No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring MSTP

Configuring MSTP

This section describes the MSTP configuration.

Configuring Basic MSTP Functions

MSTP based on the basic STP/RSTP function divides a switching network into multiple regions, each of which has multiple spanning trees that are independent of each other. MSTP isolates different VLANs' traffic, and load-balances VLAN traffic.

Context

MSTP is commonly configured on switching devices to trim a ring network to a loop-free network. Devices start spanning tree calculation after the working mode is set and MSTP is enabled. Use any of the following methods if you need to intervene in the spanning tree calculation:

  • Manually configure the root bridge and secondary root bridge.

  • Set a priority for a switching device in an MSTI: The lower the numerical value, the higher the priority of the switching device and the more likely the switching device becomes a root bridge; the higher the numerical value, the lower the priority of the switching device and the less likely that the switching device becomes a root bridge.

  • Set a path cost for a port in an MSTI: With the same calculation method, the lower the numerical value, the smaller the cost of the path from the port to the root bridge and the more likely the port becomes a root port; the higher the numerical value, the larger the cost of the path from the port to the root bridge and the less likely that the port becomes a root port.

  • Set a priority for a port in an MSTI: The lower the numerical value, the more likely the port becomes a designated port; the higher the numerical value, the less likely that the port becomes a designated port.

Configuring the MSTP Mode

Context

Before configuring basic MSTP functions, set the working mode of a switching device to MSTP. MSTP is compatible with STP and RSTP.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp mode mstp

    The working mode of the switching device is set to MSTP. By default, the working mode is MSTP.

    STP and MSTP cannot recognize packets of each other, but MSTP and RSTP can. If an MSTP-enabled switching device is connected to switching devices running STP, interfaces of the MSTP-enabled switching device connected to devices running STP automatically transition to STP mode, and other interfaces still work in MSTP mode. This enables devices running different spanning tree protocols to interwork with each other.

Configuring and Activating an MST Region

Context

An MST region contains multiple switching devices and network segments. These switching devices are directly connected and have the same region name, same VLAN-to-instance mapping, and the same configuration revision number after MSTP is enabled. One switching network can have multiple MST regions. You can use MSTP commands to group multiple switching devices into one MST region.

NOTE:
Two switching devices belong to the same MST region when they have the same:
  • Name of the MST region

  • Mapping between VLANs and MSTIs

  • Revision level of the MST region

Perform the following steps on a switching device that needs to join an MST region.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp region-configuration

    The MST region view is displayed.

  3. Run:

    region-name name

    The name of an MST region is configured.

    By default, the MST region name is the MAC address of the management network interface on the MPU of the switching device.

  4. Perform either of the following steps to configure VLAN-to-instance mappings.

    • Run the instance instance-id vlan { vlan-id1 [ to vlan-id2 ] }&<1-10> command to configure VLAN-to-instance mappings.

    • Run the vlan-mapping modulo modulo command to enable VLAN-to-instance mapping assignment based on a default algorithm.

    By default, all VLANs in an MST region are mapped to MSTI 0.

    NOTE:
    • The VLAN-to-instance mappings generated using the vlan-mapping modulo modulo commands cannot meet network requirements. It is recommended that you run the instance instance-id vlan { vlan-id1 [ to vlan-id2 ] }&<1-10> command to configure VLAN-to-instance mappings.

    • The vlan-mapping modulo specifies the formula (VLAN ID-1)%modulo+1. In the formula, (VLAN ID-1)%modulo means the remainder of (VLAN ID-1) divided by the value of modulo. This formula is used to map a VLAN to the corresponding MSTI. The calculation result of the formula is the ID of the mapping MSTI.

  5. (Optional) Run:

    revision-level level

    The MSTP revision number is set.

    By default, the MSTP revision number is 0.

    If the revision number of the MST region is not 0, this step is necessary.

    Changing MST region configurations (especially change of the VLAN mapping table) triggers spanning tree recalculation and causes route flapping. Therefore:

    • After configuring an MST region name, VLAN-to-instance mappings, and an MSTP revision number, run the check region-configuration command in the MST region view to verify the configuration. After confirming the region configurations, run the active region-configuration command to activate MST region configurations.
    • You are advised not to modify MST region parameters after the MST region is activated.

  6. Run:

    active region-configuration

    MST region configurations are activated so that the configured region name, VLAN-to-instance mappings, and revision number can take effect.

    If this step is not done, the preceding configurations cannot take effect.

    If you have changed MST region configurations on the switching device after MSTP starts, run the active region-configuration command to activate the MST region so that the changed configurations can take effect.

(Optional) Configuring the Root Bridge and Secondary Root Bridge

Context

The root bridge can be calculated through calculation. You can also manually configure the root bridge or secondary root bridge.
  • A switching device plays different roles in different spanning trees. The switching device can function as the root switch or secondary root switch of a spanning tree and the root switch or secondary root switch of another spanning tree. The switching device can function as only the root switch or secondary root switch of the same spanning tree.
  • In a spanning tree, only one root bridge takes effect. When two or more than two devices are specified as root bridges of a spanning tree, the device with the smallest MAC address is used as the root bridge.
  • You can specify multiple secondary root bridges for each spanning tree. When the root bridge fails or is powered off, the secondary root bridge becomes the new root bridge. If a new root bridge is specified, the secondary root bridge will not become the root bridge. If multiple secondary root bridges are configured, the secondary root bridge with smallest MAC address will become the root bridge of the spanning tree.
NOTE:
It is recommended that the root bridge and secondary root bridge be configured manually.

Procedure

  • Perform the following operations on the device to be used as the root bridge.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      stp [ instance instance-id ] root primary

      The device is configured as the root bridge.

      By default, a switching device does not function as the root bridge. After the configuration is complete, the BID of the device is 0 and cannot be changed.

      If instance is not specified, the device in MSTI 0 is a root bridge.

  • Perform the following operations on the device to be used as the secondary root bridge.
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      stp [ instance instance-id ] root secondary

      The device is configured as the secondary root bridge.

      By default, a switching device does not function as the secondary root bridge. After the configuration is complete, the BID of the device is 4096 and cannot be changed.

      If instance is not specified, the device in MSTI 0 is a backup root bridge.

(Optional) Configuring a Priority for a Switching Device in an MSTI

Context

In an MSTI, there is only one root bridge, which is the logic center of the MSTI. During root bridge selection, a high-performance switching device at a high network layer should be selected as the root bridge; however, the priority of such a device may not be the highest on the network. It is therefore necessary to set a high priority for the switching device to ensure that the device functions as a root bridge.

Low-performance devices at lower network layers are not fit to serve as a root bridge. Therefore, set low priorities for these devices.

A switching device with a high priority is more likely to be selected as the root bridge in an MSTI. A smaller priority value indicates a higher priority.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp [ instance instance-id ] priority priority

    A priority is set for the switching device in an MSTI.

    The default priority value of the switching device is 32768.

    If the instance-id is not designated, a priority is set for the switching device in MSTI0.

    NOTE:

    If the stp [ instance instance-id ] root primary or stp [ instance instance-id ] root secondary command has been executed to configure the device as the root bridge or secondary root bridge, to change the device priority, run the undo stp [ instance instance-id ] root command to disable the root bridge or secondary root bridge function and run the stp [ instance instance-id ] priority priority command to set a priority.

(Optional) Configuring a Path Cost of a Port in an MSTI

Context

A path cost is port-specific and is used by MSTP to select a link.

Path costs of ports are an important basis for calculating spanning trees. If you set different path costs for a port in different MSTIs, VLAN traffic can be transmitted along different physical links for load balancing.

The MSTP path cost determines root port selection in an MSTI. The port with the lowest path cost to the root bridge is selected as the root port.

In the Huawei calculation method for example, the link rate determines the recommended value for the path cost. The following table lists the recommended path costs for ports with different link rates.
Table 7-39  Mappings between link rates and path cost values

Link Rate

Recommended Path Cost

Recommended Path Cost Range

Path Cost Range

10 Mbit/s

2000

200 to 20000

1 to 200000

100 Mbit/s

200

20 to 2000

1 to 200000

1 Gbit/s

20

2 to 200

1 to 200000

10 Gbit/s

2

2 to 20

1 to 200000

Higher than 10 Gbit/s

1

1 to 2

1 to 200000

If a network has loops, it is recommended that you set a relatively large path cost for ports with low link rates. MSTP then blocks these ports.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp pathcost-standard { dot1d-1998 | dot1t | legacy }

    A path cost calculation method is configured.

    By default, the IEEE 802.1t standard (dot1t) is used to calculate the default path cost.

    All switching devices on a network must use the same path cost calculation method.

  3. Run:

    interface interface-type interface-number

    The Ethernet interface view is displayed.

  4. Run:

    stp instance instance-id cost cost

    A path cost is set for the port in the current MSTI.

    • When the Huawei calculation method is used, cost ranges from 1 to 200000.
    • When the IEEE 802.1d standard method is used, cost ranges from 1 to 65535.
    • When the IEEE 802.1t standard method is used, cost ranges from 1 to 200000000.

(Optional) Configuring a Port Priority in an MSTI

Context

During spanning tree calculation, port priorities in MSTIs determine which ports are selected as designated ports.

To block a port in an MSTI to eliminate loops, set the port priority value to larger than the default value. This port will be blocked during designated port selection.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface interface-type interface-number

    The Ethernet interface view is displayed.

  3. Run:

    stp instance instance-id port priority priority

    A port priority is set in an MSTI.

    By default, the port priority is 128.

    The value range of the priority is from 0 to 240, in steps of 16.

Enabling MSTP

Context

After configuring basic MSTP functions on a switching device, enable MSTP function.

After MSTP is enabled on a ring network, it immediately calculates spanning trees on the network. Configurations on the switching device, such as, the switching device priority and port priority, will affect spanning tree calculation. Any change to the configurations may cause network flapping. Therefore, to ensure rapid and stable spanning tree calculation, perform basic configurations on the switching device and its ports and enable MSTP.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp enable

    MSTP is enabled on the switching device.

    By default, the MSTP function is enabled on the device.

Follow-up Procedure

When the topology of a spanning tree changes, the forwarding paths to associated VLANs are changed. The ARP entries corresponding to those VLANs on the switching device need to be updated. MSTP processes ARP entries in either fast or normal mode.

  • In fast mode, ARP entries to be updated are directly deleted.

  • In normal mode, ARP entries to be updated are rapidly aged.

    The remaining lifetime of ARP entries to be updated is set to 0. The switching device rapidly processes these aged entries. If the number of ARP aging probe attempts is not set to 0, ARP implements aging probe for these ARP entries.

You can run the stp converge { fast | normal } command in the system view to configure the STP/RSTP convergence mode.

By default, the normal MSTP convergence mode is used.

NOTE:

The normal mode is recommended. If the fast mode is adopted, ARP entries will be frequently deleted, causing the CPU usage on device to reach 100%. As a result, network flapping will frequently occur.

Checking the Configuration

Procedure

  • Run the display stp [ instance instance-id ] [ interface interface-type interface-number ] [ brief ] command to view spanning-tree status and statistics.
  • Run the display stp region-configuration command to view configurations of activated MST regions.
  • Run the display stp region-configuration digest command to view the digest configurations of activated MST regions.

Configuring MSTP Parameters on an Interface

Proper MSTP parameter settings achieve rapid convergence.

Pre-configuration Tasks

Before configuring MSTP parameters that affect route convergence, complete the following task:

  • Configuring MSTP
Setting the MSTP Network Diameter

Context

On a switched network, any two terminals on the switching network are connected through a specific path along which multiple devices reside. The network diameter is the maximum number of devices between any two terminals. A larger network diameter indicates a larger network scale.

An improper network diameter may cause slow network convergence and affects communication. Run the stp bridge-diameter command to set a network diameter based on the network scale, which helps speed up convergence.

It is recommended that all devices use the same network diameter.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp bridge-diameter diameter

    The network diameter is configured.

    By default, the network diameter is 7.

    NOTE:
    • RSTP uses a single spanning tree instance on the entire network. As a result, performance deterioration cannot be prevented when the network scale grows. Therefore, the network diameter cannot be larger than 7.

    • It is recommended that you run the stp bridge-diameter diameter command to set the network diameter. Then, the switching device calculates the optimal Forward Delay period, Hello timer value, and Max Age timer value based on the set network diameter.

Setting the MSTP Timeout Interval

Context

If the device does not receive any BPDU from the upstream device in the set period, the device considers that the upstream device fails and then it re-calculates its spanning tree.

Sometimes, the device cannot receive the BPDU in a long time from the upstream device because the upstream device is very busy. In this case, the device should not re-calculate its spanning tree. Therefore, you can set a long period for the device on a stable network to avoid waste of network resources.

If the local switching device does not receive a BPDU from the upstream switching device within the timeout interval, spanning tree recalculation is performed. The timeout interval is calculated as follows:
  • Timeout interval = Hello time x 3 x Timer Factor

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp timer-factor factor

    The timeout period for waiting for BPDUs from the upstream device is set.

    By default, the timeout period is 9 times the Hello timer value.

Setting the Values of MSTP Timers

Context

The following parameters are used in spanning tree calculation:
  • Forward Delay: determines the interval for port status transition. To prevent temporary loops, an interface first enters the Learning state when transiting from Discarding to Forwarding. The status transition lasts for the time specified by Forward Delay so that the local device can synchronize the status with the remote switch.
  • Hello Time: is the interval at which hello packets are sent. The switching device sends configuration BPDUs at an interval of Hello Time to check whether links are faulty. If the switching device does not receive any BPDU at an interval of Hello Time, the switching device recalculates the spanning tree due to BPDU timeout.
  • Max Age: determines whether BPDUs expire. The switching device determines whether the received BPDU expires based on this value. If the received BPDU expires, the spanning tree needs to be recalculated.

Devices on a ring network must use the same values of Forward Delay, Hello Time, and Max Age.

Generally, you are not advised to directly adjust the preceding three parameters. This is because the three parameters are relevant to the network scale. It is recommended that the network diameter be adjusted so that the spanning tree protocol automatically adjusts the three parameters. When the default network diameter is used, the default values of the three parameters are used.

To prevent frequent network flapping, make sure that Hello Time, Forward Delay, and Max Age conform to the following formulas:

  • 2 x (Forward Delay - 1.0 second) >= Max Age

  • Max Age >= 2 x (Hello Time + 1.0 second)

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Set Forward Delay, Hello Time, and Max Age.
    1. Run:

      stp timer forward-delay forward-delay

      The value of Forward Delay of the switching device is set.

      By default, the value of Forward Delay of the switching device is 1500 centiseconds.

    2. Run:

      stp timer hello hello-time

      The value of Hello Time of the switching device is set.

      By default, the value of Hello Time of the switching device is 200 centiseconds.

    3. Run:

      stp timer max-age max-age

      The value of Max Age of the switching device is set.

      By default, the value of Max Age of the switching device is 2000 centiseconds.

Setting the Maximum Number of Connections That Affect Spanning Tree Calculation

Context

The interface path cost affects spanning tree calculation. When the path cost changes, the system performs spanning tree recalculation. The interface path cost is affected by the bandwidth, so you can change the interface bandwidth to affect spanning tree calculation.

As shown in Figure 7-52, deviceA and deviceB are connected through two Eth-Trunks. Eth-Trunk 1 has three member interfaces in Up state and Eth-Trunk 2 has two member interfaces in Up state. If each member link has the same bandwidth, deviceA is selected as the root bridge.
  • Eth-Trunk 1 has larger bandwidth than Eth-Trunk 2. After STP calculation, Eth-Trunk 1 on deviceB is selected as the root port and Eth-Trunk 2 is selected as the alternate port.
  • If the maximum number of connections is 1 in Eth-Trunk 1, the path cost of Eth-Trunk 1 is larger than the path cost of Eth-Trunk 2. The system performs spanning tree recalculation. Then Eth-Trunk 1 on deviceB becomes the alternate port and Eth-Trunk 2 becomes the root port.
Figure 7-52  Setting the maximum number of connections
NOTE:

The maximum number of connections affects only the path cost of an interface where spanning tree calculation is performed, but does not affect the actual link bandwidth. The actual bandwidth for an Eth-Trunk to forward traffic depends on the number of active interfaces.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface eth-trunk trunk-id

    The Eth-Trunk interface view is displayed.

  3. Run:

    max bandwidth-affected-linknumber link-number

    The maximum number of connections is set.

    By default, the upper threshold for the number of interfaces that determine the bandwidth of an Eth-Trunk is 8.

Setting the Link Type of a Port

Context

It is easy to implement rapid convergence on a P2P link. If the two ports connected to a P2P link are root or designated ports, the ports can transit to the forwarding state quickly by sending Proposal and Agreement packets. This reduces the forwarding delay.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface interface-type interface-number

    The view of the Ethernet interface participating in STP calculation is displayed.

  3. Run:

    stp point-to-point { auto | force-false | force-true }

    The link type is configured for the interface.

    By default, an interface automatically determines whether to connect to a P2P link. The P2P link supports rapid network convergence.

    • If the Ethernet port works in full-duplex mode, the port is connected to a P2P link. In this case, force-true can be configured to implement rapid network convergence.

    • If the Ethernet port works in half-duplex mode, you can run stp point-to-point force-true to forcibly set the link type to P2P.

Setting the Maximum Transmission Rate of an Interface

Context

.A larger value of packet-number indicates more BPDUs sent in a hello interval and therefore more system resources occupied. Setting the proper value of packet-number prevents excess bandwidth usage when route flapping occurs.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface interface-type interface-number

    The view of the Ethernet interface participating in STP calculation is displayed.

  3. Run:

    stp transmit-limit packet-number

    The maximum number of BPDUs sent by a port in a specified period is set.

    By default, the maximum number of BPDUs that a port sends is 6 per second.

Switching to the MSTP Mode

Context

If an interface on an MSTP-enabled device is connected to an STP-enabled device, the interface switches to the STP compatible mode.

If the STP-enabled device is powered off or disconnected from the MSTP-enabled device, the interface cannot switch to the MSTP mode. In this case, you can switch the interface to the MSTP mode by using the stp mcheck command.

In the following cases, you need to manually switch the interface back to the MSTP mode manually:

  • The STP-enabled device is shut down or disconnected.

  • The STP-enabled device is switched to the MSTP mode.

Procedure

  • Switching to the MSTP mode in the interface view
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      interface interface-type interface-number

      The view of the Ethernet interface that participates in spanning tree calculation is displayed.

    3. Run:

      stp mcheck

      The device is switched to the MSTP mode.

  • Switching to the MSTP mode in the system view
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      stp mcheck

      The device is switched to the MSTP mode.

Configuring a Port as an Edge Port and BPDU Filter Port

Context

If a designated port is located at the edge of a network and is directly connected to terminal devices, this port is called edge port.

An edge port does not receive or process configuration BPDUs, or MSTP calculation. It can transit from Disable to Forwarding without any delay.

After a designated port is configured as an edge port, the port can still send BPDUs. Then BPDUs are sent to other networks, causing flapping of other networks. You can configure a port as an edge port and BPDU filter port so that the port does not process or send BPDUs.

After all ports are configured as edge ports and BPDU filter ports in the system view, none of ports on the device send BPDUs or negotiate the STP status with directly connected ports on the peer device. All ports are in forwarding state. This may cause loops on the network, leading to broadcast storms. Exercise caution when you configure a port as an edge port and BPDU filter port.

After a port is configured as an edge port and BPDU filter port in the interface view, the port does not process or send BPDUs. The port cannot negotiate the STP status with the directly connected port on the peer device. Exercise caution when you configure a port as an edge port and BPDU filter port.

Procedure

  • Configuring all ports as edge ports and BPDU filter ports in the system view
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      stp edged-port default

      All ports are configured as edge ports.

      By default, all ports are non-edge ports.

    3. Run:

      stp bpdu-filter default

      All ports are configured as BPDU filter ports.

  • Configuring a port as an edge port and BPDU filter port in the interface view
    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      interface interface-type interface-number

      The view of the Ethernet interface that participates in spanning tree calculation is displayed.

    3. (Optional) Run:

      stp edged-port enable

      The port is configured as an edge port.

      By default, all ports are non-edge ports.

    4. Run:

      stp bpdu-filter enable

      The port is configured as a BPDU filter port.

Setting the Maximum Number of Hops in an MST Region

Context

Switching devices on a Layer 2 network running MSTP communicate with each other by exchanging MST BPDUs. An MST BPDU has a field that indicates the number of remaining hops.
  • The number of remaining hops in a BPDU sent by the root switching device equals the maximum number of hops.

  • The number of remaining hops in a BPDU sent by a non-root switching device equals the maximum number of hops minus the number of hops from the non-root switching device to the root switching device.

  • If a switching device receives a BPDU in which the number of remaining hops is 0, the switching device will discard the BPDU.

Therefore, the maximum number of hops of a spanning tree in an MST region determines the network scale. The stp max-hops command can be used to set the maximum number of hops in an MST domain so that the network scale of a spanning tree can be controlled.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp max-hops hop

    The maximum number of hops in an MST region is set.

    By default, the maximum number of hops of the spanning tree in an MST region is 20.

Checking the Configuration

Procedure

  • Run the display stp [ instance instance-id ] [ interface interface-type interface-number ] [ brief ] command to view spanning-tree status and statistics.

Configuring MSTP Protection Functions

Huawei datacom devices provide the following MSTP protection functions. You can configure one or more functions.

Pre-configuration Tasks

Before configuring MSTP protection functions, complete the following task:

  • Configuring MSTP
Configuring BPDU Protection on a Switching Device

Context

Edge ports are directly connected to user terminal and will not receive BPDUs. Attackers may send pseudo BPDUs to attack the switching device. If the edge ports receive the BPDUs, the switching device configures the edge ports as non-edge ports and triggers a new spanning tree calculation. Network flapping then occurs. BPDU protection can be used to protect switching devices against malicious attacks.

After BPDU protection is enabled on a switching device, the switching device shuts down an edge port if the edge port receives a BPDU, and notifies the NMS of the shutdown event.

Perform the following steps on a switching device that has an edge port.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp bpdu-protection

    BPDU protection is enabled on the switching device.

    By default, BPDU protection is not enabled on the switching device.

Configuring TC Protection on a Switching Device

Context

If attackers forge TC-BPDUs to attack the switching device, the switching device receives a large number of TC BPDUs within a short time. If MAC address entries and ARP entries are deleted frequently, the switching device is heavily burdened, causing potential risks to the network.

TC protection is used to suppress TC BPDUs. The number of times that TC BPDUs are processed by a switching device within a given time period is configurable. If the number of TC BPDUs that the switching device receives within a given time exceeds the specified threshold, the switching device handles TC BPDUs only for the specified number of times. Excess TC BPDUs are processed by the switching device as a whole for once after the specified time period expires. This protects the switching device from frequently deleting MAC entries and ARP entries, therefore avoiding overburden.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    stp tc-protection

    TC protection is enabled for the MSTP process.

    By default, TC protection is not enabled on the switching device.

  3. Run:

    stp tc-protection threshold threshold

    The number of times the MSTP process handles the received TC BPDUs and updates forwarding entries within a given time is set.

    NOTE:

    The time is set using the stp tc-protection interval command.

Configuring Root Protection on an Interface

Context

Due to incorrect configurations or malicious attacks on the network, a root bridge may receive BPDUs with a higher priority. Consequently, the legitimate root bridge is no longer able to serve as the root bridge and the network topology is changed, triggering spanning tree recalculation. This also may cause the traffic that should be transmitted over high-speed links to be transmitted over low-speed links, leading to network congestion. The root protection function on a switching device is used to protect the root bridge by preserving the role of the designated port.

NOTE:

Root protection takes effect only on designated ports.

Perform the following steps on the root bridge in an MST region.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface interface-type interface-number

    The view of the Ethernet interface participating in STP calculation is displayed.

  3. Run:

    stp root-protection

    Root protection is configured on the switching device.

    By default, root protection is disabled.

Configuring Loop Protection on an Interface

Context

On a network running MSTP, a switching device maintains the root port status and status of blocked ports by receiving BPDUs from an upstream switching device. If the switching device cannot receive BPDUs from the upstream device because of link congestion or unidirectional-link failure, the switching device re-selects a root port. The original root port becomes a designated port and the original blocked ports change to the Forwarding state. This switching may cause network loops, which can be mitigated by configuring loop protection.

After loop protection is configured, if the root port or alternate port does not receive BPDUs from the upstream switching device, the root port is blocked and the switching device notifies the NMS that the port enters the Discarding state. The blocked port remains in the Blocked state and no longer forwards packets. This function helps prevent loops on the network. The root port or alternate port transitions to the Forwarding state after receiving new BPDUs.

NOTE:
An alternate port is a backup port for a root port. If a switching device has an alternate port, you need to configure loop protection on both the root port and the alternate port.

Perform the following steps on the root port and alternate port on a switching device in an MST region.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface interface-type interface-number

    The Ethernet interface view is displayed.

  3. Run:

    stp loop-protection

    Loop protection for the root port is configured on the switching device.

    By default, loop protection is disabled.

    Root protection and loop protection cannot be configured simultaneously.

Checking the Configuration

Procedure

  • Run the display stp [ instance instance-id ] [ interface interface-type interface-number ] [ brief ] command to view spanning-tree status and statistics.

Configuring MSTP Interoperability Between Huawei Devices and Non-Huawei Devices

To communicate with a non-Huawei device, set proper parameters on the MSTP-enabled Huawei device.

Configuring a Proposal/Agreement Mechanism

Context

The rapid transition mechanism is also called the Proposal/Agreement mechanism. All switching devices support the following modes:

  • Enhanced mode: The current interface counts the root port calculation when it computes the synchronization flag bit.
    • An upstream device sends a Proposal message to a downstream device, requesting rapid status transition. After receiving the message, the downstream device sets the port connected to the upstream device as a root port and blocks all non-edge ports.

    • The upstream device then sends an Agreement message to the downstream device. After the downstream device receives the message, the root port transitions to the Forwarding state.

    • The downstream device responds to the Proposal message with an Agreement message. After receiving the message, the upstream device sets the port connected to the downstream device as a designated port, and the designated port transitions to the Forwarding state.

  • Common mode: The current interface ignores the root port when it computes the synchronization flag bit.
    • An upstream device sends a Proposal message to a downstream device, requesting rapid status transition. After receiving the message, the downstream device sets the port connected to the upstream device as a root port and blocks all non-edge ports. The root port then transitions to the Forwarding state.

    • The downstream device responds to the Proposal message with an Agreement message. After receiving the message, the upstream device sets the port connected to the downstream device as a designated port. The designated port then transitions to the Forwarding state.

When Huawei devices are connected to non-Huawei devices, select the same mode as that used on non-Huawei devices.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface interface-type interface-number

    The Ethernet interface view is displayed.

  3. Run:

    stp no-agreement-check

    The common rapid transition mechanism is configured.

    By default, the interface uses the enhanced rapid transition mechanism.

Configuring the MSTP Protocol Packet Format on an Interface

Context

MSTP protocol packets have two formats: dot1s (IEEE 802.1s standard packets) and legacy (proprietary protocol packets).

You can specify the packet format and use the auto mode. In auto mode, the switching device switches the MSTP protocol packet format based on the received MSTP protocol packet format so that the switching device can communicate with the peer device.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface interface-type interface-number

    The Ethernet interface view is displayed.

  3. Run:

    stp compliance { auto | dot1s | legacy }

    The MSTP protocol packet format is configured on the interface.

    The auto mode is used by default.

    NOTE:

    The negotiation will fail if the format of MSTP packets is set to dot1s at one end and legacy at the other end.

Enabling the Digest Snooping Function

Context

Interconnected Huawei and non-Huawei devices cannot communicate with each other if they have the same region name, revision number, and VLAN-to-instance mappings but different BPDU keys. To address this problem, enable the digest snooping function on the Huawei device.

Perform the following steps on a switching device in an MST region to enable the digest snooping function.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface interface-type interface-number

    The Ethernet interface view is displayed.

  3. Run:

    stp config-digest-snoop

    The digest snooping function is enabled.

Checking the Configuration

Procedure

  • Run the display stp [ instance instance-id ] [ interface interface-type interface-number ] [ brief ] command to view spanning-tree status and statistics.
Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 116799

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next