MSTP Configuration Guide

introduction introduction mstp (multiple spanning tree protocol) is a kind of spanning tree protocol developed on the basis of stp/rstp proposed in ieee802 1s, it inherits all the advantages of stp/rstp while solving the problem of idle links in stp/rstp by binding most stp instances to a few vlans this means that by forming multiple trees without loops, broadcast storms are resolved and redundant backups are achieved multiple spanning trees achieve load balancing between vlans, with traffic from different vlans forwarded in different paths basic concepts basic concepts mstp principle mstp principle the principle and calculation method of mstp is the same as stp/rstp the basic idea is to prune the ring network into an acyclic tree by comparing priorities and connecting each sub priority device in turn from the highest priority root node (root) in the network mstp domain mstp domain unlike stp/rstp the concept of domain is introduced in mstp, dividing the whole network into different domains, consisting of multiple switching devices in the switching network and the segments between them the switches in the same mst domain have the following characteristics both activated mstp both activated mstp has the same domain name has the same domain name has the same vlan to spanning tree instance mapping configuration has the same vlan to spanning tree instance mapping configuration has the same mstp revision level configuration has the same mstp revision level configuration multiple mst domains can exist in a lan, and each mst domain is physically connected to each other directly or indirectly users can divide multiple switching devices into the same mst domain by using the mstp configuration command the configuration resulted in the three domains region 1 to 3 as shown in mstp instance 0 has a special meaning and is called cisti (common and internal spanning tree instance) and the rest of the spanning trees are called msti (multiple spanning tree instance) by default all vlans are bound to the cisti, ensuring the security of the entire network cist is a single spanning tree that connects all switching devices within a switching network, generated by stp or rstp protocol calculations the ist (internal spanning tree) plus the cst (common spanning tree) of all mst domains form a complete spanning tree, or cist, which is expressed as an ist within a domain, where the switches within the domain are computationally pruned to obtain a spanning tree, and as a cst between domains, where each domain is treated as a single node and a spanning tree is obtained by pruning each domain through calculation from the figure it can be seen that cist prunes the ring network into a tree within the domain separately and the entire network is pruned into a loop free tree in the unit of domain between domains due to the introduction of domains and instances, there are two types of root nodes in mstp the total root, and the domain root the total root is a global concept, relative to all interconnected stp/rstp/mstp devices with only one total root, and is also the root of the cist the domain root is a local concept relative to a specific instance of a specific domain s1 is the total root and also the domain root of instance0 in region 1 mstp message mstp message mstp uses the multiple spanning tree bridge protocol data unit (mst bpdu) as the basis for spanning tree calculations, and mst bpdu messages are used to calculate the spanning tree topology, maintain the network topology and communicate topology change records the message format is as follows for both intra domain mst bpdu and inter domain one, the first 35 bytes are the same as for rst bpdus from the 36th byte onwards is the mstp proprietary field the final msti configuration information field is concatenated by a number of msti configuration information groups the key messages in the mst bpdu are shown in the table below table table 1 mst bpdu key messages mst bpdu key messages field length significance protocol id 2 0x00 indicates the stp family of protocols, including stp, rstp, mstp protocol version id 1 0x 00 for stp, 0x02 for rstp, 0x03 for mstp bpdu type 1 0x00 for configure, 0x02 for rstp or mstp, 0x80 for tcn flag 1 identification by bit, topology change and p/a bit, role are in it root id 8 cist root id extenal path cost 4 cist external path cost regional root id 8 the root id in this region port id 2 port id of the sending port message age 2 message ageing value max age 2 maximum message aging value hello time 2 time interval for sending bpdus forward delay 2 status switching interval version1 length = 0 1 this is the end of rstp, the next code is mstp version3 length 1 length of version3 mst configure id 51 identifies the mst domain in which it is located cist internal root path cost 4 cist internal path cost cist bridge id 8 cist bridge id cist remaining hops 1 cist remaining hops msti configure message the configuration of the msti, describing the individual msti instances in turn this field is not available when there is no msti the code for the mst configure id is as follows table 2 table 2 mst mst configure id field length significance configure id format selector 1 use 0x00 directly configure name 32 name revision level 2 no specific requirements, for simplicity, use 0 in sonic configure digest 16 the summary information of all msti and vlan mappings on this bridge the code for the msti configure message is as follows table 3 table 3 mst mst configure message code message code field length significance msti flags 1 marking by position msti regional root identifier 8 domain root msti internal root path cost 4 intra domain path cost msti bridge priority 1 intra domain bridge priority msti port priority 1 intra domain port priority msti remaining hops 1 msti's remaining hops mstp topology calculation principles mstp topology calculation principles mstp divides the entire network into multiple mst domains, treating each domain as a node each mst region is computed based on the stp or rstp algorithm and generates cst (a single spanning tree) the mstp vector priority is calculated as follows \[table 42] shown here table 4 mstp vector priorities table 4 mstp vector priorities priority vector name description rootbridge id the root bridge id is used to select the root bridge in the cist the corresponding bridge id in the bpdu is calculated as priority (l6bits) + mac (48bits) external route path cost (erpc) the path cost from the mst domain root to the total root the external route path cost saved on all switches in the mst domain is the same if the cist root bridge is in the domain, the external route path cost saved on all switches in the domain is 0 domain root id also commonly referred to as the msti tree root, the domain root id is used to select the root of the tree in msti it is also elected by the bridge id and is calculated as priority (l6bits) + mac (48bits) internal route path cost (irpc) the route path cost for this switch to reach the domain root bridge the internal route path cost value kept by the domain edge port is greater than (the lower the priority) the internal route path cost kept by the non domain edge port designated bridge the designated bridge for a cist or msti instance is the nearest upstream switch to the domain root for this switch if this switch is the master root or domain root, the designated bridge is its own designated port the port on the designated bridge that is connected to the root port of this switch is the designated port its port id (port id) = priority (8 bits) + port number (8 bits) receiving ports the port priority must be an integer multiple of 16 for the port that received the bpdu message its port id (port id) = priority (8 bits) + port number (8 bits) port priority must be an integer multiple of 16 the minimum vector has the highest priority and the rules for comparison are as follows first, compare the root bridge ids if the root bridge ids are the same, then compare the erpc if the erpc is still the same, then compare the domain root id if the domain root id is still the same, then compare the irpc if the irpc is still the same, compare the specified bridge id if the specified bridge id is still the same, compare the specified port id if the specified port id is still the same, compare the receiving port id calculation of cist after configuration message exchange comparison, a switch with the highest priority in the entire network is first selected as the root of the cist tree, and then the ist is computed within each mst domain by the mstp protocol algorithm; at the same time mstp treats each mst domain as a single switch and computes the cst between mst domains by the stp or rstp protocol algorithm the cst and ist form the cist for the entire switch network calculation of msti within the mst domain, mstp generates different spanning tree instances for different vlans based on the mapping relationship between vlans and spanning tree instances, with the following characteristics (1) each msti computes its own spanning tree independently, without interfering with each other (2) the spanning tree calculation method for each msti is essentially the same as for the rstp (3) each msti spanning tree can have a different root and a different topology (4) each msti sends bpdu within its own spanning tree (5) the topology of each msti is determined by command configuration (not automatically generated) (6) the spanning tree parameters can be different for each port on different mstis (7) the role and status of each port can be different on different mstis msti spanning tree algorithm implementation at the beginning, each port of each switch generates a configuration message with its own switch as the root bridge, where the root path cost is 0, the specified bridge id is its own switch id and the specified port is this port each switch sends its own configuration message out and performs the following operations upon receipt of other configuration messages (1) when a port receives a configuration message with a lower priority than its own (the comparison of priorities is based on the vector priority comparison rules described earlier), the switch discards the received configuration message and does not do anything with the configuration message for that port (2) when a port receives a configuration message with a higher priority than the configuration message of this port, the switch replaces the contents of the configuration message of that port with the contents of the received configuration message; then the switch compares the configuration message of that port with the configuration messages of other ports on the switch and selects the best configuration message the steps to calculate a spanning tree are as follows (1) elect the root bridge this step is performed by comparing the tree root ids of configuration messages sent by all switches, and the switch with the lowest tree root id value is the cist root bridge, or the mst domain root bridge (2) elect the root port on a non root bridge each non root bridge designates the port that receives the optimal configuration message as the root port of its own switch (3) election of the designated port in this step there are two further sub steps as follows first, the switch calculates a standard designated port configuration message for each port based on the root port's configuration message and the root port's path cost replace the tree root id with the tree root id in the root port configuration message, replace the root path overhead with the root path overhead in the root port configuration message plus the path overhead of the root port, replace the specified bridge id with the id of its own switch, and replace the specified port id with its own port id the switch then compares the configuration message calculated by the above rules with the original configuration message on the corresponding port if the original configuration message on the port is better, the switch blocks the port and the configuration message on the port remains unchanged, and the port will no longer forward data and will only receive configuration messages (equivalent to the root port); if the configuration message calculated by the above replacement is better than the original configuration message on the port, the switch sets the port as the designated port and the configuration message on the port is replaced with the configuration message calculated by the above replacement and is sent out periodically (4) after the msti spanning tree topology converges, bpdus are sent periodically according to the hello timer regardless of whether the non root bridge receives information from the root bridge if a port does not receive bpdus from the specified bridge (the higher level switch it is connected to) for 3 consecutive hello times (the default setting), then the switch considers the link with this neighbor has failed mstp's handling of topology changes mstp's handling of topology changes the criterion for detecting a topology change in mstp is based on whether the state of non edge port has migrated to the forwarding state, and if it has, a topology change occurs once the switch detects a topology change, it proceeds as follows starts a tc while timer (which is twice the value of hello time) for all non edge designated ports on this switch and clears the incoming mac addresses for these ports during this time if it is a state change on the root port, the root port is started these ports where a state change has occurred send out tc bpdus in which the tc is set until the tc while timer times out the root port always has to send such tc bpdus the other switches receive the tc bpdus and perform the following processing clear all mac addresses learned by the port, except for ports that receive tc bpdus start the tc while timer for all own non edge assigned ports and root port and repeat the process mstp configuration mstp configuration the priority of mstp configuration is bpdu protection > bpdu filtering > mstp edge interface (and normal mstp calculation process) if bpdu protection and bpdu filtering are enabled at the same time, bpdu protection takes effect and the interface goes down after receiving the message with bpdu protection or bpdu filtering enabled, the mstp edge interface will never lose its edge interface role mstp default setting mstp default setting the default setting of mstp is shown in the table below table 5 mstp default setting table 5 mstp default setting parameters default value spanning tree protocol working mode mstp mode mstp functionality the global mstp function is enabled, and the mstp function of the port is enabled priority of instance 8 priority of the port 128 calculation of path overhead dot1t, the ieee 802 1t standard forward delay time 15 seconds hello time 2 seconds max age time 20 seconds auto edge port enabled bpdu filter disabled bpdu guard disabled mstp global switch mstp global switch table 6 mstp global switch table 6 mstp global switch purpose commands description enter global configuration view configure terminal enable global mstp mstp state enable disable global mstp mstp state disable configure mstp attributes configure mstp attributes table 7 configure mstp attributes table 7 configure mstp attributes purpose commands description enter global configuration view configure terminal configure mstp forward delay mstp forward delay time time delay time, range 4 30 configure the mstp hello packet delivery interval mstp hello time time interval time, range 1 10 configure mstp aging time mstp max age time time ageing time, range 10 1000000 configure the mstp domain mstp name name specify the bridge mac bridge mac hh\ hh\ hh\ hh\ hh hh configure mstp instance configure mstp instance table 8 configure mstp instance table 8 configure mstp instance purpose commands description enter global configuration view configure terminal create an instance and enter the instance configuration view mstp instance instance id name name of the instance bind vlan vlan vlan id vlan id vlan id set instance priority priority priority instance priority, with a value range of \[0,15] and a default value of 8 the smaller the value, the higher the priority set port priority in the instance interface priority priority interface \[ ethernet | link aggregation ] interface name interface priority, with a value range of \[0,15] and a default value of 8 the smaller the value, the higher the priority configure mstp edge port configure mstp edge port the auto edge interface feature is enabled by default on all layer 2 ports an interface with auto edge enabled does the following things when its state changes from down to up waiting for 3 seconds and trying to receive bpdus; if no bpdu is received, it becomes an edge port and will lose edge port role the first time it receives a bpdu thereafter table 9 configure mstp edge port table 9 configure mstp edge port purpose commands description enter global configuration view configure terminal enable mstp auto edge for the interface mstp auto edge enable interface { ethernet | link aggregation } interface name disable auto edge port mstp auto edge disable interface { ethernet | link aggregation } interface name if you do not assign it as a manual edge port, it will lose edge port role enable mstp manual edge for the interface mstp edge port enable interface { ethernet | link aggregation } interface name manual edge port is disabled by default on all layer 2 ports when a manual edge port is enabled on an interface, it immediately becomes an edge port until it receives a bpdu message the priority of manual edge port configuration is higher than auto edge port, that is, when manual edge port is enabled, auto edge port configuration is invalid disable mstp manual edge port mstp edge port disable interface { ethernet | link aggregation } interface name enable bpdu filtering enable bpdu filtering this command will enable mstp at interface level and determine whether the interface participates in mstp protocol operation the interface to be operated should be a layer 2 port, and mstp should be enabled before configuration by default, mstp is enabled on all layer 2 interfaces after this function is enabled, the interface will not participate in mstp protocol operation, and there will be a risk of loops, therefore, please take caution table 10 enable bpdu filtering table 10 enable bpdu filtering purpose commands description enter global configuration view configure terminal enable bpdu filtering for the interface mstp bpdu filter enable interface { ethernet | link aggregation } interface name disable bpdu filtering mstp bpdu filter disable interface { ethernet | link aggregation } interface name enable bpdu guard enable bpdu guard when the interface is enabled with bpdu message protection, it will be admin down if received a bpdu table 11 enable bpdu guard table 11 enable bpdu guard purpose commands description enter global configuration view configure terminal enable bpdu guard for the interface mstp bpdu guard enable interface { ethernet | link aggregation } interface name disable bpdu guard mstp bpdu guard disable interface { ethernet | link aggregation } interface name display and maintenance display and maintenance table 12 mstp display and maintenance table 12 mstp display and maintenance purpose commands description show msti status show mstp bridge show the status information of interface in cist show mstp brief \[{ ethernet | link aggregation } interface name ] show detailed status information of ports in cist show mstp interface \[{ ethernet | link aggregation } interface name ] show summary information of the mst domain configuration currently in effect on the device show mstp mstconfid show mstp status information show mstp status show the msti status of a given mstp instance show mstp tree instance id show detailed information on msti port status show mstp treeport { ethernet | link aggregation } interface name instance instance id typical configuration example typical configuration example mstp function configuration mstp function configuration networking requirements in a complex network, due to the need for redundancy and backup, network planners generally tend to deploy multiple physical links between devices, with one serving as the primary link and the others as backup links this inevitably results in loops, which, if present in the network, may cause broadcast storms and corrupt mac table entries for this reason, loops can be prevented by deploying the mstp protocol, which blocks redundant links in the layer 2 network and prunes the network into a tree to eliminate loops mstp runs on the three devices to implement load balancing between vlan40 and vlan41, mstp introduces multiple instances mstp can set up vlan mapping tables to associate vlans with spanning tree instances topology procedure \#configure vlans switch a sonic# config terminal sonic(config)# vlan 40 sonic(config)# vlan 41 sonic(config)# interface ethernet 40/0 sonic(config if 0/40)# switchport access vlan 40 sonic(config if 0/40)# switchport trunk vlan 41 sonic(config)# interface ethernet 41/0 sonic(config if 0/41)# switchport access vlan 40 sonic(config if 0/41)# switchport trunk vlan 41 switch b sonic# config terminal sonic(config)# vlan 40 sonic(config)# vlan 41 sonic(config)# interface ethernet 40/0 sonic(config if 0/40)# switchport access vlan 40 sonic(config if 0/40)# switchport trunk vlan 41 sonic(config)# interface ethernet 41/0 sonic(config if 0/41)# switchport access vlan 40 sonic(config if 0/41)# switchport trunk vlan 41 sonic(config)# interface ethernet 42/0 sonic(config if 0/42)# switchport access vlan 40 sonic(config if 0/42)# switchport trunk vlan 41 switch c sonic# config terminal sonic(config)# vlan 40 sonic(config)# vlan 41 sonic(config)# interface ethernet 40/0 sonic(config if 0/40)# switchport access vlan 40 sonic(config if 0/40)# switchport trunk vlan 41 sonic(config)# interface ethernet 41/0 sonic(config if 0/41)# switchport access vlan 40 sonic(config if 0/41)# switchport trunk vlan 41 sonic(config)# interface ethernet 42/0 sonic(config if 0/42)# switchport access vlan 40 sonic(config if 0/42)# switchport trunk vlan 41 \#mstp configuration switch a sonic# config terminal sonic(config)# mstp enable sonic(config)# mstp name region1 sonic(config)# mstp instance 40 sonic(config mstp instance 40)# vlan 40 sonic(config mstp instance 40)# priority 1 sonic(config)# mstp instance 41 sonic(config mstp instance 41)# vlan 41 switch c sonic# config terminal sonic(config)# mstp enable sonic(config)# mstp name region1 sonic(config)# mstp instance 40 sonic(config mstp instance 40)# vlan 40 sonic(config mstp instance 40)# priority 1 sonic(config)# mstp instance 41 sonic(config mstp instance 41)# vlan 41 sonic(config mstp instance 41)# interface priority 2 interface ethernet 0/42 sonic(config mstp instance 41)# interface priority 4 interface ethernet 0/40 switch b sonic# config terminal sonic(config)# mstp enable sonic(config)# mstp name region1 sonic(config)# mstp instance 40 sonic(config mstp instance 40)# vlan 40 sonic(config mstp instance 40)# priority 1 sonic(config)# mstp instance 41 sonic(config mstp instance 41)# vlan 41 verify the configuration sonic# show mstp role flags root root, desg designated, altn alternate, back backup, mstr master, disa disabled state flags disc discard/blocking/listening, lear learning, forw forwarding spanning tree mode mstp vlan mst instance port role state \ vlan40 40 ethernet40(desg)(forw) ethernet41(desg)(forw) vlan41 41 ethernet40(root)(forw) ethernet41(desg)(forw) send the stream to verify send mutual traffic between ports to see how traffic is sent and received vlan no traffic forwarding results 40 1 ports 41, 40 on switch a forwarding traffic in vlan 40 2 port 41 on switch b forwarding traffic in vlan 40 3 ports 40,42 on switch b not forwarding traffic in vlan 40 4 ports 40, 41, 42 on switch c forwarding traffic in vlan 40 41 5 ports 41, 40 on switch a forwarding traffic in vlan 41 6 ports 40, 41, 42 on switch b , all forwarding traffic in vlan 41 7 port 42 on switch c forwards traffic in vlan 41 8 ports 40, 41 on switch c not forwarding traffic in vlan 41