Advanced Spanning Tree

2012 Juniper Networks, Inc. All rights reserved. | www.juniper.net

What If ?
Refer to the topology below and assume no spanning
tree protocol is currently in use; what would happen if
User A sent traffic to User Z?
DS-1

AS-1

User A
172.23.10.86/24

DS-2

AS-2

All switch ports belong to vlan-10 which is

associated with 172.23.10.0/24

AS-3

User Z
172.23.10.88/24

The traffic would be flooded repeatedly through a Layer 2 loop

2012 Juniper Networks, Inc. All rights reserved.

www.juniper.net | 2

Understanding the Default Configuration

By default, RSTP is enabled on EX Series switches
which helps ensure a loop-free Layer 2 topology
One of the participating switches is
selected as the root bridge

DS-1 (Root bridge)

AS-1

User A
172.23.10.86/24

DS-2

AS-3

AS-2

All switch ports belong to vlan-10 which is

associated with 172.23.10.0/24

User Z
172.23.10.88/24

Traffic will be forwarded through the root bridge towards the destination
www.juniper.net | 3

2012 Juniper Networks, Inc. All rights reserved.

Test Your Knowledge (1 of 3)

Based on the configurations, which switch will be
elected the root bridge?

{master:0}[edit protocols rstp]

user@AS-1# show
bridge-priority 32k;
interface all {
priority 16;
cost 2000;
}

2012 Juniper Networks, Inc. All rights reserved.

Root Bridge
ge-0/0/1.0

AS-1

DS-2

ge-0/0/8.0

DS-1

ge-0/0/8.0

{master:0}[edit protocols rstp]

user@DS-1# show
bridge-priority 4k;
interface ge-0/0/8.0 {
cost 1;
}
interface all {
priority 128;
cost 200000;
}

ge-0/0/12.0

AS-2

{master:0}[edit protocols rstp]

user@DS-2# show
bridge-priority 8k;
interface ge-0/0/10.0 {
cost 1;
}
interface all {
priority 16;
cost 20000;
}

{master:0}[edit protocols rstp]

user@AS-2# show
bridge-priority 36k;
interface all {
priority 128;
cost 20000;
}

www.juniper.net | 4

Test Your Knowledge (2 of 3)

What role and state will be assigned to the various
switch ports?

D F

R F

{master:0}[edit protocols rstp]

user@AS-1# show
bridge-priority 32k;
interface all {
priority 16;
cost 2000;
}

AS-1

DS-2

ge-0/0/1.0

D
F

A
B
R

D
F

ge-0/0/12.0

D F

ge-0/0/8.0

Root Bridge
DS-1

ge-0/0/8.0

{master:0}[edit protocols rstp]

user@DS-1# show
bridge-priority 4k;
interface ge-0/0/8.0 {
cost 1;
}
interface all {
priority 128;
cost 200000;
}

R
F

{master:0}[edit protocols rstp]

user@DS-2# show
bridge-priority 8k;
interface ge-0/0/10.0 {
cost 1;
}
interface all {
priority 16;
cost 20000;
}

A B

AS-2

Forwarding = F
Blocking = B
Root Port = R

{master:0}[edit protocols rstp]

user@AS-2# show
bridge-priority 36k;
interface all {
priority 128;
cost 20000;
}

Designated Port = D
Alternate Port = A
www.juniper.net | 5

2012 Juniper Networks, Inc. All rights reserved.

Test Your Knowledge (3 of 3)

Based on the modified configurations, what role and
state will be assigned to AS-2s ports?

{master:0}[edit protocols rstp]

user@AS-1# show
bridge-priority 32k;
interface all {
priority 16;
cost 20000;
}

AS-1

DS-2

ge-0/0/1.0

{master:0}[edit protocols rstp]

user@DS-2# show
bridge-priority 32k;
interface all {
priority 16;
cost 20000;
}

ge-0/0/8.0

Root Bridge
DS-1

ge-0/0/8.0

{master:0}[edit protocols rstp]

user@DS-1# show
bridge-priority 4k;
interface all {
priority 128;
cost 20000;
}

ge-0/0/12.0
Forwarding = F
Blocking = B
Root Port = R
Designated Port = D

R
F

A B

AS-2

{master:0}[edit protocols rstp]

user@AS-2# show
bridge-priority 36k;
interface ge-0/0/8.0 {
priority 32;
}
interface ge-0/0/12.0 {
priority 16;
}

Alternate Port = A
2012 Juniper Networks, Inc. All rights reserved.

www.juniper.net | 6

A Limitation of STP and RSTP

STP and RSTP provide no load-balancing functionality
which means some links will not be used
DS-1 (Root bridge)

AS-1

User A
172.23.10.86/24

User B
172.23.20.86/24

DS-2

All links connected to DS-2 will not

be used unless a failure occurs

AS-3

AS-2

User C
172.23.10.87/24

User D
172.23.20.87/24

User E
172.23.10.88/24

User F
172.23.20.88/24

vlan-20 is associated with the

172.23.20.0/24 broadcast domain

vlan-10 is associated with the

172.23.10.0/24 broadcast domain

www.juniper.net | 7

2012 Juniper Networks, Inc. All rights reserved.

Multiple Spanning Tree Protocol

MSTP provides extensions to RSTP which allow you to:
Create multiple spanning tree instances (MSTIs) in
order to balance traffic flows over all available links
DS-2

DS-1

(Root bridge for Instance-2)

(Root bridge for Instance-1)

AS-1

User A
172.23.10.86/24

User B
172.23.20.86/24

User C
172.23.10.87/24

vlan-10 is associated with the

172.23.10.0/24 broadcast domain
2012 Juniper Networks, Inc. All rights reserved.

AS-3

AS-2

User D
172.23.20.87/24

User E
172.23.10.88/24

User F
172.23.20.88/24

vlan-20 is associated with the

172.23.20.0/24 broadcast domain
www.juniper.net | 8

Multiple Spanning Tree Region

A group of switches with the same region name,
revision level, and VLAN-to-instance mapping
You can configure a maximum of 64 MSTIs per MST region
with one regional root bridge per instance
Region-1

Instance-1 = VLANs 10-19

Instance-2 = VLANs 20-29

DS-2

DS-1

(Root bridge for Instance-2)

(Root bridge for Instance-1)

AS-1

AS-3

AS-2

www.juniper.net | 9

2012 Juniper Networks, Inc. All rights reserved.

Common Spanning Tree (1 of 2)

MSTP remains backward compatible with STP and
RSTP through a CST
CST allows you to interconnect multiple MST regions or to
connect an MST region with a standalone switch running STP

MST Region-2

MST Region-1

CST

2012 Juniper Networks, Inc. All rights reserved.

www.juniper.net | 10

Common Spanning Tree (2 of 2)

MSTP uses the same Ethernet frame format as RSTP
Some BPDU information in the data field differs from RSTP
in order to accommodate MSTP functionality

CST

MST Region-2

MST Region-1

RSTP-only switch

MSTP BPDUs are exchanged within and between MST regions or

between MST regions and RSTP-only switches

DA

SA

A number of fields in the MST BPDU are the

same as in RSTP and STP BPDUs and allow
for backwards compatibility

LLC

FCS

Data

MST BPDU

Optional MSTI
Configuration Messages

www.juniper.net | 11

2012 Juniper Networks, Inc. All rights reserved.

Internal Spanning Tree

Internal spanning tree extends CST into MST regions
Each MST region appears as a virtual bridge to other MST
regions or RSTP-only switches

Internal Spanning Tree

CST

MST Region-1

MST Region-2
RSTP-only switch

MST regions appear as virtual bridges for the root bridge calculation within the CST
DA

SA

LLC

MST BPDU

2012 Juniper Networks, Inc. All rights reserved.

Data

FCS

Optional MSTI
Configuration Messages

Remaining fields in MST BPDU and the optional

MSTI configuration messages are used to build the
internal spanning tree and create multiple
spanning trees for an MST region
www.juniper.net | 12

MSTP Configuration
[edit protocols mstp]
user@switch# show
configuration-name <configuration-name>;
revision-level <revision-level>;
bridge-priority <priority>
msti <msti-id> {
bridge-priority <priority>;
vlan (vlan-id | vlan-name);
}
msti <msti-id> {
bridge-priority <priority>;
vlan (vlan-id | vlan-name);
}

User-defined configuration-name and

revision-level

MSTIs with individual bridge-priority

values and VLAN ID ranges

Configuration name = X
Revision level = y
MSTI-to-VLAN mapping = z

Configuration name = X
Revision level = y
MSTI-to-VLAN mapping = z

Note that certain MSTP configuration parameters must

match on bridges participating in the same MST region
www.juniper.net | 13

2012 Juniper Networks, Inc. All rights reserved.

Case Study: Topology and Objectives

Configure MSTP so that DS-1 and DS-2 function as
root bridges for their respective instances
If DS-1 or DS-2 fails, ensure the other switch assumes the
root bridge role for both MSTIs
VLANs
10 - 19

VLANs
20 - 29

MST Region-1
DS-2

DS-1
ge-0/0/12.0

(Root bridge for msti 1)

(Root bridge for msti 2)

ge-0/0/8.0

ge-0/0/8.0
ge-0/0/9.0
ge-0/0/10.0

AS-1

2012 Juniper Networks, Inc. All rights reserved.

ge-0/0/10.0

AS-2

AS-3

www.juniper.net | 14

Case Study: Configuring MSTP

[edit protocols mstp]
user@DS-2# show
configuration-name Region-1;
revision-level 1;
msti 1 {
bridge-priority 8k;
vlan 10-19;
}
msti 2 {
bridge-priority 4k;
vlan 20-29;
}

[edit protocols mstp]

user@DS-1# show
configuration-name Region-1;
revision-level 1;
msti 1 {
bridge-priority 4k;
vlan 10-19;
}
msti 2 {
bridge-priority 8k;
vlan 20-29;
}
VLANs
10 - 19

VLANs
20 - 29

MST Region-1
DS-1

(Root bridge for msti 1)

DS-2
ge-0/0/12.0

(Root bridge for msti 2)

ge-0/0/8.0

ge-0/0/8.0
ge-0/0/9.0
ge-0/0/10.0

AS-1

ge-0/0/10.0

AS-2

AS-3

Note that all access switches (AS-1, AS-2, and AS-3) retain the default bridge priority value for both MSTIs
www.juniper.net | 15

2012 Juniper Networks, Inc. All rights reserved.

Case Study: Monitoring MSTP (1 of 3)

user@DS-1> show spanning-tree ?
Possible completions:
bridge
Show STP bridge parameters
interface
Show STP interface parameters
mstp
Show Multiple Spanning Tree Protocol information
statistics
Show STP statistics

Command options used

to monitor MSTP

user@DS-1> show spanning-tree mstp configuration

Values must match for all switches
MSTP information
within a common MST region
Context identifier
: 0
Region name
: Region-1
Revision
: 1
Configuration digest
: 0xf92468d366cf3c647eb33c03b166ad59

MSTI
Member VLANs
0 0-9,30-4094
1 10-19
2 20-29

2012 Juniper Networks, Inc. All rights reserved.

Configuration digest is determined by

contents of MSTI to VID table

www.juniper.net | 16

Case Study: Monitoring MSTP (2 of 3)

user@DS-1> show spanning-tree interface

Interfaces and associated

details are listed by instance

Spanning tree interface parameters for instance 0

Interface
ge-0/0/8.0
ge-0/0/10.0
ge-0/0/12.0

Port ID
128:521
128:523
128:525

Designated
port ID
128:521
128:523
128:525

Designated
bridge ID
32768.0019e25173c0
32768.0019e25173c0
32768.0019e25173c0

Port
Cost
20000
20000
20000

State

Role

FWD
FWD
FWD

DESG
DESG
DESG

Port
Cost
20000
20000
20000

State

Role

FWD
FWD
FWD

DESG
DESG
DESG

Port
Cost
20000
20000
20000

State

Role

FWD
FWD
FWD

DESG
DESG
ROOT

Spanning tree interface parameters for instance 1

Interface
ge-0/0/8.0
ge-0/0/10.0
ge-0/0/12.0

Port ID
128:521
128:523
128:525

Designated
port ID
128:521
128:523
128:525

Designated
bridge ID
4097.0019e25173c0
4097.0019e25173c0
4097.0019e25173c0

Spanning tree interface parameters for instance 2

Interface
ge-0/0/8.0
ge-0/0/10.0
ge-0/0/12.0

Port ID
128:521
128:523
128:525

Designated
port ID
128:521
128:523
128:525

Designated
bridge ID
8194.0019e25173c0
8194.0019e25173c0
4098.0019e2551d40

www.juniper.net | 17

2012 Juniper Networks, Inc. All rights reserved.

Case Study: Monitoring MSTP (3 of 3)

user@DS-1> show spanning-tree bridge
STP bridge parameters
Context ID
Enabled protocol
STP bridge parameters for CIST
Root ID
CIST regional root
CIST internal root cost
Hello time
Maximum age
Forward delay
Number of topology changes
Time since last topology change
Topology change initiator
Topology change last recvd. from
Local parameters
Bridge ID
Extended system ID
Internal instance ID

: 0
: MSTP

:
:
:
:
:
:
:
:
:
:

STP details are listed

by instance

32768.00:19:e2:51:73:c0
32768.00:19:e2:51:73:c0
0
2 seconds
20 seconds
15 seconds
5
8152 seconds
ge-0/0/8.0
00:26:88:02:70:88

: 32768.00:19:e2:51:73:c0
: 0
: 0

STP bridge parameters for MSTI 1

STP bridge parameters for MSTI 2

2012 Juniper Networks, Inc. All rights reserved.

www.juniper.net | 18

VLAN Spanning Tree Protocol

VSTP maintains a separate spanning-tree instance for
each VLAN allowing load balancing of Layer 2 traffic
Proprietary protocol that is compatible with similar protocols
from other vendors including PVST+ and Rapid-PVST+
VSTP instance 1
VSTP instance 2
VSTP instance 3
VSTP instance 4
VSTP instance 5

VLAN-1
VLAN-2
VLAN-3
VLAN-4
VLAN-5
DS-2

DS-1

AS-1

AS-2

AS-3
www.juniper.net | 19

2012 Juniper Networks, Inc. All rights reserved.

VSTP Considerations (1 of 2)
Some VSTP considerations include:
Supports up to 253 different spanning-tree topologies
You selectively determine which VLANs participate in VSTP

We recommend that you enable RSTP in addition to VSTP to

account for any VLANs above and beyond 253
VLAN-1
VLAN-2

VLAN-253
VLAN-254
VLAN-255

2012 Juniper Networks, Inc. All rights reserved.

VSTP
RSTP

VLAN-1
VLAN-2

VLAN-253
VLAN-254
VLAN-255

www.juniper.net | 20

10

VSTP Considerations (2 of 2)
Some VSTP considerations include (contd):
As you add VLANs, more CPU resources are consumed
A separate BPDU is sent out for each configured VLAN
VLAN-1
VLAN-2
VLAN-3

DA

SA

VLAN
TAG

LLC

SNAP

BPDU

FCS

VSTP BPDU format is the same as RSTP format with an added type, length, and
value that advertises the same VLAN ID found in the VLAN tag

www.juniper.net | 21

2012 Juniper Networks, Inc. All rights reserved.

VSTP Configuration
[edit protocols vstp]
user@switch# show
disable;
force-version stp;
vlan-group {
group <group-name> {
vlan (vlan-id | vlan-id-range);
bridge-priority <priority>
}
}
vlan (all | vlan-id | vlan-name) {
bridge-priority <priority>;
max-age <seconds>;
forward-delay <seconds>;
interface (all | interface-name) {
cost <cost>;
disable;
mode <mode>;
edge;
}
}

2012 Juniper Networks, Inc. All rights reserved.

Forces VSTP to use STP

instead of the default, RSTP
Use the vlan-group option
when a VLAN-ID range is desired

VSTP uses the same terminology

and configuration options as RSTP

www.juniper.net | 22

11

Case Study: Topology and Objectives

Configure VSTP so that DS-1 and DS-2 function as
root bridges for their respective VLANs
If DS-1 or DS-2 fails, ensure the other switch assumes the
root bridge role for both sets of VLANs
VLANs
20 - 29

VLANs
10 - 19
DS-2

DS-1

(Root bridge for VLAN group B)

(Root bridge for VLAN group A)

AS-1

AS-3

AS-2

www.juniper.net | 23

2012 Juniper Networks, Inc. All rights reserved.

Case Study: Configuring VSTP

[edit protocols vstp]
user@DS-2# show
vlan-group {
group group-A {
vlan 10-19;
bridge-priority 8k;
}
group group-B {
vlan 20-29;
bridge-priority 4k;
}
}

[edit protocols vstp]

user@DS-1# show
vlan-group {
group group-A {
vlan 10-19;
bridge-priority 4k;
}
group group-B {
vlan 20-29;
bridge-priority 8k;
}
}

VLANs
20 - 29

VLANs
10 - 19
DS-2

DS-1

(Root bridge for VLAN group B)

(Root bridge for VLAN group A)

AS-1

AS-2

AS-3

Note that AS-1, AS-2, and AS-3 retain the default bridge priority value for both VLAN groups
2012 Juniper Networks, Inc. All rights reserved.

www.juniper.net | 24

12

Case Study: Monitoring VSTP (1 of 2)

user@DS-1> show spanning-tree interface

STP interface details are

listed by VLAN

Spanning tree interface parameters for VLAN 10

Interface

Port ID
Designated
Designated
port ID
bridge ID
ge-0/0/8.0
128:521
128:521
4106.0019e25173c0
ge-0/0/10.0
128:523
128:523
4106.0019e25173c0
ge-0/0/12.0
128:525
128:525
4106.0019e25173c0

Spanning tree interface parameters for VLAN 20

Port
Cost
20000
20000
20000

State

Role

FWD
FWD
FWD

DESG
DESG
DESG

Interface

Port
Cost
20000
20000
20000

State

Role

BLK
FWD
BLK

ALT
ROOT
ALT

ge-0/0/8.0
ge-0/0/10.0
ge-0/0/12.0

Port ID
128:521
128:523
128:525

Designated
port ID
128:523
128:521
128:525

Designated
bridge ID
4116.0019e2551d40
4116.0019e2551d40
4116.0019e2551d40

www.juniper.net | 25

2012 Juniper Networks, Inc. All rights reserved.

Case Study: Monitoring VSTP (2 of 2)

user@DS-1> show spanning-tree bridge
STP bridge parameters
Context ID
Enabled protocol
STP bridge parameters for VLAN 10
Root ID
Hello time
Maximum age
Forward delay
Message age
Number of topology changes
Time since last topology change
Topology change initiator
Topology change last recvd. from
Local parameters
Bridge ID
Extended system ID
Internal instance ID

STP bridge parameters

Context ID
Enabled protocol
STP bridge parameters for VLAN 20
Root ID

2012 Juniper Networks, Inc. All rights reserved.

: 1
: RSTP

:
:
:
:
:
:
:
:
:

STP details are listed

by VLAN

4106.00:19:e2:51:73:c0
2 seconds
20 seconds
15 seconds
0
1
464 seconds
ge-0/0/8.0
00:19:e2:55:1d:4a

: 4106.00:19:e2:51:73:c0
: 1
: 0

: 11
: RSTP

: 4116.00:19:e2:55:1d:40

www.juniper.net | 26

13

14