier: 16384 / 20 / 5e:00:80:01:00:00
Port identifier: 0x8003
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 20
<snipped>
Capture 1-4: MSTP BPDU from Sw2 to Sw4.
From the switch Sw4 perspective, this does not violate the rule and it puts the boundary port back to forwarding state as shown in example 1-3. The link outage between the Sw2 and Sw4 in this kind of event is approximately 4 seconds if default STP timer values are used.
%SPANTREE-2-PVSTSIM_OK: PVST Simulation inconsistency cleared on port GigabitEthernet0/1.
Example 1-3: PVST Simulation Ok.
When the STP Priority of VLAN 20 is changed also in Sw3 to 16384, STP Root for VLAN 20 returns to Sw2 because it has a smaller MAC Address. The switch Sw2 starts the new Synchronization process where it once again advertises itself as an STP Root for VLAN 20 to Sw4.
<snipped>
Root Identifier: 16384 / 20 / 5e:00:80:01:00:00
Root Path Cost: 0
Bridge Identifier: 16384 / 20 / 5e:00:80:01:00:00
Port identifier: 0x8003
Message Age: 0
Max Age: 20
Hello Time: 2
Forward Delay: 15
Originating VLAN (PVID): 20
<snipped>
Capture 1-4: MSTP BPDU Sw2 to Sw4.
As a reaction, the switch Sw4 sets the Boundary port into PVST Inconsistency/Blocking state (example 1-4). Now the Rapid PVST+ domain and MSTP Region are disconnected.
%SPANTREE-2-PVSTSIM_FAIL: Blocking root port Gi0/1: Inconsitent inferior PVST BPDU received on VLAN 20, claiming root 16404:5e00.8001.0000
Example 1-4: PVST Simulation fail.
Conclusion
The STP priority for VLAN is significant when the Rapid PVST+ domain and the MST Region are connected. The preferred design model is to place the CIST Root into the MSTP Region since it allows both Boundary links to be in forwarding state and makes it possible to load balance traffic per VLAN. In case that a non-MST domain and an MST Region belong to different companies, it is highly possible that it is not possible to adjust the CIST root location not to mention the tune the VLAN based STP Priorities in a way that the rules specific to selected design can be full filled.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.