在這篇博客中,小編要和讀者聊聊有關MSTP——多生成樹的問題,這是網絡維護人員經常要接觸,讀者可能知道,在MSTP(IEEE 802.1s)產生之前有STP(IEEE 802.1d)、和RSTP(IEEE 802.1w)的存在,這三種技術都很好的保證了局域網通信的質量,但是目前企業使用MSTP居多,之所以會出現這種局面,是因爲傳統的生成樹存在諸多問題
圖1-1
1.STP和RSTP,在網絡中進行生成樹計算的時候都沒有考慮到VLAN的情況
2.傳統生成樹的計算結果可能會導致VLAN之間通信的鏈路被阻斷
3.例如上圖中的switchA和switchC之間的鏈路被阻斷
MSTP引出區域和實例的概念,很好的解決了傳統生成樹協議無法解決的問題
1.Instance:一臺交換機的一個或多個Vlan的集合
2.因爲很多Vlan採用一個Vlan實例,可實現預期的負載均衡
3.交換機只運行二個實例,減少交換機系統的資源
圖2-1
4.MST region:有着相同instance 配置的交換機組成的域,運行獨立的生成樹(IST,internal spanning-tree)
圖2-2
5.MST region的劃分
- MST配置名稱(name):最長可用32 個字節長的字符串來標識MSTP region。
- MST revision number:用一個16bit 長的修正值來標識MSTP region。
- MST instance—vlan 的對應表:每臺交換機都最多可以新增64 個instance,instance 0 是強制存在的,用戶還可以按需要分配1-4094 個vlan 屬於不同的instance(0-64),未分配的vlan 缺省就屬於instance 0
- Instance 0 所對應的生成樹稱之爲CIST(Common Instance Spanning Tree)
- 同一個MST區域的交換機的以上配置屬性必須相同
以下小編列出配置華爲MST域的指令,如圖3-1所示:
圖3-1
設定根橋指令,如圖3-2所示
圖3-2
設定根橋優先級
圖3-3
設定備份根橋指令,如圖3-4所示
圖3-4
MSTP運行模式配置
圖3-5
接下來,小編用一個綜合性的案例做詳細的說明
實驗拓撲如圖4-1
圖4-1
Sw-1配置
<sw-1>dis cu
#
sysname sw-1
#
vlan batch 10 20 30 40 //批量創建VLAN
#
stp instance 1 root primary //設置實例1的根橋是SW1
stp instance 2 root secondary //設置實例2的備份根橋是SW1
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration //配置區域
region-name zzu //區域名爲zzu
revision-level 1 //區域的修訂號
instance 1 vlan 10 20 //實例1綁定vlan10,vlan20
instance 2 vlan 30 40 //實例2綁定vlan30,vlan40
active region-configuration //激活區域
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
e-trunk 1
#
interface Eth-Trunk1 //添加聚合端口
#
interface Ethernet0/0/1
port link-type trunk //設置trunk鏈路
port trunk allow-pass vlan 2 to 4094 //允許所有vlan通過
#
interface Ethernet0/0/2 //設置trunk鏈路
port link-type trunk
port trunk allow-pass vlan 2 to 4094 //允許所有vlan通過
interface Ethernet0/0/21
eth-trunk 1 //加入聚合端口
#
interface Ethernet0/0/22
eth-trunk 1 //加入聚合端口
Sw-2配置
<sw-2>dis cu
#
sysname sw-2
#
vlan batch 10 20 30 40 //批量添加vlan
#
stp instance 1 root secondary //設置sw2爲實例1的備份根橋
stp instance 2 root primary //設置sw2爲實例2的根橋
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration //配置區域
region-name zzu //區域名爲zzu
revision-level 1 //區域的修訂號
instance 1 vlan 10 20 //實例1綁定vlan10,vlan20
instance 2 vlan 30 40 //實例2綁定vlan30,vlan40
active region-configuration //激活區域
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Eth-Trunk1 //添加聚合端口
#
interface Ethernet0/0/1
port link-type trunk //設置trunk鏈路
port trunk allow-pass vlan 2 to 4094 //允許所有vlan通過
#
interface Ethernet0/0/2 //設置trunk鏈路
port link-type trunk
port trunk allow-pass vlan 2 to 4094 //允許所有vlan通過
interface Ethernet0/0/21
eth-trunk 1 //加入聚合端口
#
interface Ethernet0/0/22
eth-trunk 1 //加入聚合端口
sw-3配置
<sw-3>dis cu
#
sysname sw-3
#
vlan batch 10 20 30 40
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name zzu
revision-level 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
sw-4配置
<sw-4>dis cu
#
sysname sw-4
#
vlan batch 10 20 30 40
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
stp region-configuration
region-name zzu
revision-level 1
instance 1 vlan 10 20
instance 2 vlan 30 40
active region-configuration
#
drop-profile default
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password simple admin
local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface Ethernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 4094
實驗目的:
將vlan10,vlan20的根交換機設置爲sw-1,將vlan30,vlan40 的根交換機設置爲sw-2
驗證結果
Sw-1的stp及instance信息
<sw-1>dis stp br
MSTID Port Role STP State Protection
0 Ethernet0/0/1 DESI FORWARDING NONE
0 Ethernet0/0/2 DESI FORWARDING NONE
0 Eth-Trunk1 DESI FORWARDING NONE
1 Ethernet0/0/1 DESI FORWARDING NONE
1 Ethernet0/0/2 DESI FORWARDING NONE
2 Ethernet0/0/1 ROOT FORWARDING NONE
2 Ethernet0/0/2 ALTE DISCARDING NONE
<sw-1>dis stp in 1 br
MSTID Port Role STP State Protection
1 Ethernet0/0/1 DESI FORWARDING NONE
1 Ethernet0/0/2 DESI FORWARDING NONE
<sw-1>dis stp in 2 br
MSTID Port Role STP State Protection
2 Ethernet0/0/1 ROOT FORWARDING NONE
2 Ethernet0/0/2 ALTE DISCARDING NONE
Sw-2的stp及instance信息
<sw-2>dis stp br
MSTID Port Role STP State Protection
0 Ethernet0/0/1 ALTE DISCARDING NONE
0 Ethernet0/0/2 DESI FORWARDING NONE
0 Eth-Trunk1 ROOT FORWARDING NONE
1 Ethernet0/0/1 ROOT FORWARDING NONE
1 Ethernet0/0/2 ALTE DISCARDING NONE
2 Ethernet0/0/1 DESI FORWARDING NONE
2 Ethernet0/0/2 DESI FORWARDING NONE
<sw-2>dis stp in 1 br
MSTID Port Role STP State Protection
1 Ethernet0/0/1 ROOT FORWARDING NONE
1 Ethernet0/0/2 ALTE DISCARDING NONE
<sw-2>dis stp in 2 br
MSTID Port Role STP State Protection
2 Ethernet0/0/1 DESI FORWARDING NONE
2 Ethernet0/0/2 DESI FORWARDING NONE
Sw-3的stp及instance信息
<sw-3>dis stp br
MSTID Port Role STP State Protection
0 Ethernet0/0/1 ROOT FORWARDING NONE
0 Ethernet0/0/2 DESI FORWARDING NONE
1 Ethernet0/0/1 ROOT FORWARDING NONE
1 Ethernet0/0/2 DESI FORWARDING NONE
2 Ethernet0/0/1 DESI FORWARDING NONE
2 Ethernet0/0/2 ROOT FORWARDING NONE
<sw-3>dis stp in 1 br
MSTID Port Role STP State Protection
1 Ethernet0/0/1 ROOT FORWARDING NONE
1 Ethernet0/0/2 DESI FORWARDING NONE
<sw-3>dis stp in 2 br
MSTID Port Role STP State Protection
2 Ethernet0/0/1 DESI FORWARDING NONE
2 Ethernet0/0/2 ROOT FORWARDING NONE
Sw-4的stp及instance信息
<sw-4>dis stp br
MSTID Port Role STP State Protection
0 Ethernet0/0/1 ROOT FORWARDING NONE
0 Ethernet0/0/2 ALTE DISCARDING NONE
1 Ethernet0/0/1 ROOT FORWARDING NONE
1 Ethernet0/0/2 DESI FORWARDING NONE
2 Ethernet0/0/1 DESI FORWARDING NONE
2 Ethernet0/0/2 ROOT FORWARDING NONE
<sw-4>dis stp in 1 br
MSTID Port Role STP State Protection
1 Ethernet0/0/1 ROOT FORWARDING NONE
1 Ethernet0/0/2 DESI FORWARDING NONE
<sw-4>dis stp in 2 br
MSTID Port Role STP State Protection
2 Ethernet0/0/1 DESI FORWARDING NONE
2 Ethernet0/0/2 ROOT FORWARDING NONE
整體的實驗結果就是這個樣子,當然最重要的是讀者要理解MSTP提出的區域和實例的概念,理論如果清楚了實驗就不麻煩了,有啥問題請及時聯繫小編哈,走起。。。。。。