Seguridad y Redes

Tips, Video Tutoriales, Wifislax, VMware, Linux, GNS3, Eve-NG, CCNA, Cisco Routers, Switches

Spanning Tree Protocol (STP) en GNS3

By 16:37 , , , , ,

Spanning Tree Protocol es un protocolo de capa 2 (enlace de datos) del modelo OSI. Este protocolo esta basado en un algoritmo diseñado por Radia Perlman. La función principal de STP es gestionar la presencia de loops en las topologias de red debido a la existencia de enlaces redundantes, estos enlaces redundantes son necesarios en varios casos para garantizar la disponibilidad de las conexiones. STP permite activar o desactivar automáticamente los enlaces de conexión de forma que se garantice que la topologia este libre de loops. Si existen varios enlaces y en el caso de que un enlace falle, otro enlaces puede seguir soportando el trafico de la red.
Tologia Spanning Tree Protocol
Spanning Tree Protocol (STP) en GNS3

El objetivo de esta practica es analizar la configuración y el funcionamiento básico del Spanning Tree Protocol (STP). En GNS3 vamos utilizar el modulo NM-16ESW, asi que lo primero que haremos es agregar el modulo NM-16ESW al router. Si necesitas ayudar del como agregar el  modulo revisa este enlace.
Spanning Tree Protocol en GNS3
Una vez configurado los cuatro Switches con el modulo NM-16ESW, iniciamos los routers y realizamos las configuraciones básicas.

Configuración básica del Switch1
SW1>enable
SW1#configure terminal
SW1(config)#hostname Switch1
Switch1(config)#enable secret cisco
Switch1(config)#no ip domain lookup
Switch1(config)#interface Vlan1
Switch1(config-if)#ip address 192.168.1.1 255.255.255.0
Switch1(config-if)#no shut
Switch1(config-if)#line con 0
Switch1(config-line)#exec-timeout 0 0
Switch1(config-line)#logging synchronous
Switch1(config-line)#password cisco2
Switch1(config-line)#login
Switch1(config-line)#exit
Switch1(config)#line vty 0 15
Switch1(config-line)#logging synchronous
Switch1(config-line)#password cisco3
Switch1(config-line)#login
Switch1(config-line)#end
Switch1#copy running-config startup-config
Destination filename [startup-config]? 
Building configuration...
[OK]
Switch1#
Configuracion Switch2 
SW2>enable
SW2#configure terminal
SW2(config)#hostname Switch2
Switch2(config)#enable secret cisco
Switch2(config)#no ip domain lookup
Switch2(config)#interface Vlan1
Switch2(config-if)#ip address 192.168.1.2 255.255.255.0
Switch2(config-if)#no shut
Switch2(config-if)#line con 0
Switch2(config-line)#exec-timeout 0 0
Switch2(config-line)#logging synchronous
Switch2(config-line)#password cisco2
Switch2(config-line)#login
Switch2(config-line)#exit
Switch2(config)#line vty 0 15
Switch2(config-line)#logging synchronous
Switch2(config-line)#password cisco3
Switch2(config-line)#login
Switch2(config-line)#end
Switch2#copy running-config startup-config
Destination filename [startup-config]? 
Building configuration...
[OK]
Switch2#
Configuración Switch3 
SW3>enable
SW3#configure terminal
SW3(config)#hostname Switch3
Switch3(config)#enable secret cisco
Switch3(config)#no ip domain lookup
Switch3(config)#interface Vlan1
Switch3(config-if)#ip address 192.168.1.3 255.255.255.0
Switch3(config-if)#no shut
Switch3(config-if)#line con 0
Switch3(config-line)#exec-timeout 0 0
Switch3(config-line)#logging synchronous
Switch3(config-line)#password cisco2
Switch3(config-line)#login
Switch3(config-line)#exit
Switch3(config)#line vty 0 15
Switch3(config-line)#logging synchronous
Switch3(config-line)#password cisco3
Switch3(config-line)#login
Switch3(config-line)#end
Switch3#copy running-config startup-config
Destination filename [startup-config]? 
Building configuration...
[OK]
Switch3#
Configuración Switch4 
SW4>enable
SW4#configure terminal
SW4(config)#hostname Switch4
Switch4(config)#enable secret cisco
Switch4(config)#no ip domain lookup
Switch4(config)#interface Vlan1
Switch4(config-if)#ip address 192.168.1.4 255.255.255.0
Switch4(config-if)#no shut
Switch4(config-if)#line con 0
Switch4(config-line)#exec-timeout 0 0
Switch4(config-line)#logging synchronous
Switch4(config-line)#password cisco2
Switch4(config-line)#login
Switch4(config-line)#exit
Switch4(config)#line vty 0 15
Switch4(config-line)#logging synchronous
Switch4(config-line)#password cisco3
Switch4(config-line)#login
Switch4(config-line)#end
Switch4#copy running-config startup-config
Destination filename [startup-config]? 
Building configuration...
[OK]
Switch4#
Configuramos las interfaces en modo trunk 
Switch1(config)#interface range fastEthernet 1/1 - 3
Switch1(config-if-range)#switchport mode trunk
Switch1(config-if-range)#no shutdown 
Switch1(config-if-range)#end
Switch1#
Switch2(config)#interface range fastEthernet 1/1 - 3
Switch2(config-if-range)#switchport mode trunk
Switch2(config-if-range)#no shutdown 
Switch2(config-if-range)#end
Switch2#
Switch3(config)#interface range fastEthernet 1/1 - 3
Switch3(config-if-range)#switchport mode trunk
Switch3(config-if-range)#no shutdown 
Switch3(config-if-range)#end
Switch3#
Switch4(config)#interface range fastEthernet 1/1 - 3
Switch4(config-if-range)#switchport mode trunk
Switch4(config-if-range)#no shutdown 
Switch4(config-if-range)#end
Switch4#
Verficamos STP 
Switch1#show spanning-tree brief

VLAN1
  Spanning tree enabled protocol ieee
  Root ID    Priority    32768
             Address     c204.1490.0000
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     c204.1490.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1      128.42   128    19 FWD     0 32768 c204.1490.0000 128.42 
FastEthernet1/2      128.43   128    19 FWD     0 32768 c204.1490.0000 128.43 
FastEthernet1/3      128.44   128    19 FWD     0 32768 c204.1490.0000 128.44
Switch2#show spanning-tree brief

VLAN1
  Spanning tree enabled protocol ieee
  Root ID    Priority    32768
             Address     c204.1490.0000
             Cost        19
             Port        43 (FastEthernet1/2)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     c205.1490.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1      128.42   128    19 FWD    19 32768 c205.1490.0000 128.42 
FastEthernet1/2      128.43   128    19 FWD     0 32768 c204.1490.0000 128.42 
FastEthernet1/3      128.44   128    19 FWD    19 32768 c205.1490.0000 128.44 
Switch3#show spanning-tree brief

VLAN1
  Spanning tree enabled protocol ieee
  Root ID    Priority    32768
             Address     c204.1490.0000
             Cost        19
             Port        42 (FastEthernet1/1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     c206.1490.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1      128.42   128    19 FWD     0 32768 c204.1490.0000 128.44 
FastEthernet1/2      128.43   128    19 BLK    19 32768 c205.1490.0000 128.44 
FastEthernet1/3      128.44   128    19 FWD    19 32768 c206.1490.0000 128.44 
Switch4#show spanning-tree brief

VLAN1
  Spanning tree enabled protocol ieee
  Root ID    Priority    32768
             Address     c204.1490.0000
             Cost        19
             Port        44 (FastEthernet1/3)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     c207.1490.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1      128.42   128    19 BLK    19 32768 c206.1490.0000 128.44 
FastEthernet1/2      128.43   128    19 BLK    19 32768 c205.1490.0000 128.42 
FastEthernet1/3      128.44   128    19 FWD     0 32768 c204.1490.0000 128.43
Otro comando para verificar el Switch Root. 
Switch1#show spanning-tree root
VLAN1            
  Root ID    Priority    32768
             Address     c204.1490.0000
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
Para mostrar los puertos bloqueados 
Switch4#show spanning-tree blockedports 

Name                 Blocked Interfaces List
-------------------- ------------------------------------
VLAN1                Fa1/1, Fa1/2

Number of blocked ports (segments) in the system : 2
Debuggin de STP en GNS3 
Switch1#debug spanning-tree ?
  all           All Spanning Tree debugging messages
  backbonefast  BackboneFast events
  bpdu          Spanning tree bridge protocol data units
  bpdu-opt      Optimized BPDU handling
  config        Spanning tree config changes
  etherchannel  EtherChannel support
  events        Spanning tree topology events
  exceptions    Spanning tree exceptions
  general       Spanning tree general
  pvst+         PVST+ events
  root          Spanning tree root events
  snmp          Spanning Tree SNMP handling
  uplinkfast    UplinkFast events
Como se muestra en la salida anterior, hay varias opciones disponibles en GNS3. Nosotros activaremos uno en especifico, el debug de los eventos de la topologia de Spanning Tree. 
Switch1#debug spanning-tree events 
Spanning Tree event debugging is on

Eleccion de Root Bridge

Un Root Switch es el Switch que tenga el Bridge ID (BID) mas pequeña. El bridge ID esta compuesto por:

La prioridad.
La mac address.

Si en todos los Switches son iguales en la prioridad, entonces busca la dirección MAC mas pequeña. En este ejemplo como en todos los switches la prioridad es la misma entonces lo que tomara para elegir el root bridge sera el switch que tenga la mac address mas pequeña. En nuestro caso el Root Brigde con la Mac Address mas pequeña es el Switch1. Ahora veamos un ejemplo de como cambiar la prioridad para que el Switch2 sea el Root.

Cambiar a que Switch2 sea el Root.

Para que el Switch2 sea elegido como Root lo que haremos es cambiar la prioridad y para esto se hace de la siguiente manera. 

Switch2(config)#spanning-tree vlan 1 priority 4096
Al hacer esto, las notificaciones en consola del STP se han generado en cada Switch. 
Switch1#
*Mar  1 00:53:30.151: STP: VLAN1 heard root  4096-c205.1490.0000 on Fa1/1
*Mar  1 00:53:30.151: current Root has 32768-c204.1490.0000
*Mar  1 00:53:30.151:     supersedes 32768-c204.1490.0000
*Mar  1 00:53:30.151: STP: VLAN1 new root is 4096, c205.1490.0000 on port Fa1/1, cost 19
Switch2#
*Mar  1 00:52:51.147: STP: VLAN1 we are the spanning tree root
*Mar  1 00:52:51.323: STP: VLAN1 Topology Change rcvd on Fa1/1
*Mar  1 00:52:51.331: STP: VLAN1 Topology Change rcvd on Fa1/3
*Mar  1 00:53:21.331: STP: VLAN1 Topology Change rcvd on Fa1/3
Switch3#
*Mar  1 00:52:19.175: STP: VLAN1 heard root  4096-c205.1490.0000 on Fa1/2
*Mar  1 00:52:19.175: current Root has 32768-c204.1490.0000
*Mar  1 00:52:19.175:     supersedes 32768-c204.1490.0000
*Mar  1 00:52:19.179: STP: VLAN1 new root is 4096, c205.1490.0000 on port Fa1/2, cost 19
*Mar  1 00:52:19.251: STP: VLAN1 Fa1/2 -> listening
*Mar  1 00:52:19.259: STP: VLAN1 sent Topology Change Notice on Fa1/2
*Mar  1 00:52:19.331: STP: VLAN1 Fa1/1 -> blocking
*Mar  1 00:52:34.271: STP: VLAN1 Fa1/2 -> learning
*Mar  1 00:52:49.295: STP: VLAN1 sent Topology Change Notice on Fa1/2
*Mar  1 00:52:49.295: STP: VLAN1 Fa1/2 -> forwarding
Switch4#
*Mar  1 00:51:57.111: STP: VLAN1 heard root  4096-c205.1490.0000 on Fa1/2
*Mar  1 00:51:57.111: current Root has 32768-c204.1490.0000
*Mar  1 00:51:57.111:     supersedes 32768-c204.1490.0000
*Mar  1 00:51:57.111: STP: VLAN1 new root is 4096, c205.1490.0000 on port Fa1/2, cost 19
*Mar  1 00:51:57.143: STP: VLAN1 Fa1/1 -> listening
*Mar  1 00:51:57.207: STP: VLAN1 Fa1/2 -> listening
*Mar  1 00:51:57.211: STP: VLAN1 sent Topology Change Notice on Fa1/2
*Mar  1 00:51:57.259: STP: VLAN1 Fa1/3 -> blocking
*Mar  1 00:51:57.327: STP: VLAN1 Fa1/1 -> blocking
*Mar  1 00:52:12.227: STP: VLAN1 Fa1/2 -> learning
*Mar  1 00:52:27.247: STP: VLAN1 Fa1/2 -> forwarding
Como hemos cambiado la prioridad al Switch2 ahora es el Root. 
Switch2#show spanning-tree brief   

VLAN1
  Spanning tree enabled protocol ieee
  Root ID    Priority    4096
             Address     c205.1490.0000
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    4096
             Address     c205.1490.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1      128.42   128    19 FWD     0  4096 c205.1490.0000 128.42 
FastEthernet1/2      128.43   128    19 FWD     0  4096 c205.1490.0000 128.43 
FastEthernet1/3      128.44   128    19 FWD     0  4096 c205.1490.0000 128.44
Otros modos de la eleccion de Root Switch es cambiando la prioridad mas baja. Por ejemplo, ahora queremos que el Switch3 sea el Root.

Switch3(config)#spanning-tree vlan 1 priority 0
Switch3(config)#spanning-tree vlan 1 priority 0
Switch3(config)#
*Mar  1 01:01:16.907: STP: VLAN1 we are the spanning tree root
*Mar  1 01:01:16.931: STP: VLAN1 Fa1/1 -> listening
*Mar  1 01:01:17.091: STP: VLAN1 Topology Change rcvd on Fa1/1
*Mar  1 01:01:18.039: STP: VLAN1 Topology Change rcvd on Fa1/3
Switch3(config)#end
Switch3#show spanning-tree brief

VLAN1
  Spanning tree enabled protocol ieee
  Root ID    Priority    0
             Address     c206.1490.0000
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    0
             Address     c206.1490.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1      128.42   128    19 LIS     0     0 c206.1490.0000 128.42 
FastEthernet1/2      128.43   128    19 FWD     0     0 c206.1490.0000 128.43 
FastEthernet1/3      128.44   128    19 FWD     0     0 c206.1490.0000 128.44
Otra manera es indicandole que por ejemplo el Switch4 sea el Root.

Switch4(config)# spanning-tree vlan 1 root primary 

Switch4(config)#spanning-tree vlan 1 root primary 
 VLAN 1 bridge priority set to 8192
 VLAN 1 bridge max aging time unchanged at 20
 VLAN 1 bridge hello time unchanged at 2
 VLAN 1 bridge forward delay unchanged at 15
Switch4#show spanning-tree brief

VLAN1
  Spanning tree enabled protocol ieee
  Root ID    Priority    8192
             Address     c207.1490.0000
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    8192
             Address     c207.1490.0000
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
FastEthernet1/1      128.42   128    19 FWD     0  8192 c207.1490.0000 128.42 
FastEthernet1/2      128.43   128    19 FWD     0  8192 c207.1490.0000 128.43 
FastEthernet1/3      128.44   128    19 FWD     0  8192 c207.1490.0000 128.44

, , , , ,

About the Author

Hablaremos sobre redes, seguridad, Cisco IOS, Linux y emulacion de dispositivos en GNS3.

You Might Also Like

6 comentarios

  1. Unknown5 de marzo de 2017, 20:59

    quisiera cambiar los modos de spanning tree en GNS3 ..... los comandos no me aparecen

    ResponderEliminar
  2. Unknown5 de marzo de 2017, 21:01

    quisiera cambiar los modos de spanning tree en GNS3 ..... los comandos no me aparecen

    ResponderEliminar
  3. alrogo15 de julio de 2017, 20:02

    gracias

    ResponderEliminar
  4. Anónimo28 de abril de 2022, 13:12

    Gracias me sirvió de mucho para aprender y comprender mejor.

    ResponderEliminar
  5. Anónimo11 de junio de 2023, 21:46

    Gracias me ayudo mucho

    ResponderEliminar