12-31-2008 05:36 AM - edited 03-04-2019 03:17 AM
Hello,
I have a few questions regarding STP and L2 security in general.
1)
I read in books that STP sends its BPDU packets via VLAN 1 untagged, but when I used Ethereal sniffer I
found out that BPDU packets are tagged with VLAN for which it sends information about (PVST+).
(i.e for vlan 10 BPDU are tagged with VLAN 10..etc). So when does STP use VLAN 1?
2)
I need two L2 redundant links between two locations. If ISP give me two L2 access port in order to connect
those two loacations would STP work and block one of the links (suppose that I use VLAN 100
on my side and ISP uses VLAN 200 in its core). I tested this scenario in LAB and it works but
I don't know why is it so theoreticaly. I thought that swiches would ignore BPDU-s that come from different VLAN.
3)
UDLD is used if one direction on optical fiber (Rx or Tx) is broken. But if I disconnect from port one of the links, i.e I pull
out RX link and Tx stays in, the ports on both sides of the cable go down. I tested that on new swtiches, but isn't then UDLD feature
sufficient. It seems that ports always go down if only one direction is disconnected so STP can't make a loop.
Were my test an cocnlusion regular?
Thanks in advance,
regards,
A
12-31-2008 07:31 AM
Hello Antonio,
Happy new year !
1) the question is what STP type:
old STP 802.1D is mono instance and sends out its BPDUs untagged
PVST+ tunnels its BPDUs for all instances using the right vlan-id and putting a vlan-id field inside that gives a consistency check (if external vlan-id is is different then internal something strange and the port is disabled but only if it is a trunk)
MST sends BPDUs only on the IST with fields for all instances
2) as said above if the ports are access ports (non trunks) legacy BPDUs 802.1D are used and no consistency check is performed so you can connect a port in vlan100 with one in vlan 200.
Or the provider is doing 802.1Q tunneling with L2 tunneling
3) you may provide more details however UDLD triggers also on a congested link for example.
UDLD is too slow for Rapid STP both RPVST and MST.
Hope to help
Giuseppe
12-31-2008 08:48 AM
Thank you Giuseppe
Happy new year.
A
12-31-2008 08:53 AM
And just one more question: 802.1D STP and MST uses VLAN 1 for coummunication via BPDU? Or it uses native VLAN which can be defined via switchport trunk native vlan command?
regards,
A
12-31-2008 09:13 AM
Hello Antonio,
MST will use one vlan associated to the IST
802.1D STP should use the native vlan on trunk
Hope to help
Giuseppe
01-02-2009 12:39 AM
I ask that because I wanted to know would STP work if that VLAN (used for BPDU) was removed from the trunk that connects two switches.
regards,
A
01-02-2009 04:30 AM
Hello Antonio,
a very useful document that collects very useful data about L2 protocols
if the port is a trunk it should detect a Vlan mismatch as I described in previous posts or you have configured 802.1Q tunneling ?
Hope to help
Giuseppe
01-02-2009 05:28 AM
Thanks Giuseppe.
A
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: