交换机 vrrp+mstp配置实例
锐捷tac 贾文宇
一、 组网需求
1、switch a 、switch b选用两台锐捷的s5750 ;switch c 、shwich d 选
用锐捷的 s 3750 和s3760
2、全网共有两个业务vlan ,为 vlan 10 、vlan 20
3、Switch a 、switch b 都分别对两vlan起用两vrrp组,实现两组的业务的负载分担和备份。
4、Switch a、switch b、switch c、switch d 都起用 mstp多生成数协议,并且所有设备都属于同一个mst域,且实例映射一致(vlan 10映射实例1、vlan 20映射实例2 其他vlan映射默认实例0)。
5、Vlan 10业务以switch a为根桥; vlan 20业务以switch b为根桥;实现阻断网络环路,并能实现不同vlan数据流负载分担功能。
二、 组网图
三、 配置步骤
Switch a配置:
s1#show run
Building configuration...
Current configuration : 1651 bytes
!
version RGNOS 10.2.00(2), Release(29287)(Tue Dec 25 20:39:14 CST 2007 -ngcf49)
hostname s1
co-operate enable
!
!
!
vlan 1
!
vlan 10
!
vlan 20
!
!
no service password-encryption
!
spanning-tree 开启生成树(默认为mstp)
spanning-tree mst configuration 进入mst配置模式
revision 1 指定MST revision number 为1
name region1 指定mst配置名称
instance 0 vlan 1-9, 11-19, 21- 4094 缺省情况下vlan都属于实例0
instance 1 vlan 10 手工指定vlan10属于实例1
instance 2 vlan 20 手工指定vlan20属于实例2
spanning-tree mst 1 priority 0 指定实例1的优先级为0(为根桥)
spanning-tree mst 2 priority 4096 指定实例2的优先级为 4096
interface GigabitEthernet 0/1
switchport access vlan 10 配置g0/1属于vlan10
!
interface GigabitEthernet 0/2
switchport access vlan 20 配置g0/2属于vlan 20
!
interface GigabitEthernet 0/3
!
.
.
interface GigabitEthernet 0/24 设置g0/24为trunk接口且允许vlan10/20通过
switchport mode trunk
!
interface VLAN 10 创建vlan 10 svi接口
ip address 192.168.10.1 255.255.255.0 配置ip地址
vrrp 1 priority 120 配置vrrp组1 优先级为120
vrrp 1 ip 192.168.10.254 配置vrrp组 1虚拟ip地址为 192.168.10.254
!
interface VLAN 20 创建vlan 20 svi接口
ip address 192.168.20.1 255.255.255.0 配置ip地址
vrrp 2 ip 192.168.20.254 配置vrrp组 2虚拟ip地址为 192.168.20.254
默认vrrp组的优先级为100默认不显示
!
line con 0
line vty 0 4
login
s1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
---
1 VLAN0001 STATIC Gi0/3, Gi0/4, Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10
Gi0/11, Gi0/12, Gi0/13, Gi0/14
Gi0/15, Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21, Gi0/22
Gi0/23, Gi0/24
10 VLAN0010 STATIC Gi0/1, Gi0/24
20 VLAN0020 STATIC Gi0/2, Gi0/24
Switch b配置:
s2#show run
Building configuration...
Current configuration : 1607 bytes
!
version RGNOS 10.2.00(2), Release(27932)(Thu Dec 13 10:32:09 CST 2007 -ngcf31)
hostname s2
!
!
!
vlan 1
!
vlan 10
!
vlan 20
!
!
no service password-encryption
!
spanning-tree
spanning-tree mst configuration
revision 1
name region1
instance 0 vlan 1-9, 11-19, 21- 4094
instance 1 vlan 10
instance 2 vlan 20
spanning-tree mst 1 priority 4096
spanning-tree mst 2 priority 0
interface GigabitEthernet 0/1
switchport access vlan 10
!
interface GigabitEthernet 0/2
switchport access vlan 20
!
.
.
interface GigabitEthernet 0/24
switchport mode trunk
!
interface VLAN 10
ip address 192.168.10.2 255.255.255.0
vrrp 1 ip 192.168.10.254
!
interface VLAN 20
ip address 192.168.20.2 255.255.255.0
vrrp 2 priority 120
vrrp 2 ip 192.168.20.254
!
line con 0
line vty 0 4
login
!
!
end
s2#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- --------------------------------
---
1 VLAN0001 STATIC Gi0/3, Gi0/4, Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10
Gi0/11, Gi0/12, Gi0/13, Gi0/14
Gi0/15, Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21, Gi0/22
Gi0/23, Gi0/24
10 VLAN0010 STATIC Gi0/1, Gi0/24
20 VLAN0020 STATIC Gi0/2, Gi0/24
Switch c配置:
s3#show run
Building configuration...
Current configuration : 1540 bytes
!
version RGNOS 10.2.00(2), Release(28794)(Fri Dec 21 09:27:15 CST 2007 -ngcf32)
hostname s3
!
vlan 1
!
vlan 10
!
!
service password-encryption
!
spanning-tree
spanning-tree mst configuration
revision 1
name region1
instance 0 vlan 1-9, 11-19, 21- 4094
instance 1 vlan 10
instance 2 vlan 20
spanning-tree mst 1 priority 0
spanning-tree mst 2 priority 4096
interface FastEthernet 0/1
switchport access vlan 10
!
interface FastEthernet 0/2
switchport access vlan 10
!
.
.
interface GigabitEthernet 0/25
!
interface GigabitEthernet 0/26
!
interface GigabitEthernet 0/27
!
interface GigabitEthernet 0/28
!
interface VLAN 10
ip address 192.168.10.3 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.10.254
!
!
line con 0
line vty 0 4
login
Switch d配置:
s4#show run
Building configuration...
Current configuration : 1066 bytes
!
version RGNOS 10.2.00(2), Release(27932)(Thu Dec 13 10:31:41 CST 2007 -ngcf32)
hostname s4
!
vlan 1
!
vlan 20
!
!
no service password-encryption
!
spanning-tree
spanning-tree mst configuration
revision 1
name region1
instance 0 vlan 1-9, 11-19, 21- 4094
instance 1 vlan 10
instance 2 vlan 20
spanning-tree mst 1 priority 4096
spanning-tree mst 2 priority 0
interface GigabitEthernet 0/1
switchport access vlan 20
!
interface GigabitEthernet 0/2
switchport access vlan 20
!
.
.
interface GigabitEthernet 0/12
!
interface VLAN 20
ip address 192.168.20.3 255.255.255.0
!
!
!
!
ip route 0.0.0.0 0.0.0.0 192.168.20.254
!
!
line con 0
line vty 0 4
login
!
四、 查看vrrp、mstp信息
Switch a 信息:
s1#show vrrp 查看vrrp 信息
VLAN 10 - Group 1
State is Master
Virtual IP address is 192.168.10.254 configured
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1 sec
Preemption is enabled
min delay is 0 sec
Priority is 120
Master Router is 192.168.10.1 (local), priority is 120
Master Advertisement interval is 1 sec
Master Down interval is 3 sec
VLAN 20 - Group 2
State is Backup
Virtual IP address is 192.168.20.254 configured
Virtual MAC address is 0000.5e00.0102
Advertisement interval is 1 sec
Preemption is enabled
min delay is 0 sec
Priority is 100
Master Router is 192.168.20.2 , priority is 120
Master Advertisement interval is 1 sec
Master Down interval is 3 sec
s1#
s1#s1#
s1#show spanning-tree interface gigabitEthernet 0/1 查看g0/1接口stp状态信息
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.00d0.f836.ed70
PortDesignatedPort : 8001
PortForwardTransitions : 6
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : designatedPort
###### MST 1 vlans mapped :10
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :0001.00d0.f823.ef82
PortDesignatedPort : 8001
PortForwardTransitions : 5
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : rootPort
###### MST 2 vlans mapped :20
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :1002.00d0.f836.ed70
PortDesignatedPort : 8001
PortForwardTransitions : 4
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : designatedPort
s1#
s1#
s1#show spanning-tree interface gigabitEthernet 0/2 查看g0/2接口stp状态信息
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.00d0.f836.ed70
PortDesignatedPort : 8002
PortForwardTransitions : 5
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : designatedPort
###### MST 1 vlans mapped :10
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :0001.00d0.f836.ed70
PortDesignatedPort : 8002
PortForwardTransitions : 4
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : designatedPort
###### MST 2 vlans mapped :20
PortState : discarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :0002.00d0.f8d7.ae12
PortDesignatedPort : 8002
PortForwardTransitions : 3
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : alternatePort
s1#
s1#
s1#show spanning-tree interface gigabitEthernet 0/24 g0/24接口stp状态信息
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.001a.a909.8fe0
PortDesignatedPort : 8018
PortForwardTransitions : 5
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : rootPort
###### MST 1 vlans mapped :10
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :0001.00d0.f836.ed70
PortDesignatedPort : 8018
PortForwardTransitions : 5
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : designatedPort
###### MST 2 vlans mapped :20
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :0002.001a.a909.8fe0
PortDesignatedPort : 8018
PortForwardTransitions : 4
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : rootPort
s1#
Switch b 信息:
s2#show vrrp
VLAN 10 - Group 1
State is Backup
Virtual IP address is 192.168.10.254 configured
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1 sec
Preemption is enabled
min delay is 0 sec
Priority is 100
Master Router is 192.168.10.1 , priority is 120
Master Advertisement interval is 1 sec
Master Down interval is 3 sec
VLAN 20 - Group 2
State is Master
Virtual IP address is 192.168.20.254 configured
Virtual MAC address is 0000.5e00.0102
Advertisement interval is 1 sec
Preemption is enabled
min delay is 0 sec
Priority is 120
Master Router is 192.168.20.2 (local), priority is 120
Master Advertisement interval is 1 sec
Master Down interval is 3 sec
s2#
s2#
s2#
s2#
s2#
s2#
s2#show spanning-tree interface gigabitEthernet 0/1
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.001a.a909.8fe0
PortDesignatedPort : 8001
PortForwardTransitions : 1
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : designatedPort
###### MST 1 vlans mapped :10
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :0001.00d0.f823.ef82
PortDesignatedPort : 8002
PortForwardTransitions : 2
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : rootPort
###### MST 2 vlans mapped :20
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :0002.001a.a909.8fe0
PortDesignatedPort : 8001
PortForwardTransitions : 1
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : designatedPort
s2#
s2#
s2#
s2#show spanning-tree interface gigabitEthernet 0/2
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.001a.a909.8fe0
PortDesignatedPort : 8002
PortForwardTransitions : 1
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : designatedPort
###### MST 1 vlans mapped :10
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :1001.001a.a909.8fe0
PortDesignatedPort : 8002
PortForwardTransitions : 2
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : designatedPort
###### MST 2 vlans mapped :20
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :0002.001a.a909.8fe0
PortDesignatedPort : 8002
PortForwardTransitions : 1
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : designatedPort
s2#
s2#
s2#
s2#
s2#show spanning-tree interface gigabitEthernet 0/24
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.001a.a909.8fe0
PortDesignatedPort : 8018
PortForwardTransitions : 1
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : designatedPort
###### MST 1 vlans mapped :10
PortState : discarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :0001.00d0.f836.ed70
PortDesignatedPort : 8018
PortForwardTransitions : 1
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : alternatePort
###### MST 2 vlans mapped :20
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :0002.001a.a909.8fe0
PortDesignatedPort : 8018
PortForwardTransitions : 1
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : designatedPort
s2#
Switch c 信息:
s3#show spanning-tree interface fastEthernet 0/1
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : discarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.00d0.f836.ed70
PortDesignatedPort : 8001
PortForwardTransitions : 1
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : alternatePort
###### MST 1 vlans mapped :10
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :0001.00d0.f823.ef82
PortDesignatedPort : 8001
PortForwardTransitions : 1
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : designatedPort
###### MST 2 vlans mapped :20
PortState : discarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :1002.00d0.f836.ed70
PortDesignatedPort : 8001
PortForwardTransitions : 0
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : alternatePort
s3#
s3#
s3#
s3#
s3#show spanning-tree interface fastEthernet 0/2
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.001a.a909.8fe0
PortDesignatedPort : 8001
PortForwardTransitions : 1
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : rootPort
###### MST 1 vlans mapped :10
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :0001.00d0.f823.ef82
PortDesignatedPort : 8002
PortForwardTransitions : 2
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : designatedPort
###### MST 2 vlans mapped :20
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :0002.001a.a909.8fe0
PortDesignatedPort : 8001
PortForwardTransitions : 1
PortAdminPathCost : 200000
PortOperPathCost : 200000
PortRole : rootPort
s3#
Switch d 信息:
s4#show spanning-tree interface gigabitEthernet 0/1
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.001a.a909.8fe0
PortDesignatedPort : 8002
PortForwardTransitions : 1
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : rootPort
###### MST 1 vlans mapped :10
PortState : discarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :1001.001a.a909.8fe0
PortDesignatedPort : 8002
PortForwardTransitions : 1
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : alternatePort
###### MST 2 vlans mapped :20
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :0002.001a.a909.8fe0
PortDesignatedPort : 8002
PortForwardTransitions : 1
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : rootPort
s4#
s4#
s4#
s4#show spanning-tree interface gigabitEthernet 0/2
PortAdminPortFast : Disabled
PortOperPortFast : Disabled
PortAdminAutoEdge : Enabled
PortOperAutoEdge : Disabled
PortAdminLinkType : auto
PortOperLinkType : point-to-point
PortBPDUGuard : Disabled
PortBPDUFilter : Disabled
###### MST 0 vlans mapped :1-9, 11-19, 21- 4094
PortState : discarding
PortPriority : 128
PortDesignatedRoot : 8000.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :8000.00d0.f836.ed70
PortDesignatedPort : 8002
PortForwardTransitions : 1
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : alternatePort
###### MST 1 vlans mapped :10
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0001.00d0.f823.ef82
PortDesignatedCost : 0
PortDesignatedBridge :0001.00d0.f836.ed70
PortDesignatedPort : 8002
PortForwardTransitions : 2
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : rootPort
###### MST 2 vlans mapped :20
PortState : forwarding
PortPriority : 128
PortDesignatedRoot : 0002.001a.a909.8fe0
PortDesignatedCost : 0
PortDesignatedBridge :0002.00d0.f8d7.ae12
PortDesignatedPort : 8002
PortForwardTransitions : 2
PortAdminPathCost : 20000
PortOperPathCost : 20000
PortRole : designatedPort
s4#
FAQ:
1.1 RSTP和MSTP配合为什么有问题
1.1.1 原因分析
由于RSTP/MSTP的指定端口快速迁移机制,即接收到下游的agreement报文才能进行快速迁移。引发这样的问题:上游桥运行RSTP,下游运行MSTP,此时,RSTP不向下游发agreement报文,MSTP的根端口没有接收到agreement报文,则表示MSTP没有同步,这就意味着根端口不向上游RSTP指定端口发agreement。所以,MSTP域内的agreement被抑制,上游RSTP指定端口只能在2倍的Forward Delay延时后Forwarding。
1.1.2 解决办法
将运行MSTP协议的桥作为上游,运行RSTP的桥做下游。因为RSTP的同步不要求根端口接收到上游的agreement,所以在这种情况下上游MSTP指定端口可以接收到下游RSTP根端口发送的agreement,就可以快速迁移了。
1.2 TC报文的来源有哪些
TC报文可能来自于以下几种情况:
(1)连接终端的端口使能了STP,但是没有配置边缘端口,当终端发生重启等情况导致该端口发生链路状态变化时,该端口会产生TC报文并向整个二层网络中传播;
(2)因更改配置参数,网络中设备或链路出现故障等原因,引发STP重计算时,有可能产生TC报文;
(3)来自用户设备的攻击TC报文也可能传入其所接入的二层网络;
1.3 如何抑制TC报文
了解了TC报文的来源,就可以有针对的进行TC的抑止了。主要的措施如下:
(1)连接终端的端口使能了STP,配置边缘端口,同时启用BPDU保护;或者连接终端的端口上去使能STP;或者根据具体应用情况,在连接终端的端口上配置BPDU Drop;
(2)在开局时就做好网络规划。除非征的局方同意,杜绝在现网更改配置参数;
(3)在我司设备的网络和其他厂商用户设备的网络交界处,只有单条路径连接的,在该链路所连端口上配置STP Disable或者BPDU Drop;存在多条路径的,对其异常收TC情况进行监控和检查;
而对于网络中设备或链路出现故障等原因,引发STP重计算,产生的TC报文是正常协议运行的TC报文,不是故障;
1.4 TC报文如何产生和进行转发的
TC报文产生的根源是两个:
(1)设备主动发送;
(2)恶意用户攻击;
设备主动发送TC报文需要满足下面两个条件:
(1)非边缘端口角色从Disable,Alternate,Backupr端口变为Root,Desgin,Master;
(2)端口状态从Discarding变为Forwarding;
设备转发TC报文有两个步骤:
(1)设备从Root,Desgin,Master端口上收到TC报文
(1)向本交换机的所有非边缘的Root,Desgin,Master端口上发送出去;