Configuring Rapid Spanning Tree Protocol (RSTP)
Rapid Spanning Tree Protocol (RSTP), a standard inter-switch protocol, ensures a loop-free forwarding network topology at Layer 2. This protocol was defined by the IEEE 802.1w standard and is an extension of the 802.1D Spanning Tree Protocol (STP). RSTP is an improvement over STP as it provides faster convergence after a network topology change or failure. RSTP introduces new port roles, and the original five port states of STP are reduced to three.
To build a loop-free topology, switches (bridges) determine the root bridge and compute the port roles. To do this, the bridges use special data frames called Bridge Protocol Data Units (BPDUs) that exchange bridge IDs and root path cost information. BPDUs are exchanged regularly, typically at two second intervals, and enable switches to keep track of network topology changes and to start and stop forwarding on ports as required. Hosts should not send BPDUs to the switch ports and to avoid malfunctioning/malicious hosts from doing so, the switch can filter or block BPDUs. If you enable BPDU filtering on a port, BPDUs received on that port are dropped but other network traffic is forwarded as usual. If you enable BPDU blocking on a port, BPDUs received on that port are dropped and the port is shut down.
Port Roles in RSTP
Root Port (one per bridge): The forwarding port on each bridge which is on the best path to reach the root bridge.
Designated Port: The forwarding port for each LAN segment that leads away from the root bridge.
Alternate Port: An alternative path to the root bridge on a particular LAN segment, which is part of a bridge other than the one that has a designed port for the LAN segment. Alternate port is the second best root port.
Backup port: A backup/redundant port for the segment that already has one designated port. This port leads away from the root port.
Disabled: A port which is manually disabled and is not a part of STP.
Port States in RSTP
Discarding: No data is exchanged over the port.
Learning: Frames are not forwarded, but the MAC address table is populated.
Forwarding: Fully functional.
Switches in RSTP expect a BPDU every 2 seconds (hello time) and if they do not receive a BPDU for 6 seconds (3 hello time intervals), it is considered to be a link failure. This is significantly faster than the STP link failure detection time of 20 seconds, dictated by the max age timer. RSTP can actively confirm if a port can safely be transitioned to the forwarding state without having to rely on the timer mechanism. Ports can be configured as edge ports if they are attached to a LAN that has no other bridges connected to it. Such a port can transition directly to the forwarding state, but it loses the edge port status as soon as it receives a BPDU. RSTP achieves rapid transition to the forwarding state on edge ports and point-to-point links (operating in full-duplex mode) but not on shared links (i.e., ports connected to a shared medium, hence operating in. half-duplex mode)
If network connections form loops and STP is disabled, packets are forwarded indefinitely across the switches, causing degradation of network performance. STP supports limited Layer 2 multipathing and can result in sub-optimal utilization of available network links. Therefore, a fabric of switches does not rely only on RSTP within the boundaries of the network. Pluribus Networks recommends the use of RSTP for ad hoc networks that inter-operate in a heterogeneous, multi-vendor switch environment.
Note: RSTP is enabled on the switch by default.
Before you begin configuring RSTP, view the status of the protocol on the switch by using the command stp-show
CLI (network-admin@Leaf1) > stp-show
switch: Leaf1
enable: yes
stp-mode: rstp
bpdus-bridge-ports: yes
bridge-id: 3a:7f:b1:43:8a:0f
bridge-priority: 32768
hello-time: 2
forwarding-delay: 15
max-age: 20
cluster-mode: master
The cluster-mode of a switch in an STP cluster could be master or slave. The master in an STP cluster is elected on the basis of which node has been up longer. The other node is the slave.
To display the STP state, use the following command:
CLI (network-admin@Leaf1) > stp-state-show
stp-state-show |
Displays the STP state information. |
Specify one or more of the following options to view the information specific to those options. Specifying no parameter will display all the information. |
|
vlan vlan-list |
Specify the VLANs as a list separated by commas. |
port port-list |
Specify the ports as a list separated by commas. |
instance-id instance-id-number |
Specify the STP instance ID. |
name name-string |
Specify the name of the STP instance. |
bridge-id mac-address |
Specify the bridge ID for which the information has to be displayed. |
bridge-priority bridge-priority-number |
Specify the bridge priority number. |
root-id mac-address |
Specify the root ID. |
root-priority root-priority-number |
Specify the STP root priority. |
root-port root-port-number |
Specify the STP root port. |
root-port(peer) root-port(peer)-number |
Specify the root port of the peer. |
hello-time hello-time-number |
Specify the STP hello time between 1s and 10s. The hello time is the time between each bridge protocol data unit (BPDU) that is sent on a port. The default hello time is 2s. |
forwarding-delay forwarding-delay-number |
Specify the STP forwarding delay between 4s and 30s. This is the time interval that is spent in the listening and learning states. Default forwarding delay timer is 15s. |
max-age max-age-number |
Specify the maximum age between 6s and 40s. This is the maximum length of time interval that an STP switch port saves its configuration BPDU information. The default max-age timer is 20s. |
internal|no-internal |
Specify if the STP state is internal or not. |
peer|no-peer |
Specify if the STP state is peer state or not. |
For example: CLI (network-admin@Leaf1) > stp-state-show layout vertical
switch: Leaf1
vlan: 1
ports: none
instance-id: 1
name: stg-default
bridge-id: 66:0e:94:65:e1:ef
bridge-priority: 8193
root-id: 64:0e:94:c0:06:4b
root-priority: 4097
root-port: 128
hello-time: 2
forwarding-delay: 15
max-age: 20
disabled: none
learning: none
forwarding: 25-28,128-129
discarding: none
edge: 25-28
designated: 25-28,129
alternate: none
backup: none
The STP information pertaining to the ports can be displayed by using the command stp-port-show.
CLI (network-admin@Leaf1) > stp-port-show
stp-port-show |
Displays the STP port information. |
Specify one or more of the following options to view the information specific to those options. Specifying no parameter will display all the information. |
|
port port-list |
Specify the ports as a list separated by commas. |
block|no-block |
Specify if BPDU blocking is enabled on the ports or not. |
filter|no-filter |
Specify if BPDU filtering is enabled on the port or not. |
edge|no-edge |
Specify if the ports are edge ports or non-edge ports. |
bpdu-guard|no-bpdu-guard |
Specify if BPDU guard is configured on the ports or not. |
root-guard|no-root-guard |
Specify if root guard is configured on the ports or not. |
priority 0..240 |
Specify the priority as a value between 0 and 240. |
cost 1..200000000 |
Specify the port cost as a value between 1 and 200000000. |
The STP state at the port level can be viewed using the command:
CLI (network-admin@Leaf1) > stp-port-state-show
stp-port-state-show |
Display STP information at the port level. |
Specify one or more of the following options to view the information specific to those options. Specifying none will display the information for all the parameters below. |
|
vlan vlan-list |
Specify the VLANs as a list separated by commas. |
port port-list |
Specify the ports as a list separated by commas. |
stp-state Disabled|Discarding|Learning|Forwarding |
Specify one among the options as the STP state. |
role Disabled|Root|Designated|Alternate|Backup |
Specify one among the options as the port role. |
selected-role Disabled|Root|Designated|Alternate|Backup |
Specify one among the options as the selected role. |
state new-info|proposing|proposed|agreed|agreed|learn|learning|forward|forwarding|reselect|selected|reroot|rcvd-bpdu|rcvd-msg|rcvd-tc|rcvd-tc-ack|send-rstp|tc-prop|tc-ack|update-info|sync|synced|disputed|fdb-flush|online|looping|manual-online|edge|vlag-local-up|vlag-remote-up|requested-online|first-sync|p-is-d|p-is-m|root-guard-active |
Specify one among the options as the port state machine state. |
designated-priority designated-priority-string |
Specify the designated priority vector. |
port-priority port-priority-string |
Specify the port priority vector. |
message-priority message-priority-string |
Specify the message priority vector. |
info-is disabled|received|mine|aged |
Specify the origin of port information. |
designated-times designated-times-string |
Specify the designated times: age, max age, hello, and forward delay |
port-times port-times-string |
Specify the port times: age, max age, hello, and forward delay |
message-times message-times-string |
Specify the message times: age, max age, hello, and forward delay |
hello-timer hello-timer-number |
Specify the STP hello time between 1s and 10s. The hello time is the time between each Bridge Protocol Data Unit (BPDU) that is sent on a port. The default hello time is 2s. |
topology-timer topology-timer-number |
Specify the topology change timer value. |
forward-timer forward-timer-number |
Specify the STP forwarding delay between 4s and 30s. This is the time interval that is spent in the listening and learning states. The default forwarding delay time is 15s. |
rcvd-info-timer rcvd-info-timer-number |
Specify the received info timer value. |
recent-root-timer recent-root-timer-number |
Specify the recent root timer value. |
recent-backup-timer recent-backup-timer-number |
Specify the recent backup timer value. |
edge-delay-timer edge-delay-timer-number |
Specify the edge delay timer value. |
migration-timer migration-timer-number |
Specify the migration delay timer value. |
root-guard-timer root-guard-timer-number |
Specify the root guard BPDU delay timer value. |
sm-table-bits sm-table-bits-number |
Specify the state machine table state. |
sm-table sm-table-string |
Specify the state machine table description. |
vlag-peer-port vlag-peer-port-number |
Specify the VLAG peer port if active-active. |
peer|no-peer |
Specify the STP peer state. |
RSTP can be configured using the command stp-modify.
CLI (network-admin@switch1) > stp-modify
stp-modify |
Modify the Spanning Tree Protocol parameters. |
Specify one or more of the following options: |
|
enable|disable |
Specify to enable or disable STP |
stp-mode rstp|mstp |
Specify the STP mode as RSTP or MSTP. |
bpdus-bridge-ports|bpdus-all-ports |
Specify to send BPDUs only on switch ports or on all ports. |
bridge-id mac-address |
Specify the STP bridge ID. The first part of the bridge ID is a 2-byte bridge priority field (which can be configured) while the second part is the 6-byte MAC address of the switch. |
bridge-priority 0..61440 |
Specify the STP bridge priority in multiples of 4096. The default value is 32768. |
hello-time 1..10 |
Specify the STP hello time between 1s and 10s. The hello time is the time between each BPDU that is sent on a port. The default value is 2s. |
forwarding-delay 4..30 |
Specify the STP forwarding delay between 4s and 30s. The forwarding delay is the time that is spent in the listening and learning states. The default forwarding delay is 15s. |
max-age 6..40 |
Specify the max age time between 6s and 40s. The max age timer defines the maximum time for which a switchport stores config BPDU information. The default value is 20s. If a config BPDU does not arrive at a port for 20s (default), the switch detects a link failure and takes action to restore connectivity through the backup links. |
mst-max-hops 1..32 |
Specify the maximum hop count for MSTP BPDU. The default value is 20. |
mst-config-name mst-config-name-string |
Specify the name for MST configuration instance. |
mst-config-revision mst-config-revision-number |
Specify the MST configuration revision number. Enter a value between 0 and 65535. |
root-guard-wait-time 0..300 |
Specify the root guard wait time between 0s and 300s. The default value is 20. Specify the value as 0 to disable wait. |
Note: Hello time, forwarding delay, and max age timers are not used by RSTP but are relevant to STP.
Netvisor ONE optimizes RSTP by not sending BPDUs on any ports except on inter-switch link-ports by default. However, if you do not configure Link Layer Discovery Protocol (LLDP), Netvisor does not detect host ports (i.e., ports directly connected to end devices) or send BPDU packets. As a result, both ports are in Forwarding state.
When you add the parameter bpdus-all-ports to the stp-modify command, it allows sending BPDUs on all ports even if hosts are not detected, unless the port is configured as an edge port. On a switch with a port connected to itself with this configuration, one of the ports goes into discarding state.
For example, to send BPDUs only on switch ports, use the command:
CLI (network-admin@switch1) > stp-modify bpdus-bridge-ports
To send BPDUs on all ports, use the command:
CLI (network-admin@switch1) > stp-modify bpdus-all-ports
STP ports can be configured using the command:
CLI (network-admin@Leaf1) > stp-port-modify
stp-port-modify |
Displays the STP port information. |
port port-list |
Specify the ports as a list separated by commas. |
Specify one or more of the following options: |
|
block|no-block |
Specify if BPDU blocking is to be enabled on the ports or not. |
filter|no-filter |
Specify if BPDU filtering is to be enabled on the port or not. |
edge|no-edge |
Specify if the ports are to be configured as edge ports or non-edge ports. |
bpdu-guard|no-bpdu-guard |
Specify if BPDU guard is to be configured on the ports or not. |
root-guard|no-root-guard |
Specify if root guard is to be configured on the ports or not. |
priority 0..240 |
Specify the priority as a value between 0 and 240. |
cost 1..200000000 |
Specify the port cost as a value between 1 and 200000000. |
For example: To filter BPDUs on port 17, use the following command:
CLI (network-admin@Leaf1) > stp-port-modify port 17 filter
To block BPDUs on port 17 and shut down the port if BPDUs are received on the port, use the following command:
CLI (network-admin@Leaf1) > stp-port-modify port 17 block
To stop blocking BPDUs on port 17, use the following command:
CLI (network-admin@Leaf1) > stp-port-modify port 17 no-block
Edge ports are the ports on a switch that connect to workstations or computers. An edge port does not take part in spanning tree calculations and therefore, port flapping on edge ports does cause topology changes. BPDUs are not sent on edge ports and they can quickly transition from disabled mode to forwarding mode.
To configure a port as an edge port, use the command:
CLI (network-admin@Leaf1) > stp-port-modify port 17 edge
Note: You can disable STP on a port or a group of ports. If the devices connected to the switch ports are hosts and not downstream switches, or you know that a loop is not possible, disable STP to enable the port much faster when the switch restarts.
To view STP events on a switch, the command stp-port-event-show command is used. This command displays the port states as specified by the timing parameters.
CLI (network-admin@Leaf1) > stp-port-event-show
stp-port-event-show |
Displays information about STP port events. |
port port-list |
Specify the ports as a list separated by commas. |
Specify one or more of the following options: |
|
time date/time: yyyy-mm-ddTHH:mm:ss |
Specify the time to start statistics collections. |
start-time date/time: yyyy-mm-ddTHH:mm:ss |
Specify the start time of statistics collection. |
end-time date/time: yyyy-mm-ddTHH:mm:ss |
Specify the end time of statistics collection. |
duration duration: #d#h#m#s |
Specify the duration of statistics collection. |
interval duration: #d#h#m#s |
Specify the interval between statistics collection. |
older-than duration: #d#h#m#s |
Specify the time older than which the statistics has to be displayed. |
within-last duration: #d#h#m#s |
Display statistics within last specified duration. |
port port-number |
Specify the port number. |
vlan vlan-list |
Specify the list of VLANs. |
instance instance-number |
Specify the STP instance number. |
count count-number |
Specify the number of STP port events. |
initial-state Disabled|Discarding|Learning|Forwarding |
Specify the initial state as one among the options. |
other-state Disabled|Discarding|Learning|Forwarding |
Specify the other state as one among the options. |
final-state Disabled|Discarding|Learning|Forwarding |
Specify the final state as one among the options. |
For example:
CLI (network-admin@Leaf1) > stp-port-event-show
switch time port vlan instance count initial-state other-state final-state
------------- -------- ---- ---- -------- ----- ------------- ----------- -----------
Leaf1 20:36:39 121 1 0 1 Forwarding Disabled Disabled
Leaf1 20:38:05 17 1 0 4 Disabled Disabled Forwarding
Leaf1 20:40:04 17 1 0 1 Forwarding Disabled Disabled