Understanding networking concepts

Tag: STP

Temporary loops in STP

When I was studying all the basic concepts related to the traditional STP protocol, I start asking myself one question: why do we need the listening and learning states? Why can’t a switch interface move from a blocking state directly to a forwarding state?

The theory says that if the LAN topology suddenly changes (for example, a link fails) and an interface that was previously blocked is moved to a forwarding state, a temporary loop may be created. The reason for these temporary loops could be the old MAC table entries that were learned using the old topology. To solve this problem, STP defines two interim states (listening and learning states).

During the listening state, the old MAC table entries are removed and during the learning state the interface starts to learn the source MAC addresses of the received frames. These two transitory states help the switches to adapt to the new topology and avoid the creation of potential temporary loops.

All of this may sound reasonable, but I wasn’t able to find a scenario where a temporary loop was created as a consequence of moving an interface directly from a blocking state to a forwarding state. Then I tried to search on the Internet and found some forum discussions about this topic and, surprisingly, I came up with a blog post from the author of the Cisco Official Cert Guide for the CCNA certification, Wendell Odom. In that post, the author admitted he wasn’t able to find a case in which the listening state is really necessary in STP to avoid temporary loops. He also quoted a fragment from a book written by Radia Perlman, the creator of STP. In that book, Radia Perlman even suggested the listening state wasn’t really necessary.

I strongly recommend reading the Wendell Odom article. But, as a summary, it seems that learning MAC addresses immediately after unblocking an interface isn’t harmful. Even though an interface could potentially learn a wrong MAC address it will not create a loop. Therefore, the listening and learning state could have been merged into a simple “preforwarding state” in the original STP definition, as suggested by Radia Perlman in her book.

Ethernet frame types and BPDUs

The first time I saw the structure of a Bridge Protocol Data Unit (BPDU) in Packet Tracer, I noticed something unusual in its Ethernet encapsulation. BPDUs are the type of message used by the Spanning-Tree Protocol (STP) in switches to avoid creating loops in a LAN. I will probably talk about STP later in this blog, but now I want to focus the discussion on the structure of an Ethernet frame.

The most common Ethernet frame type used today is known as Ethernet II. If you look at the traffic captured by WireShark or the PDU details shown by Packet Tracer, you will probably see the structure of an Ethernet II frame. For example, let’s look at the output of the “Outbound PDU details” of a ping message taken from Packet Tracer:

The first section of the output is named “Ethernet II” and represents the Layer-2 Ethernet frame that encapsulates the upper layers data. Let’s review the different frame fields in order, from left to right:

  • Preamble (7 bytes): bit pattern of alternating 1s and 0s for clock synchronization between the transmitter and the receiver.
  • Start Frame Delimiter (SFD) (1 byte): bit pattern 10101011 that marks the beginning of the frame.
  • Destination MAC address (6 bytes): the destination physical Layer-2 address.
  • Source MAC address (6 bytes): the source physical Layer-2 address.
  • Type (2 bytes): specifies the upper level protocol encapsulated. In this case, 0x0800 represents IPv4.
  • Data (variable length): the data or payload from the upper layers.
  • Frame Check Sequence (FCS) (4 bytes): a 32-bit CRC value for error checking.

Now let’s look at the PDU details of a BPDU packet:

Now, the Ethernet section is called “Ethernet 802.3“. The frame fields are basically the same, except for the Type field, which it is now called LEN (length) and represents the length in bytes of the data portion of the frame. Therefore, the STP protocol messages do not use the common Ethernet II encapsulation. An Ethernet 802.3 frame with LLC 802.2 encapsulation is used instead.

Ethernet II, also known as DIX Ethernet, is the version 2 of the original Ethernet implementation developed by DEC, Intel and Xerox. In the first IEEE definition of the 802.3 Ethernet standard, the Ethertype was replaced by the data length field and the protocol type was specified in an additional header using the LLC 802.2 protocol. The LLC header consists of 3 fields:

  • Destination Service Access Point (DSAP) (1 byte): represents the destination layer-3 process. In this example, the value 0x42 represents the STP protocol
  • Source Service Access Point (SSAP) (1 byte): represents the source layer-3 process: 0x42 for STP, again.
  • Control (1 or 2 bytes): represents the type of communication (unacknowledge connectionless, connection-oriented or acknowledged connectionless).

These fields are shown in Packet Tracer under the “LLC” section:

The last section called “STP BPDU” shows the fields of the BPDU message, as defined by the STP protocol.

LLC encapsulation has a variation called SNAP extension, that defines two additional fields after the control field:

  • OUI (3 bytes): 24-bit number that uniquely identifies a vendor.
  • Protocol ID (2 bytes): specify the particular protocol defined by that vendor.

For example, Cisco proprietary PVST+ protocol is encapsulated using a value of 0x00000c for the OUI field, and a value of 0x010b for the protocol ID. If both the DSAP and SSAP fields have a value of 0xAA and the control field is set to 0x03, it means that the frame is using the SNAP extension.

802.2 LLC and 802.2 SNAP framing types were used in some old technologies like FDDI, Token Ring or AppleTalk. Since IEEE approved the use of the Ethernet II in its 802.3 standard, clearly, this frame format won the battle and it is used in almost every local area network today. However, we can still see the old LLC encapsulation in some protocols like STP.

To finish the discussion about Ethernet frame types, I tried to do an experiment in Packet Tracer. It seems that Packet Tracer always shows BPDUs using LLC without SNAP extension. I created a simple topology with two switches and forced them to used the Rapid PVST+ instead of the default PVST+, by entering the IOs command: “spanning-tree mode rapid-pvst“.

Now the BPDU section is called “RSTP 802.1w”, showing that we are using the “rapid version” of the Spanning-Tree Protocol, but the LLC encapsulation shown is the same as before.

© 2022 Networking Tales

Theme by Anders NorenUp ↑