Spanning Tree Protocol – Part 1: Understand STP Principles, Redundant Network Links & Broadcast Storms
One of the most used terms in network is LAN (Local Area Network). It’s a form of network that we encounter in our daily lives, at home, at work, study, and in various other areas of life. Unless working specially in the field of Wide Area Networks (WAN), you will come across a LAN pretty much everyday. A key protocol used to maintain efficiency within a LAN is the Spanning Tree Protocol (STP), which is standardized as IEEE 802.1D.
Without this protocol our LANs would rapidly become congested, with frames looping throughout the network infinitely, making network devices unstable. This protocol is implemented on switches, as switches deal with network data at the frame level. But before going ahead with a full blown explanation of what STP is, it is important to understand the ‘problem’ that STP prevents and how it improves a LAN’s performance. Let’s go through some salient features of a LAN first.
One of the most important devices within a LAN is a network switch. All standard switches are Layer 2 devices i.e. they work at the level of frames. A frame is the unit of transmission in a link layer protocol and consists of a link-layer header followed by a packet. Without going into too much detail, a switch communicates in terms of frames. Users interested learning more about frames, can visit our Ethernet Frame Formats section where they'll find plenty of useful information and 3D representations of the various Ethernet frames. Apart from the higher layer data encapsulated by the frame, it carries two other important pieces of information, the Source MAC Address and the Destination MAC Address. It’s important to make a note of this as it becomes vital in our understanding of how a switch works and for STP itself.
How Does A Switch Work?
It must be noted that, before starting on this tutorial, it is best to have an understanding of how a switch works. If not then all is not lost. Users can always look up existing switch principles covered under the Switches & Bridges article.
Understanding of the following topics is essential for STP:
- How a switch finds MAC Addresses of new hosts
- How a switch populates its MAC Address tables
- How a switch deals with an incoming frame when it doesn’t know which outgoing interface to switch it to (due to no entry for a destination MAC Address in the switching table)
If the above fundamental principles are clear, learning about STP becomes simple.
Within permissible limits it might be said that STP is introduced within the LAN to prevent complications and network related problems caused by the way a switch functions. The flaw does not lie with how a switch works, it lies with the repercussions and manifestations of traffic because of it. Now let us run through some of the major issues encountered within a LAN.
Switches & Redundant Links Challenges
Just like our lives, LANs becomes big and complicated and cater to a huge number of devices. To provide interconnectivity and redundancy, sometimes switches are connected between themselves to ensure data streams are always maintained between network hosts. In an ideal world, a simple network would only have a router, a switch, and ‘n’ number of hosts connected to that switch, depending on how big the switch is. But just like Utopia, this ideal world doesn’t exist and networks have multiple switches, and sometimes these switches have interconnections. It’s done to provide redundant paths to various parts of the network to which these switches provide connectivity.
But by virtue of how a switch functions, there can be a few rather alarming issues cropping up very quickly when switches have more than one way of connecting various parts of the network. To visualise this concept, here’s a setup that has two hosts connected via two switches. For the sake of simplicity the router has been left out of this equation. Since STP is all about effective switching, let’s not involve ourselves in routing. The switching layout is, then, as follows:
To simplify this layout, please consider the following
- There are two switches, SW1 and SW2
- There are two hosts, PC1 and PC2, connected to SW1 and SW2 respectively
- MAC Address of PC1 is PC1-MAC1 and that of PC2 is PC2-MAC2
- SW1 and SW2 are connected to each other via 2 links, LINK 1 and LINK 2. These are redundant links
- For LINK1, the interface used on SW1 is SW1-MAC1, and the interface used on SW2 is SW2-MAC1
- For LINK2, the interface used on SW1 is SW1-MAC2, and the interface used on SW2 is SW2-MAC2
Now let’s look at a condition where both switches have an empty MAC address table. PC1 sends out a frame whose destination is PC2. This frame reaches SW1. Right now SW1 does not know which interface to use to forward this frame to PC2, so it does a broadcast. By virtue of frame forwarding, the source address of this frame now changes. Since this broadcast will go out through both LINK 1 and 2, the outgoing broadcast frames will have different source addresses.
Let us consider the frame from SW1 going out on LINK 1. Its destination address still reads PC2-MAC2. But its source address now reads SW1-MAC1. When this frame reaches SW2, SW2 does not know which interface to use to forward this frame to PC2-MAC2, so it does a broadcast. By virtue of a broadcast from a switch, this frame will not go out on LINK 1 again. This broadcasted frame goes out to PC2 and also goes out on LINK 2. Once PC2 receives this broadcast, it acknowledges receipt and SW2 learns the interface to use to forward a frame whose destination MAC Address says PC2-MAC2. But what about the broadcast frame that went out on LINK 2? This now reaches SW1, and its destination MAC Address still reads PC2-MAC2. SW1, for the second time, does not know which interface to use to forward this frame. So guess what it does? It does a broadcast again, causing PC1 to receive a frame it sent out in the first case.
So you see, an innocent frame that was destined for just one host on the other end of this simplified network, ended up with the host that sent it out in the first place. This is what is known as a broadcast storm. Now this process will keep on going till the network becomes congested with multiple duplicate frames, thus reducing its performance.
This is not the only issue on this LAN. What happens in the background is that the MAC table within both switches becomes extremely unstable. This is caused by the effect of the frame with the same destination MAC Address approaching the two switches with different source MAC Address. Hence the MAC table on each switch keeps getting updated without achieving any stable state. Not to mention the fact that due to this broadcast storm the hosts keep receiving multiple duplicate frames.
So to sum up, the issues encountered in the above situation are now made clear:
-
Broadcast storm
- Unstable MAC Table in switches
- Multiple duplicate frames arriving at hosts
STP is aimed at resolving all the above issues. This is discussed in the next tutorial, Spanning Tree Protocol, Rapid STP Port Costs - Port States, where we will start discovering the working principle of this protocol, along with some key features and associated terms.
Your IP address:
18.116.86.132
Wi-Fi Key Generator
Follow Firewall.cx
Cisco Password Crack
Decrypt Cisco Type-7 Passwords on the fly!