生成树简介与基本知识课件

OutlineTCP/IPBaseWhyLANswitchWhyVLAN、VLANTagging、STPSpanningTreeProtocol(802.1d)OperationRapidSpanningTreeProtocol(802.1w)OperationMultipleSpanningTreeProtocol(802.1s)operationNokiaESBFeatureavailabilityNokiaESBinNEandConfigurationintroductionTroubleshootingISO/OSI七层参考模型应用层表示层会话层传输层网络层数据链路层物理层应用层表示层会话层传输层网络层数据链路层物理层通信介质ISO/OSI七层参考模型应用层表示层会话层传输层网络层数据链路层物理层资源子网通信子网建立、维护和拆除物理链路的机械、电气和功能的特征，把实体连接起来，在物理介质上传输无特征的比特流网卡、RS232C、V24、X.21、V35都属于物理层范围EIA/TIA-232,EIA/TIA-499,V.35,V.24,RJ45,Ethernet,802.3,802.5,FDDI,NRZI,NRZ,B8ZS物理层数据链路层组织成帧和实现介质访问控制，并用校验、确认重发等机制把物理链路提升为无差错的数据链路。把无特征的二进制位流组织成帧（Frame），在帧头加源目的物理地址，保证以帧为单位可靠地将数据传输到目的地。FrameRelay,HDLC,PPP,IEEE802.3/802.2,FDDI,ATM,IEEE802.5/802.2网络层对数据包从源节点，经由中间一些节点到目的节点的路径进行选择（包括建立、维持、拆除等）和分组交换及流量控制技术，实现点到点的数据传输，使传输层摆脱路由选择、交换方式、拥护控制等网络细节，实现端到端的数据传输。网络层提供了端到端的包传递。网络层定义了逻辑地址，所以任何端点都可以被唯一的标识。它也定义了路由如何工作和如何学习。网络层还定义了如何对数据报分片来适应较小的最大传输单元。物理层数据链路层物理层应用层表示层会话层传输层网络层数据链路层物理层应用层网际层（IP,ARP,ICMP）传输层（TCP和UDP,SCTP）TCP/IP和OSI对应TCP/IP数据的封装过程TCP/UDP报文IP报头 IP数据帧头 物理帧数据IP数据包物理帧传输层网络层链路层IP报头：源、目的 IP地址，是逻辑地址帧头：源、目的物理地址，是真实地址数据传输的过程路由器A路由器BIP寻址IP寻址IP数据报逻辑网IP层加帧头去帧头帧传输和直接寻址数据链路层物理层常用网络设备中继器集线器网桥交换机路由器中继器第一层设备主要为了延长局域网的覆盖范围集线器Hub是一个多口的中继器,仍然是第一层设备物理上是星型拓扑，逻辑上是总线拓扑三种：被动型：不需要电源，只是物理连接主动型：需要电源，将信号放大后再传出智能型：在主动型的基础上，带有管理功能网桥第二层设备用于连接多个局域网网桥中有第二层的MAC地址与端口对应表，用于转发数据帧过滤转发洪泛交换机重要的第二层设备，相当于多端口网桥使用MAC地址表进行转发掌握交换机的工作过程(nextsection)路由器路由器正是工作在IP下三层的通信子网上，从而屏蔽了底两层物理网络的差异，实现各种网络的互联。基本功能：路由和转发数据传送举例从laptop访问sohu网站通过查询DNS，获得Sohu网站的IP地址(略)查找本地路由表，发现没有匹配任何具体路由，走defaultgateway通过ARP获得defaultgateway的MAC地址加上二层frame头后发送到缺省网关(路由器)路由器收到frame后，直接剥离frame头，取出destinationIPaddress.将destIPaddress和路由表比对，获得下一跳的IP地址。路由器修改IP包头中的TTL信息，加上二层帧头，发送的下一条路由器。.到达最后一跳路由器后，路由器剥离frame头，取出destinationIPaddress.将destIPaddress和路由表比对，发现在直连网段上。路由器在直连网段上发送ARP请求，获得目的IP的MAC地址。路由器修改IP包头中的TTL信息，加上二层帧头发送到直连网段Sohu服务器网卡比对帧头中的MAC，发现是自己的后，剥离帧头，传送到上层协议进行处理。OutlineTCP/IPBaseWhyLANswitchWhyVLAN、VLANTagging、STPSpanningTreeProtocol(802.1d)OperationRapidSpanningTreeProtocol(802.1w)OperationMultipleSpanningTreeProtocol(802.1s)operationNokiaESBFeatureavailabilityNokiaESBinNEandConfigurationintroductionTroubleshootingIEEE电气电子工程师协会(IEEE)是建立通信标准的关键组织。IEEE是包含科学、技术和教育在内的专业协会，在140多个国家中积极进行活动。IEEE的计算机协会局域网委员会发展了目前应用的许多网络互连标准，制定了在局域网环境下物理电缆电路和传输的“802”标准。802标准802.1802标准的概述。802.2逻辑链接控制的标准和其他网络连接标准。802.3带有检测冲突的载波侦听多路存取方法(CSMA/CD)标准。802.4传递总线存取的令牌标准。802.5令牌环存取以及LAN与MAN间通信的标准。802.6包括高速无连接网络互连在内的LAN和MAN网络标准。802.7宽带电缆技术标准。802.8光纤电缆技术标准。802.9集成网络互连服务(如语音和数据集成)的标准。802.10LAN和MAN能共同使用的安全性标准。802.11无线连接标准。802.12要求优先级存取方法标准。802.14有线电视宽带通信标准。以太网简介以太网从七十年代开始流行，现在已经成为最主要的网络方式。它采用了最新的技术如光纤使其传输速度由七十年代的3M增长到现在的10G。其优点：1维护简单；2及时采用先进的技术；3可靠性高；以太网是人们为了解决在同一媒体中进行多点传输而不相互干扰而发明的，最早由夏威夷大学开始研究，后来就形成了以太网接入方法的基础，即CSMA/CD.以太网的最初版本是世界上的第一个局域网，第一个以太网标准在八十年代由DigitalEquipmentCompany,Intel,andXerox(DIX).颁布，当时的传输方法是通过同轴线以10Mbps的速度进行通讯。1985年，IEEE颁布了其局域网标准802.3，基本和0SI模式的标准兼容。1995年，IEEE颁布了100Mbps标准，1998年，吉比特标准颁布。以太网技术以太网使用载波监听/冲突监测（CSMA/CD）算法来进行仲裁。监听媒体上是否有帧正在传输。如果没有帧传输，发送！如果有帧正在传输，等待，再监听。当传输中发生碰撞，停止，等待，再监听。以太网的特点1.采用无连接的工作方式，不必先建立连接就可以直接发送数据；2.数据帧不编号，也不要求对方发回确认3.因此，以太网提供的服务是不可靠的交付，差错纠正由高层来决定。4.同一时间只能有一台机器发送信息1全双向网络中，接受和发送可同时进行，将没有冲突；2半双向网络中，发送者传送64位的同步信号然后发送：（1）源地址和目的地址（2）头信息（3）数据负载（4）FCS（保证传输中没有数据损坏）接受者接受该帧计算FCS无误后传送到高层的协议。双工和半双工MAC地址局域网硬件地址又称为物理地址/MAC地址一个著名的定义：“名字指出我们所要寻找的那个资源，地址指出那个资源在何处，路由告诉我们如何到达该处。”网卡的MAC地址为6字节，固化在网卡上，因此，每块网卡都会有一个全球唯一的MAC地址IEEE的RAC负责分配网卡的MAC地址MAC地址一个OUI包含了224个MAC地址I/G比特：0：单播地址1：组播地址一个OUI只分配23bit地址，包含224个单播地址和224个组播地址目的站地址：单播帧：一对一广播帧（全1）：一对全体组播帧：一对多交换机的产生在理想状态下，以太网工作的很好，但是随着接入节点的增长，冲突就凸现出来了。交换机就是解决这一问提的关键技术。冲突和广播促进了以太网和更高层的技术的发展，冲突域和广播域的提出就是为了解决冲突和广播的负面效应，网桥和路由器在分割网络中扮演着重要的角色。在第二层中的网桥随着同一物理网段中节点的增加，对带宽的需求也增加了，那么冲突的可能性也随之增大，这就导致更多的重发。解决的方法就是把大的网段分割成多个相互隔离的冲突域。为了达到上述目的，网桥需要有保存着MAC地址和相应端口的表，在此基础上决定是转发还是丢弃相应的帧。在第二层中的交换机一般来说，网桥只有两个端口，能把一个冲突域分割成两个，但是它并不影响第三层地址或逻辑地址。所以，被网桥分割的网络仍然在同一个逻辑广播域内。交换机是快速，多端口的网桥，它保存着每个端口的必须的MAC信息。交换机的运作（1）当交换机从某个端口收到一个数据包，它先读取包头中的源MAC地址，这样它就知道源MAC地址的机器是连在哪个端口上的；（2）再去读取包头中的目的MAC地址，并在地址表中查找相应的端口；（3）如表中有与这目的MAC地址对应的端口，把数据包直接复制到这端口上；（4）如表中找不到相应的端口则把数据包广播到所有端口上，当目的机器对源机器回应时，交换机又可以学习一目的MAC地址与哪个端口对应，在下次传送数据时就不再需要对所有端口进行广播了。ESB20-A#showmac-address-table#|VID|Mac|PORT|STATUS|PRIORITY|1|0001|00:0d:60:8a:01:04|1/1/20|dynamic|0|2|0001|00:a0:12:0b:2c:3c|self|0|3|0001|00:a0:12:0b:2c:50|1/1/20|dynamic|0|链路层的重要概念冲突域广播域网段冲突域冲突域就是那些发生冲突的相连接的物理网路。连接媒介段的设备类型可用来定义冲突域，OSI模型中的一层设备不分割冲突域，二层和三层设备分割冲突域。其中中级器和中继型集线器属于第一层，网桥和交换机属于第二层。冲突域的划分遵从54321规则。广播域广播域就是那些由第二层设备连接起来的冲突域。将局域网划分成多个冲突域有助于减少冲突和增加带宽，但是如果由第二层转发的广播过多的话会降低整个网路的效率。三层设备比如路由器分割广播域网段在数据通讯方面，网段的含义：为网桥，路由器或交换机所限定的网络的小段在具有总线拓扑的局域网中，网段是用中继器相互连接的连续的电路在TCP中，是信息的一个传输层单元。OutlineTCP/IPBaseWhyLANswitchWhyVLAN、VLANTagging、STPSpanningTreeProtocol(802.1d)OperationRapidSpanningTreeProtocol(802.1w)OperationMultipleSpanningTreeProtocol(802.1s)operationNokiaESBFeatureavailabilityNokiaESBinNEandConfigurationintroductionTroubleshootingVLAN的引入先进技术上使交换机容量极大同一广播域使网络和系统性能下降网络安全和管理上的需要Static和dynamicVLANVLANTagging的引入又名VLANtrunk交换机间同一VLAN内用户通信的需要节省交换机间trunk接口的需要提高交换机间trunk利用率的需要VLANTagging标准：802.1qandCiscoISLSpanningTree的引入网络冗余的需要简单的冗余造成网络风暴为什么叫生成树BridgeABridgeBBridgeCOutlineTCP/IPBaseWhyLANswitchWhyVLAN、VLANTagging、STPSpanningTreeProtocol(802.1d)OperationRapidSpanningTreeProtocol(802.1w)OperationMultipleSpanningTreeProtocol(802.1s)operationNokiaESBFeatureavailabilityNokiaESBinNEandConfigurationintroductionTroubleshooting生成生成树协议树协议(STP)生成树是一个交换网络中检测交消除冗余链路以防止出现二层循环的一个协议。如果不运行STP，帧有可能会在网络中循环发送，流量极剧升高，最后使整个网络彻底瘫痪。STP最初是一个较慢的基于软件实现的一个桥接规范(IEEE802.1D)，现在已经是一个相当成熟的协议了，可以在一个具有多VLAN、大量交换机、多厂商的复杂环境中很好的实施。已经有二十多年的历史收敛时间最快30(2*FWD_DELAY)秒，基本上是50(MAXAGE+2*FWD_DELAY)秒基本概念BridgeIDRootBridgePathcostandportcostPortroles:DesignatedandrootportPortstate:disabled,blocking,listening,learning,forwardingTimers:hello,maxage,forwarddelayBridgeProtocolDataUnits(BPDU)Priority48 bits16 bitsMac AddressBridgeIDRootBridge:BridgeID最小的Bridge。即先比较priority，再比较MAC地址BridgeID:PathcostPort costThe path cost to the root associated with each switch portBridge_ID=1Root_ID=1DesignatedportRootportBridge_ID=6Root_ID=1Bridge_ID=5Root_ID=1Bridge_ID=4Root_ID=1Bridge_ID=3Root_ID=1Bridge_ID=2Root_ID=1Otherport101010101010PortroleBridge_ID=1Root_ID=1DesignatedportRootportBridge_ID=6Root_ID=1Bridge_ID=5Root_ID=1Bridge_ID=4Root_ID=1Bridge_ID=3Root_ID=1Bridge_ID=2Root_ID=1Root PortPort receiving the best BPDU for the bridge-shortest path to the Root in terms of path costOtherportDesignated PortPort sending the best BPDU on a segmentPortState端口状端口状态态含含义义到下一个状到下一个状态态的缺省的缺省时间时间Disabled管理管理员员Shutdown不适用不适用Blocking接收接收BPDUs，不，不转发转发用用户户数数据据监测监测收到的收到的BPDUs 为为Maxage超超时时等待等待20秒，或在秒，或在检测检测到到本地失效本地失效时时直接直接进进行状行状态态切切换换。Listening发发送和接收送和接收BPDUs，检测检测是是否需要否需要BlockingFwddelay 计时计时器器(等等15秒秒)Learning建立拓朴或建立拓朴或CAM表表Fwddelay 计时计时器器(15秒秒)Forwarding转发转发数据数据总总的基本拓朴的基本拓朴转换时间转换时间：20+2(15)=50秒秒直接直接链链路失效路失效为为30秒秒Timers基本的基本的计时计时器器缺省缺省值值(秒秒)名称名称功能功能2Hello控制发送BPDU.15Forward Delay(Fwddelay)控制在listening和learning状态下引起拓朴改变的进程.20Maxage控制交换机为当前拓朴选择一个候选路径的时间，Maxage超时后，交换机将从处于Blocking状态的端口中选择一个新的root端口，如果没有blooking端口可用，它将在指定端口上声称自己将成为root bridge.BPDUEach configuration BPDU contains the following minimal information:The unique identifier of the switch that the transmitting switch believes to be the root switch The cost of the path to the root from the transmitting port The identifier of the transmitting port运行机制1.在整个生成树域中选举出一个唯一的rootbridge；2.在每个非rootbridge的交换机上选举出一个root端口(面向rootbridge)；3.在每一段中选举出一个designated端口用于转发BPDU；4.非root和designated端口切换到block状态。5.Designatedandrootport为forwardingBridge_ID=1Root_ID=1DesignatedportRootportBridge_ID=6Root_ID=1Bridge_ID=5Root_ID=1Bridge_ID=4Root_ID=1Bridge_ID=3Root_ID=1Bridge_ID=2Root_ID=1OtherportLossofthepathBridgeARootBridgeBBridge_ID=2BridgeCBridge_ID=3直连链路失效，直接BlocklisteningListeningtimer过期后,-learningLearningtimer过期后,-forwardingAddalink1.First,as they are just coming up,both ports are put in listening state；2.Bridge A hear the root directly and it immediately propagates its BPDUs on its designated ports3.B and C receive this new superior information from A,they immediately relay it toward the leaves4.Bridge D has received a BPDU from the root and instantly blocks its port P1.5.The only problem now is that twice the forward delay has to elapse before the link between the root and A eventually ends up in the forwarding state6.This means 30 seconds of disruption of traffic(the entire A,B,and C part of the network is isolated)拓朴拓朴变变化提示化提示(TCN)BPDUs流流拓朴变化提示BPDUs在检测到生成树的拓朴发生改变时由叶交换发到RootBridge，Root端口只发送TCNs，而指定端口只接收TCNs.TCNBPDU在发向RootBridge中的每一步都被确认，这是一个可靠的机制，一旦到达RootBridge，RootBridge将通过一个将TCN标记设置为Maxage+Fwddely(缺省为35秒)的用于配置的BPDU向整个生成树域宣告这个拓朴变化的发生，使所有的交换机将它们的CAM(Content-AddressableMemory)老化计时器从5分钟(缺省的)修改为Fwddelay(缺省为15秒)所规定的时间间隔。SendingTCNBPDUassoonasitputsitsinterfaceintoalisteningstateCiscoprivatefeaturePortfast+BPDUguardUplinkfastBackbonefastCISCOPortfast+BPDUGuardSpanning tree PortFast causes a spanning tree port to enter the forwarding state immediately,bypassing the listening and learning states.You can use PortFast on switch ports connected to a single workstation or server to allow those devices to connect to the network immediately,rather than waiting for spanning tree to converge.PortFast BPDU guard can prevent loops by moving a nontrunking port into the errdisable state when a BPDU is received on that port.When the BPDU guard feature is enabled on the switch,spanning tree shuts down PortFast-configured interfaces that receive BPDUs,rather than putting them into the spanning tree blocking state.CiscoUplinkfastUplinkFast unblocks the blocked port on Switch C and transitions it to the forwarding state without going through the listening and learning states,as shown in Figure 9-2.This switchover takes approximately one to five seconds.CiscoBackbonefastSwitch B send Inferior BPDUsBackboneFast allows the blocked port on Switch C to move immediately to the listening state without waiting for the maximum aging time for the port to expire.BackboneFast then transitions the port on Switch C to the forwarding state,providing a path from Switch B to Switch A.This switchover takes approximately 30 seconds.OutlineTCP/IPBaseWhyLANswitchWhyVLAN、VLANTagging、STPSpanningTreeProtocol(802.1d)OperationRapidSpanningTreeProtocol(802.1w)OperationMultipleSpanningTreeProtocol(802.1s)operationNokiaESBFeatureavailabilityNokiaESBinNEandConfigurationintroductionTroubleshootingIntroductionto802.1wEnhancementto802.1DintheareaofconvergencespeedIncorporatesfeaturessimilartoUplinkFastandBackboneFastIEEEstandardsincelate2001IEEE802.1w:WhatisnewNewPortRoleModifiedBPDUBPDUhandlingRapidportstatetransitionNewtopologychangemechanismPVST+/802.1DCompatibility4portroles:Rootport(forwarding)Designatedport(forwarding)Alternateport(blocking)Backupport(blocking)IEEE802.1wportrolesSTP operates internally with port rolesPorts change STP states based on their rolesIEEE802.1wportroles:RootPortBridge_ID=1Root_ID=1AlternateportBackupportDesignatedportRootportBridge_ID=6Root_ID=1Bridge_ID=5Root_ID=1Bridge_ID=4Root_ID=1Bridge_ID=3Root_ID=1Bridge_ID=2Root_ID=1Root PortPort receiving the best BPDU for the bridge-shortest path to the Root in terms of path costIEEE802.1wportroles:DesignatedPortBridge_ID=1Root_ID=1Bridge_ID=6Root_ID=1Bridge_ID=5Root_ID=1Bridge_ID=4Root_ID=1Bridge_ID=3Root_ID=1Bridge_ID=2Root_ID=1Designated PortPort sending the best BPDU on a segmentAlternateportBackupportDesignatedportRootportIEEE802.1wportroles:AlternatePortBridge_ID=1Root_ID=1Bridge_ID=6Root_ID=1Bridge_ID=5Root_ID=1Bridge_ID=4Root_ID=1Bridge_ID=3Root_ID=1Bridge_ID=2Root_ID=1Alternate PortPort blocked by BPDUs from a different bridge redundant path to the Root AlternateportBackupportDesignatedportRootportIEEE802.1wportroles:BackupPortBridge_ID=1Root_ID=1Bridge_ID=6Root_ID=1Bridge_ID=5Root_ID=1Bridge_ID=4Root_ID=1Bridge_ID=3Root_ID=1Bridge_ID=2Root_ID=1Backup Port Port blocked by BPDUs sent from the same bridge redundant path to a segmentAlternateportBackupportDesignatedportRootportIEEE802.1wBPDUhandlingAllbridgessendBPDUseveryhello_timewhile802.1dusedtorelayBPDUsreceivedonrootportPortinformationinvalidatedin3xhello_timemaxi.e.3BPDUslostasopposedtomax_agebasedinvalidationin802.1d(20secondsdefault)MessageAgeisusedasahopcountFaster failure detectionIEEE802.1wBPDUformat 7 6 5 4 3 2 1 0TCN AckAgreementForwardingLearningTCNProposalRole00-unknown01-Alternate10-Root11-DesignatedProtocolIDProtocolversionID2BPDUType2FlagsRootIDRootpathcostSendingBridgeIDSendingBridgeportIDMessageAgeMaxAgeHellotimeForwarddelayVersion1length0802.1D bridges drop 802.1W BPDUsProposalIEEE802.1wnegotiationAhasabetteridthanBAsendsaproposaltoBtobecomedesignatedBcomparesthereceivedpriorityandreplieswithanagreementBsportbecomesRootport-forwardingAsportbecomesDesigned-forwardingSame process repeats when new bridge is insertedBridgeABridge_ID=1BridgeBBridge_ID=2BridgeABridge_ID=1BridgeBBridge_ID=2BridgeCBridge_ID=3AgreementIEEE802.1wagreement/proposalBPDUWhenportcomesup,bridgesendsBPDUwithproposalflagsettobecomedesignatedforthatsegmentResponseisBPDUwithagreementflagsetifremotebridgeselectstheportonwhichitreceivedtheproposalasitsrootportAssoonasagreementisreceived,portmovestoforwardingExplicit handshake mechanism between bridgesIEEE802.1wsequenceofeventsReceiveaproposalBlockallothernon-edgeportsSendanagreementbackPutthenewrootporttoforwardingSendoutproposalsonotherportsReceiveagreementfromothersPutportsintoforwardingProposalBlockBlockProposalAgreementAgreementForwardEdgeportProposalAgreementForwardForwardIntegratedUplinkFastUpon detecting a direct root link failure,C is capable of immediately switching to a new root portNo proxy multicasts are sent to update Bs CAM table C generates a TCN which flushes Bs CAM tableVery similar to Cisco UplinkFast mechanismBridgeARootBridgeBBridge_ID=2BridgeCBridge_ID=2New root port,moves to forwardingAlternateportIntegratedBackboneFastB loses its root port and sends a BPDU to C claiming it is the rootC immediately becomes designated blocking and sends a proposal to B to move to forwarding ASAPB replies with an agreement and C moves its port to forwardingBridgeARootBridgeBBridge_ID=2BridgeCBridge_ID=2Inferior BPDUIEEE802.1wrapidtransitionconditionsRapidstatetransitionoccursonPoint-to-pointlinks(derivedfromduplexmodebydefault)Edgeports(justlikeciscoPortfast+BPDUguard)OnlybetweenRootandDesignatednon-forwardingportscheck link duplex between bridgesIEEE802.1DTopologyChangeWhenportmovestoforwardingorblocking,bridgeoriginatesaTCNBPDUtowardstheRootbridgeTheTCNBPDUisACKeduntilitreachestheRootRootthensetsTCflaginBPDUsduring(fwd_delay+max_age)seconds,causingL2tableagingtochangetofwd_delay(15)secondsIEEE802.1wTopologyChangeTConlinkmovingtoforwardingonlySentoutbytheinitiator(notbytheRootanymore)andpropagatedalongactivetopologybyneighborsTCbitissetduring2xhellotime(thereisnoACK)FlushestheCAMentriesimmediately+Port on which the TCN was received is not flushed+Edge ports are not flushed+/-Flooding but connectivity restored immediately+No need for proxy multicastsIEEE802.1w802.1Dinteroperability.1Dbridgesdrop.1wBPDUsso.1DBridgesalwaysendupsendingBPDUsAfter Migration Delay(3s),.1w bridge starts sending.1D BPDU if it detects a legacy bridge(per-port).1w BPDU.1D BPDUBridgeA(.1w)BridgeB(.1w)BridgeC(.1D)IEEE802.1w802.1Dinteroperability(2).1w designated bridge cannot detect if.1D bridge is removed(since it was not sending BPDUS)There is special command to force protocol migration manually(for example if C disappears)(set spantree mst x/y redetect-neighbor).1D-.1w interoperability=slow convergence.1w BPDUBridgeA(.1w)BridgeB(.1w)BridgeC(.1D)OutlineTCP/IPBaseWhyLANswitchWhyVLAN、VLANTagging、STPSpanningTreeProtocol(802.1d)OperationRapidSpanningTreeProtocol(802.1w)OperationMultipleSpanningTreeProtocol(802.1s)operationNokiaESBFeatureavailabilityNokiaESBinNEandConfigurationintroductionTroubleshootingWhyMST(IEEE802.1s)?ContrastwithPVST+PVST+=1STPperVLAN+Flexibleload-balancing-CPUneedstohandleupto4KinstancesforonlytwodifferentlogicaltopologiesEven VLANsOdd VLANSEven VLANsOdd VLANSBridgeARootODDBridgeBRootEVENBridgeCWhyMST(IEEE802.1s)?ContrastwithIEEE802.1QAllvlansusesinglespanningtreeinstance+Lightonresources:1instance-SamelogicaltopologyforallVLANs,poorflexibilityEven VLANsOdd VLANSEven VLANsOdd VLANSBridgeARootBridgeBBridgeCTheMSTparadigm+Flexibleload-balancing+CPUonlyneedstohandle2SpanningTreeinstances(for2topologies)-Morecomplex,interoperabilitywithlegacyprotocolsInstance 2Instance 1Instance 2Instance 1BridgeARootInst1BridgeBRootInst2BridgeCMSTregionMSTregionisalinkedgroupofMSTswitcheswithsameMSTconfigurationInsideregion:manyinstancesOutsideofregion:oneinstanceWhy regions?Different administrative control over different parts of the L2 networkNot all switches in the network might run/support MST-different kinds of STP divide network into STP regionsAll benefits of MST are available INSIDE the region,outside it is single instance(topology)for all vlansMSTregion:logicaloverview802.1s802.1s802.1s802.1s802.1s802.1D802.1wRoot PortDesignated PortAlternate PortPVST+region 2region 1-Region Name(up to 32 bytes)-Config Revision number-Vlan to Instance mappingMSTconfigMSTconfigurationmustbesameonallswitchesinthesameMSTregionUserAssignedLongPathCost802.1t defines new default 32 bit costs based on the port bandwidth210,000,000420,000100019200,0001001002,000,00010 Original value New Value(802.1t)Bandwidth(Mbits/sec)OutlineTCP/IPBaseWhyLANswitchWhyVLAN、VLANTagging、STPSpanningTreeProtocol(802.1d)OperationRapidSpanningTreeProtocol(802.1w)OperationMultipleSpanningTreeProtocol(802.1s)operationNokiaESBFeatureavailabilityNokiaESBinNEandConfigurationintroductionTroubleshootingESB20andESA12 Store and Forward operation.Half and full duplex on all ports IEEE802.3X Full Duplex flow control on all ports Back pressure in Half Duplex mode on all ports Priority queuing based on Port or 802.1p.Complies with IEEE802.1d Spanning Tree protocol.Non-blocking operation VLAN per 802.1q Address table contains 8000 entries.Port Trunking Hot-swap(press the Reset button twice within two seconds)ESB20-AandESA24(1)VLANs(Virtual local area networks)including support for IEEE 802.1Q and IEEE 802.1p VLAN aggregation STP(Spanning Tree Protocol)(IEEE 802.1D)RSTP(Rapid Spanning Tree Protocol)(IEEE 802.1w)MSTP(Multiple Spanning Tree Protocol)(IEEE 802.1s)QoS(Quality of Service)IGMP snooping to control IP multicast traffic.GMRP(GARP Multicast Registration Protocol)GVRP(GARP VLAN Registration Protocol)MVR(Multicast VLAN Registration)Console CLI(Command-line Interface)connection Telnet CLI connectionESB20-AandESA24(2)SNMP(Simple Network Management Protocol)v1,v2c and v3 support RMON(Remote Monitoring)Traffic mirroring for all ports DHCP Client Backpressure and flow control support 802.3x flow control for full-duplex links Link Aggregation(LAG)for increased bandwidth without requiring expensive hardware upgrade Link Aggregation Control Protocol(LACP)providing dynamic LAGs Console timeout value Remote logging Remote time synchronization protocol(rfc867,rfc868).SSHESB20-AandESA24(3)RADIUS CLI user privilege levels Resilient link for port redundancy Script file system Up to 1.7 MB size of the configuration file More accurate CPU utilization measurement Inform requests for SNMPv2c MAC address per port in BPDU for xSTP Enhanced DHCP boot process:Startup configuration integrity check Option to save downloaded file to the internal Flash memory Image file upload Enhanced password security(passwords are saved in the internal Flash memory and not in the running config,startup or script files.)OutlineTCP/IPBaseWhyLANswitchWhyVLAN、VLANTagging、STPSpanningTreeProtocol(802.1d)OperationRapidSpanningTreeProtocol(802.1w)OperationMultipleSpanningTreeProtocol(802.1s)operationNokiaESBFeatureavailabilityNokiaESBinNEandConfigurationintroductionTroubleshootingESBinNECPU单元的EL0接口物理连接到ESB0交换机上，EL1接口物理连接到ESB1交换机上ESB不分主备。与CM单元的WO,SP状态没有任何关系。注意ZQRI命令观察到的Assigned参数，如果有EL0处于YES状态，那么ESB0故障将会引起网络中断，如果有EL1处于YES状态，那么ESB1故障将会引起网络中断。ESB端口和FunctionUnit对应关系ESB20andESA12配置CLI或者WEBESB20-AandESA24配置（1）SPANNING TREEdevice-name(cfg protocol)#spanning-tree enable|disabledevice-name(cfg protocol)#spanning-tree priority device-name(cf