Your SlideShare is downloading. ×
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
LiveAction Spanning Tree Protocol (STP) Application Note
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

LiveAction Spanning Tree Protocol (STP) Application Note

555

Published on

Spanning Tree Protocol (STP) is a mechanism which provides loop-free paths within a pure layer 2 topology. STP allows for link redundancy by temporarily blocking ports in order to have a single path. …

Spanning Tree Protocol (STP) is a mechanism which provides loop-free paths within a pure layer 2 topology. STP allows for link redundancy by temporarily blocking ports in order to have a single path. Upon the detection of a link, or port failure, STP will re-converge to leverage the other unused port. This prevents broadcast storms and the duplication of packets from floating around in the network endlessly. There are multiple flavors of STP, each with their own features and nuances, which includes: Per VLAN Spanning Tree Protocol Plus (PVST+), Rapid Per VLAN Spanning Tree Protocol Plus (Rapid PVST+), and Multiple Spanning Tree Protocol (MSTP).

With LiveAction 2.6 and greater, users have higher levels of situational awareness and visibility on their switched network infrastructure by providing a topological representation of each Spanning Tree instance, as well as providing alerts on the transitioning port state events. This helps network administrators to act quickly and identify the insertion of rogue and/or misconfigured switches promptly. Similarly, the STP path representation can be used to identify suboptimal layer 2 paths in a switched network. This application note provides instructions on enabling the STP functionality within LiveAction and will cover the aforementioned use case.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
555
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
18
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. LiveAction Application NoteSpanning Tree Protocol (STP)Using LiveAction to monitor PVST+, Rapid PVST+, and MSTPJanuary 2013 http://www.actionpacked.com
  • 2. Table of Contents1. Introduction .......................................................................................................................... 12. Understanding STP ........................................................................................................... 23. Configuring Spanning Tree Support for LiveAction ........................................................ 34. Spanning Tree Topology View ......................................................................................... 45. Spanning Tree Alerts ........................................................................................................ 66. Spanning Tree State Report ............................................................................................. 87. Spanning Tree Use Case Scenario: Identifying Rogue Switches .................................... 9
  • 3. 1. IntroductionSpanning Tree Protocol (STP) is a mechanism which provides loop-free paths within a pure layer 2 topology. STP allows forlink redundancy by temporarily blocking ports in order to have a single path. Upon the detection of a link, or port failure,STP will re-converge to leverage the other unused port. This prevents broadcast storms and the duplication of packets fromfloating around in the network endlessly. There are multiple flavors of STP, each with their own features and nuances,which includes: Per VLAN Spanning Tree Protocol Plus (PVST+), Rapid Per VLAN Spanning Tree Protocol Plus (RapidPVST+), and Multiple Spanning Tree Protocol (MSTP).With LiveAction 2.6 and greater, users have higher levels of situational awareness and visibility on their switched networkinfrastructure by providing a topological representation of each Spanning Tree instance, as well as providing alerts on thetransitioning port state events. This helps network administrators to act quickly and identify the insertion of rogue and/ormisconfigured switches promptly. Similarly, the STP path representation can be used to identify suboptimal layer 2 paths ina switched network. This application note provides instructions on enabling the STP functionality within LiveAction and willcover the aforementioned use case. http://www.actionpacked.com 1
  • 4. 2. Understanding STPSTP uses the terminology of “bridges” to represent layer 2 devices in the topology. With Cisco’s implementation of PVST+and Rapid PVST+, each VLAN in the network represents one STP instance. This allows the user to select the layer 2 pathbased on the VLAN ID, and is generally used for load-balancing. The open standard MSTP version (IEEE 802.1s) uses asimilar technique but requires the user to define MSTP instances and assign multiple VLANs to each instance.Since layer 2 frames do not have a loop prevention mechanism – like TTL values for layer 3 packets – it is important toensure that only one path exists within the STP instance. The STP algorithm achieves this by designating a single switch asthe Root Bridge. The Root Bridge is the switch with the lowest STP priority value in the switch topology, and determinesthe overall path within the network. Each switch port then assumes a specific role – which dictates whether or not it willbe forwarding or blocking – in the STP instance. The common port roles are: Root Port (RP), Designated Port (DP), andNon-Designated Port (NDP). RPs and DPs are always forwarding, while NDPs are considered to be blocking. The followingdiagrams show two different layer 2 STP instances, and how the Root Bridge position affects traffic flow between theswitches: http://www.actionpacked.com 2
  • 5. 3. Configuring Spanning Tree Support for LiveActionIn order to provide detailed information regarding all of the available spanning tree instances in LiveAction, the followingIOS configurations must be enabled. This only applies to devices which use SNMPv3. SNMPv2 works with noconfigurations required.Given the following SNMPv3 configurations (please note the “show run” command suppresses the SNMP userconfiguration):L2c2960SCOPE-AS-153#show run | in snmpsnmp-server group READONLY v3 privL2c2960SCOPE-AS-153#show snmp user userUser name: userEngine ID: 8000000903002C36F8843F81storage-type: nonvolatile activeAuthentication Protocol: SHAPrivacy Protocol: AES128Group-name: READONLYWe simply add the line:snmp-server group READONLY v3 priv context vlan- match prefixNo other changes are required. We are only adding the ability to read VLAN context on the configured SNMPv3 group. Theresulting SNMPv3 configuration would be as follows:L2c2960SCOPE-AS-153#show run | in snmpsnmp-server group READONLY v3 privsnmp-server group READONLY v3 priv context vlan- match prefixIt is important to note that no changes were made to the existing user account; however, in order to view the STP data,LiveAction must use a user within the contextually aware SNMPv3 group to manage the switches. http://www.actionpacked.com 3
  • 6. 4. Spanning Tree Topology ViewThe main benefit of using LiveAction, within the context of a layer 2 focused infrastructure, is that each STP instance can beeasily visualized. This greatly aids in troubleshooting performance and connectivity issues within the local area network.With VLAN 10, we can clearly see L2c3560SCOPE-DS-150 as our root bridge. Hovering over any of the switches displaysmore information, similar to what we would find in the IOS CLI. http://www.actionpacked.com 4
  • 7. By changing the LAN tab selector to the desired VLAN, it is possible to see various STP instance configurations.Hovering over a non-root bridge device shows us which ports are blocked, reducing the need to hop into each switch inorder to run the “show spanning-tree vlan x” command. The current configuration is placed in front of you in an easy toread format.As an added benefit, LiveAction is able to properly identify MSTP configurations and has the exact same workflow as theother STP variations. Utilizing the drop down selector for the VLANs in the same MSTP instance will yield the exact samedata. There are no extra configurations required to make MSTP work. http://www.actionpacked.com 5
  • 8. 5. Spanning Tree AlertsA stable STP instance is one where the port states remain fairly static. Changes to port states indicate some form ofnetwork change and can cause STP to reconverge. Depending on the implemented protocol, the convergence time can takeupwards of 45 seconds, causing temporary outages and data loss for critical network services. As part of LiveAction’s highvisibility features, an alerting system has been implemented to notify users of any changes in the STP topology. To accessthis functionality, select Tools > Configure Alerts, and access the LAN Triggers tab.The result, upon changing the priority of the root bridge, shows a fairly verbose output of the LiveAction’s alerting systemduring a topology change. For PVST+, it is also possible to see the LEARNING and LISTENING transition states in thetopology, indicated by a yellow arrow. For all intents and purposes these transition states are still considered to beBLOCKING, but can give the administrator a visual cue on STP convergence in the network. In order to simplify the alerts,only FORWARD and BLOCK states will be noted. http://www.actionpacked.com 6
  • 9. Since the real-time alert system will only display the last 100 alerts, we can leverage the “Historical search” feature to siftthrough these events for further analysis. The Historical Alerts is accessible through the In-Application Alerts window. http://www.actionpacked.com 7
  • 10. 6. Spanning Tree State ReportLiveAction’s Spanning Tree State Report allows the user the ability to see the STP configuration at any point in time. This isparticularly useful when troubleshooting the addition and modification of switches in the network. Another potential usecase for this report is also for the planning phase of a network design process, as it focuses on key STP information, as wellas the connected device and interface. To access the report, select Reporting > LAN > Reports, and use the SpanningTree State Report. Here we see the VLAN 10 and VLAN 20 settings for the device, L2c3560SCOPE-DS-150:Another option is to view all of the devices in the topology, to get a holistic view of the selected VLAN. This benefitsgreatly from a configuration management perspective and is comparable to running a combination of “show spanning-treevlan 20” and “show cdp neighbors” command on ALL of your switches. http://www.actionpacked.com 8
  • 11. 7. Spanning Tree Use Case Scenario: Identifying Rogue SwitchesOne of the ways we can spot the inclusion of rogue switches into the network is through the LAN Topology View. Byselecting the “Show Spanning Tree” option, we clearly see another connection hanging off of L2c2960SCOPE-AS-152.Because the interface connected to this new switch is not in our topology, as an added interface, we see a stray arrowpointing out to the middle of nowhere.Hovering over the Bridge ID icon shows a tooltip with the same information. It looks like the added switch is alsoassuming the role as the root bridge, because of its low bridge priority value (10). The converged topology now seems tobe using a suboptimal layer 2 path. For example, in order for a workstation connected to L2c2960SCOPE-AS-153 to reach aserver on L2c3560SCOPE-DS-151, the traversed path would be:L2c2960SCOPE-AS-153  L2c3560SCOPE-DS-150  L2c2960SCOPE-AS-152  L2c3560SCOPE-DS-151 http://www.actionpacked.com 9
  • 12. In order to further investigate this device, the Spanning Tree State Report is executed for VLAN10. We see that none of theswitches in the topology are currently configured as the Root Bridge and a stray entry has been added, which points to therogue switch. It seems like it is connected to Fa0/8 on L2c2960SCOPE-AS-152. LiveAction will not display the connecteddevice’s name under the Spanning Tree State Report unless it is a configured device. To view the actual device name, wecan double-click the device in question in order to enter the LAN Device View.It looks like the culprit is another Cisco switch with the name “sc-switch”! It might be possible that the device was justmisconfigured with the wrong priority, but having LiveAction enables us to quickly visualize the error and conduct thenecessary remediation steps. Similarly, identifying rogue devices helps us initiate incident response at a much faster rate.Copyright © 2013 ActionPacked! Networks. All rights reserved. ActionPacked!, the ActionPacked! logo and LiveAction aretrademarks of ActionPacked! Networks. Other company and product names are the trademarks of their respectivecompanies.ActionPacked! Networks155 Kapalulu Place, Suite 222Honolulu, HI 96819 http://www.actionpacked.com 10

×