110 likes | 218 Views
Switching and Bridging. The Technology Firm info@thetechfirm.com. Is Spanning Tree Turned On?. Let’s turn on our protocol analyzer and capture a BPDU packet. This can be done from any switch port in your environment. No port spanning or mirroring required. Information.
E N D
Switching and Bridging The Technology Firm info@thetechfirm.com
Is Spanning Tree Turned On? • Let’s turn on our protocol analyzer and capture a BPDU packet. • This can be done from any switch port in your environment. No port spanning or mirroring required.
Information • Now that we found a BPDU packet, what do we know? • Since the Priority is set to 8000 (HEX), one can safely assume that this network was designed using the vendor’s default. • The problem with this is that you should need all your switches’ MAC address to determine where your root bridge is. Of course very few people have this information available. • The location of your root bridge is critical since the stability of this device, or the path to the root bridge can cause a 30 to 50 second outage. Every time the root Bridge disappears you get a outage. • Some devices do not get along with the spanning tree algorithm when booting up due to the initial Blocking Mode of the port. • You can determine which vendors’ equipment is the root bridge by visiting the IEEE OUI and Company_Id Assignments and search for the first 6 characters of the Root Mac Address. • http://standards.ieee.org/regauth/oui/index.html
Search for MAC Address • 00-50-2A (hex) CISCO SYSTEMS, INC. 00502A (base 16) CISCO SYSTEMS, INC. M/S SJA-2 170 W. TASMAN DRIVE SAN JOSE CA 95134-1706 • After our search, we found that the root bridge is a CISCO. So hopefully we expect a CISCO switch. Hopefully this CISCO is located on a stable switch somewhere on our Core Network that does not experience much change.
Configuration Nightmare • Very few people understand that by having spanning tree set to default values, one of two situations may occur; • Another switch with the same priority, but lower MAC may be introduced, causing an outage. • Another switch with a lower priority, may be introduced, causing an outage. I have seen this situation with a ‘demo’ switch in a customer lab or wireless Ethernet Bridges. • If you have found that you have Spanning Tree enabled, you may investigate different spanning tree commands (I.e. BackboneFast, PortFast, UplinkFast, or FastLearn). • When your root bridge disappears, the network is basically down for a certain amount of time. This is regardless of how many redundant power supplies and paths you have in your network.
TIPS • The most effective method to control the location of your root bridge is to configure your desired root bridge’s Priority to a value lower than 8000. Some vendor’s will actually have commands like ‘set root bridge’ that will basically set the priority to low values. • When setting a root bridge, select a backup bridge. That is one with a value greater than the root, but lower than the default [8000, in this case]. • Take the time to design your spanning tree, or the defaults will design it for you. • Some devices expect to immediately transmit data as soon as the link is physically up which presents challenges if Spanning Tree is enabled. • Be careful with applications that utilize keep alive or other unacknowledged protocols since you may experience Unicast storms. • You should periodically review your Spanning Tree Topology.
Reality Check • As yourself, ‘What does spanning tree do for me?’ • Spanning Tree’s main purpose is to prevent loops. I have spoken to many people who did not know they had spanning tree enabled, did not know why they needed it and the most scariest part, ‘thought it was OK to keep it enabled, just in case’. In case of what?? • If you do not have multiple paths, most likely you do not need spanning tree enabled. • If you have nodes connected to switches, these ports do not need spanning tree enabled.
Workstation Workstation Workstation Workstation What are we doing ?? • We are going around an implementation merry go round controlled by confusion and lack of network understanding... HUB HUB • 200 node Broadcast domain • Physical level error propagated • IMPLEMENT A BRIDGE 100 clients 100 clients HUB HUB • 200 node Broadcast domain • Too many broadcasts • IMPLEMENT A ROUTER BRIDGE 100 clients 100 clients
Workstation Workstation Workstation Workstation What are we doing ?? HUB HUB • 100 node Broadcast domain • Too SLOW • Implement a collapsed switch ROUTER 100 clients 100 clients SWITCH SWITCH • 200 node Broadcast domain • Too many broadcasts • IMPLEMENT VLANS 100 clients 100 clients
Workstation Workstation Workstation Workstation What are we doing ?? SWITCH - VLAN A SWITCH - VLAN B • 100 node Broadcast domain • Too SLOW • Implement Reporting Tools ROUTER 100 clients 100 clients SWITCH - VLAN A SWITCH - VLAN B • Buy Rmon probes • Enable SNMP/Rmon on Devices • Install Reporting Software with Database backends ROUTER 100 clients 100 clients RMON? SNMP? Probes? ANALYZERS?