What is the principle of Layer 2 STP?-Safety-php.cn

Home

Operation and Maintenance

Safety

What is the principle of Layer 2 STP?

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

May 12, 2023 pm 09:43 PM

stp

STP
The ultimate goal of STP:
From anywhere on the network, it is the shortest loop-free data forwarding path to the switch
1 The same network:
The first problem faced A problem: single point of failure
Solution: Provide network redundancy/backup
1 device backup
2 link backup
New problems caused by:
Layer 2 data Forwarding loop
New solution:
STP/RSTP-spanning-tree protpocol[Spanning Tree Protocol]
Highlights another problem: utilization
Solution: MSTP[Spanning Instance Tree Protocol] 】

There are standard protocols:
STP - 802.1d, slow;
RSTP - 802.1w, a little faster;
MSTP - 802.1s
In order to achieve link backup At the same time, load balancing of data forwarding can also be achieved to improve equipment utilization.
Protocol to solve layer 2 data loop
Working principle/process of STP protocol:
1 Elect switch role:
Root switch (bridge):
There is only one in the entire switch network [The smaller BID value takes precedence]
Non-root switch:
Except the root switch
2 Election port role:
Root port:
On any non-root switch, there is only one,
The closest (cost) port to the root switch
Designated port:
There is only one in any network segment,
The closest (cost) port to the root switch
Non-designated port ：
All the remaining ports are non-specified
3 Determine the port status:
down
listening: Listening
[Listening BPDU, in order to collect all BPDUs as much as possible , for comparison]
learning: Learning
[Learning the MAC address table at this stage]
forwarding: forwarding
[The final status of the root port and the designated port]
blocking: blocking
[ The final port corresponding to the non-specified port]

All functions of the STP protocol are implemented through BPDU messages
BPDU -bridge protocol data unit [Bridge protocol data unit]

BPDU message The basic composition of the document:
root-id: Represents the ID of the root switch.
cost: Represents the distance from the switch that sends the BPDU to the root switch.
bridge-id: Represents the location of the switch that sends the BPDU. The name of the switch
port-id: Represents the outgoing port of the switch that sends the BPDU
consists of two parts:
port-priority port-number
[Port priority port number]
Port priority: 1 byte, the default value is 128
Port number; 1 byte, which is the port number on the switch
For example: the port-id of gi0/0/23 of the switch The expression is: 128.23

We can elect the "device role" and "port role" when
Based on the definition of "switch role" and "port role"
The four in the BPDU message Fields are compared from top to bottom.
The first thing to compare is the root-id;
If they are not the same, select the smallest one as Root-switch;
If they are the same, compare the costs; if they are not the same, select the smallest cost;
If they are the same, compare the bridge-ids. If they are not the same, select the smallest one;
If they are the same, compare the port-ids. If they are not the same, select the smallest one;

STP convergence time: 30--50 seconds
hello -2 seconds
[The time period for the root switch to send BPDU, once every two seconds]
forward-delay=15 seconds forward delay
[Indicates staying in listening and learning respectively Time]
max-age=20 seconds Maximum life time 20 seconds
[Deduct one second for each switch passed, up to 20 seconds]

     配置命令以及解释：
[huawei]stp priority

[STP priority, the default is 32768 setting The hour value must be a multiple of 4096]

[huawei-gi0/0/23] stp cost
[Modify the cost of STP on a port]
On Huawei switches, the cost of the 1000M port is by default It is 20000;

[huawei]display stp
[You can view the STP mode running on the switch, as well as the BID information of itself and the root switch]
[huawei]display stp brief
[ You can view the role and status of each STP-enabled port on the switch]

[huawei]display stp interface gi0/0/23
[You can view the cost of the interface, as well as sending and receiving BPDU situation】

MSTP configuration:
[A]stp region-configuration
【stp domain configuration】
[A-mst-region]region-name 1
【 Name the domain】
[A-mst-region]instance 1 vlan 10 20
【Create instance 1 and add vlan 10 20】
[A-mst-region]active region-configuration
[Activate domain configuration]
[A]stp instance 2 priority 4096
[Set the priority for instance 2]
[A]display stp instance 1
[Check whether the stp priority of instance 1 is effective 】

The above is the detailed content of What is the principle of Layer 2 STP?. For more information, please follow other related articles on the PHP Chinese website!

Statement

This article is reproduced at:亿速云. If there is any infringement, please contact admin@php.cn delete

What category does the operation and maintenance security audit system belong to?Mar 05, 2025 pm 03:59 PM

This article examines operational security audit system procurement. It details typical categories (hardware, software, services), budget allocation (CAPEX, OPEX, project, training, contingency), and suitable government contracting vehicles (GSA Sch

What are the job safety responsibilities of operation and maintenance personnelMar 05, 2025 pm 03:51 PM

This article details crucial security responsibilities for DevOps engineers, system administrators, IT operations staff, and maintenance personnel. It emphasizes integrating security into all stages of the SDLC (DevOps), implementing robust access c

What does the operation and maintenance safety engineer do?Mar 05, 2025 pm 04:00 PM

This article explores the roles and required skills of DevOps, security, and IT operations engineers. It details the daily tasks, career paths, and necessary technical and soft skills for each, highlighting the increasing importance of automation, c

The difference between operation and maintenance security audit system and network security audit systemMar 05, 2025 pm 04:02 PM

This article contrasts Operations Security (OpSec) and Network Security (NetSec) audit systems. OpSec focuses on internal processes, data access, and employee behavior, while NetSec centers on network infrastructure and communication security. Key

What is operation and maintenance security?Mar 05, 2025 pm 03:54 PM

This article examines DevSecOps, integrating security into the software development lifecycle. It details a DevOps security engineer's multifaceted role, encompassing security architecture, automation, vulnerability management, and incident response

What is the prospect of safety operation and maintenance personnel?Mar 05, 2025 pm 03:52 PM

This article examines essential skills for a successful security operations career. It highlights the need for technical expertise (network security, SIEM, cloud platforms), analytical skills (data analysis, threat intelligence), and soft skills (co

What is operation and maintenance security?Mar 05, 2025 pm 03:58 PM

DevOps enhances operational security by automating security checks within CI/CD pipelines, utilizing Infrastructure as Code for improved control, and fostering collaboration between development and security teams. This approach accelerates vulnerabi

Main work of operation and maintenance securityMar 05, 2025 pm 03:53 PM

This article details operational and maintenance (O&M) security, emphasizing vulnerability management, access control, security monitoring, data protection, and physical security. Key responsibilities and mitigation strategies, including proacti

See all articles