拓扑1(直连故障解析)
配置
配置交换机生成树协议为STP模式,且设置LSW1的桥优先级为0,LSW2的桥优先级为4096
LSW1
sys
[Huawei]sys LSW1
[LSW1]stp mode stp /设置生成树模式为STP模式
[LSW1]stp pri 0 /设置桥优先级为0LSW2
sys
[Huawei]sys LSW2
[LSW2]stp mode stp
[LSW2]stp pri 4096LSW3
<Huawei>sys
[Huawei]sys LSW3
[LSW3]stp mode stp
查看端口角色
[LSW3]dis stp b
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/2 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 ALTE DISCARDING NONE
[LSW2]dis stp b
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 DESI FORWARDING NONE
[LSW1]dis stp b
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING NONE
0 GigabitEthernet0/0/2 DESI FORWARDING NONE
直连故障端口状态测试
关闭LSW3的GE0/0/2口,查看GE0/0/3口角色,在GE0/0/3口抓包
[LSW3]inte gi 0/0/2
[LSW3-GigabitEthernet0/0/2]shutdown
[LSW3-GigabitEthernet0/0/2]undo shutdown
[LSW3]dis stp b
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/3 ROOT DISCARDING NONE
[LSW3]dis stp b
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/3 ROOT LEARNING NONE
15秒后查看端口角色
[LSW3]dis stp b
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/3 ROOT FORWARDING NONE
LSW3的GE0/0/2口关闭后,LSW3检测到桥端口关闭,GE0/0/3端口进入用户流量转发模式,端口状态从DISCARDING->LEARNING->FORWARDING(华为模拟器问题,在LEARNING状态前应该为Listening,持续时间为15秒),总计30秒,预备端口成功将端口角色转换为桥端口,且端口状态为转发模式
抓包分析
no.42
LSW3的ge0/0/3口进入转发状态后,发送TCN BPDU给树内其他成员,通知拓扑发送变更
no.43
LSW2接收到后发送配置BPDU,flags字段中的TCN ACK和TC字段为置为1,标识接受到了拓扑更新,TC字段标识拓扑更新需要将MAC地址的老化时间设置为Forwad Delay时间(默认15秒)
no.44
LSW2将拓扑更新的消息发送给LSW1,LSW1发送配置BPDU,flags字段中的TCN ACK和TC字段为置为1给LSW2,并且再发送配置BPDU,flags字段中的TCN为1的报文给STP组其他成员,来将组内成员的MAC地址的老化时间设置为Forwad Delay时间(默认15秒)
桥端口
拓扑2(STP边缘端口配置)
配置
PC1配置,PC2参考PC1
配置交换机的生成树协议为stp模式,且设置LSW1为根桥
LSW1
<Huawei>sys
[Huawei]sys LSW1
[LSW1]stp mode stp \配置STP协议模式为STP
[LSW1]stp root primary \配置为主根LSW2
<Huawei>sys
[LSW2]sys LSW2
[LSW2]stp mode stpLSW3
<Huawei>sys
[LSW3]sys LSW3
[LSW3]stp mode stpLSW4
<Huawei>sys
[Huawei]sys LSW4
[LSW4]stp mode stp
配置边缘端口前
重启LSW2的GE0/0/10接口,查看端口状态
PS:由于华为模拟器问题,端口重启后状态应为BLOCKING->Listening->Learning->Forwarding
[LSW2]inte gi 0/0/10
[LSW2-GigabitEthernet0/0/10]shutdown
[LSW2-GigabitEthernet0/0/10]undo shutdown
[LSW2]dis stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 ALTE DISCARDING NONE
0 GigabitEthernet0/0/10 DESI DISCARDING NONE 端口激活后为阻塞状态
[LSW2]dis stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 ALTE DISCARDING NONE
0 GigabitEthernet0/0/10 DESI LEARNING NONE 端口状态进入学习状态,可以收发BPDU数据包,和学习MAC地址表,不能转发业务流量
15秒后再次查看接口状态
[LSW2]dis stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 ALTE DISCARDING NONE
0 GigabitEthernet0/0/10 DESI FORWARDING NONE端口状态为转发模式,可以收发BPDU和业务数据
LSW3的GE0/0/10和GE0/0/11同理,需要等待端口转发状态才能转发业务流量,两个15秒,边缘端口连接PC终端,端口类型都为DP端口的Forwarding状态,设置边缘端口后可以直接激活端口进入DP端口的Forwarding状态
配置边缘端口后重启端口,查看端口状态
[LSW2]inte gi 0/0/10
[LSW2-GigabitEthernet0/0/10]stp edged-port enable 开启边缘端口
[LSW2-GigabitEthernet0/0/10]shutdown
[LSW2-GigabitEthernet0/0/10]undo shutdown
[LSW2]dis stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 ALTE DISCARDING NONE
0 GigabitEthernet0/0/10 DESI FORWARDING NONE 端口状态直接为Forwarding且为DP口
LSW3的GE0/0/10和GE0/0/11口同理
[LSW3]inte gi 0/0/10
[LSW3-GigabitEthernet0/0/10]stp edged-port enable
[LSW3-GigabitEthernet0/0/1]inte gi 0/0/11
[LSW3-GigabitEthernet0/0/11]stp edged-port enable
配置边缘端口保护前
配置边缘端口前,边缘端口接受到BPDU报文将退出边缘端口状态,再次进入STP端口选举,重启GE0/0/11口查看端口状态
[LSW3]inte gi 0/0/11
[LSW3-GigabitEthernet0/0/11]shutdown
[LSW3-GigabitEthernet0/0/11]undo shutdown
[LSW3]dis stp b
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/2 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 DESI FORWARDING NONE
0 GigabitEthernet0/0/10 DESI FORWARDING NONE
0 GigabitEthernet0/0/11 DESI FORWARDING NONE 端口状态为正常转发模式
重启LSW4的GE0/0/1端口,重启后会发送BPDU报文,LSW3 GE0/0/11会接受到
[LSW4]inte ge 0/0/1
[LSW4-GigabitEthernet0/0/1]shutdown
[LSW4-GigabitEthernet0/0/1]undo shutdown
查看LSW3的GE0/0/11的端口状态,有BLOCKING->Learning->Fowarding(PS:模拟器问题,按理应该还要Listening在blocking状态之后)
[LSW3]dis stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/2 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 DESI FORWARDING NONE
0 GigabitEthernet0/0/10 DESI FORWARDING NONE
0 GigabitEthernet0/0/11 DESI BLOCKING NONE
[LSW3]dis stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/2 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 DESI FORWARDING NONE
0 GigabitEthernet0/0/10 DESI FORWARDING NONE
0 GigabitEthernet0/0/11 DESI Learning NONE
15秒后
[LSW3]dis stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/2 ROOT FORWARDING NONE
0 GigabitEthernet0/0/3 DESI FORWARDING NONE
0 GigabitEthernet0/0/10 DESI FORWARDING NONE
0 GigabitEthernet0/0/11 DESI FORWARDING NONE
配置边缘端口保护后
配置边缘端口保护后,边缘端口收到BPDU报文会直接关闭边缘端口,防止外来交换机恶意加入
[LSW3]stp bpdu-protection
重启LSW4的GE0/0/1口后观察LSW3的GE0/0/11口状态
[LSW4-GigabitEthernet0/0/1]shutdown
[LSW4-GigabitEthernet0/0/1]undo shutdown
Sep 10 2023 23:21:24-08:00 LSW4 %%01PHY/1/PHY(l)[13]: GigabitEthernet0/0/1: c
hange status to up
Sep 10 2023 23:21:24-08:00 LSW4 %%01IFNET/4/IF_STATE(l)[14]:Interface Vlanif1 ha
s turned into UP state.
Sep 10 2023 23:21:26-08:00 LSW4 %%01PHY/1/PHY(l)[15]: GigabitEthernet0/0/1: c
hange status to down
Sep 10 2023 23:21:26-08:00 LSW4 %%01IFNET/4/IF_STATE(l)[16]:Interface Vlanif1 ha
s turned into DOWN state.端口启动后接关闭了,端口重新激活后发送BPDU报文,保护机制直接关掉链路了
Sep 10 2023 23:21:28-08:00 LSW4 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.2
5.191.3.1 configurations have been changed. The current change number is 12, the
change loop count is 0, and the maximum number of records is 4095.