UplinkFast is a feature that greatly enhances the convergence time associated with a direct failure of an uplink attached to a leaf switch. You should only enable UplinkFast on leaf switches, and the feature works only with direct failures. Figure 4-28 shows the network topology used for this scenario.
Figure 4-28. Converged STP Topology
Switch-A is the root switch and connects two distribution-layer (intermediate) switches (Switch-B and Switch-C). Switch-B and Switch-C provide redundant uplinks to Switch-D and Switch-E, which are classified as leaf switches, because they are leaf nodes at the edge of the spanning tree and are not upstream from any other switches (a leaf switch is always downstream from all other switches in the network).
With regards to STP, upstream refers to the direction towards the root bridge, and downstream refers to the direction away from the root bridge. In Figure 4-28, Switch-D is downstream from Switch-B, because Switch-B is closer to the root bridge. In the reverse, Switch-B is upstream from Switch-D, because Switch-B is closer to the root bridge.
Assuming all costs are configured as defaults, Switch-D and Switch-E choose the uplink connected to Switch-B as the root port and, thus, place this port into a Forwarding state. The uplinks to Switch-C (port 2/2 on Switch-D and interface Fa0/2 on Switch-E) are placed into a Blocking state, because Switch-C always becomes the designated bridge for these segments as it is closer to the root bridge.
Now, assume that on Switch-D, the active uplink (port 2/1) fails or is shut down. Because the root port on Switch-D has failed, Switch-D has lost its path to the root, invalidating the last BPDU received on port 2/1. Switch-D is now in a situation similar to when it first initializes and must now determine who the new root bridge is, or determine the new path to the root bridge. Therefore, Port 2/2 transitions to a Listening state and discovers that the root bridge is reachable via Switch-C. Switch-D chooses port 2/2 as the new root port and transitions the port to a Learning state and then finally to a Forwarding state. Given the default STP timers, it takes 30 seconds after the failure for Switch-D to begin actually forwarding data again.
The Max Age timer is not used with direct failures related to the root port because a direct failure is immediately detected, invalidating the root port and the configuration BPDUs received on that port.
If Switch-D were not a leaf switch, another uplink might be used to reach the root bridge. In this case, to prevent a loop from forming it is important that the Switch-D transitions through the Learning and Listening phases before forwarding any traffic. However, because Switch-D is a leaf switch with only two possible uplinks to the root bridge, if the primary uplink fails, the backup uplink will always be the uplink that begins forwarding. Therefore, no reason exists as to why Switch-D cannot just place the backup uplink into a Forwarding state immediately, as soon as the primary uplink goes down.
By enabling UplinkFast, a leaf switch notes a redundant uplink to the root and immediately allows the redundant uplink to forward user data if the primary uplink fails. This recognition reduces convergence from 30 seconds (using default STP timers) to almost nil.
The Listening and Learning phases are still transitioned when the redundant uplink is activated. UplinkFast allows the port to send and receive user data during these phases.
Although the Forwarding state transition is immediate, you must also consider the bridging tables on each switch in the network. By default, the bridge table has an aging timer of 300 seconds, which means an idle entry remains in the bridge table for five minutes before disappearing. Figure 4-29 shows the topology of Figure 4-28 and what happens when UplinkFast is configured and invoked with relation to Switch-D (Switch-E is omitted to make the figure easier to read, but the same principles apply if UplinkFast is enabled on Switch-E).
Figure 4-29. UplinkFast Operation
The following are the steps in Figure 4-29:
Because the dummy multicasts have an unused destination multicast address, the multicasts are never actually received by any device and are only processed by switches for the purposes of updating bridge tables as part of normal transparent bridging operation.
At this stage, data is being forwarded by Switch-D, and the paths taken through network to reach devices attached to Switch-D are up-to-date and correct. In normal spanning-tree operation, the redundant uplink would have taken 30 seconds to transition through the Listening and Learning states before forwarding any data (the redundant uplink becomes the new root port). By enabling UplinkFast on the switch, the convergence time is reduced from 30 seconds to almost 0. The real key to the success of UplinkFast, however, is the clever way the switch generates dummy multicasts to update all bridge tables in the network appropriately.
By default, Catalyst switches send dummy multicasts at a configurable rate of 15 frames per 100 milliseconds (150 frames per second). So if you had an edge switch with 450 directly connected hosts, it would take approximately 3 seconds for the network to converge fully after the upstream switch failure.
You should enable UplinkFast only on leaf switches because UplinkFast makes assumptions about your network topology based upon the fact that the switch is a leaf node. If you enable UplinkFast on a transit switch (a switch that is the root bridge or has downstream switches connected), unpredictable forwarding paths and loops can result. In Figure 4-29, Switch-B and Switch-C are transit switches because they connect downstream switches (e.g. Switch-D). Switch-D is a leaf switches because it connects only to upstream switches (Switch-B and Switch-C).
Always remember that UplinkFast should only ever be configured on leaf switches. If you enable it on non-leaf switches, it is possible that loops could form in the network. To ensure that UplinkFast is enabled only on leaf switches, when you enable UplinkFast, the bridge priority and the cost of each port on the switch are increased.
This scenario assumes that a single VLAN (VLAN 1) is in use and that Switch-A has been configured as the root bridge, with Switch-B configured as the secondary root bridge. All other spanning tree parameters are configured as the default on all switches.
On CatOS, UplinkFast is disabled by default and can be globally enabled or disabled. To configure UplinkFast on a CatOS switch, you use the following command:
set spantree uplinkfast enable [rate station-update-rate]
The rate parameter allows you to specify the rate at which dummy multicast packets are generated every 100 milliseconds (the default is 15 packets per 100 milliseconds).
On Cisco IOS, UplinkFast is also disabled by default and can be globally enabled or disabled. To enable UplinkFast on a Cisco IOS switch, you use the following global configuration command:
spanning-tree uplinkfast [max-update-rate pkts-per-second]
The max-update-rate parameter allows you to specify the rate at which dummy multicast packets are generated every second (the default is 150 packets per second).
You must explicitly configure the spanning-tree uplinkfast by itself to enable UplinkFast and then configure the spanning-tree uplinkfast max-update-rate command if you wish to modify the dummy multicast rate.
Referring back to Figure 4-28, to optimize the convergence time in the event of a direct uplink failure on any leaf switch (Switch-D and Switch-E), you can enable the UplinkFast feature.
Example 4-47 demonstrates how to enable UplinkFast on Switch-D (CatOS) and configure a custom dummy multicast rate of 250 packets per second.
Example 4-47. Configuring UplinkFast on Switch-D
Switch-D> (enable) set spantree uplinkfast enable rate 25 VLANs 1-4094 bridge priority set to 49152. The port cost and portvlancost of all ports increased to above 3000. Station update rate set to 25 packets/100ms. uplinkfast all-protocols field set to off. uplinkfast enabled for bridge.
You can see that by enabling UplinkFast, the bridge priority and cost of all ports are increased to ensure that the switch always becomes a leaf switch. Notice that the rate parameter is configured in packets per 100ms.
Example 4-48 shows the output of the show spantree command after UplinkFast has been enabled.
Example 4-48. Verifying Spanning-Tree Configuration on Switch-D after Enabling UplinkFast
Switch-D> (enable) show spantree 1 VLAN 1 Spanning tree mode PVST+ Spanning tree type ieee Spanning tree enabled Designated Root 00-01-96-a0-2c-00 Designated Root Priority 8192 Designated Root Cost 38 Designated Root Port 2/1 Root Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Bridge ID MAC ADDR 00-01-68-b1-1a-00 Bridge ID Priority 49152 Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Port Vlan Port-State Cost Prio Portfast Channel_id ------------------------ ---- ------------- --------- ---- -------- ---------- 2/1 1 forwarding 3019 32 disabled 0 2/2 1 blocking 3019 32 disabled 0 ... (Output Abbreviated) ...
Notice that the bridge priority of Switch-D is now 49152 and that the cost of ports 2/1 and 2/2 has been increased by 3000 from 19 (the default for 100-Mbps ports) to 3019.
To verify UplinkFast configuration, use the show spantree uplinkfast command after UplinkFast has been enabled, as shown in Example 4-49.
Example 4-49. Verifying UplinkFast Configuration on Switch-D
Switch-D> (enable) show spantree uplinkfast Station update rate set to 25 packets/100ms. uplinkfast all-protocols field set to off. VLAN port list ----------------------------------------------- 1 2/1(fwd), 2/2
You can see on Switch-D that port 2/1 is currently the active uplink (as indicate by the fwd text), and port 2/2 is a candidate port for fast failover should port 2/1 go down.
If you want to disable UplinkFast, use the set spantree uplinkfast disable command. This command disables UplinkFast, but does not return the bridge priority and port cost values to their default values. To disable UplinkFast and configure the bridge priority and port cost values as their default values, use the clear spantree uplinkfast command instead.
Example 4-50 demonstrates how to enable UplinkFast on Switch-E (Cisco IOS) and configure a custom dummy multicast rate of 250 packets per second.
Example 4-50. Configuring UplinkFast on Switch-E
Switch-E# configure terminal Switch-E(config)# spanning-tree uplinkfast Switch-E(config)# spanning-tree uplinkfast max-update-rate 250
Notice in Example 4-50 that you must explicitly enable UplinkFast first and then configure the custom dummy multicast rate separately. Once you have enabled UplinkFast, the bridge priority is increased for 49152 for all VLANs, and the port cost of every physical port is increased by 3000, unless the port cost has been explicitly configured previously.
To verify UplinkFast on a Cisco IOS switch, use the show spanning-tree uplinkfast command, as demonstrated on Switch-E in Example 4-51.
Example 4-51. Verifying Spanning-Tree Configuration on Switch-E After Enabling UplinkFast
Switch-E# show spanning-tree uplinkfast UplinkFast is enabled Station update rate set to 250 packets/sec. UplinkFast statistics ----------------------- Number of transitions via uplinkFast (all VLANs) : 1 Number of proxy multicast addresses transmitted (all VLANs) : 0 Name Interface List -------------------- ------------------------------------ VLAN0001 Fa0/1(fwd), Fa0/2
Notice that UplinkFast is enabled and the update rate is set to 250 packets per second. The rate is expressed in packets per second, unlike CatOS that specifies the rate in packets per 100 milliseconds. At the bottom of the table, you can see the interface list for each VLAN that UplinkFast uses for fast cutover. Interface Fa0/1 is listed as the uplink that is currently forwarding, with interface Fa0/2 listed as a candidate interface for fast failover. If Fa0/1 is detected as going down, Switch-D immediately places Fa0/2 into a forwarding state.
To disable UplinkFast, use the no spanning-tree uplinkfast global configuration command. This command disables UplinkFast and return bridge priority and port cost values to their default values.
To test UplinkFast, configure IP addressing on Switch-B and Switch-D, which enables you to test ping connectivity between the switches. Then shut down the active root port on Switch-D and verify that you can still ping Switch-B immediately after the port is shut down.