感興趣的同學可以到本頁最後直接下載附件word原版.~~~~高清大圖~~~呵呵.
MSTP中端口的角色:
在 MSTP的計算過程中,端口的角色有指定端口、根端口、Master端口、Alternate端口、Backup端口等。
■RP,根端口是負責向樹根方向轉發數據的端口;
■DP,指定端口是負責向下遊網段或交換機轉發數據的端口;
■Master端口位於整個域到總根的最短路徑上,它是連接域到總根的端口; (實際上,我自己的理解應該說是整個域的域內IST的根橋到總根橋最小cost耗費的路徑接口).
■Alternate端口不僅僅是 Master端口的備份端口,也是域內根端口的備份端口。如果 Master端口被阻塞後,Alternate端口將成爲新的 Master端口;
當同一臺交換機的兩個端口互相連接時就存在一個環路,此時交換機會將其中一個端口阻塞,Backup端口是被阻塞的那個端口。
Instance 0 對於MSTP的意義:
MSTP的實例0具有特殊的作用,稱爲CIST(Common Internal Spanning Tree),即公共與內部生成樹,其他的實例稱爲MSTI(Multiple Spanning Tree Instance),即多生成樹實例。CIST由通過STP/RSTP計算得到的單生成樹和MSTP計算得到的域組成,是爲了保證在所有橋接的局域網是簡單的和全連接的。CST(Common Spanning Tree)是STP/RSTP也是MSTP計算出的用於連接MST域的單生成樹。IST(Internal Spanning Tree)是在一個給定的MST域內由CIST提供的連通性。如圖 1 MSTP基本概念示意圖所示,如果把每個MST域看作是一個“交換機”,CST就是這些“交換機”通過STP/RSTP或者MSTP協議計算生成的一棵生成樹。IST是CIST在MST域內的片段,是一個特殊的多生成樹實例。
總根和域根
與STP和RSTP相比,MSTP中引入了總根和域根的概念。總根是一個全局概念,對於所有互連的運行STP/RSTP/MSTP的交換機只能有一個總根,也即是CIST的根;而域根是一個局部概念,是相對於某個域的某個實例而言的。
CIST生成樹的計算
網絡中的設備發送接受BPDU報文,在經過比較配置消息後,在整個網絡中選擇一個優先級最高的交換機作爲CIST的樹根。在每個MST域內MSTP通過計算生成IST;同時MSTP將每個MST域作爲單臺交換機對待,通過計算在MST域間生成CST。如前所述,CST和IST構成了整個交換機網絡的CIST。
1, 實驗拓撲圖:
2, 實驗原理和步驟:
在拓撲圖中,有三個區域,分別是區域A,B,C,每個區域有兩個Instance, 0和1,0是除1以外所有的的VLAN映射.
第一部分,會說明三個域內的選舉,然後再說域間的選舉.
在區域內選舉根橋,DP, RP等的時候遵循下列原則:
1, 首先進行比較每個交換機的橋ID, 橋ID= priority+設備的MAC地址. 首先比較priority,交換機的默認優先級爲32768, 越小越優先,如果橋ID不進行設置,那麼就比較交換機的MAC地址,越小越優先. 最後優先級最小或者是優先級一樣MAC地址最小的選舉爲根橋.
2, 第二是比較鏈路的cost,
3, 比較sender ID. sender ID=priority(默認32768)+ 設備的MAC地址.
哪個小,那麼剩下的那個sender的非Root port的端口會被block掉.
4, 如果sender ID也一樣,(這種情況只會發生在兩臺交換機中間用兩根鏈路進行組環連接),那麼每個交換機的端口還有端口優先級. 同樣,越小越優先。
對於上面的選舉原則,下面會用Region A和Region B來進行解釋:
Region A Internal election:
上面是區域A的情況,對於Instance 1來說,在區域A裏面, 設計原則是:Switch-1是根橋,switch-3的port 0/0/22被block掉。
就這個需求,需要在交換機switch-1上面,配置下面的參數:
spanning-tree mst configuration
region-name A
revision-level 1
instance 1 vlan 200-300
exit
spanning-tree mst instance 0 priority 4096
spanning-tree mst instance 1 priority 4096
spanning-tree enable
在交換機switch-1上面,Instance1的優先級修改爲4096,而其他兩個交換機的橋優先級是默認的32768沒有進行修改,所以,switch-1選舉爲Region A的根橋.
從下面交換機2和3上面show的結果可以看到,switch-1是根橋:
截圖中高亮部分是switch-1的系統mac地址:0001.7a58.f2d0.
根橋選舉好以後,接下來比較的是鏈路cost。
Switch-2到switch-1(根橋)的cost是20000(1000M鏈路),而switch-3到switch-1的cost一樣,也是1000M鏈路,cost爲2W.
接下來是比較發送者sender ID.
Switch-2對於instance 1來說,sender ID=20480:0001.7a58.ebe8(我在交換機2上面設置好了Instance1的priority=20480,而switch-3的sender ID=32768:0001.7a58.be0c,這裏直接比較prority,switch-2優於switch-3. 所以最後switch-2的port 0/0/21爲指定端口,狀態爲FWD,swtich-3的port 0/0/20爲Alternate port, 會被block掉,只接收BPDU報文,不負責轉發數據流量。當端口收到BPDU攜帶TCP(topology change)字段的時候再進行打開端口.
最後對於Instance 1來說,形成的樹如下:
Region B Internal election:
對於region B來說,希望能達到下面的設計初衷:
Switch-5爲Instance 1的根橋,對於switch-4來說,port 0/2爲alternate port,被block掉。
對於實現來說,只需要在switch-5上面將instance1的優先級從默認的32768降低即可:
Switch-5的部分配置:
spanning-tree mst configuration
region-name B
revision-level 2
instance 1 vlan 200-300
exit
spanning-tree mst instance 1 priority 8192
spanning-tree enable
這裏可以看到,在switch-5上面有意把instance 1的橋優先級降低爲8192.
而switch-4的默認優先級32768沒有進行修改。
所以swtich-5是根橋。
而swtich-5的兩個端口port 0/0/24和port 0/0/25爲指定端口DP,對於switch-4來說,到達根橋switch-5的cost一樣的,而sender ID也一樣,因爲是同一臺交換機的MAC地址。
最後比較的就是端口ID,在圖中已經標示出來,swtich-4的port 0/1端口ID是128.02,而port 0/2的端口ID是128.03,這個是系統自動默認分配的,也可以進行手動修改。
最後128.02小於128.03,所以swtich-4的port 0/2最後被block掉。
最終形成了下面的樹:
最後看輸出結果:
而Region C和Region B是一樣的。這裏就不贅述了。
我們先不看CIST域間破環的原理,光看IST內部的情況如下:(三個region已經都在內部進行了端口的block動作了.)
CIST選舉的原則:
現在,將Region A/B/C分別看成一個交換機.
實際上就是三臺交換機組成了一個簡單的環網了。
每個region爲一個單位.
這裏又會涉及到一個新術語叫Master 端口,前面已經提過:
■Master端口位於整個域到總根的最短路徑上,它是連接域到總根的端口; (實際上,我自己的理解應該說是整個域的域內IST的根橋到總根橋最小cost耗費的路徑接口).
■Alternate端口不僅僅是 Master端口的備份端口,也是域內根端口的備份端口。如果 Master端口被阻塞後,Alternate端口將成爲新的 Master端口;
那麼,到底是怎麼選舉出來的呢?
這裏要回歸到我們並沒有配置的instance 0。
Instance 0就是CIST選舉的根本。
在Region A裏面,實際上我是有意將switch-1的instance 0的優先級也降成最低了的:
Switch-1:
spanning-tree mst configuration
region-name A
revision-level 1
instance 1 vlan 200-300
exit
spanning-tree mst instance 0 priority 4096
spanning-tree mst instance 1 priority 4096
spanning-tree enable
這樣配置以後,swtich-1不僅僅是Region A裏面的內部根橋,而且還是CIST的總根橋(並沒有說總根橋和IST內部根橋一定要在同一個交換機上面,這裏我是爲了圖方便).
對於region B和region C來說,switch-4的port 0/5和switch-6的port0/5都是寫商城100M的鏈路,cost=2W. 所以,這兩個端口,一定都是Master 端口的角色,因爲這兩個端口到根橋的耗費是一樣的。
注意:CIST選舉的時候,一定是隻算域間隔cost,而不會計算域內的cost.這一點一定要注意.
下面來看哪個端口會被block掉。
對於Region B來說,switch-5是根橋,switch-5到總根橋的耗費是:
200000+200000+20000=42W.
而對於region C來說,switch-6是根橋,switch-6到總根橋的耗費是:20W+2W=22W.
所以Region C這臺交換機的NDP端口(非Master端口爲port 0/0/22.最後的角色是DP(FWD).
所以region B的switch-5的port 0/0/26爲Alternate port(DIS).
下面是顯示的結果:
Switch-7-3900
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.bdf8 priority 32768
Region root address 0001.7a4f.4a07 priority 32768
root: 32789, rpc: 200000, epc: 200000, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Flap guard : admin false, max count 5, detect period 10s, recovery period 30s
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 200000 128.021 P2P
port 0/0/21 Alte DIS 200000 128.022 P2P
port 0/0/22 Desg FWD 20000 128.023 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.bdf8 priority 32769/32768
Designated root address 0001.7a4f.4a07 priority 12289
root: 32789, rpc: 200000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 200000 128.021 P2P
port 0/0/21 Alte DIS 200000 128.022 P2P
port 0/0/22 Desg FWD 20000 128.023 P2P
Switch-6-3400
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a4f.4a07 priority 32768
Region root address 0001.7a4f.4a07 priority 32768
root: 32774, rpc: 0, epc: 200000, hop: 20
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0 Desg FWD 200000 128.01 P2P
port 0/1 Desg FWD 200000 128.02 P2P
port 0/5 Root FWD 200000 128.06 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a4f.4a07 priority 12289/12288
Designated root address 0001.7a4f.4a07 priority 12289
root: 0, rpc: 0, hop: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0 Desg FWD 200000 128.01 P2P
port 0/1 Desg FWD 200000 128.02 P2P
port 0/5 Mast FWD 200000 128.06 P2P
swtich-5-4100
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0022.1512.070c priority 32768
Region root address 0001.7a58.0037 priority 32768
root: 32793, rpc: 200000, epc: 200000, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/24 Root FWD 200000 128.25 P2P
port 0/0/25 Alte DIS 200000 128.26 P2P
port 0/0/26 Alte DIS 20000 128.27 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0022.1512.070c priority 8193/8192
Designated root address 0022.1512.070c priority 8193
root: 0, rpc: 0, hop: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/24 Desg FWD 200000 128.25 P2P
port 0/0/25 Desg FWD 200000 128.26 P2P
port 0/0/26 Alte DIS 20000 128.27 P2P
Switch-4-3400
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.0037 priority 32768
Region root address 0001.7a58.0037 priority 32768
root: 32774, rpc: 0, epc: 200000, hop: 20
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/1 Desg FWD 200000 128.02 P2P
port 0/2 Desg FWD 200000 128.03 P2P
port 0/5 Root FWD 200000 128.06 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.0037 priority 32769/32768
Designated root address 0022.1512.070c priority 8193
root: 32770, rpc: 200000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/1 Root FWD 200000 128.02 P2P
port 0/2 Alte DIS 200000 128.03 P2P
port 0/5 Mast FWD 200000 128.06 P2P
最後形成了下面的CIST樹:
下面再來做一個簡單的實驗,現在假設客戶的需求是,CIST block的端口是Region C的switch-6的port0/5.
對於這個需求,實際上,最簡單的做法就是把Region C裏面的switch-6 port 0/5接口下面把cost修改爲一個無窮大的耗費…這樣最終一定是這個接口給discarding掉。
下面,我在regionC的switch-6 port0/5下面進行下面的配置:(cost值是在端口的入方向生效)
在Region C的switch-6 port 0/5的配置如下:
port 0/5
port-type nni
port mode trunk
port trunk allowed vlan all
port trunk pvid vlan 1
spanning-tree mst instance 0 cost 150000000
exit
這樣一來,Region C一共有兩條鏈路通往總根switch-1,一條是直連的switch-6 port 0/5上聯,另外一條鏈路是switch-7 port 0/0/22連接Region B的鏈路。
但是switch-6的port 0/5上聯cost無窮大,所以該鏈路是最次鏈路,所有其他鏈路到總跟的和都不會有該鏈路的cost大,所以switch-6的port 0/5理應被block掉,角色爲alternate port. 狀態是DIsccarding的。
在說Region C的switch-7, port 0/0/22那條鏈路是到總跟最短的鏈路,所以該接口的角色應該是Master 口 for instance 1, 對於Region B來說,switch-4 port 0/5到總跟switch-1的鏈路耗費22W,而交換機 switch-5 port0/0/26到總根swtich-1的耗費爲2W+20W+1.5Y~~~~
最終switch-5的port 0/0/25實際角色應該是NDP. 但是狀態依然是FWD的狀態.
對於Instance 0-來說,所有的選舉和IST內部選舉一樣,所以角色的命令不會攜帶Master這樣的角色. .
好了,下面來看看結果是否和下圖一致:
Swtich-2-3900
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.ebe8 priority 32768
Region root address 0001.7a58.f2d0 priority 4096
root: 32789, rpc: 20000, epc: 0, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Flap guard : admin false, max count 5, detect period 10s, recovery period 30s
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 20000 128.021 P2P
port 0/0/21 Alte DIS 20000 128.022 P2P
port 0/0/22 Desg FWD 200000 128.023 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.ebe8 priority 20481/20480
Designated root address 0001.7a58.f2d0 priority 4097
root: 32789, rpc: 20000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 20000 128.021 P2P
port 0/0/21 Desg FWD 20000 128.022 P2P
port 0/0/22 Desg FWD 200000 128.023 P2P
Switch-3-3900
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.be0c priority 32768
Region root address 0001.7a58.f2d0 priority 4096
root: 32790, rpc: 20000, epc: 0, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Flap guard : admin false, max count 5, detect period 10s, recovery period 30s
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Desg FWD 20000 128.021 P2P
port 0/0/21 Root FWD 20000 128.022 P2P
port 0/0/22 Desg FWD 200000 128.023 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.be0c priority 32769/32768
Designated root address 0001.7a58.f2d0 priority 4097
root: 32790, rpc: 20000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Alte DIS 20000 128.021 P2P
port 0/0/21 Root FWD 20000 128.022 P2P
port 0/0/22 Desg FWD 200000 128.023 P2P
Switch-4-3400
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.0037 priority 32768
Region root address 0001.7a58.0037 priority 32768
root: 32774, rpc: 0, epc: 200000, hop: 20
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/1 Desg FWD 200000 128.02 P2P
port 0/2 Desg FWD 200000 128.03 P2P
port 0/5 Root FWD 200000 128.06 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.0037 priority 32769/32768
Designated root address 0022.1512.070c priority 8193
root: 32770, rpc: 200000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/1 Root FWD 200000 128.02 P2P
port 0/2 Alte DIS 200000 128.03 P2P
port 0/5 Mast FWD 200000 128.06 P2P
Swtich-5-4100
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0022.1512.070c priority 32768
Region root address 0001.7a58.0037 priority 32768
root: 32793, rpc: 200000, epc: 200000, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/24 Root FWD 200000 128.25 P2P
port 0/0/25 Alte DIS 200000 128.26 P2P
port 0/0/26 Desg FWD 20000 128.27 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0022.1512.070c priority 8193/8192
Designated root address 0022.1512.070c priority 8193
root: 0, rpc: 0, hop: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/24 Desg FWD 200000 128.25 P2P
port 0/0/25 Desg FWD 200000 128.26 P2P
port 0/0/26 Desg FWD 20000 128.27 P2P
Switch-7-3900
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a58.bdf8 priority 32768
Region root address 0001.7a58.bdf8 priority 32768
root: 32791, rpc: 0, epc: 220000, hop: 20
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops 20, hold count 6
Flap guard : admin false, max count 5, detect period 10s, recovery period 30s
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Desg FWD 200000 128.021 P2P
port 0/0/21 Desg FWD 200000 128.022 P2P
port 0/0/22 Root FWD 20000 128.023 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a58.bdf8 priority 32769/32768
Designated root address 0001.7a4f.4a07 priority 12289
root: 32789, rpc: 200000, hop: 19
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0/20 Root FWD 200000 128.021 P2P
port 0/0/21 Alte DIS 200000 128.022 P2P
port 0/0/22 Mast FWD 20000 128.023 P2P
重頭戲來了,Region C的switch-6:
Switch-6-3400
#show spanning-tree mst
MST Mode MSTP
MST Instance 00 vlans mapped: 1-199,301-4094
Bridge address 0001.7a4f.4a07 priority 32768
Region root address 0001.7a58.bdf8 priority 32768
root: 32769, rpc: 200000, epc: 220000, hop: 19
Operational hello time 2, forward time 15, max age 20
Configured hello time 2, forward time 15, max age 20, max hops: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0 Root FWD 200000 128.01 P2P
port 0/1 Alte DIS 200000 128.02 P2P
port 0/5 Alte DIS 150000000 128.06 P2P
MST Instance 01 vlans mapped: 200-300
Bridge ID address 0001.7a4f.4a07 priority 12289/12288
Designated root address 0001.7a4f.4a07 priority 12289
root: 0, rpc: 0, hop: 20
Port Role Sts Cost Prio.Nbr Type
-------------------- ----- ---- --------- --------- --------------------------
port 0/0 Desg FWD 200000 128.01 P2P
port 0/1 Desg FWD 200000 128.02 P2P
port 0/5 Alte DIS 200000 128.06 P2P