Scenario 4-7: Configuring UplinkFast


UplinkFast is a feature that greatly enhances the convergence time associated with a direct failure of an uplink attached to a leaf switch. You should only enable UplinkFast on leaf switches, and the feature works only with direct failures. Figure 4-28 shows the network topology used for this scenario.

Figure 4-28. Converged STP Topology


Switch-A is the root switch and connects two distribution-layer (intermediate) switches (Switch-B and Switch-C). Switch-B and Switch-C provide redundant uplinks to Switch-D and Switch-E, which are classified as leaf switches, because they are leaf nodes at the edge of the spanning tree and are not upstream from any other switches (a leaf switch is always downstream from all other switches in the network).

NOTE

With regards to STP, upstream refers to the direction towards the root bridge, and downstream refers to the direction away from the root bridge. In Figure 4-28, Switch-D is downstream from Switch-B, because Switch-B is closer to the root bridge. In the reverse, Switch-B is upstream from Switch-D, because Switch-B is closer to the root bridge.


Assuming all costs are configured as defaults, Switch-D and Switch-E choose the uplink connected to Switch-B as the root port and, thus, place this port into a Forwarding state. The uplinks to Switch-C (port 2/2 on Switch-D and interface Fa0/2 on Switch-E) are placed into a Blocking state, because Switch-C always becomes the designated bridge for these segments as it is closer to the root bridge.

Now, assume that on Switch-D, the active uplink (port 2/1) fails or is shut down. Because the root port on Switch-D has failed, Switch-D has lost its path to the root, invalidating the last BPDU received on port 2/1. Switch-D is now in a situation similar to when it first initializes and must now determine who the new root bridge is, or determine the new path to the root bridge. Therefore, Port 2/2 transitions to a Listening state and discovers that the root bridge is reachable via Switch-C. Switch-D chooses port 2/2 as the new root port and transitions the port to a Learning state and then finally to a Forwarding state. Given the default STP timers, it takes 30 seconds after the failure for Switch-D to begin actually forwarding data again.

NOTE

The Max Age timer is not used with direct failures related to the root port because a direct failure is immediately detected, invalidating the root port and the configuration BPDUs received on that port.


If Switch-D were not a leaf switch, another uplink might be used to reach the root bridge. In this case, to prevent a loop from forming it is important that the Switch-D transitions through the Learning and Listening phases before forwarding any traffic. However, because Switch-D is a leaf switch with only two possible uplinks to the root bridge, if the primary uplink fails, the backup uplink will always be the uplink that begins forwarding. Therefore, no reason exists as to why Switch-D cannot just place the backup uplink into a Forwarding state immediately, as soon as the primary uplink goes down.

By enabling UplinkFast, a leaf switch notes a redundant uplink to the root and immediately allows the redundant uplink to forward user data if the primary uplink fails. This recognition reduces convergence from 30 seconds (using default STP timers) to almost nil.

NOTE

The Listening and Learning phases are still transitioned when the redundant uplink is activated. UplinkFast allows the port to send and receive user data during these phases.


Although the Forwarding state transition is immediate, you must also consider the bridging tables on each switch in the network. By default, the bridge table has an aging timer of 300 seconds, which means an idle entry remains in the bridge table for five minutes before disappearing. Figure 4-29 shows the topology of Figure 4-28 and what happens when UplinkFast is configured and invoked with relation to Switch-D (Switch-E is omitted to make the figure easier to read, but the same principles apply if UplinkFast is enabled on Switch-E).

Figure 4-29. UplinkFast Operation


The following are the steps in Figure 4-29:

Step 1.

The network is in its normal state, with port 2/1 on Switch-D running as the root port, and port 2/2 in a Blocking state. Notice the bridge table on Switch-A because the active path to Host-D is via Switch-B, Host-D (000d.000d.000d) is listed as being reachable through interface port 2/1. Because UplinkFast is enabled on Switch-D, Switch-D notes that port 2/2 represents an alternative path to the root bridge.

Step 2.

A link failure occurs between the Switch-D and Switch-B, bringing down the root port for Switch-D. Switch-D detects this failure immediately due to loss of physical link on the root port.

Step 3.

Because UplinkFast is enabled on the Switch-D, it immediately designates the previously blocked port 2/2 (attached to Switch-C) as the new root port and allows the port to forward user data, while transitioning through the normal Listening and Learning phases. This operation is safe because Switch-D is a leaf switch and has no other paths to the root bridge that could cause loops.

Step 4.

At this stage, although Switch-D is still connected to the rest of the network and can forward data out port 2/2, the bridge table on Switch-A is out of date, because it attempts to forward any data to Host-D out port 2/1, which arrives at Switch-B. Because the link to Switch-D on Switch-B is down, Switch-B has flushed its bridging table entry for Host-D and, therefore, floods the frame out all ports, except the port upon which the frame was received. The frame is flooded out port 2/2 towards Switch-C. Then, the flooded frame terminates at Switch-C, because Switch-C drops the frame because interface Fa0/2 is blocked. As you can see, the network cannot communicate with Host-D because the bridging table information cached on other switches is out of date.

Step 5.

To ensure that the bridging tables of all other switches in the network are correct, Switch-D looks at its current bridge table and starts sending dummy multicasts out the new root port on behalf of every host that is directly attached to the switch (i.e., any MAC addresses in the bridge table that are associated with ports that are not attached to other switches). Each dummy multicast frame has an unused (dummy) destination multicast address, which ensures the frame is propagated throughout the entire Layer 2 topology. For example, in the bridge table of Switch-D, the 000d.000d.000d entry is considered directly attached because port 2/3 is not connected to any other switches. Switch-D, therefore, generates a dummy multicast with a source MAC address of 000d.000d.000d and sends it out port 2/2. Note that a multicast is not sent for the PC with MAC address 000c.000c.000c because the bridge table entry on Switch-D for this host has an egress port that is an uplink (port 2/1), indicating the host is not directly attached. When the multicast is received on interface Fa0/3, Switch-B updates the bridge table entry for 000d.000d.000d, listing a new egress port of Fa0/3. Switch-B then floods the multicast out all interfaces (except the interface the multicast was received on), allowing all other switches in the network to update their bridge tables correctly.

NOTE

Because the dummy multicasts have an unused destination multicast address, the multicasts are never actually received by any device and are only processed by switches for the purposes of updating bridge tables as part of normal transparent bridging operation.


At this stage, data is being forwarded by Switch-D, and the paths taken through network to reach devices attached to Switch-D are up-to-date and correct. In normal spanning-tree operation, the redundant uplink would have taken 30 seconds to transition through the Listening and Learning states before forwarding any data (the redundant uplink becomes the new root port). By enabling UplinkFast on the switch, the convergence time is reduced from 30 seconds to almost 0. The real key to the success of UplinkFast, however, is the clever way the switch generates dummy multicasts to update all bridge tables in the network appropriately.

NOTE

By default, Catalyst switches send dummy multicasts at a configurable rate of 15 frames per 100 milliseconds (150 frames per second). So if you had an edge switch with 450 directly connected hosts, it would take approximately 3 seconds for the network to converge fully after the upstream switch failure.


You should enable UplinkFast only on leaf switches because UplinkFast makes assumptions about your network topology based upon the fact that the switch is a leaf node. If you enable UplinkFast on a transit switch (a switch that is the root bridge or has downstream switches connected), unpredictable forwarding paths and loops can result. In Figure 4-29, Switch-B and Switch-C are transit switches because they connect downstream switches (e.g. Switch-D). Switch-D is a leaf switches because it connects only to upstream switches (Switch-B and Switch-C).

Enabling UplinkFast

Always remember that UplinkFast should only ever be configured on leaf switches. If you enable it on non-leaf switches, it is possible that loops could form in the network. To ensure that UplinkFast is enabled only on leaf switches, when you enable UplinkFast, the bridge priority and the cost of each port on the switch are increased.

NOTE

This scenario assumes that a single VLAN (VLAN 1) is in use and that Switch-A has been configured as the root bridge, with Switch-B configured as the secondary root bridge. All other spanning tree parameters are configured as the default on all switches.


On CatOS, UplinkFast is disabled by default and can be globally enabled or disabled. To configure UplinkFast on a CatOS switch, you use the following command:

 set spantree uplinkfast enable [rate station-update-rate] 

The rate parameter allows you to specify the rate at which dummy multicast packets are generated every 100 milliseconds (the default is 15 packets per 100 milliseconds).

On Cisco IOS, UplinkFast is also disabled by default and can be globally enabled or disabled. To enable UplinkFast on a Cisco IOS switch, you use the following global configuration command:

 spanning-tree uplinkfast [max-update-rate pkts-per-second] 

The max-update-rate parameter allows you to specify the rate at which dummy multicast packets are generated every second (the default is 150 packets per second).

TIP

You must explicitly configure the spanning-tree uplinkfast by itself to enable UplinkFast and then configure the spanning-tree uplinkfast max-update-rate command if you wish to modify the dummy multicast rate.


Referring back to Figure 4-28, to optimize the convergence time in the event of a direct uplink failure on any leaf switch (Switch-D and Switch-E), you can enable the UplinkFast feature.

Example 4-47 demonstrates how to enable UplinkFast on Switch-D (CatOS) and configure a custom dummy multicast rate of 250 packets per second.

Example 4-47. Configuring UplinkFast on Switch-D
 Switch-D> (enable) set spantree uplinkfast enable rate 25 VLANs 1-4094 bridge priority set to 49152. The port cost and portvlancost of all ports increased to above 3000. Station update rate set to 25 packets/100ms. uplinkfast all-protocols field set to off. uplinkfast enabled for bridge. 

You can see that by enabling UplinkFast, the bridge priority and cost of all ports are increased to ensure that the switch always becomes a leaf switch. Notice that the rate parameter is configured in packets per 100ms.

Verifying UplinkFast

Example 4-48 shows the output of the show spantree command after UplinkFast has been enabled.

Example 4-48. Verifying Spanning-Tree Configuration on Switch-D after Enabling UplinkFast
 Switch-D> (enable) show spantree 1 VLAN 1 Spanning tree mode          PVST+ Spanning tree type          ieee Spanning tree enabled Designated Root             00-01-96-a0-2c-00 Designated Root Priority    8192 Designated Root Cost        38 Designated Root Port        2/1 Root Max Age  20  sec   Hello Time 2  sec   Forward Delay 15  sec Bridge ID MAC ADDR          00-01-68-b1-1a-00 Bridge ID Priority          49152 Bridge Max Age 20  sec   Hello Time 2  sec   Forward Delay 15  sec Port                     Vlan Port-State    Cost      Prio Portfast Channel_id ------------------------ ---- ------------- --------- ---- -------- ----------  2/1                     1    forwarding         3019   32 disabled 0  2/2                     1    blocking           3019   32 disabled 0 ... (Output Abbreviated) ... 

Notice that the bridge priority of Switch-D is now 49152 and that the cost of ports 2/1 and 2/2 has been increased by 3000 from 19 (the default for 100-Mbps ports) to 3019.

To verify UplinkFast configuration, use the show spantree uplinkfast command after UplinkFast has been enabled, as shown in Example 4-49.

Example 4-49. Verifying UplinkFast Configuration on Switch-D
 Switch-D> (enable) show spantree uplinkfast Station update rate set to 25 packets/100ms. uplinkfast all-protocols field set to off. VLAN          port list ----------------------------------------------- 1             2/1(fwd), 2/2 

You can see on Switch-D that port 2/1 is currently the active uplink (as indicate by the fwd text), and port 2/2 is a candidate port for fast failover should port 2/1 go down.

NOTE

If you want to disable UplinkFast, use the set spantree uplinkfast disable command. This command disables UplinkFast, but does not return the bridge priority and port cost values to their default values. To disable UplinkFast and configure the bridge priority and port cost values as their default values, use the clear spantree uplinkfast command instead.


Example 4-50 demonstrates how to enable UplinkFast on Switch-E (Cisco IOS) and configure a custom dummy multicast rate of 250 packets per second.

Example 4-50. Configuring UplinkFast on Switch-E
 Switch-E# configure terminal Switch-E(config)# spanning-tree uplinkfast Switch-E(config)# spanning-tree uplinkfast max-update-rate 250 

Notice in Example 4-50 that you must explicitly enable UplinkFast first and then configure the custom dummy multicast rate separately. Once you have enabled UplinkFast, the bridge priority is increased for 49152 for all VLANs, and the port cost of every physical port is increased by 3000, unless the port cost has been explicitly configured previously.

To verify UplinkFast on a Cisco IOS switch, use the show spanning-tree uplinkfast command, as demonstrated on Switch-E in Example 4-51.

Example 4-51. Verifying Spanning-Tree Configuration on Switch-E After Enabling UplinkFast
 Switch-E# show spanning-tree uplinkfast UplinkFast is enabled Station update rate set to 250 packets/sec. UplinkFast statistics ----------------------- Number of transitions via uplinkFast (all VLANs)            : 1 Number of proxy multicast addresses transmitted (all VLANs) : 0 Name                 Interface List -------------------- ------------------------------------ VLAN0001             Fa0/1(fwd), Fa0/2 

Notice that UplinkFast is enabled and the update rate is set to 250 packets per second. The rate is expressed in packets per second, unlike CatOS that specifies the rate in packets per 100 milliseconds. At the bottom of the table, you can see the interface list for each VLAN that UplinkFast uses for fast cutover. Interface Fa0/1 is listed as the uplink that is currently forwarding, with interface Fa0/2 listed as a candidate interface for fast failover. If Fa0/1 is detected as going down, Switch-D immediately places Fa0/2 into a forwarding state.

NOTE

To disable UplinkFast, use the no spanning-tree uplinkfast global configuration command. This command disables UplinkFast and return bridge priority and port cost values to their default values.


Testing UplinkFast

To test UplinkFast, configure IP addressing on Switch-B and Switch-D, which enables you to test ping connectivity between the switches. Then shut down the active root port on Switch-D and verify that you can still ping Switch-B immediately after the port is shut down.

Step 1.

Create a virtual interface for VLAN 1 on Switch-B and configure an IP address of 192.168.1.2/24, as shown in Example 4-52.

Example 4-52. Configuring IP on Switch-B
 Switch-B# configure terminal Switch-B(config)# interface VLAN 1 Switch-B(config-if)# no shutdown Switch-B(config-if)# ip address 192.168.1.2 255.255.255.0 

Step 2.

Configure the sc0 interface on Switch-D with an IP address of 192.168.1.4/24. Disable UplinkFast, as shown in Example 4-53. After you have completed your configuration, verify that you can ping Switch-B from Switch-D.

Example 4-53. Configuring IP on Switch-D
 Switch-D> (enable) set interface sc0 192.168.1.4 255.255.255.0 Interface sc0 IP address and netmask set. Switch-D> (enable) set spantree uplinkfast disable uplinkfast disabled for bridge. Use clear spantree uplinkfast to return stp parameters to default. Switch-D> (enable) ping 192.168.1.2 !!!!! -----192.168.1.2 PING Statistics------ 5 packets transmitted, 5 packets received, 0% packet loss round-trip (ms) min/avg/max = 1/1/1 

In Example 4-53, you disable UplinkFast so that you can verify the normal convergence delays incurred when port 2/1 on Switch-D goes down.

Step 3.

Disable the current root port on Switch-D (port 2/1) and then immediately try to ping Switch-B, as shown in Example 4-54. You should not be able to ping Switch-B, because port 2/2 is transitioning through the Listening and Learning phases and is now forwarding any user data. If you wait for approximately 30 seconds, you should then be able to ping Switch-B.

Example 4-54. Testing Convergence Times on Switch-D
 Switch-D> (enable) set port disable 2/1 Port 2/1 disabled. Switch-D> (enable) ping 192.168.1.2 ..... -----192.168.1.2 PING Statistics------ 5 packets transmitted, 0 packets received, 100% packet loss round-trip (ms) min/avg/max = -/-/- 

Step 4.

Re-enable the current root port on Switch-D (port 2/1) and allow 30 seconds for the port 2/1 to transition to a Forwarding state. Next, enable UplinkFast on Switch-D, verify the root port, and verify you can still ping Switch-D, as shown in Example 4-55.

Example 4-55. Enabling UplinkFast on Switch-D
 Switch-D> (enable) set port enable 2/1 Port 2/1 enabled. ... ... (Wait for 30 seconds Switch-D> (enable) set spantree uplinkfast enable VLANs 1-1005 bridge priority set to 49152. The port cost and portvlancost of all ports set to above 3000. Station update rate set to 15 packets/100ms. uplinkfast all-protocols field set to off. uplinkfast enabled for bridge. Switch-D> (enable) show spantree uplinkfast Station update rate set to 15 packets/100ms. uplinkfast all-protocols field set to off. VLAN          port list ----------------------------------------------- 1             2/1(fwd),2/2 Switch-D> (enable) ping 192.168.1.2 !!!!! -----192.168.1.2 PING Statistics------ 5 packets transmitted, 5 packets received, 0% packet loss round-trip (ms) min/avg/max = 1/1/1 

The show spantree uplinkfast command indicates that port 2/1 is forwarding and that port 2/2 is a candidate backup root port.

Step 5.

Disable the current root port on Switch-D (port 2/1) and immediately try to ping Switch-B once again, as shown in Example 4-56. This time, you should be able to ping Switch-B immediately, because UplinkFast forwards traffic out port 2/2.

Example 4-56. Testing UplinkFast on Switch-D
 Switch-D> (enable) set port disable 2/1 Port 2/1 disabled. Switch-D> (enable) ping 192.168.1.2 !!!!! -----192.168.1.2 PING Statistics------ 5 packets transmitted, 5 packets received, 0% packet loss round-trip (ms) min/avg/max = 1/1/1 




CCNP Self-Study CCNP Practical Studies. Switching
CCNP(R) Practical Studies: Switching (CCNP Self-Study)
ISBN: 1587200600
EAN: 2147483647
Year: 2002
Pages: 135
Authors: Justin Menga

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net