感兴趣的同学可以到本页最后直接下载附件word原版.~~~~高清大图~~~呵呵.
MSTP中端口的角色:
在 MSTP的计算过程中,端口的角色有指定端口、根端口、Master端口、Alternate端口、Backup端口等。
■RP,根端口是负责向树根方向转发数据的端口;
■DP,指定端口是负责向下游网段或交换机转发数据的端口;
■Master端口位于整个域到总根的最短路径上,它是连接域到总根的端口; (实际上,我自己的理解应该说是整个域的域内IST的根桥到总根桥最小cost耗费的路径接口).
■Alternate端口不仅仅是 Master端口的备份端口,也是域内根端口的备份端口。如果 Master端口被阻塞后,Alternate端口将成为新的 Master端口;
当同一台交换机的两个端口互相连接时就存在一个环路,此时交换机会将其中一个端口阻塞,Backup端口是被阻塞的那个端口。
Instance 0 对于MSTP的意义:
MSTP的实例0具有特殊的作用,称为CIST(Common Internal Spanning Tree),即公共与内部生成树,其他的实例称为MSTI(Multiple Spanning Tree Instance),即多生成树实例。CIST由通过STP/RSTP计算得到的单生成树和MSTP计算得到的域组成,是为了保证在所有桥接的局域网是简单的和全连接的。CST(Common Spanning Tree)是STP/RSTP也是MSTP计算出的用于连接MST域的单生成树。IST(Internal Spanning Tree)是在一个给定的MST域内由CIST提供的连通性。如图 1 MSTP基本概念示意图所示,如果把每个MST域看作是一个“交换机”,CST就是这些“交换机”通过STP/RSTP或者MSTP协议计算生成的一棵生成树。IST是CIST在MST域内的片段,是一个特殊的多生成树实例。
总根和域根
与STP和RSTP相比,MSTP中引入了总根和域根的概念。总根是一个全局概念,对于所有互连的运行STP/RSTP/MSTP的交换机只能有一个总根,也即是CIST的根;而域根是一个局部概念,是相对于某个域的某个实例而言的。
CIST生成树的计算
网络中的设备发送接受BPDU报文,在经过比较配置消息后,在整个网络中选择一个优先级最高的交换机作为CIST的树根。在每个MST域内MSTP通过计算生成IST;同时MSTP将每个MST域作为单台交换机对待,通过计算在MST域间生成CST。如前所述,CST和IST构成了整个交换机网络的CIST。
1, 实验拓扑图:
2, 实验原理和步骤:
在拓扑图中,有三个区域,分别是区域A,B,C,每个区域有两个Instance, 0和1,0是除1以外所有的的VLAN映射.
第一部分,会说明三个域内的选举,然后再说域间的选举.
在区域内选举根桥,DP, RP等的时候遵循下列原则:
1, 首先进行比较每个交换机的桥ID, 桥ID= priority+设备的MAC地址. 首先比较priority,交换机的默认优先级为32768, 越小越优先,如果桥ID不进行设置,那么就比较交换机的MAC地址,越小越优先. 最后优先级最小或者是优先级一样MAC地址最小的选举为根桥.
2, 第二是比较链路的cost,
3, 比较sender ID. sender ID=priority(默认32768)+ 设备的MAC地址.
哪个小,那么剩下的那个sender的非Root port的端口会被block掉.
4, 如果sender ID也一样,(这种情况只会发生在两台交换机中间用两根链路进行组环连接),那么每个交换机的端口还有端口优先级. 同样,越小越优先。
对于上面的选举原则,下面会用Region A和Region B来进行解释:
Region A Internal election:
上面是区域A的情况,对于Instance 1来说,在区域A里面, 设计原则是:Switch-1是根桥,switch-3的port 0/0/22被block掉。
就这个需求,需要在交换机switch-1上面,配置下面的参数:
spanning-tree mst configuration
region-name A
revision-level 1
instance 1 vlan 200-300
exit
spanning-tree mst instance 0 priority 4096
spanning-tree mst instance 1 priority 4096
spanning-tree enable
在交换机switch-1上面,Instance1的优先级修改为4096,而其他两个交换机的桥优先级是默认的32768没有进行修改,所以,switch-1选举为Region A的根桥.
从下面交换机2和3上面show的结果可以看到,switch-1是根桥:
截图中高亮部分是switch-1的系统mac地址:0001.7a58.f2d0.
根桥选举好以后,接下来比较的是链路cost。
Switch-2到switch-1(根桥)的cost是20000(1000M链路),而switch-3到switch-1的cost一样,也是1000M链路,cost为2W.
接下来是比较发送者sender ID.
Switch-2对于instance 1来说,sender ID=20480:0001.7a58.ebe8(我在交换机2上面设置好了Instance1的priority=20480,而switch-3的sender ID=32768:0001.7a58.be0c,这里直接比较prority,switch-2优于switch-3. 所以最后switch-2的port 0/0/21为指定端口,状态为FWD,swtich-3的port 0/0/20为Alternate port, 会被block掉,只接收BPDU报文,不负责转发数据流量。当端口收到BPDU携带TCP(topology change)字段的时候再进行打开端口.
最后对于Instance 1来说,形成的树如下:
Region B Internal election:
对于region B来说,希望能达到下面的设计初衷:
Switch-5为Instance 1的根桥,对于switch-4来说,port 0/2为alternate port,被block掉。
对于实现来说,只需要在switch-5上面将instance1的优先级从默认的32768降低即可:
Switch-5的部分配置:
spanning-tree mst configuration
region-name B
revision-level 2
instance 1 vlan 200-300
exit
spanning-tree mst instance 1 priority 8192
spanning-tree enable
这里可以看到,在switch-5上面有意把instance 1的桥优先级降低为8192.
而switch-4的默认优先级32768没有进行修改。
所以swtich-5是根桥。
而swtich-5的两个端口port 0/0/24和port 0/0/25为指定端口DP,对于switch-4来说,到达根桥switch-5的cost一样的,而sender ID也一样,因为是同一台交换机的MAC地址。
最后比较的就是端口ID,在图中已经标示出来,swtich-4的port 0/1端口ID是128.02,而port 0/2的端口ID是128.03,这个是系统自动默认分配的,也可以进行手动修改。
最后128.02小于128.03,所以swtich-4的port 0/2最后被block掉。
最终形成了下面的树:
最后看输出结果:
而Region C和Region B是一样的。这里就不赘述了。
我们先不看CIST域间破环的原理,光看IST内部的情况如下:(三个region已经都在内部进行了端口的block动作了.)
CIST选举的原则:
现在,将Region A/B/C分别看成一个交换机.
实际上就是三台交换机组成了一个简单的环网了。
每个region为一个单位.
这里又会涉及到一个新术语叫Master 端口,前面已经提过:
■Master端口位于整个域到总根的最短路径上,它是连接域到总根的端口; (实际上,我自己的理解应该说是整个域的域内IST的根桥到总根桥最小cost耗费的路径接口).
■Alternate端口不仅仅是 Master端口的备份端口,也是域内根端口的备份端口。如果 Master端口被阻塞后,Alternate端口将成为新的 Master端口;
那么,到底是怎么选举出来的呢?
这里要回归到我们并没有配置的instance 0。
Instance 0就是CIST选举的根本。
在Region A里面,实际上我是有意将switch-1的instance 0的优先级也降成最低了的:
Switch-1:
spanning-tree mst configuration
region-name A
revision-level 1
instance 1 vlan 200-300
exit
spanning-tree mst instance 0 priority 4096
spanning-tree mst instance 1 priority 4096
spanning-tree enable
这样配置以后,swtich-1不仅仅是Region A里面的内部根桥,而且还是CIST的总根桥(并没有说总根桥和IST内部根桥一定要在同一个交换机上面,这里我是为了图方便).
对于region B和region C来说,switch-4的port 0/5和switch-6的port0/5都是写商城100M的链路,cost=2W. 所以,这两个端口,一定都是Master 端口的角色,因为这两个端口到根桥的耗费是一样的。
注意:CIST选举的时候,一定是只算域间隔cost,而不会计算域内的cost.这一点一定要注意.
下面来看哪个端口会被block掉。
对于Region B来说,switch-5是根桥,switch-5到总根桥的耗费是:
200000+200000+20000=42W.
而对于region C来说,switch-6是根桥,switch-6到总根桥的耗费是:20W+2W=22W.
所以Region C这台交换机的NDP端口(非Master端口为port 0/0/22.最后的角色是DP(FWD).
所以region B的switch-5的port 0/0/26为Alternate port(DIS).
下面是显示的结果:
Switch-7-3900
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.bdf8 priority 32768
Region root address 0001.7a4f.4a07 priority 32768
root: 32789, rpc: 200000, epc: 200000, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Flap guard : admin false, max count 5, detect period 10s, recovery period 30s
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 200000 128.021 P2P
port 0/0/21 Alte DIS 200000 128.022 P2P
port 0/0/22 Desg FWD 20000 128.023 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.bdf8 priority 32769/32768
Designated root address 0001.7a4f.4a07 priority 12289
root: 32789, rpc: 200000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 200000 128.021 P2P
port 0/0/21 Alte DIS 200000 128.022 P2P
port 0/0/22 Desg FWD 20000 128.023 P2P
Switch-6-3400
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a4f.4a07 priority 32768
Region root address 0001.7a4f.4a07 priority 32768
root: 32774, rpc: 0, epc: 200000, hop: 20
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0 Desg FWD 200000 128.01 P2P
port 0/1 Desg FWD 200000 128.02 P2P
port 0/5 Root FWD 200000 128.06 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a4f.4a07 priority 12289/12288
Designated root address 0001.7a4f.4a07 priority 12289
root: 0, rpc: 0, hop: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0 Desg FWD 200000 128.01 P2P
port 0/1 Desg FWD 200000 128.02 P2P
port 0/5 Mast FWD 200000 128.06 P2P
swtich-5-4100
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0022.1512.070c priority 32768
Region root address 0001.7a58.0037 priority 32768
root: 32793, rpc: 200000, epc: 200000, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/24 Root FWD 200000 128.25 P2P
port 0/0/25 Alte DIS 200000 128.26 P2P
port 0/0/26 Alte DIS 20000 128.27 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0022.1512.070c priority 8193/8192
Designated root address 0022.1512.070c priority 8193
root: 0, rpc: 0, hop: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/24 Desg FWD 200000 128.25 P2P
port 0/0/25 Desg FWD 200000 128.26 P2P
port 0/0/26 Alte DIS 20000 128.27 P2P
Switch-4-3400
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.0037 priority 32768
Region root address 0001.7a58.0037 priority 32768
root: 32774, rpc: 0, epc: 200000, hop: 20
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/1 Desg FWD 200000 128.02 P2P
port 0/2 Desg FWD 200000 128.03 P2P
port 0/5 Root FWD 200000 128.06 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.0037 priority 32769/32768
Designated root address 0022.1512.070c priority 8193
root: 32770, rpc: 200000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/1 Root FWD 200000 128.02 P2P
port 0/2 Alte DIS 200000 128.03 P2P
port 0/5 Mast FWD 200000 128.06 P2P
最后形成了下面的CIST树:
下面再来做一个简单的实验,现在假设客户的需求是,CIST block的端口是Region C的switch-6的port0/5.
对于这个需求,实际上,最简单的做法就是把Region C里面的switch-6 port 0/5接口下面把cost修改为一个无穷大的耗费…这样最终一定是这个接口给discarding掉。
下面,我在regionC的switch-6 port0/5下面进行下面的配置:(cost值是在端口的入方向生效)
在Region C的switch-6 port 0/5的配置如下:
port 0/5
port-type nni
port mode trunk
port trunk allowed vlan all
port trunk pvid vlan 1
spanning-tree mst instance 0 cost 150000000
exit
这样一来,Region C一共有两条链路通往总根switch-1,一条是直连的switch-6 port 0/5上联,另外一条链路是switch-7 port 0/0/22连接Region B的链路。
但是switch-6的port 0/5上联cost无穷大,所以该链路是最次链路,所有其他链路到总跟的和都不会有该链路的cost大,所以switch-6的port 0/5理应被block掉,角色为alternate port. 状态是DIsccarding的。
在说Region C的switch-7, port 0/0/22那条链路是到总跟最短的链路,所以该接口的角色应该是Master 口 for instance 1, 对于Region B来说,switch-4 port 0/5到总跟switch-1的链路耗费22W,而交换机 switch-5 port0/0/26到总根swtich-1的耗费为2W+20W+1.5Y~~~~
最终switch-5的port 0/0/25实际角色应该是NDP. 但是状态依然是FWD的状态.
对于Instance 0-来说,所有的选举和IST内部选举一样,所以角色的命令不会携带Master这样的角色. .
好了,下面来看看结果是否和下图一致:
Swtich-2-3900
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.ebe8 priority 32768
Region root address 0001.7a58.f2d0 priority 4096
root: 32789, rpc: 20000, epc: 0, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Flap guard : admin false, max count 5, detect period 10s, recovery period 30s
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 20000 128.021 P2P
port 0/0/21 Alte DIS 20000 128.022 P2P
port 0/0/22 Desg FWD 200000 128.023 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.ebe8 priority 20481/20480
Designated root address 0001.7a58.f2d0 priority 4097
root: 32789, rpc: 20000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 20000 128.021 P2P
port 0/0/21 Desg FWD 20000 128.022 P2P
port 0/0/22 Desg FWD 200000 128.023 P2P
Switch-3-3900
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.be0c priority 32768
Region root address 0001.7a58.f2d0 priority 4096
root: 32790, rpc: 20000, epc: 0, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Flap guard : admin false, max count 5, detect period 10s, recovery period 30s
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Desg FWD 20000 128.021 P2P
port 0/0/21 Root FWD 20000 128.022 P2P
port 0/0/22 Desg FWD 200000 128.023 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.be0c priority 32769/32768
Designated root address 0001.7a58.f2d0 priority 4097
root: 32790, rpc: 20000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Alte DIS 20000 128.021 P2P
port 0/0/21 Root FWD 20000 128.022 P2P
port 0/0/22 Desg FWD 200000 128.023 P2P
Switch-4-3400
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.0037 priority 32768
Region root address 0001.7a58.0037 priority 32768
root: 32774, rpc: 0, epc: 200000, hop: 20
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/1 Desg FWD 200000 128.02 P2P
port 0/2 Desg FWD 200000 128.03 P2P
port 0/5 Root FWD 200000 128.06 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.0037 priority 32769/32768
Designated root address 0022.1512.070c priority 8193
root: 32770, rpc: 200000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/1 Root FWD 200000 128.02 P2P
port 0/2 Alte DIS 200000 128.03 P2P
port 0/5 Mast FWD 200000 128.06 P2P
Swtich-5-4100
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0022.1512.070c priority 32768
Region root address 0001.7a58.0037 priority 32768
root: 32793, rpc: 200000, epc: 200000, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/24 Root FWD 200000 128.25 P2P
port 0/0/25 Alte DIS 200000 128.26 P2P
port 0/0/26 Desg FWD 20000 128.27 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0022.1512.070c priority 8193/8192
Designated root address 0022.1512.070c priority 8193
root: 0, rpc: 0, hop: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/24 Desg FWD 200000 128.25 P2P
port 0/0/25 Desg FWD 200000 128.26 P2P
port 0/0/26 Desg FWD 20000 128.27 P2P
Switch-7-3900
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.bdf8 priority 32768
Region root address 0001.7a58.bdf8 priority 32768
root: 32791, rpc: 0, epc: 220000, hop: 20
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Flap guard : admin false, max count 5, detect period 10s, recovery period 30s
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Desg FWD 200000 128.021 P2P
port 0/0/21 Desg FWD 200000 128.022 P2P
port 0/0/22 Root FWD 20000 128.023 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.bdf8 priority 32769/32768
Designated root address 0001.7a4f.4a07 priority 12289
root: 32789, rpc: 200000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 200000 128.021 P2P
port 0/0/21 Alte DIS 200000 128.022 P2P
port 0/0/22 Mast FWD 20000 128.023 P2P
重头戏来了,Region C的switch-6:
Switch-6-3400
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a4f.4a07 priority 32768
Region root address 0001.7a58.bdf8 priority 32768
root: 32769, rpc: 200000, epc: 220000, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0 Root FWD 200000 128.01 P2P
port 0/1 Alte DIS 200000 128.02 P2P
port 0/5 Alte DIS 150000000 128.06 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a4f.4a07 priority 12289/12288
Designated root address 0001.7a4f.4a07 priority 12289
root: 0, rpc: 0, hop: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0 Desg FWD 200000 128.01 P2P
port 0/1 Desg FWD 200000 128.02 P2P
port 0/5 Alte DIS 200000 128.06 P2P