Understanding STP Ports States

June 19, 2013
Hello! Frens, here is another article about STP, in this article I try to explain switch port status and how we  recognize ports status as well as Root ID and Bridge ID, What MAC address STP take to elect the Root Bridge. Hope this article is useful to understand Spanning Tree Protocol and at last I try to explain why we need RSTP. I'll post another article about RSTP in coming days.

As I already explain in my previous article about STP Root Bridge election, now we can see S1 have lowest MAC address wins the Root Bridge, let’s verified and check the status of the switches ports.
Look at the picture above we can see, from the VLAN001, which have Root ID and Bridge ID, Root ID have all information about the Root Bridge, that mean S2 knows that is the Root Bridge and out port is Fa1/1, which is Root Port and directly connected to the RB. Root Bridge has priority of 32769, MAC is 000D.BD2D.6BD9, and cost is 19 to reach the Root.

Bridge ID is information about the S2, itself, this is what switch2 is. Where normal priority 32768 plus the VLAN number 1, S2 own MAC address is 0030.F24E.C5A1.

Look out to the interface, Fa1/1 which is Root and its status is forwarded, its directly connected to the RB, Fa2/1 is connected to the PC which is not participating to STP and Fa0/1 is connected to S0, this one also on forwarding state.

Let’s look out the S1 and check the status.
From the picture, output of the S1, On Root ID information VLAN001, priority 32769, MAC Address 000D.BD2D.6BD9, This bridge is root, so you can see that Root ID and Bridge ID information is the same because this is the Root Bridge for this network. All of its port is designated and forwarding state. Root always have all its ports in designated none of its port in block state.
Now look at the S0 information, in S0 you can see Fa0/1 is Root and its directly connected and forwarding state. Fa1/1 is in blocking state because it has the highest MAC address and its prevent the loop in the network.
From the topology form the picture, now we are going to change the root, we just make S2 a root bridge, lets see the status of the S2.
Command to change STP root bridge, you can see on above screeshots.
swtich#conf t
switch(config)#spanning-tree vlan 1 root primary
switch(config)#end
switch#show spanning-tree 

All its ports became designated, this bridge is root. After changing state S2 became the root now S0 have worst MAC address, so S0 fa0/1 is on blocking state. Take a look on priority, its change to lower to 24577, which is increment of 4096. This is the basic configuration of Spanning tree.

Now consider this scenario, the primary link is down, how long STP take to bring back secondary link online, how long it take time to change the route? Your phone is ringing; all asking what is going on? Why the link is down, what is going on?
This is happen because STP is created in long time ago, when no one care 30 to 60s downtime in the network, now the situation is change, a second downtime is not expected by the people.

We can analyze cisco switch, whenever you plug your cisco switch, you can see Amber led blinking, this is STP, by default Cisco Switch have STP enable. When its power on, switch is on Listening state for 15s, than its goes 15s for learning then forwarding and if switch goes for Blocking state, it still goes down for 20s, that is because its wait if primary link back online. We have 50s network outage to find out our primary link is down. This is not acceptable for today’s network. That’s why RSTP is handy for today's network.  





Tags # cisco # network Continue Reading
By at
Tags ,

Script for mikrotik router

June 13, 2013
Here is some script of Mikrotik router to add IP address and make queue list on top.

Adding such a huge IP Address one by one is very difficult and time consuming task. So here a script to add IP Address in Mikrotik router.

Tested on MT OS verson 5.x

 Make sure you already open the MT with Winbox, in my case I already done.
Click on System Menu on the left and choose Script from popup menu, see below


Now on Script list window. click Plus(+), then copy paste below script on source field. Like in picture

:for i from=2 to=51 do={/queue simple add name="192.168.20.$i" target-address="192.168.20.$i/32" max-limit="64000/128000" parent=Night-User time=19h-7h,sun,mon,tue,wed,thu,fri}

(Modified it with our requirement)



To view the queue list, which we have just add Click on Queues on the left pane, you can see look like this.


This Script make your queue list at top of the list. 

/queue simple move [find name=(you-name)] 0



Tags # mikrotik # network Continue Reading
By at
Tags ,

Per VLAN Spanning Tree

June 03, 2013

All modern Cisco switch support PVST. As name indicates what per VLAN Spanning Tree does is add a VLAN number to the priority of the BPDU headers. e.g., the default priority is 32768; if you run VLAN 10 on your switch then new priority would be 32778. The result of this is you have one Root Bridge per VLAN. If your network has multiple VLAN then you have multiple Root Bridge per VLAN. In that case if you don't change anything, by default same switch will elected as Root Bridge for every single VLAN number.


From the diagram above we have VLAN 10 and 20 running on Switches which are trunked each other. We have two VLAN here that means we have two completely separate network of Spanning Tree running. Now the trunk link has run both VLAN 10 & 20. We already discuss by default priority is 32678, and then new priority would be 326778 for VLAN 10 and 32688 for VLAN 20. If that so then it’s all tied and VLAN 10 only communicate with VLAN 10 and VLAN 20 only Communicated its instance. They would end up with electing same switch for Root Bridge for both VLANs. Let’s see above topology switch4 wins the Root Bridge, it’s may have the lowest mac address and block switch1 port Fa1/1. This will block upper side of the network. That would be the primary link if we left all by default. So if we tuned the priority then Switch1 wins Root for VLAN 20 and Switch3 for VLAN 10. Now we have two separate Root Bridges.


Let's see on the topology if a VLAN 10 packet wants to traverse then it use switch3 path and VLAN 20 user Switch1 path. Because Switch3 block one port for VLAN 20 and Switch1 block for VLAN 10. That means VLAN 10 traffics doesn't goes through Switch1 and VLAN 20 traffic doesn't goes through Switch3.This could load balance effectively.  
Tags # cisco # network Continue Reading
By at
Tags ,

Spanning Tree Electing Root Bridge

June 02, 2013
Per-VLAN Spanning Tree Concepts

Let’s began with how Spanning tree work in enterprise network. From the figure we can identified who will be the root bridge and config to choose who will be the root bridge in our network.

Let’s start with default state of Spanning tree. A real world Spanning tree example. We have 3 tiered network structure of enterprise network. Top of Switch is Access, which is directly connected with the user and middle is Distribution then core switch, at bottom server FARM switches. We don't change anything priority and mac address are the same; now guess who will be the Root Bridge.

Obviously switch0, because it has the lowest mac address. That access layer switch became the Root Bridge. Now do we want that switch became Root Bridge in our network? No we didn't want it to be Root Bridge. That isn't the center of the network.


Remember that all switch finds best way to reach Root Bridge and block all other redundant links. Switches think that's the center of the network. Now switches are selecting their root port with the lowest cost path to reach the Root Bridge.

Switch2 directly connected port became Root Port because it has 100M link with cost 19. Just like Switch2, Switch3, Switch4 and other also elect Root Port. Block all other port left over. 

Okay let’s remove block port and see the network. That's the real topology of the switch look like. Take a look at this, the problem is what links got block. e.g the major link of distribution(Switch3 to Swtich2) link has been cut off as well as core switch(Switch4 to Swtich2) also cutoff, that’s what we really don't want.


Distribution Switch have a flood of traffic which is forwarded to the Root Bride, the limit of network congestion, that access switch might be low performance with lower quality like Catlyst 2900xl. It may have 100M links with definitely can't handle so much traffic coming from the distribution switch. This could be bottle-necking of the entire network. All is working fine, switch led are blinking green but user feels slow because congestion of the link. A tone of traffic is coming from the distribution switch which causes Root Bridge crashing. That could happen complete network down for 10 to 30 or more. This could depend on how big the network is? That happen because bad Root Bridge has been elected, then what switch had to be the Root Bridge.

The answer is, Core Switchs in the network should be the Root Bridge. So everybody finds the best way to reach the Root Bridge and block other redundant link. That’s the good way to configure the Spanning tree. Make sure you change the priority to lower, so the Core switch can wins the Root Bridge election, don't let mac address break the tie between the switches.

Tags # cisco # network Continue Reading
By at
Tags ,